RE: Modem to Console Port
It is possible. There is actually no configuration on the router. You will need to set the modem to talk at 9600, 8, N, 1 with no local echo. You also need to set the modem to auto answer. Your modem should have documentation with the proper "AT" commands that you will need to issue. Save this configuration to the modems NVRAM and plug it into the router. Chris Lemagie... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Sent: Wednesday, February 14, 2001 7:51 AM To: [EMAIL PROTECTED] Subject: Modem to Console Port Is is possible to connect a modem to the console port for remote configuration on the Cisco 1600 series? If so would you please provide me with a sample configuration? Thank you in advance for your assistance. John Huston [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Modem to Console Port
John brought one thing to light that I forgot to mention earlier. By connecting a modem to the router, you are opening a security hole into your network. Make sure to set a timeout on the console port so that when a user hangs up, the console session will timeout and another user can't come in behind you and grab your console session. You may also want to have somebody at a remote branch physically unplug the phone cable from your router after you have completed any configuration changes. Better yet, control access to your routers with Cisco Secure ACS. You can then set privilege levels on a user by user basis as well as logging access to your networking infrastructure. Hope this helps... Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chris Lemagie Sent: Wednesday, February 14, 2001 8:18 AM To: John; [EMAIL PROTECTED] Subject: RE: Modem to Console Port It is possible. There is actually no configuration on the router. You will need to set the modem to talk at 9600, 8, N, 1 with no local echo. You also need to set the modem to auto answer. Your modem should have documentation with the proper "AT" commands that you will need to issue. Save this configuration to the modems NVRAM and plug it into the router. Chris Lemagie... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Sent: Wednesday, February 14, 2001 7:51 AM To: [EMAIL PROTECTED] Subject: Modem to Console Port Is is possible to connect a modem to the console port for remote configuration on the Cisco 1600 series? If so would you please provide me with a sample configuration? Thank you in advance for your assistance. John Huston [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 128 WEP Vulnerabilities
Our 340 and 350 series wireless products will support per user (session) WEP key assignment if you use the wireless products in conjunction with Cisco Secure ACS v2.6 which supports LEAP. LEAP allows the AP to query the Cisco Secure ACS Server for user authentication and WEP key assignment. In this configuration each wireless user on the network has their own unique WEP key negating the requirement for a "shared" WEP key. The 350 series products support line power from Catalyst switches and also have 100mW radios that are more sensitive than those in the 340. You will have to upgrade firmware in the 340 series Access Points and NICs to support the new security functionality. Encryption also runs in hardware on both the 340 and 350 series products so we don't impact the system CPU... Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Craig Lindstrom Sent: Friday, February 23, 2001 9:03 AM To: '[EMAIL PROTECTED]' Subject: RE: 128 WEP Vulnerabilities I just got an announcement from cisco that said the aironet 350 series will use dynamic wep encryption keys instead of the manually entered one, I think the key can be created per wireless session(not ip session). That should greatly enhance the security. Craig -Original Message- From: Nabil Fares [mailto:[EMAIL PROTECTED]] Sent: Friday, February 23, 2001 8:58 AM To: [EMAIL PROTECTED] Subject: 128 WEP Vulnerabilities Greeting all, Are you guys aware of any issues/vulnerabilities with the WEP protocol. Any feedback greatly appreciated. Nabil _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN Client for Windows 2000?
The v1.0 and 1.1 (IRE) clients are not supported on Windows 2000. We will be shipping the Windows 2000 version of our VPN client shortly. Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Rizzo Damian Sent: Thursday, March 01, 2001 2:17 PM To: '[EMAIL PROTECTED]' Subject: VPN Client for Windows 2000? Anyone have any success using Ciscos' Secure VPN Client v.1.0 or 1.1 on Windows 2K?...It seems it doesn't work. What do I use on Win2K Clients then? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN Client for Windows 2000?
The only version of the VPN 3000 client that supports Windows 2000 is currently in Beta. I know a lot of people have this client, but the public beta is actually closed at this time. I use the beta version of the client (v2.6.2) and it does work great. The latest information I have on the ship date for version 3.0 of our VPN client (includes Win2K support) is March 19th... Chris Lemagie -Original Message- From: Brian Hartsfield [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 01, 2001 3:39 PM To: Chris Lemagie Cc: Rizzo Damian; [EMAIL PROTECTED] Subject: Re: VPN Client for Windows 2000? Chris Lemagie wrote: > The v1.0 and 1.1 (IRE) clients are not supported on Windows 2000. We will > be shipping the Windows 2000 version of our VPN client shortly. What about a Windows 2000 version of the VPN client for the VPN 3000? Brian _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Syslog Server
You can get Kiwi's syslog daemon on winfiles.com. It works great... Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chris Supino Sent: Monday, March 12, 2001 5:48 PM To: [EMAIL PROTECTED] Subject: Syslog Server Hey all, Can anyone recommend an NT based SYSLOG server? Christopher Supino CCNA, CIPT, MCSE, CNA5, ASE Senior Systems Engineer TransNet Corp. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Multiple T1's
If you are running EIGRP as your routing protocol, it will take care of the load balancing for you without the added complexity and CPU overhead of PPP multilink. There are some great EIGRP config guides on CCO. Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Brian Sent: Tuesday, March 20, 2001 1:57 PM To: [EMAIL PROTECTED] Subject: Re: Multiple T1's On each end, static route traffic out both interfaces. Bri "Jason Stephens" <[EMAIL PROTECTED]> wrote in message 998ndv$1fh$[EMAIL PROTECTED]">news:998ndv$1fh$[EMAIL PROTECTED]... > We have a situation where we want to have 2 t1's going to another office. We > want these 2 t1's to not > only provide redundancy in case 1 goes down, but also want them to load > balance while they are both up. > So basically, we want the two t1's to be up providing 3 mpbs of bandwidth > and if one goes down for it > to automatically send all traffic to the t1 that is still up. We have 3600 > series routers on both ends. Can > this be done? If so, please explain how. I looked into the Multilink PPP > stuff, but it seems to be only for > async ports. Thanks for any info in advance! > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Load Balancing with EIGRP
That is correct assuming that the Port Speed and CIR for both T-1s it the same. If it is not, you will have to use the "variance" command to compensate for this. Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Rizzo Damian Sent: Wednesday, March 21, 2001 12:54 PM To: '[EMAIL PROTECTED]' Subject: Load Balancing with EIGRP Were currently using EIGRP as our routing protocol and we now have two separate T1 connections that were running Frame-relay on. If my understanding of EIGRP is correct, then I shouldn't have to make any modifications to the router in order for load balancing to take effect correct? Thanks! -Rizzo _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Whew! Can you smell that VLan?
By default, when you plug a Sniffer into a switch you will only see broadcast traffic for the VLAN that the physical port you are plugged into is a member of. You are however able to "span" ports or VLANs. That is, you are able to "span" an entire VLAN or individual ports to a "monitor" port. This is accomplished with the "span" command on a 6000 or 5000 series Cisco switch. I don't remember the exact syntax for 2900 and 3500 series off the top of my head. After implementing the span, all traffic for the VLAN or port you are spanning to the monitor port will be visible to the Sniffer. The Sniffer is of course plugged into the monitor port. Hope this helps... Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of NetEng Sent: Wednesday, March 21, 2001 1:46 PM To: [EMAIL PROTECTED] Subject: Whew! Can you smell that VLan? We have had a pissing match lately and here's the details. One person states that a VLan can not be sniffed because it is on a different subnet. The other person says it can becuase it's physically on the same switch. I think you can to a point. Here's what I mean; let's say we have a 3524 with two Vlans, VLAN1 (we'll call it InfoSys), and VLAN2 (called HR). If I have a sniffer running on InfoSys, I should be able to sniff traffic on my subnet as well as traffic from HR to InfoSys (ie HR employee accessing mail server on InfoSys), right? The only difference is that the source MAC address would change. I should not be able to sniff traffic local to HR (ie an employee accessing accounting software) right? What's the rub? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco support for VRRP any platform ?
Not yet. We are working on a VRRP implementation though. HSRP offers much more functionality than VRRP, but of course it is limited to usage with other Cisco devices. Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Curtis Phillips Sent: Thursday, March 22, 2001 9:19 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Cisco support for VRRP any platform ? Does anyone know if any IOS version supports VRRP on any of the standard platforms? Thanks, Curtis __ Get your own FREE, personal Netscape Webmail account today at http://webmail.netscape.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX IOS upgrades and registration questions.
The Pix OS upgrade is not free with a CCO logon. It is free with Smart Net maintenance on the Pix appliance, well kinda free since you are paying annually for the maintenance contract. You would technically be in violation of the license agreement if you download new Pix software without Smart Net maintenance. That said, make sure that if you upgrade, upgrade to 5.2. I would skip 5.1. 5.2 adds support for gratuitous ARPs (much needed if using failover in a switched environment) as well as support for the VPN 3000 client (i.e. mode config). There are many more additions which are listed on CCO. Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of gwakin Sent: Tuesday, January 02, 2001 9:11 AM To: [EMAIL PROTECTED] Subject: Re: PIX IOS upgrades and registration questions. for that matter- has anyone tried to replace a PIX motherboard? I mean, it's just a Pentium-200... ;-) GWA Jason Roysdon wrote: > But I believe his question is: does he have to pay to go from 4.x to 5.x? I > don't believe so (please correct me if I'm wrong). > > Also, a PIX 515R is a great deal. They are now allowed to have 3 ports, you > just have to get a new license code (free). > > One thing I'm curious about: Has anyone tried to install a non-Cisco part > number NIC? I mean, they're just Intel NICs... > > -- > Jason Roysdon, CCNA, MCSE, CNA, Network+, A+ > List email: [EMAIL PROTECTED] > Homepage: http://jason.artoo.net/ > Cisco resources: http://r2cisco.artoo.net/ > > "Todd Plambeck" <[EMAIL PROTECTED]> wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > You can upgrade 5.1 and 5.2 Pix Software to support ipsec 56k DES for > > free ( if you have a cisco login ( reseller, consultant, or customer )). > > The 3DES license has a charge around $1200.00. If you purchase this pix > > off of ebay you will need to upgrade the PIX Software to 5.1 or 5.2 > > ( 4.x does not support ipsec ) you will also need 32meg of ram. > > hope this helps. > > > > Todd > > > > whatshakin wrote: > > > > > OK guys,What's the deal with the PIX licensing structure and IOS > > > upgrade process? Looking on CCO, I found docs that mention needing to > > > register with TAC to get IPsec functionality in your PIX. Does anyone > > > know whether this registration costs money? The reason I ask is I am > > > contemplating buying a used PIX off eBay and I want to be sure I can > > > get IPSec functionality without it costing an arm and a leg...the PIX > > > will cost me enough already! I need to know that if I purchase say a > > > PIX 520/515 with 4.X IOS, what the cost will be to upgrade it to 5.X > > > with IPSec features? This will be the deciding factor of whether I > > > buy one that has everything already (means waiting until one shows up) > > > for buying one right away and upgrading it to get the features I > > > want. Thanks a lot. > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE Security Written
I took mine about a month and a half ago, still no word here either... Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tim O'Brien Sent: Tuesday, January 09, 2001 1:38 PM To: [EMAIL PROTECTED] Subject: CCIE Security Written It has been over 2 months now and I have not seen any results for the CCIE Security written beta (351-018). Has anyone else seen anything? Tim _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 6500 needs to emulate a hub
Will Checkpoint issue gratuitous arps??? The Pix (OS v5.2 or later) will. This allows the Pix to failover properly in a switched environment. Cisco has a trade in program you know... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chuck Larrieu Sent: Thursday, January 11, 2001 3:40 PM To: [EMAIL PROTECTED] Subject: RE: 6500 needs to emulate a hub That does it. I buy a 65xx switch and now I want it to act like a hub. Is it a full moon out there? Why not take one of your old hubs, plug that into one of the 65xx ports, and plug your devices into the hub? Sheesh. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Patrick Bass Sent: Thursday, January 11, 2001 3:05 PM To: [EMAIL PROTECTED] Subject:Re: 6500 needs to emulate a hub You mean your two CCIE's over there can't figure this out for you? :-) <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Is there a way to make ports on a 6500 act like a shared hub so that two > devices can share the same mac address? In particular, I'm trying to > configure Checkpoint's Firewall-1 High availability feature. Thanks for any > assistance. > > Henry Malmgren > Network Engineer > TManage Inc. > (512) 794-6531 > [EMAIL PROTECTED] > www.tmanage.com > > By the way, our legal department wants me to tell you that: > Privileged/confidential information may be contained in this message. It is > not for use or disclosure outside TManage without a written proprietary > agreement. If you are not the addressee indicated in this message, or agent > responsible for delivery, you may not copy or deliver this message to > anyone. Please notify the sender as soon as possible and immediately > destroy this message and its attachments in its entirety. > You can't say I didn't warn you > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RIP--Network command
All networks added under you Dynamic Routing Protocol configuration should be of local significance only, meaning that they are "connected" to the router. You should not add networks that are "learned" via RIP. The idea is to configure the router with the network information that it needs to "advertise" to other routers in your enterprise. You will also have to run RIP version 2 if you want to support VLSMs. Hope this helps a little... Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Stuart Laubstein Sent: Wednesday, January 17, 2001 7:30 AM To: '[EMAIL PROTECTED]' Subject: RIP--Network command I was just doing some RIP configs and realized that I knew how to use the "network" command but was not really sure how it worked. For instance if there are three routers a,b,c with major nets 10.1.10.x, 10.1.20.x and 10.1.30.x Each router would need the network 10.1.0.0 correct? Now supposing router c knew of another major net say the 172.68.x.x through rip updates Do I need to have the network 172.68.0.0 command on router c or not? Why? Any clarification on the command would be helpful thanks stu _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Adding security with ACLs
The only thing I suggest is to keep the ACL as short as possible. I would also enable flow based IP route caching (IP route-cache flow) on any interfaces processing the ACL. Flow based route caching provides a more efficient means for processing extended ACLs and will reduce the CPU utilization over standard (fast) route caching. I would also try in all cases to apply the ACL as an inbound ACL. This will only impact the performance on a particular interface and not the router as a whole. Keep in mind, that when you apply ACLs, the router is now process switching. Hope this helps... ""Charles D. Burke"" <[EMAIL PROTECTED]> wrote in message 8r12q2$5jq$[EMAIL PROTECTED]">news:8r12q2$5jq$[EMAIL PROTECTED]... > I am working mostly with Cisco 2600 routers and was considering using ACLs > to add more security. The network I administer has a firewall behind an > access router connected to the Internet. I am thinking about ACLs such as: > Allowing ICMP only from subnets our few other locations are on (so I can > troubleshoot between offices) > Same for Telnet access to VTY. > > Does anybody have suggestions for or against this? I know adding ACLs will > increase the load on the routers but when will performance suffer > significantly? Currently the processor averages about 15%. > > Any other suggestions or resources for tightening security would be > appreciated. > > > **NOTE: New CCNA/CCDA List has been formed. For more information go to > http://www.groupstudy.com/list/Associates.html > _ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame Relay problem
I'm not seeing any LMI responses from the frame-relay switch in the interface statistics. You will most likely have to change your LMI type from CISCO (default) to ANSI. Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Stull, Cory Sent: Tuesday, October 10, 2000 10:13 AM To: 'Hans Stout' Cc: 'ciscostudygroup' Subject:RE: Frame Relay problem timing or incorrect lmi type.. If its a newer ios with autosensing lmi then it is probably a timing or circuit issue... Is it a T1 and did you set your timeslots? -Original Message- From: Hans Stout [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 10, 2000 1:25 PM To: [EMAIL PROTECTED] Subject: Frame Relay problem Hi colleagues, I have a problem with my frame relay connection; the serial interface is up/down, and when I debug the serial interface, I can see that the interface is constantly trying to restart:23w5d: Serial5/0: attempting to restart: --More-- 23w5d: Serial5/0(out): StEnq, myseq 4, yourseen 0, DTE down --More-- 23w5d: Serial5/0(out): StEnq, myseq 5, yourseen 0, DTE down What could be the reason for this ? I'll add the output for the sh int: Serial5/0 is up, line protocol is down Hardware is M4T MTU 1500 bytes, BW 2048 Kbit, DLY 2 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY, crc 16, loopback not set Keepalive set (10 sec) LMI enq sent 240, LMI stat recvd 0, LMI upd recvd 0, DTE LMI down LMI enq recvd 0, LMI stat sent 0, LMI upd sent 0 LMI DLCI 1023 LMI type is CISCO frame relay DTE FR SVC disabled, LAPF state down Broadcast queue 0/64, broadcasts sent/dropped 0/0, interface broadcasts 0 Last input 05:47:09, output 00:00:02, output hang never Last clearing of "show interface" counters 00:39:54 Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 354 packets output, 4649 bytes, 0 underruns 0 output errors, 0 collisions, 80 interface resets 0 output buffer failures, 0 output buffers swapped out 80 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=u Thanks for your help in advance. Georg _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE:
Actually Rik is correct, you are not able to address two interfaces within the same Cisco router chassis on the same IP subnet unless you use HSRP. Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Lowell Sharrah Sent: Tuesday, October 10, 2000 11:26 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject:Re: what are you guys talking about? of course you can have two or more routers sharing the same ip subnet. ever here of a backbone? >>> "Donald B Johnson Jr" <[EMAIL PROTECTED]> 10/10/00 03:52PM >>> can we see the config on that one i cant get it to work Duck Frank <[EMAIL PROTECTED]> wrote in message 8rv8ve$vp1$[EMAIL PROTECTED]">news:8rv8ve$vp1$[EMAIL PROTECTED]... Just one minor correction Of course you can have multiple router ports on a single subnet!! Why couldn't you?!?!? I just happen to have that implemented here... it's called hhhmmm.. a backbone!! ""Guyler, Rik [EESUS]"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... No, 2 router ports cannot be on the same subnet. You can, however, setup HSRP (Hot-Standby Router Protocol), which will give you the redundancy you need. This requires 2 routers but gives you complete router redundancy and not just port/link redundancy. Search for HSRP on www.cisco.com. Rik -Original Message- From: Kedar Deshpande [mailto:[EMAIL PROTECTED]] Sent: Monday, October 09, 2000 7:58 PM To: [EMAIL PROTECTED] Subject: stupid questions Hi, Is there any way that we can connect two ethernet ports of routers on same network & have redundancy between them? regards, **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 3548 vlan configuration
I would access the box via a web browser. It is quicker than digging through the help. You will have to set you VTP domain name and VTP version to the same values you are running on the Catalyst 5500. I would also recommend that you set trunking to "ON" for the specific ports that you are using to interconnect to the Catalyst switches. The default value of desirable does not always work that well. While you are at it, you might as well set the port speed and duplex to 100/full instead of auto. Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of alex campbell Sent: Thursday, October 12, 2000 10:48 AM To: [EMAIL PROTECTED] Subject:3548 vlan configuration Hi Just a quick question, I have a brand new 3548 xl switch. I have set up trunking between this and my catalyst 5500s. (I have 2 cat 5500s already set up with isl, and each 5500 can see all 10 vlans) the 3548 can now see the vlans as well.. all well and good, except the commands to set ports to a specific vlan on my cat 5500s i.e. set vlan 1 4/5 (or whatever) dont work on this 3548, which i know uses a different ios. could someone please tell me how to configure a port on the 3548 so that it is on a different vlan that is on the default... set vlan does not work. regards mark _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco Pix Telnet Access
By default, the pix firewall will not allow telnet access on any interface from any subnet. You have to manually configure it. The following command should work: telnet 10.10.9.0 255.255.255.0 inside This will allow the entire 10.10.9.0 network to telnet to the inside interface of the pix. You may want to be more specific and grant only certain machines (/32 mask) telnet access to the pix. Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of p s Sent: Thursday, October 12, 2000 11:18 AM To: [EMAIL PROTECTED] Subject:Cisco Pix Telnet Access To Cisco Study Group I have a Cisco 515 Pix Firewall that I cannot Telnet to from my 10.10.9.0 network. I just created VLAN 2 on my Cisco 6503 Switch, VLAN 2 contains the entire 10.10.9.0 network. VLAN1 contains the 10.10.10.0 network. My 6503 switch connects through an MSFC interface to a T1 which connects to our Data Center where the Pix Firewall is located. Does anyone have any ideas on what would cause this Telnet issue? Thanks for your help Paul Stapleton [EMAIL PROTECTED] __ Do You Yahoo!? Get Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 2600 to altiga
I have a document that shows how to make the Cisco IOS to VPN3000 config work. It is about 440K zipped. Let me know if you would like me to post it to the study group. If not I will send it directly to your e-mail address. It is not necessary to run a VPN 3000 at each end. Keep in mind that you will not be able to pass any dynamic routing protocol traffic with a VPN 3000 at the head end. Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of sujar khmar Sent: Thursday, October 12, 2000 1:07 PM To: [EMAIL PROTECTED] Subject:2600 to altiga Sorry to be off the subject but has anyone successfully been able to connect an altiga vpn concentrator to a 2600 series router to form a tunnell to a branch router. Cisco/Altiga recommends using altiga vpn concentrator at both ends. If this can be done is there any documentation that may explain how too?? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Limit Bandwidth?
Title: Limit Bandwidth? Your best bet is probably Class Based Weighted Fair Queuing (CBWFQ). Take a look on CCO for an implementation document. Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Nova Rich Sent: Friday, October 13, 2000 7:32 AM To: '[EMAIL PROTECTED]' Subject: Limit Bandwidth? Guys, is there a way to limit bandwidth with an access list or something? I'm trying give an ether segment T1 bandwidth when I have T3 feed from telco. What's the best way. Ken
RE: (boot) mode?
If your router has a valid image in flash, check to make sure your config register is set to 0x2102. If not you will have to re-set it to 0x2102. This will tell the router to boot from an image stored in flash... Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Brian Lodwick Sent: Friday, October 13, 2000 5:00 AM To: [EMAIL PROTECTED] Subject:(boot) mode? Hello everyone, I was wondering if anyone has come across a router where the hostname showed up as such: Router(boot)# one of my peers has told me this means the router did not fully boot up. Is this true? Boot mode is what he called it. Any help is much appreciated in advance. >>>Brian _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: deny ping
Take a look at the following web page. http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/np1_c /1cprt2/1cip.htm#4896 There is a section on creating standard and extended access-control lists. In my experience, it is easier to remember these steps in the future if you research the docs yourself instead of having someone else create the list for you. You will NEED this knowledge if you ever plan on the CCIE cert... Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of ALI SHEERAZ Sent: Friday, October 13, 2000 2:34 AM To: [EMAIL PROTECTED] Subject:deny ping hello members, I want to 1. Deny ping packets lets suppose from 10.154.0.1 to 10.152.28.250. 2. Deny name server request from 10.152.0.0 to anywhere in my network. 3. Deny www from 10.155.0.0 to my web server (10.150.0.60) 4. Permit all other traffic. Can anyone send me accurate access-list configuration on router 10.152.28.250 connected to network through ethernet0. Please reply me as soon as possible. thanx in advance. SHEERAZ _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ***** Which path is select first?? ********
Default routes will always be used last. The static route will be the preferred route, unless you set the metric higher than that of a dynamic routing protocol. Your route maps should be next... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of GNOME Sent: Sunday, October 15, 2000 8:05 AM To: [EMAIL PROTECTED] Subject:* Which path is select first?? Hi If an interface is configured for route map policy routing, how will the router select the path when packets coming into the interface configured for route map: 1) Static Route 2) Default Route 3) Set statement in the route map policy routing Which order comes first? Any advice will be appreciated Regards [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: appletalk on catalyst 5500 problem
I have seen this once in the past. It was caused by multiple seed routers (one Unix box and one Mac) on the same segment. IP connectivity was fine, but AppleTalk would come and go. Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Priscilla Oppenheimer Sent: Monday, October 16, 2000 12:35 PM To: Dave Redwood; [EMAIL PROTECTED] Subject:Re: appletalk on catalyst 5500 problem Well, turning on portfast would have been my method of troubleshooting also. The other thought that comes to mind is that maybe the EtherTalk devices can't hear from their router quickly enough because the switch ports don't enter forwarding mode soon enough. An EtherTalk device sends a ZIPGetNetInfo packet to find its router when it boots. It sends this packet a few times. Perhaps the response takes a long time, causing the device to think it's not on an AppleTalk internetwork to start with. Then when it finally gets a response, it displays the message about the AppleTalk connection becoming available. I think we would need more info on your topology to troubleshoot this. Where is the router? Is it far away, across many switches? There used to be an article on this topic at Apple's site, but I can't find it anymore. But maybe you can search for help there. Good luck! Priscilla At 11:02 PM 10/15/00, Dave Redwood wrote: >Good evening everyone. Well, I'm here on my Sunday night trying to figure >out a problem I'm having with some of the newer PowerMacintoshG4's and their >interactions with a Catalyst 5500. For some reason the Macs always come up >without their AppleTalk(EtherTalk) connection up as it was before a restart. >A message that basically reads, "your appletalk connection has become >available, you must open your appletalk control panel and close it again in >order to activate the connection". So, I thought that maybe, possibly, it >could be a STP issue on the Catalyst so I set it to port fast... the >problem still occurrs. So while I think the problem is with the MacOS I was >curious if anyone has run into the same problem and if they knew of a >solution... I took a look around CCO and the closest thing I could find was >that I should, perhaps, upgrade the software on my supervisor engine... But >I'd rather not just jump into that one. :-) > >Hope everyone had a good weekend, > >Dave > >CCNA > > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Network neighborhood
You have to have a Master Browser on every segment of a routed network. You will also have to use the "ip helper-address" command so that WINS and DHCP requests are forwarded correctly. Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jeff Lodwick Sent: Wednesday, October 18, 2000 1:16 PM To: [EMAIL PROTECTED] Subject:Network neighborhood Assuming file and print sharing is enabled on all workstations; if some computers show up in network neighborhood and some do not would the problem most likely be a master browser issue or WINS or something else. Thanks, Jeff Lodwick MCSE/CCNA _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Should be easy VPN
You still have to build a conduit or an ACL entry to allow inbound access for the addresses you are using in you pool. Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Parris, Brian Sent: Wednesday, October 18, 2000 10:40 AM To: '[EMAIL PROTECTED]' Subject:Should be easy VPN I am using a PIX for a VPN Solution in my SOHO. I am using PPTP because that is the easy way out. After a lengthy struggle, I can finally take a Windows NT laptop and dial into an ISP and then use RAS to connect and authenticate on my PIX via PPTP. My PIX issues my laptop an IP address from the local pool. My local pool is issuing a portion of addresses that I have omitted from DHCP on my LAN. When I do an IPCONFIG on my laptop I can see the IP address issued from the ISP and the IP address issued from the PIX. Here's the problem: I can't ping anything on my LAN including my "Inside" port from my laptop. When I telnet from my LAN into my PIX, I can't ping my laptop, But I can ping the address on the laptop that was issued by the ISP. When I do a "show vpdn", I see an active tunnel but the only IP address I see is the one on the laptop from the ISP. Can anybody explain to me why the PIX would not be routing the IP address that it issued to the laptop across the inside and outside ports. TIA, Brian Parris Network/Systems Administrator www.carotek.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Sniffer Pro 3.5
Got a question for ya Will. Have you ever had to diagnose network performance or response time problems??? How about poor application performance on your network??? If so, what tools do you use??? I personally believe that any questions regarding the use of Network Associates Sniffer products are valid in this or any study group pertaining to network theory, design or certifications. Sniffer products are some of the most widely used and trusted network troubleshooting tools available today. Just ask any experienced Network/Systems Engineer. All Cisco SE types that I work with have used these tools quite frequently. I would strongly suggest taking a moment to think about how a study group members question relates to networking in general before you flame them in the future. Remember, network theory and troubleshooting are a BIG part of most Cisco Certification exams... Of course, this is just my personal opinion and does not reflect the opinion of Cisco Systems, Inc. I would guess that I'm not alone in my opinion however. Please feel free to e-mail or call if you have any questions... Thanks for your valuable time... Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of William E Gragido Sent: Friday, October 20, 2000 9:36 PM To: derek lewinson Cc: cisco@groupstudy. com Subject:RE: Sniffer Pro 3.5 You really are a kick in the nads Derek aren't you? Apparently after receiving my private note citing my intent to drop this you felt the incorrigable need to press on. Well heres one for you to chew on. R-ead the blooming archives and home page of what this list is all about, last I checked it was Cisco, correct me if I am wrong I-ntend to do right by all with whom you come into contact, even if at times ones toes get stepped on. Criticism can be a healthy thnig mate M-aintain a sense of humor in addition to one of dignity. At times, only blunt answers can be giving M-otivate those whose questions are off the cuff to search their reasoning and in turn take the nessary steps for finding answers E-nd. No when to end something, this Derek will be the last time I care to answer you publicly or privately so please feel free to do the same :-) and before you type I would suggest unearthing what your real motivation for doing so is, remember there are some posts that require no response. And you can be damned sure that I meant that to be blunt! Will Gragido CCNA,CCDA, MCP [EMAIL PROTECTED] > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > derek lewinson > Sent: Friday, October 20, 2000 7:41 PM > To: William E Gragido > Cc: cisco@groupstudy. com > Subject: RE: Sniffer Pro 3.5 > > > you did mean to be rude and you were rude and you were unhelpful. > "Why on god's green earth" couldn't you have just bypassed this email, > rather than reply with such an insensitive and unhelpful response. > Next time, > T-houghtful > H-elpful > I-nsipring > N-ecessary > K-ind > > before you type > > and yes, I did mean to be this blunt! > > Derek Lewinson, CCNA, MCSE > Email: [EMAIL PROTECTED] > > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > William E Gragido > Sent: 20 October 2000 18:37 > To: Charles Nunie; [EMAIL PROTECTED] > Subject: RE: Sniffer Pro 3.5 > > > I don't mean to be rude man, but why on God's green earth would you buy a > product like Sniffer Pro without the slightest friggin inclination as to > what it does? > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > Charles Nunie > > Sent: Friday, October 20, 2000 7:42 AM > > To: [EMAIL PROTECTED] > > Subject: Sniffer Pro 3.5 > > > > > > Hi everyone, > > > > I bought this Sniffer Pro 3.5 which looks great. Can I have a > > URL where I can > > info on the best way to understand and use it? > > > > Regards, > > Dzilo > > > > > > Get free email and a permanent address at http://www.netaddress.com/?N=1 > > > > _ > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > ___
RE: Altiga PPTP configuration?
I run the 2.6 Beta 1 client on Windows 2000 (SP-1). It has worked great for me so far. I have a document that gives step by step instructions on how to make the IPSec over L2TP configuration work if anybody is interested. I will e-mail it to individuals who request it directly as it is to large to post to the group (lots of graphics)... Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of P Thibeault Sent: Friday, October 27, 2000 4:34 PM To: [EMAIL PROTECTED] Subject:Re: Altiga PPTP configuration? I have seen the VPN 2.6 beta for Windows 2000 with IPSec support. A few bugs, but it is working. Cisco, I believe is hoping to ship this year.. "John Hardman" <[EMAIL PROTECTED]> wrote in message 8t9fk8$ln2$[EMAIL PROTECTED]">news:8t9fk8$ln2$[EMAIL PROTECTED]... > Hi > > Are you sure about the client for Win2K? The latest version I can find on > the Cisco site is 2.5.-3 which does not support Win2K. Got a link? > > As to the oridginal post, the TAC cookbook has a working config for PPTP, I > have it running now on 3005. Wait till you try the L2TP/IPSec config! What a > pain, I sure hope they get the Cisco client for Win2K soon. > > HTH > -- > John Hardman, CCNP MCSE+I > > > > ""Mike"" <[EMAIL PROTECTED]> wrote in message > 8t97bf$4j0$[EMAIL PROTECTED]">news:8t97bf$4j0$[EMAIL PROTECTED]... > > The latest client should support win 2k ... also, win 2k has built in > > support for pptp ... > > > > "Jim Bond" <[EMAIL PROTECTED]> wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > Hello, > > > > > > Anyone ever configure PPTP on Cisco Concentrator 3030 > > > (Altiga)? I can add a user but not a group. The reason > > > I'm doing this is Altiga client doesn't support > > > win2000. > > > > > > Thanks in advance. > > > > > > > > > Jim > > > > > > __ > > > Do You Yahoo!? > > > Yahoo! Messenger - Talk while you surf! It's FREE. > > > http://im.yahoo.com/ > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Help regarding VOIP
Check the following URLs: http://www.cisco.com/pcgi-bin/Support/PSP/psp_view.pl?p=Internetworking:VoX: VoIP http://www.cisco.com/pcgi-bin/Support/PSP/psp_view.pl?p=Internetworking:VoX: VoIP http://www.cisco.com/pcgi-bin/Support/PSP/psp_view.pl?p=Internetworking:VoX: VoATM http://www.cisco.com/warp/public/cc/pd/iosw/ioft/mmcm/tech/h323_wp.htm http://www.cisco.com/public/products_tech.shtml Hope this helps... Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Nuurul Basar Sent: Thursday, October 26, 2000 11:04 PM To: [EMAIL PROTECTED] Subject:Help regarding VOIP Hai, I will be changing job in a near time and now looking for info regarding VOIP and ICT( Information Communication Technology). It have been 4 month since I left Cisco stuff and fell a bit left behind. Can some give me some url regarding VOIP implemntation on Cisco and other routers. Thanks have a nice day Nuurul Basar CCNA, MCP __ Do You Yahoo!? Yahoo! Messenger - Talk while you surf! It's FREE. http://im.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPN 3000 Client v2.6 Beta
The VPN 3000 client v2.6 beta 1 is not available for download from CCO at this time. We do have a limited number of customers who are running it as beta sites, but registration for this has been closed. As soon as I hear of an FCS date, I will post it to the study group. Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: Jon Tucker [mailto:[EMAIL PROTECTED]] Sent: Monday, October 30, 2000 5:05 AM To: 'Chris Lemagie' Subject:RE: Altiga PPTP configuration? Thanks for sending me this documentation. I was hoping you could also dispel a rumor that was being passed around the groupstudy list. It has been stated that ver 2.6 beta was available to download from CCO. However, I did not see it in the software center. Is it only being tested within Cisco and is there a beta test group that we could become a part of? Thanks again for the documentation, I have lots of (impatient) users waiting to test this out. - Jon Jon Tucker Network Engineer Global Networking Team Jabil Circuit Inc. 727-803-3890 Desktop 727-424-0866 Cellular -Original Message----- From: Chris Lemagie [mailto:[EMAIL PROTECTED]] Sent: Saturday, October 28, 2000 12:32 PM To: Jon Tucker; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Altiga PPTP configuration? When assisting a customer with this configuration, I had to also disable MSCHAP authentication at the Win2K client. This is not documented in the lab. Hope this helps... Let me know how the configuration goes for you, as I'm sure I'll have other customers interested in it as a stop-gap until we ship v2.6 of our client with native Win2K support. Thanks... Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: Jon Tucker [mailto:[EMAIL PROTECTED]] Sent: Saturday, October 28, 2000 8:22 AM To: 'Chris Lemagie' Subject:RE: Altiga PPTP configuration? Chris, Would you please send me a copy of that document. Thanks, - Jon Jon Tucker Network Engineer Global Networking Team Jabil Circuit Inc. 727-803-3890 Desktop 727-424-0866 Cellular -----Original Message- From: Chris Lemagie [mailto:[EMAIL PROTECTED]] Sent: Friday, October 27, 2000 11:09 PM To: P Thibeault; [EMAIL PROTECTED] Subject: RE: Altiga PPTP configuration? I run the 2.6 Beta 1 client on Windows 2000 (SP-1). It has worked great for me so far. I have a document that gives step by step instructions on how to make the IPSec over L2TP configuration work if anybody is interested. I will e-mail it to individuals who request it directly as it is to large to post to the group (lots of graphics)... Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of P Thibeault Sent: Friday, October 27, 2000 4:34 PM To: [EMAIL PROTECTED] Subject:Re: Altiga PPTP configuration? I have seen the VPN 2.6 beta for Windows 2000 with IPSec support. A few bugs, but it is working. Cisco, I believe is hoping to ship this year.. "John Hardman" <[EMAIL PROTECTED]> wrote in message 8t9fk8$ln2$[EMAIL PROTECTED]">news:8t9fk8$ln2$[EMAIL PROTECTED]... > Hi > > Are you sure about the client for Win2K? The latest version I can find on > the Cisco site is 2.5.-3 which does not support Win2K. Got a link? > > As to the oridginal post, the TAC cookbook has a working config for PPTP, I > have it running now on 3005. Wait till you try the L2TP/IPSec config! What a > pain, I sure hope they get the Cisco client for Win2K soon. > > HTH > -- > John Hardman, CCNP MCSE+I > > > > ""Mike"" <[EMAIL PROTECTED]> wrote in message > 8t97bf$4j0$[EMAIL PROTECTED]">news:8t97bf$4j0$[EMAIL PROTECTED]... > > The latest client should support win 2k ... also, win 2k has built in > > support for pptp ... > > > > "Jim Bond" <[EMAIL PROTECTED]> wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > Hello, > > > > > > Anyone ever configure PPTP on Cisco Concentrator 3030 > > > (Altiga)? I can add a user but not a group. The reason > > > I'm doing this is Altiga client doesn't support > > > win2000. > > > > > > Thanks in advance. > > > > > > > > > Jim > > > > > > __ > > > Do You Yahoo!? > > > Yahoo! Messenger - Talk while you surf! It's FREE. > > > http://im.yahoo
RE: ISL Router and 3548 Switch Question
You are correct, you will have to set up ISL or 802.1Q trunking between the switch and router. You will do this by creating sub-interfaces under one of the built in Fast-Ethernet ports and encapsulating ISL or dot1Q for each of these sub-interfaces. You also need to follow the ISL or dot1Q encapsulation command with the VLAN number for each sub-interface. You will have to use ACLs to stop the VLANs from communicating with each other... Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Perry Lucas Sent: Monday, October 30, 2000 5:46 AM To: [EMAIL PROTECTED] Subject:ISL Router and 3548 Switch Question I have two 3548 switches gigastacked and a 2621 router running IP Plus connected to the Internet on one side and the switch on the other. I need to set up 5 different VLANs on the switches that do not / can not route between each other, but do need to see the 2621 to get out to the internet. I know I need to set up ISL trunking to the router but not sure how do it or set it up so that they can all get out to the Internet but not each other. All the vlans are dividing up the same Class C IP block. Perry _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How do I save the configuration on a 6506/9 Switch??
Changes are saved immediately. Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rossetti, Stan Sent: Monday, October 30, 2000 10:09 AM To: '[EMAIL PROTECTED]' Subject:How do I save the configuration on a 6506/9 Switch?? Does anybody know how to save the configuration on a 6506/9 switch. I have never used one of these switch before and noticed that there is not a "copy ru star" command. There is also not a running config that I am able to find. The only configuration that I can find is the default and non-default config. Thanks, Stan Rossetti Russia Services Group Email: [EMAIL PROTECTED] Phone: (256) 544-5031 Beeper: 544-1183 pin # 0112 <<...>> _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco 2511 console server and Sun boxes
Try the following: Control-Shft-6, then b Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Tai Ngo Sent: Monday, October 30, 2000 2:29 PM To: '[EMAIL PROTECTED]' Subject:Cisco 2511 console server and Sun boxes Hi there, Currently I have a Cisco 2511 as a console server connected to some Sun Solaris boxes. I can telnet to the sun boxes via my Cisco. but can't issue a break sequence to the Solaris box. On a non Cisco console server, I would type "shft escape b" to issue a break sequence but that doesn't seem to work. If I try to hit the Cntl Shft 6 x key, it breaks me out of the Cisco box. I want to be able to issue the break key to the Sun box. Any ideas on what I need to change on my router configuration? Thanks! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Routing Protocol
EIGRP will redistribute other routing protocols such as Novell IPX and AppleTalk. BGP will not. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of AVI Sent: Saturday, October 28, 2000 5:14 AM To: [EMAIL PROTECTED] Subject: Routing Protocol Can anyone tell me, Which is the only routing protocol to route other protocols Is it EIGRP or BGP Thanks _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Performance Comparision between Linux OS Firewall and Cisco PIX 525
On the performance front, a Pix 525 will sustain just under 400MB of throughput, most if any Linux based firewalls will not touch that... On the Price front, correct, the Pix 525 is a fairly expensive unit, but you are able to drop to a 515 which will support 172 MB sustained throughput and 6 interfaces if you purchase the un-restricted version. The 515 restricted version comes in at about $5300 with three interfaces and will still support the same throughput numbers and 65K sessions. Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Friday, March 23, 2001 9:38 AM To: [EMAIL PROTECTED] Subject: Re: Performance Comparision between Linux OS Firewall and Cisco PIX 525 How about if the customer is strapped for money. I work at a school. Luckily our students haven't gotten sophisticated enough to break into the Linux firewall but I don't the think that day is too far away. Some of them are very smart and they are learning Linux and networking in their classes. But PIX is too expensive, I think?? Priscilla At 09:24 AM 3/23/01, Rik wrote: >I have seen way too many Linux firewalls hacked as a result of >mis-administration. Now, I'm not assuming anything about your abilities as >the last confirmed hack that I was notified about was a Linux FW setup by 2 >guys that I know to be excellent Linux admins. The problem is the inherent >nature of the beast. A PIX is totally secure right out of the box. The >last Linux hack I speak of was hacked based on an exploit within BIND and >had nothing to do with the FW policy. > >I also find the PIX to be MUCH easier to configure and setup. I can do in >only a few lines of code what could possibly take pages and pages of code in >Linux. When talking about firewalls, simplicity is a critically important >concern. One compromise could easily remove any upfront cost advantage >Linux has over Cisco. Also, you don't have to be concerned with shutting >down unused services on a PIX as you would on Linux. > >Go with the PIX. It was designed from the ground up to do just what it >does: protect your network. Cisco claims that a properly configured PIX has >never been compromised. I believe them. > >Rik > > >""Sean Young"" <[EMAIL PROTECTED]> wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Hi Everyone, > > > > My company is putting me in charge in implementing a Firewall for our > > company. One guy in my networking group is recommending PIX Firewall. > > Furthermore, he also recommends a Cisco Web-caching engine. His reason > > is that not only Cisco is good Firewall but it also provides VPN > > connectivity to our remote sites. Myself, on the other hand, would > > like to implement Linux-based OS firewall along with FreeS/WAN VPN > > features set. My reason is that a linux firewall can provide everything > > a Cisco PIX does and even more. In term of hardware, the linux Firewall/ > > VPN/IPSec box will be running a dual-processor (800MHz) with 1GB of RAM. > > I just feel that I can get a lot more for the amount that we are going > > to spend with linux than with Cisco PIX. I also feel that I tweak the > > source code on the LINUX kernel to increase the performance and security. > > Also, instead of purchasing the Cisco web-caching engine, I am thinking > > of building another linux box that will be running squid (web-caching) > > server. Don't get me wrong, I think Cisco has a lot of good products > > in the area of routing; however, I just don't think it is necessary to > > throw away money at Cisco when I know that Linux or BSD can do the same > > job that PIX and Cisco web-caching engine do but for much less and also > > I can control the source code. Has anyone has experiences with both > > the Linux/BSD, Squid and Cisco PIX, Cisco web-caching engine so that > > you can give advice on what I should do. I am open to your suggestions. > > > > Many thanks. > > Sean > > _ > > Get your FREE download of MSN Explorer at http://explorer.msn.com > > > > _ > > FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Difference between Tacas and Tacas+
Check out the following link. http://www.cisco.com/warp/public/614/7.html Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Vincent Sent: Monday, March 26, 2001 8:32 AM To: [EMAIL PROTECTED] Subject: Difference between Tacas and Tacas+ Hi; I want to know the diffenence between 2 system, I checked in the cisco web site already, but could not find the answer? Thanks Vincent _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco CVPN3060 VPN
Answers posted inline below. Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Adekola, Dennis D Sent: Monday, March 26, 2001 10:12 AM To: cisco Subject: Cisco CVPN3060 VPN Hi Guys, My company wants me to investigate on Cisco CVPN3060 VPN boxes. I know what a VPN does , however i need to answer questions like Q = Does it do the authentication itself or will you require a seperate server to authenticate users. A = Authentication servers can be; internal, RADIUS, NT Domain, SDI or Certificate Authorities such as Verisign, Entrust and Microsoft's Certificate Server. If you use Cisco Secure ACS 2.6 as the RADIUS server you also have the ability to authenticate via Windows 2000 Active Directory or Novell NDS. Cisco Secure ACS will proxy the requests for you. Q = Is the configuration just like a router A = There is a menu driven CLI, but the Web base GUI is much more intuitive and quicker. You have control of the full feature set via the GUI. Q = What kind of connections does one need A= Dial-Up (Yuk!!!) or broadband. The client/concentrator does not care. I actually use the client from customer LANs on occasion. Q = On which part of the network will this box sit A = The "Public" interface must have a routable IP address or a one-to-one (static) NAT translation. If the "Private" interface is behind a firewall, you must allow protocol types 50 & 51, UDP 500 and UDP 1. UDP 1 is used for IPSec through NAT which will allow the client to be behind a NAT enabled firewall. I would suggest connecting the "Private" interface to a DMZ on your firewall. This allows you to inspect the unencrypted traffic streams from the VPN 3000. e.t.c Any inputs wll be appreciated Dennis (CCNP) - 21st century air travel http://www.britishairways.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Using a 2611 as an ISL router for a 2924 switch
A VLAN trunk can only be configured on a Fast-Ethernet or Gig-Ethernet interface. The 2611 of course is only 10MB interface. Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sean Graham Sent: Tuesday, March 27, 2001 10:34 AM To: [EMAIL PROTECTED] Subject: Using a 2611 as an ISL router for a 2924 switch The first question I have..is the above possible with a 2611 router with a Fast Ethernet module install, with 48MB DRAM and IOS 12.1. It also has 2 Wic-1T serial cards. The Cisco web site has configuration examples based on 2620's but doesn't mention the 2611. I have had this working using a 3620 OK. But am not able to get this working using the 2611 I am receiving various errors on both the router and the switch. I am wondering as the config is fairly straight forward is this actually possible with this router. Any thoughts would be appreciated _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Using a 2611 as an ISL router for a 2924 switch
I would check the IOS feature set next. You will need IP Plus at a minimum to enable VLAN routing.. Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sean Graham Sent: Tuesday, March 27, 2001 11:19 AM To: [EMAIL PROTECTED] Subject: Re: Using a 2611 as an ISL router for a 2924 switch I am using a FastEthernet 100mbp module. I used the same one in a 3620 which did work. ""Chris Lemagie"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > A VLAN trunk can only be configured on a Fast-Ethernet or Gig-Ethernet > interface. The 2611 of course is only 10MB interface. > > Chris Lemagie > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Sean Graham > Sent: Tuesday, March 27, 2001 10:34 AM > To: [EMAIL PROTECTED] > Subject: Using a 2611 as an ISL router for a 2924 switch > > > The first question I have..is the above possible with a 2611 router with a > Fast Ethernet module install, with 48MB DRAM and IOS 12.1. It also has 2 > Wic-1T serial cards. > > The Cisco web site has configuration examples based on 2620's but doesn't > mention the 2611. I have had this working using a 3620 OK. But am not able > to get this working using the 2611 I am receiving various errors on both the > router and the switch. > > I am wondering as the config is fairly straight forward is this actually > possible with this router. > > Any thoughts would be appreciated > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Using a 2611 as an ISL router for a 2924 switch
The 262x routers also have stronger processors than the 261x routers. Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Kevin Wigle Sent: Tuesday, March 27, 2001 1:03 PM To: perryb; cisco Cc: Sean Graham Subject: Re: Using a 2611 as an ISL router for a 2924 switch the 2621 has two "built-in" FE ports. that is to say, the FE ports are NOT on a module. that's why they are called FIXED lan ports. just like the 2650,2651 and 2620. There is probably some architectural difference between "modules" and ports directly attached to the mother board. More than that, I can't say - ask TAC. Kevin Wigle - Original Message - From: "perryb" <[EMAIL PROTECTED]> To: "Kevin Wigle" <[EMAIL PROTECTED]>; "cisco" <[EMAIL PROTECTED]> Cc: "Sean Graham" <[EMAIL PROTECTED]> Sent: Tuesday, March 27, 2001 3:44 PM Subject: Re: Using a 2611 as an ISL router for a 2924 switch > Ok, I give up...what is a 2621 then if the FE doesn't work on the 2600 > series ? > > > - Original Message - > From: "Kevin Wigle" <[EMAIL PROTECTED]> > To: "cisco" <[EMAIL PROTECTED]> > Cc: "Sean Graham" <[EMAIL PROTECTED]> > Sent: Tuesday, March 27, 2001 11:21 AM > Subject: Re: Using a 2611 as an ISL router for a 2924 switch > > > > ahhh, my favorite thread is back. > > > > > http://www.cisco.com/univercd/cc/td/doc/product/access/acs_mod/cis2600/net_m > > od2/ovrnetm.htm#14116 > > > > says that a FE module is not supported in the 2600 series. > > > > It doesn't say it won't work but it does says it's not supported. If you > > try to configure > > > > That's why the 2620's are quoted - they have 10/100 ports as part of their > > base config. > > > > But you could be mislead by: > > > > http://www.cisco.com/warp/public/cc/pd/rt/2600/prodlit/2636m_ds.htm > > > > But, if you read the doc there is a table that says that none of the FE > > modules are avail for the 2600 series. > > > > Also, if you go here: > > > > http://www.cisco.com/pcgi-bin/finder/msbsearch.pl > > > > and use "Search#2" and search on NM-1FE-TX the results show the module and > > report and say that it is not available for the 2600 series. But it is ok > > with 3600 series routers. > > > > Take a look at http://www.cisco.com/go/module for all your questions on > > 2600/3600 routers. > > > > > > Yeah, we've had this discussion before. > > > > If a reseller sold you this module expressly for the 2611, return it. If > > they sold it to you for a 3600 and you decided to try it in the 2611 - > well, > > you got the results that CCO predicts. > > > > Kevin Wigle > > > > > > > > "Sean Graham" <[EMAIL PROTECTED]> wrote in message > > 99qqjt$3me$[EMAIL PROTECTED]">news:99qqjt$3me$[EMAIL PROTECTED]... > > > The first question I have..is the above possible with a 2611 router with > a > > > Fast Ethernet module install, with 48MB DRAM and IOS 12.1. It also has 2 > > > Wic-1T serial cards. > > > > > > The Cisco web site has configuration examples based on 2620's but > doesn't > > > mention the 2611. I have had this working using a 3620 OK. But am not > able > > > to get this working using the 2611 I am receiving various errors on both > > the > > > router and the switch. > > > > > > I am wondering as the config is fairly straight forward is this actually > > > possible with this router. > > > > > > Any thoughts would be appreciated > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: W2K Client for VPN3000?
Go to CCO (http://www.cisco.com) and login with your username. Select the Software Center Link. Select the VPN Software Link. Select the Cisco VPN Client Link. Select the Download Cisco 3DES Cryptographic Software under export licensing controls Link. There you are... You must upgrade you VPN 3000 concentrator to version 3.0 BEFORE you attempt to run the v3.0 client which supports Windows 2000. Version 3.0 of the concentrator software will support older clients, but older concentrator software images will not work with the new client. Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Weil, Timothy R Sent: Tuesday, March 27, 2001 1:52 PM To: Group Study (List) (E-mail) Subject: W2K Client for VPN3000? looking for sources for finding the client software. it does not come with standard VPN3000 CD. thanks. Tim Weil - CCNP Sr. Consultant > kpmg Consulting > Network Solutions (KCNS) Cell 301.452.3641 Office 703.747.8950 Fax240.337.1305 > > * The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. * _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Gateway of last resort vs. default Gateways
The "Default Gateway" pertains to the routers ip stack. This will be the default gateway when using ping, telnet etc... The "Gateway Of Last Resort" is the ip address to which the router will "route" all packets that are not on a learned (known) network. Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Rizzo Damian Sent: Tuesday, March 27, 2001 2:16 PM To: '[EMAIL PROTECTED]' Subject: Gateway of last resort vs. default Gateways Can someone please give me a non-Cisco explanation between the differences of the Gateway of last resort and the Default Gateway, which logically appear to do the same thing?...Thank you! -Rizzo _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: W2K Client for VPN3000?
The client on the page listed below is actually the 3.01 client... Chris Lemagie Systems Engineer Cisco Systems Seattle Commercial Region (425) 468-0959 [EMAIL PROTECTED] http://www.cisco.com/ -Original Message- From: Jeff Groman [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 27, 2001 4:03 PM To: Chris Lemagie Cc: Weil, Timothy R; Group Study (List) (E-mail) Subject: RE: W2K Client for VPN3000? They also have a 3.01 Release available that came as a result of the Beta program. However, it hasn't shown up yet on the page listed below. If you were part of the beta, they sent you a link and login to get it. Hopefully they'll update the software page soon. Jeff Jeff Groman IS Department, Childrens Hospital, Denver [EMAIL PROTECTED] 303 864 5671 On Tue, 27 Mar 2001, Chris Lemagie wrote: > Go to CCO (http://www.cisco.com) and login with your username. > > Select the Software Center Link. > Select the VPN Software Link. > Select the Cisco VPN Client Link. > Select the Download Cisco 3DES Cryptographic Software under export licensing > controls Link. > There you are... > > You must upgrade you VPN 3000 concentrator to version 3.0 BEFORE you attempt > to run the v3.0 client which supports Windows 2000. Version 3.0 of the > concentrator software will support older clients, but older concentrator > software images will not work with the new client. > > Chris Lemagie > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Weil, Timothy R > Sent: Tuesday, March 27, 2001 1:52 PM > To: Group Study (List) (E-mail) > Subject: W2K Client for VPN3000? > > > looking for sources for finding the client software. > it does not come with standard VPN3000 CD. > thanks. > > Tim Weil - CCNP > Sr. Consultant > > kpmg Consulting > > Network Solutions (KCNS) > Cell 301.452.3641 > Office 703.747.8950 > Fax240.337.1305 > > > > > > * > The information in this email is confidential and may be legally privileged. > It is intended solely for the addressee. Access to this email by anyone else > is unauthorized. > > If you are not the intended recipient, any disclosure, copying, distribution > or any action taken or omitted to be taken in reliance on it, is prohibited > and may be unlawful. When addressed to our clients any opinions or advice > contained in this email are subject to the terms and conditions expressed in > the governing KPMG client engagement letter. > > * > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: W2K Client for VPN3000?
Pix OS 6.0 is in Beta now with a projected release date (FCS) of April 25th. Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Henry Rollins Sent: Tuesday, March 27, 2001 6:14 PM To: Chris Lemagie Cc: Jeff Groman; Weil, Timothy R; Group Study (List) (E-mail) Subject: RE: W2K Client for VPN3000? This is amusing (from the userguide) -- Support for Cisco Secure PIX Firewall platforms that run Release 6.0 and above. Any idea when 6.0 might debut? Thanks Quoting Chris Lemagie <[EMAIL PROTECTED]>: > The client on the page listed below is actually the 3.01 client... > > Chris Lemagie > Systems Engineer > Cisco Systems > Seattle Commercial Region > (425) 468-0959 > [EMAIL PROTECTED] > http://www.cisco.com/ > > -Original Message- > From: Jeff Groman [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, March 27, 2001 4:03 PM > To: Chris Lemagie > Cc: Weil, Timothy R; Group Study (List) (E-mail) > Subject: RE: W2K Client for VPN3000? > > > They also have a 3.01 Release available that came as a result of the Beta > program. However, it hasn't shown up yet on the page listed below. If > you were part of the beta, they sent you a link and login to get it. > Hopefully they'll update the software page soon. > > Jeff > > > > Jeff Groman > IS Department, Childrens Hospital, Denver > [EMAIL PROTECTED] > 303 864 5671 > > On Tue, 27 Mar 2001, Chris Lemagie wrote: > > > Go to CCO (http://www.cisco.com) and login with your username. > > > > Select the Software Center Link. > > Select the VPN Software Link. > > Select the Cisco VPN Client Link. > > Select the Download Cisco 3DES Cryptographic Software under export > licensing > > controls Link. > > There you are... > > > > You must upgrade you VPN 3000 concentrator to version 3.0 BEFORE you > attempt > > to run the v3.0 client which supports Windows 2000. Version 3.0 of the > > concentrator software will support older clients, but older concentrator > > software images will not work with the new client. > > > > Chris Lemagie > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > Weil, Timothy R > > Sent: Tuesday, March 27, 2001 1:52 PM > > To: Group Study (List) (E-mail) > > Subject: W2K Client for VPN3000? > > > > > > looking for sources for finding the client software. > > it does not come with standard VPN3000 CD. > > thanks. > > > > Tim Weil - CCNP > > Sr. Consultant > > > kpmg Consulting > > > Network Solutions (KCNS) > > Cell 301.452.3641 > > Office 703.747.8950 > > Fax240.337.1305 > > > > > > > > > * *** > > * > > The information in this email is confidential and may be legally > privileged. > > It is intended solely for the addressee. Access to this email by anyone > else > > is unauthorized. > > > > If you are not the intended recipient, any disclosure, copying, > distribution > > or any action taken or omitted to be taken in reliance on it, is > prohibited > > and may be unlawful. When addressed to our clients any opinions or advice > > contained in this email are subject to the terms and conditions expressed > in > > the governing KPMG client engagement letter. > > > * *** > > * > > > > _ > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > -- FREE ANONYMOUS EMAIL! Sign up now. http://www.subdimension.com/freemail _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Freeware Tacacs+ and RADIUS?
I would check http://www.winfiles.com/ if you are looking for Windows versions of these products. I get most of my freeware from there. Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Neiberger Sent: Wednesday, March 28, 2001 8:45 AM To: [EMAIL PROTECTED] Subject: Freeware Tacacs+ and RADIUS? Are there such creatures? I'd like to play around with this stuff in my home lab and don't feel like shelling out hundreds of dollars for software just to play with it once in a while. I found some older freeware TACACS software, but I'd like to play with TACACS+ and RADIUS. Any ideas? Thanks, John the Cheapskate _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: vpn upgrade question
Upgrading to 3.0 will preserve the existing configurations. After you upgrade the concentrator, it will still be able to talk to the older clients, but the 3.0 client will not work until you upgrade the concentrator. Chris Lemagie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Frank Kim Sent: Wednesday, March 28, 2001 10:42 AM To: [EMAIL PROTECTED] Subject: vpn upgrade question Hi Folks, I would like to know when upgrading my vpn3030 from 2.5 to 3.0, will I be able to use the old config or will I need to make a new config from scratch on the 3.0? Also, once I'm running 3.0 on my concentrator, can those people who use 2.5 vpn client still have access or they will be force to use the 3.0 vpn client? Thanks for any input. -Frank _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
