Re: Changing telnet port [7:22271]
Friend, You need to work on NAT for this. Refer to Doyl Vol-2 for similiar example. HTH >From: "Lists Wizard" >Reply-To: "Lists Wizard" >To: [EMAIL PROTECTED] >Subject: Changing telnet port [7:22271] >Date: Fri, 5 Oct 2001 17:44:45 -0400 > >Hi Group, > >I wounder if I can change the telnet port on my router so that people need >include a port number when connecting to the router through a telnet >connection. Does any body remember how this can be done? > >Thanks > >Lists Wizard _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=22313&t=22271 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
custom Queue Confusion [7:21656]
Hi guys, Just a little confusion regarding CQ. As far as I know when we are going to implement custome queueing for different protocols,we are suppose to consider frame size for every protocol and than find the accurate bandwidth each queu should have?? On the other hand, I saw in many test labs that they just consider the bandwidth of interface and divide this among the traffic as per given percentage? Now I get confuse??Wht the way we suppose to use in exam? Are we suppose to remember max frame sizes for diff protocols and use them in lab to calculate actual amount allocated to each queue. Thanks for the help A Cisco lover _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21656&t=21656 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CLNS and ISIS in R&S Lab??? [7:21549]
Hey guys.. By considering the fact that CLNS is no more a part of R&S Lab sylabus,how far they can go to ask about ISIS?? As far as i know there are many things which require support of CLNS in ISIS?? Any one here can please specify briefly. Thanks for help Cisco Lover _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21549&t=21549 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Proxy ARP scenerio for LAB?? [7:21530]
Hi guys, Any one can recommend any practical scenerio/Example Involving Proxy-ARP by specially considering R&S LAb. I heard this word many times but not sure how to use it practically and where. Thanks for the Help guys. Cisco Lover _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21530&t=21530 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DLSW Confusion:Canonical/noncanonical [7:21109]
Hi guys, Having a very simple confusion about when and where we need to convert canonical/noncanonical addresses ,when dealing with DLSW+?? Like for eg, if the Question ask to use ICANREACH macaddress command on tokenring router to show that this router can reach an ethernet macaddress DO we have to change ethernet address to noncanonical at this stage before specifying with ICANREACh command or ant thing else?? Please solve the confusion. Thanks. Cisco lover _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21109&t=21109 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PRI NM for 7206?? [7:20969]
H guys, Any idea which one is module/Part no for 7206 PRI ISDN ??? Thanks for help. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=20969&t=20969 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
New Lab Exam Format. [7:20152]
Hi Guys, Any idea about the new Lab R&S lab format?? How they can built/change the 2 days lab format to one day including troubleshooting as well?? Are they going to delete the initial stuff like Addressing /diagrams /basic network etc??? Any idea guys.. Thanks for the help. Cisco Lover _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=20152&t=20152 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Lab Swap:Singapore [7:20140]
Hey Guys, I have got lab in singapore for start of march,02. Any one wanna exchange it with any day/date in 2001. Thanks. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=20140&t=20140 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
A deep OSPF Question [7:19923]
ARe we allowed to put IP ospf point to point command on loopback interfaces in order to get their actual mask instead of /32 in CCIE ALB??? Or do we have to use are0 range command to summarize this?? Thanks for the help. Cisco lover _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19923&t=19923 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
3920 Q?? [7:19921]
Guys? how to delete whole 3920 config at a time?? any switch or command/menu?? Thanks for help. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19921&t=19921 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
No One on List can help for this??? [7:19169]
Hi Cisco Guys.. I am mashing my head for a long time for the answer of this Question and have sent on list various times but no reply yet. CAn any one help to remove this confusion WHAT shoud be the address and mask when we deals with SNA traffic in DLSW+ LSAP ACLS.?? I found ACL having two entries in Caslow as 0x0004 0x0001 & 0x0404 0x0001 but at some other places,I saw this as 0x0d0d 0x0001 and even as 0x 0x0d0d ?? Now I am really confused what is right or wrong ??? As far as I know this is the output of some ANDING but i am not sure where it came from??? Any guy/CCIE can explain this plz. Thanks a lot. A Cisco lover _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19169&t=19169 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DLSW Inside:SNA/Netbios traffic:FOR CCIES [7:18773]
Hi Priscilla, Thanks for the reply. This is actually what I seen in most of the CCIE preparation labs??? But I donot know whats true to use.. I can see in Caslow that he is using 0x0404 and 0x0004 to filter SNA traffic.But in some other test papers they are using 0x0d0d 0x0001. As far as I know it is the result of ANDING of test+explorer+...frames of SNA and not sure How to get this.. Any idea??? >From: "Priscilla Oppenheimer" >Reply-To: "Priscilla Oppenheimer" >To: [EMAIL PROTECTED] >Subject: Re: DLSW Inside:SNA/Netbios traffic:FOR CCIES [7:18773] >Date: Fri, 7 Sep 2001 00:33:37 -0400 > >The LLC SAP for NetBIOS is F0. DSAP, SSAP would be FOFO. > >SNA uses a bunch of SAPs. I have seen 0x04, 0x05, 0x08, 0x0C. I haven't >seen D0. In fact, D0 would be a global DSAP because the first bit is set. >In the SSAP the first bit is the command/response bit. The bit being set >means that the frame is a response. > >What are the masks you mentioned? What are you working on?? > >Priscilla > >At 05:03 AM 9/6/01, Cisco Lover wrote: > >Hi guys,, > > > >Any one can explain how the network+masks for NETBIOS and SNA traffic >comes > >as 0xf0f0 0x0001 and 0xd0d0 0x0001f > > > >IS IRB/RSRB/SRB/SRTB also important to consider for CCIE lab or DLSW is > >enough > > > >Thanks for the help. > > > >Cisco lover > > > >_ > >Get your FREE download of MSN Explorer at >http://explorer.msn.com/intl.asp > > >Priscilla Oppenheimer >http://www.priscilla.com _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18921&t=18773 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Multicasting problem [7:18900]
Hiu guys.. Iam continuously getting this error on my routers configured for multicasting..Any idea??? Thanks for the help. 22:01:21: %PIM-4-DEPRECATED_HELLO_TLV: Deprecated PIM Hello Option TLV 19 (Bidir TLV) from 172.16.1.1 (Serial0) 22:02:21: %PIM-4-DEPRECATED_HELLO_TLV: Deprecated PIM Hello Option TLV 19 (Bidir TLV) from 172.16.1.1 (Serial0) _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18900&t=18900 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Plz help :DLSW Inside:SNA/Netbios traffic:FOR CCIES [7:18773]
hi guys, Can any one help to solve this problem. Thanks >From: "Cisco Lover" >Reply-To: "Cisco Lover" >To: [EMAIL PROTECTED] >Subject: DLSW Inside:SNA/Netbios traffic:FOR CCIES [7:18773] >Date: Thu, 6 Sep 2001 05:03:30 -0400 > >Hi guys,, > >Any one can explain how the network+masks for NETBIOS and SNA traffic comes >as 0xf0f0 0x0001 and 0xd0d0 0x0001f > >IS IRB/RSRB/SRB/SRTB also important to consider for CCIE lab or DLSW is >enough > >Thanks for the help. > >Cisco lover > >_ >Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18896&t=18773 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Multicasting error [7:18781]
Hi, Any one can please explain this error cause??Does it represents any problem with functioning of Multicasting?? Thanks. 4:26: %PIM-4-DEPRECATED_HELLO_TLV: Deprecated PIM Hello Option TLV 19 (Bidir TLV) from 172.16.3.2 (Ethernet0) _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18781&t=18781 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE:NLSP Q:Got answer [7:18775]
Sorry Guys,, I think, I have got answer myself. Because we can enable nlsp only on PtP interfaces...there is no point left for FR map IPX commands.. Thanks. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18775&t=18775 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DLSW Inside:SNA/Netbios traffic:FOR CCIES [7:18773]
Hi guys,, Any one can explain how the network+masks for NETBIOS and SNA traffic comes as 0xf0f0 0x0001 and 0xd0d0 0x0001f IS IRB/RSRB/SRB/SRTB also important to consider for CCIE lab or DLSW is enough Thanks for the help. Cisco lover _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18773&t=18773 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Interesting NLSP Q: FOR IPX Gurus [7:18772]
Hi guys, Any idea how to run NLSP over FR interfaces?? As we cant use IPX network command on serial interfaces ,How to use frame-realy map ipx commands to map from one to another end(my scnerio requirment) Thanks for help. Cisco Lover _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18772&t=18772 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Hi FR champions :) [7:18387]
Hi guys.. Some strange Question. I have my FR switch setup as Full Mesh(Lab setup).So there must be some unused DLCIS on the spoke side which I can see by command as shown below. Is their any way If I can get rid of these Unused DLCIS completly ,by doing any thing on routers(Not on FR switch).What I meant is that rightnow I can see them as "Unused" (DLCI 110)when i put sh frame pvc command. But WHAT IF I Just want to see the status of those DLCIS which are in use???Any way?any trick??? Thanks. ISDN1#sh frame-relay pvc PVC Statistics for interface Serial0/0 (Frame Relay DTE) Active Inactive Deleted Static Local 1000 Switched 0000 Unused 1000 DLCI = 100, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/0.2 input pkts 622 output pkts 1134 in bytes 48784 out bytes 85644 dropped pkts 1 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 1069 out bcast bytes 7 pvc create time 01:27:00, last time pvc status changed 01:03:51 DLCI = 110, DLCI USAGE = UNUSED, PVC STATUS = ACTIVE, INTERFACE = Serial0/0 input pkts 0 output pkts 0in bytes 0 out bytes 0 dropped pkts 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 0 out bcast bytes 0Num Pkts Switched 0 pvc create time 00:02:14, last time pvc status changed 00:01:24 _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18387&t=18387 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: URGENT:FOR Routing experts:Plz help!!! [7:18370]
Even after completly removing route-map from redistribute ospf statment,Im not able to see any External(OSPF) routes going into IGRP? U can see in the debug output that no ospf redistributed packet is going into igrp network.. Thanks for help.!!! IGRP: received update from 152.1.0.2 on Ethernet0/0 05:26:48: network 152.12.0.0, metric 1600 (neighbor 501) 05:26:48: network 152.13.0.0, metric 1600 (neighbor 501) 05:26:48: network 152.14.0.0, metric 1600 (neighbor 501) 05:26:48: network 152.15.0.0, metric 1600 (neighbor 501) 05:26:48: network 152.17.0.0, metric 1600 (neighbor 501) 05:26:48: network 152.16.0.0, metric 1600 (neighbor 501) 05:26:48: network 152.20.0.0, metric 1600 (neighbor 501) 05:26:48: IGRP: Update contains 0 interior, 7 system, and 0 exterior routes. 05:26:48: IGRP: Total routes in update: 7 """05:26:52: IGRP: sending update to 255.255.255.255 via Ethernet0/0 (152.1.0.1) 05:26:52: subnet 152.1.11.0, metric=9100 05:26:52: subnet 152.1.12.0, metric=501 05:26:52: IGRP: Update contains 2 interior, 0 system, and 0 exterior routes."" 05:26:52: IGRP: Total routes in update: 2 05:26:52: IGRP: sending update to 255.255.255.255 via Loopback0 (152.1.12.1) 05:26:52: subnet 152.1.11.0, metric=9100 05:26:52: subnet 152.1.0.0, metric=1100 05:26:52: network 152.12.0.0, metric=1600 05:26:52: network 152.13.0.0, metric=1600 05:26:52: network 152.14.0.0, metric=1600 05:26:52: network 152.15.0.0, metric=1600 05:26:52: IGRP: Update contains 2 interior, 4 system, and 0 exterior routes. 05:26:52: IGRP: Total routes in update: 6 ISDN2# conf t >From: "EA Louie" >To: "Cisco Lover" , >Subject: Re: URGENT:FOR Routing experts:Plz help!!! [7:18370] >Date: Tue, 4 Sep 2001 00:46:26 -0700 > >debug ip igrp event and debug ip igrp transaction on ISDN2. If you don't >see igrp on ISDN2 advertising the summarized routes, then try removing your >route-map in the redistribute ospf statement and see if you aren't creating >a 'too restrictive' match class > >- Original Message - >From: "Cisco Lover" >To: ; >Sent: Monday, September 03, 2001 11:39 PM >Subject: Re: URGENT:FOR Routing experts:Plz help!!! [7:18370] > > > > Hi, > > > > Thanks for the reply!!! > > U correct...But this is what MY problem. > > > > Iam not able to see any ospf routes after redistribution in the next >IGRP > > router i.e FR and hence not able to access OSPF network from IGRP AS. On > > the other hand I am able to see IGRP redistributed routes into OSPF >domain > > but not able to ping them. > > > > As I am able to get results when I used Static routes as ASBR, hence I > > suspect there is something wrong with SUMMARY ADDRESSES ,may be.. > > > > Plz comment...Any one > > > > Thanks > > > > >From: "EA Louie" > > >To: "Cisco Lover" , > > >Subject: Re: URGENT:FOR Routing experts:Plz help!!! [7:18370] > > >Date: Mon, 3 Sep 2001 23:21:58 -0700 > > > > > >Look at the routing table for the next IGRP router to see the effects >of > > >your redistribution. The OSPF summary routes won't be shown on ISDN2 - > > >you'll have to look at the the next downstream IGRP router to see them, > > >because the redistribution effect happens not at the ASBR, but outside >the > > >OSPF domain. > > > > > >You aren't seeing the effects of IGRP redistribution at this point >either, > > >because those routes would show up as O E2 routes in the routing table. > > >Look on your next downstream OSPF router for those external routes to > > >appear. > > > > > >- Original Message - > > >From: "Cisco Lover" > > >To: > > >Sent: Monday, September 03, 2001 10:46 PM > > >Subject: URGENT:FOR Routing experts:Plz help!!! [7:18370] > > > > > > > > > > Hi guys. > > > > > > > > facing some strange IGRPOSPF redistribution problem. > > > > > > > > Router ISDN2 is ASBR ,running IGRP with FR and running ospf with >rest >of > > > > network. > > > > > > > > Now problem is that I am able to redistribute IGRP into OSPF and can >see > > >the > > > > IGRP routes as OSPF external in ospf domain but not able to get > > > > redistributed OSPF routes into IGRP. > > > > > > > > Offcourse, No static/default routes are allowed so I have summarize >ospf > > > > routes into C class,(Same as IGRP major interface)using summary &g
Re: URGENT:FOR Routing experts:Plz help!!! [7:18370]
Hi, Thanks for the reply!!! U correct...But this is what MY problem. Iam not able to see any ospf routes after redistribution in the next IGRP router i.e FR and hence not able to access OSPF network from IGRP AS. On the other hand I am able to see IGRP redistributed routes into OSPF domain but not able to ping them. As I am able to get results when I used Static routes as ASBR, hence I suspect there is something wrong with SUMMARY ADDRESSES ,may be.. Plz comment...Any one Thanks >From: "EA Louie" >To: "Cisco Lover" , >Subject: Re: URGENT:FOR Routing experts:Plz help!!! [7:18370] >Date: Mon, 3 Sep 2001 23:21:58 -0700 > >Look at the routing table for the next IGRP router to see the effects of >your redistribution. The OSPF summary routes won't be shown on ISDN2 - >you'll have to look at the the next downstream IGRP router to see them, >because the redistribution effect happens not at the ASBR, but outside the >OSPF domain. > >You aren't seeing the effects of IGRP redistribution at this point either, >because those routes would show up as O E2 routes in the routing table. >Look on your next downstream OSPF router for those external routes to >appear. > >- Original Message - >From: "Cisco Lover" >To: >Sent: Monday, September 03, 2001 10:46 PM >Subject: URGENT:FOR Routing experts:Plz help!!! [7:18370] > > > > Hi guys. > > > > facing some strange IGRPOSPF redistribution problem. > > > > Router ISDN2 is ASBR ,running IGRP with FR and running ospf with rest of > > network. > > > > Now problem is that I am able to redistribute IGRP into OSPF and can see >the > > IGRP routes as OSPF external in ospf domain but not able to get > > redistributed OSPF routes into IGRP. > > > > Offcourse, No static/default routes are allowed so I have summarize ospf > > routes into C class,(Same as IGRP major interface)using summary address > > command .But still not able to get these routes redistributed. > > > > When I tried by using Static routes pointing to null 0,IT WORKED> > > > > The problem I observed is that although I have put SUMMARY ADDRESS >commands > > for network 152.1.1.0 & 152.1.2.0 ,which are required to redistribute >into > > IGRP,I CANT see them as summary routes in ISDN2 router wHY>>>>?? > > > > > > Any one can help Please.All config attached > > Thanks a lot!!! > > > > > > !ISDN2 > > > > ! > > interface Loopback0 > > ip address 152.1.12.1 255.255.255.0 > > no ip directed-broadcast > > ! > > interface Ethernet0/0 > > ip address 152.1.0.1 255.255.255.0 > > no ip directed-broadcast > > no cdp enable > > ! > > interface Serial0/0 > > no ip address > > no ip directed-broadcast > > no ip mroute-cache > > shutdown > > no fair-queue > > no cdp enable > > ! > > interface BRI0/0 > > ip address 152.1.1.18 255.255.255.252 > > no ip directed-broadcast > > encapsulation ppp > > ip ospf demand-circuit > > dialer idle-timeout 1000 > > dialer map ip 152.1.1.17 name ISDN1 broadcast 2465640 > > dialer-group 1 > > isdn switch-type basic-net3 > > no cdp enable > > ppp chap hostname cisco > > ppp chap password 7 02050D480809 > > ! > > interface Ethernet0/1 > > bandwidth > > ip address 152.1.11.1 255.255.255.0 > > no ip directed-broadcast > > no keepalive > > no fair-queue > > no cdp enable > > ! > > interface Serial1/0 > > bandwidth 172 > > backup delay 5 20 > > backup interface BRI0/0 > > ip address 152.1.10.2 255.255.255.128 > > no ip directed-broadcast > > no fair-queue > > clockrate 64000 > > no cdp enable > > ! > > interface Serial1/1 > > no ip address > > no ip directed-broadcast > > encapsulation frame-relay > > clockrate 64000 > > frame-relay intf-type dce > > frame-relay route 100 interface Serial1/4 300 > > ! > > interface Serial1/2 > > no ip address > > no ip directed-broadcast > > shutdown > > no cdp enable > > ! > > interface Serial1/3 > > no ip address > > no ip directed-broadcast > > encapsulation frame-relay > > clockrate 64000 > > frame-relay intf-type dce > > frame-relay route 201 interface Serial1/4 301 > > ! > > interface Serial1/4 > > no ip address > > no ip directed-broadcast > > encapsulation frame-relay > > frame-relay intf-type dce > > frame-relay route 300 interface Serial1/1 100 > > frame-relay route 301
Re: URGENT:FOR Routing experts:Plz help!!! [7:18370]
I have checked on the neighbouring routers as well but cant see these summary addresses any where else. What I beleive is that I should be able to see these summary address in local routing table,before I can see them any where else. Like u can see the summary address of IGRP routes ,coming from FR router and redistributiig to OSPF domain after redistribution. >From: "EA Louie" >To: "Cisco Lover" , >Subject: Re: URGENT:FOR Routing experts:Plz help!!! [7:18370] >Date: Mon, 3 Sep 2001 23:21:58 -0700 > >Look at the routing table for the next IGRP router to see the effects of >your redistribution. The OSPF summary routes won't be shown on ISDN2 - >you'll have to look at the the next downstream IGRP router to see them, >because the redistribution effect happens not at the ASBR, but outside the >OSPF domain. > >You aren't seeing the effects of IGRP redistribution at this point either, >because those routes would show up as O E2 routes in the routing table. >Look on your next downstream OSPF router for those external routes to >appear. > >- Original Message - >From: "Cisco Lover" >To: >Sent: Monday, September 03, 2001 10:46 PM >Subject: URGENT:FOR Routing experts:Plz help!!! [7:18370] > > > > Hi guys. > > > > facing some strange IGRPOSPF redistribution problem. > > > > Router ISDN2 is ASBR ,running IGRP with FR and running ospf with rest of > > network. > > > > Now problem is that I am able to redistribute IGRP into OSPF and can see >the > > IGRP routes as OSPF external in ospf domain but not able to get > > redistributed OSPF routes into IGRP. > > > > Offcourse, No static/default routes are allowed so I have summarize ospf > > routes into C class,(Same as IGRP major interface)using summary address > > command .But still not able to get these routes redistributed. > > > > When I tried by using Static routes pointing to null 0,IT WORKED> > > > > The problem I observed is that although I have put SUMMARY ADDRESS >commands > > for network 152.1.1.0 & 152.1.2.0 ,which are required to redistribute >into > > IGRP,I CANT see them as summary routes in ISDN2 router wHY>>>>?? > > > > > > Any one can help Please.All config attached > > Thanks a lot!!! > > > > > > !ISDN2 > > > > ! > > interface Loopback0 > > ip address 152.1.12.1 255.255.255.0 > > no ip directed-broadcast > > ! > > interface Ethernet0/0 > > ip address 152.1.0.1 255.255.255.0 > > no ip directed-broadcast > > no cdp enable > > ! > > interface Serial0/0 > > no ip address > > no ip directed-broadcast > > no ip mroute-cache > > shutdown > > no fair-queue > > no cdp enable > > ! > > interface BRI0/0 > > ip address 152.1.1.18 255.255.255.252 > > no ip directed-broadcast > > encapsulation ppp > > ip ospf demand-circuit > > dialer idle-timeout 1000 > > dialer map ip 152.1.1.17 name ISDN1 broadcast 2465640 > > dialer-group 1 > > isdn switch-type basic-net3 > > no cdp enable > > ppp chap hostname cisco > > ppp chap password 7 02050D480809 > > ! > > interface Ethernet0/1 > > bandwidth > > ip address 152.1.11.1 255.255.255.0 > > no ip directed-broadcast > > no keepalive > > no fair-queue > > no cdp enable > > ! > > interface Serial1/0 > > bandwidth 172 > > backup delay 5 20 > > backup interface BRI0/0 > > ip address 152.1.10.2 255.255.255.128 > > no ip directed-broadcast > > no fair-queue > > clockrate 64000 > > no cdp enable > > ! > > interface Serial1/1 > > no ip address > > no ip directed-broadcast > > encapsulation frame-relay > > clockrate 64000 > > frame-relay intf-type dce > > frame-relay route 100 interface Serial1/4 300 > > ! > > interface Serial1/2 > > no ip address > > no ip directed-broadcast > > shutdown > > no cdp enable > > ! > > interface Serial1/3 > > no ip address > > no ip directed-broadcast > > encapsulation frame-relay > > clockrate 64000 > > frame-relay intf-type dce > > frame-relay route 201 interface Serial1/4 301 > > ! > > interface Serial1/4 > > no ip address > > no ip directed-broadcast > > encapsulation frame-relay > > frame-relay intf-type dce > > frame-relay route 300 interface Serial1/1 100 > > frame-relay route 301 interface Serial1/3 201 > > ! > > interface Serial1/5 > > no ip address > > no ip directed-broadcas
URGENT:FOR Routing experts:Plz help!!! [7:18370]
Hi guys. facing some strange IGRPOSPF redistribution problem. Router ISDN2 is ASBR ,running IGRP with FR and running ospf with rest of network. Now problem is that I am able to redistribute IGRP into OSPF and can see the IGRP routes as OSPF external in ospf domain but not able to get redistributed OSPF routes into IGRP. Offcourse, No static/default routes are allowed so I have summarize ospf routes into C class,(Same as IGRP major interface)using summary address command .But still not able to get these routes redistributed. When I tried by using Static routes pointing to null 0,IT WORKED> The problem I observed is that although I have put SUMMARY ADDRESS commands for network 152.1.1.0 & 152.1.2.0 ,which are required to redistribute into IGRP,I CANT see them as summary routes in ISDN2 router wHY?? Any one can help Please.All config attached Thanks a lot!!! !ISDN2 ! interface Loopback0 ip address 152.1.12.1 255.255.255.0 no ip directed-broadcast ! interface Ethernet0/0 ip address 152.1.0.1 255.255.255.0 no ip directed-broadcast no cdp enable ! interface Serial0/0 no ip address no ip directed-broadcast no ip mroute-cache shutdown no fair-queue no cdp enable ! interface BRI0/0 ip address 152.1.1.18 255.255.255.252 no ip directed-broadcast encapsulation ppp ip ospf demand-circuit dialer idle-timeout 1000 dialer map ip 152.1.1.17 name ISDN1 broadcast 2465640 dialer-group 1 isdn switch-type basic-net3 no cdp enable ppp chap hostname cisco ppp chap password 7 02050D480809 ! interface Ethernet0/1 bandwidth ip address 152.1.11.1 255.255.255.0 no ip directed-broadcast no keepalive no fair-queue no cdp enable ! interface Serial1/0 bandwidth 172 backup delay 5 20 backup interface BRI0/0 ip address 152.1.10.2 255.255.255.128 no ip directed-broadcast no fair-queue clockrate 64000 no cdp enable ! interface Serial1/1 no ip address no ip directed-broadcast encapsulation frame-relay clockrate 64000 frame-relay intf-type dce frame-relay route 100 interface Serial1/4 300 ! interface Serial1/2 no ip address no ip directed-broadcast shutdown no cdp enable ! interface Serial1/3 no ip address no ip directed-broadcast encapsulation frame-relay clockrate 64000 frame-relay intf-type dce frame-relay route 201 interface Serial1/4 301 ! interface Serial1/4 no ip address no ip directed-broadcast encapsulation frame-relay frame-relay intf-type dce frame-relay route 300 interface Serial1/1 100 frame-relay route 301 interface Serial1/3 201 ! interface Serial1/5 no ip address no ip directed-broadcast shutdown no cdp enable ! interface Serial1/6 no ip address no ip directed-broadcast shutdown no cdp enable ! interface Serial1/7 no ip address no ip directed-broadcast shutdown no cdp enable ! router ospf 64 area 0 authentication message-digest area 1 virtual-link 152.1.2.5 area 2 nssa default-information-originate summary-address 152.1.2.0 255.255.255.0 summary-address 152.12.0.0 255.252.0.0 summary-address 152.1.1.0 255.255.255.0 redistribute igrp 64 subnets route-map Hi passive-interface Ethernet0/0 network 152.1.1.18 0.0.0.0 area 2 network 152.1.10.2 0.0.0.0 area 1 network 152.1.11.1 0.0.0.0 area 2 default-information originate always ! router igrp 64 redistribute ospf 64 route-map CCIE passive-interface Ethernet0/1 passive-interface Serial1/0 network 152.1.0.0 default-metric 1 100 255 1 1500 distribute-list 1 in Ethernet0/0 ! ip classless no ip http server ! access-list 1 permit 152.12.0.0 access-list 1 permit 152.13.0.0 access-list 1 permit 152.14.0.0 access-list 1 permit 152.15.0.0 access-list 10 permit 152.1.1.0 access-list 10 permit 152.1.2.0 access-list 20 permit 152.12.0.0 access-list 20 permit 152.13.0.0 access-list 20 permit 152.14.0.0 access-list 20 permit 152.15.0.0 dialer-list 1 protocol ip permit no cdp run route-map HI permit 10 ! route-map CCIE permit 10 match ip address 10 ! route-map Hi permit 10 match ip address 20 ! ! banner motd ^CHi how r u^C ! line con 0 exec-timeout 0 0 password cisco transport input none line aux 0 line vty 0 4 login ! ISDN2#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 152.1.0.0/16 is variably subnetted, 7 subnets, 4 masks O 152.1.1.128/25 [110/1252] via 152.1.10.1, 01:08:11, Serial1/0 C 152.1.11.0/24 is directly connected, Ethernet0/1 C 152.1.10.0/25 is directly connected, Serial1/0 C 152.1.12.0/24 is directly connected, Loopback0 O IA152.1.1.0/28 [110/1833] via 152.1.10.1, 01:08:11, Serial1/0 C 152.1.0.0/24 is directly connected, Ethernet0/0 O 152.1.
DLSW Confusion [7:18304]
Hi guys, I am still revolving around an stupid DLSW confusion. I found in many 3rd party labs and other configurations that they are using SOURCE-ROUTE BRIDGE x command even when configuring DLSW+ between 2 ethernet segments.. Do we really need to put this command even when we are not dealing with TR?? I am not agree with this Any idea? Thanks. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18304&t=18304 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Access List Q [7:18303]
Hi guys, Please help to solve this ACL. Thanks. Configure access list on router such that all tcp sessions that originated from Router will always be permitted on its serial0 interface?? Is that correct ? access 101 permit tcp any any established ?? _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18303&t=18303 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Please Advice:Trunking problem [7:18170]
Hi guys, Trying to run ISL/DOt1Q trunking on my cat5,but getting this error. Console> (enable) set trunk 3/1 on dot1q 1 Feature not supported on Module 3. Is that due to IOS???if yes ,please advice required IOS for this module. Thanks. Console> (enable) sh ver WS-C5505 Software, Version McpSW: 5.5(5) NmpSW: 5.5(5) Copyright (c) 1995-2000 by Cisco Systems NMP S/W compiled on Dec 14 2000, 17:42:24 MCP S/W compiled on Dec 14 2000, 17:37:38 System Bootstrap Version: 3.1.2 Hardware Version: 1.0 Model: WS-C5505 Serial #: 066546807 Mod Port Model Serial # Versions --- -- - 1 0WS-X5530 012758150 Hw : 3.0 Fw : 3.1.2 Fw1: 4.2(1) Sw : 5.5(5) WS-F5521 011477888 Hw : 1.1 3 24 WS-X5224 011795763 Hw : 1.4 Fw : 3.1(1) Sw : 5.5(5) DRAMFLASH NVRAM Module Total UsedFreeTotal UsedFreeTotal Used Free -- --- --- --- --- --- --- - - - 1 32640K 19331K 13309K 8192K 5575K 2617K 512K 170K 342K Console> (enable) sh flash -#- ED --type-- --crc--- -seek-- nlen -length- -date/time-- name 1 .. 89280598 4f19f0 22 4921710 Jul 09 2001 09:41:19 cat5000-sup3 .5-5-5.bin 2680336 bytes available (4921840 bytes used) _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18170&t=18170 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Working ISL/DOT1Q config [7:18070]
Can u please give some example?? DO u mean that subinterfaces should be configured for some vlan other than one?? Thanks for the help >From: "Thomas N." >Reply-To: "Thomas N." >To: [EMAIL PROTECTED] >Subject: Re: Working ISL/DOT1Q config [7:18070] >Date: Sat, 1 Sep 2001 00:31:13 -0400 > >I ran into this problem before. The way you configure would work only if >you encapsulate using ISL. If you use the dot1q, you have to configure the >physical interface FE0/0 with a management VLAN (VLAN 1 by default). >Sub-interfaces will be assigned a different VLAN and encapsulated with >dot1q. > > > >""Cisco Lover"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Hi friends.. > > > > Can any one send me any working configuration for trunking using cat5 >for > > intervlan routing.. > > > > I have followed all the instructions in books and everwhere but still >cant > > get it work..Donot know where I m wrong.(Config atttached) > > > > Thanks for the help.. > > > > Cisco Lover > > > > > > FE router: > > > > > > interface FastEthernet0/0 > > no ip address > > no ip directed-broadcast > > speed 100 > > full-duplex > > ! > > interface FastEthernet0/0.1 > > encapsulation dot1Q 1 > > ip address 190.100.1.10 255.255.255.0 > > no ip directed-broadcast > > ! > > interface FastEthernet0/0.2 > > encapsulation dot1Q 2 > > ip address 190.100.2.10 255.255.255.0 > > no ip directed-broadcast > > > > Router1 > > > > interface Ethernet0 > > ip address 190.100.1.1 255.255.255.0 > > no ip directed-broadcast > > > > router2 > > interface Ethernet0 > > ip address 190.100.2.1 255.255.255.0 > > > > CAtalyst: > > port32:Vlan1 > > port33:vlan2 > > > > set interface sc0 1 190.100.1.20/255.255.255.0 190.100.1.255 > > > > set interface sl0 down > > set interface me1 down > > set ip route 0.0.0.0/0.0.0.0 190.100.1.10 > > ! > > #syslog > > set logging level cops 2 default > > ! > > #set boot command > > set boot config-register 0x2 > > set boot system flash bootflash:cat4000.5-5-1.bin > > set boot system flash bootflash:cat5000-sup3.4-2-1.bin > > set boot system flash bootflash:cat4000.5-4-2.bin > > ! > > #module 1 : 2-port 1000BaseX Supervisor > > ! > > #module 2 : 34-port 10/100/1000 Ethernet > > set vlan 22/33 > > set port speed 2/34 100 > > set port duplex 2/34 full > > clear trunk 2/34 3-1005 > > set trunk 2/34 nonegotiate dot1q 1-2 > > > > > > > > > > > > > > > > > > _ > > Get your FREE download of MSN Explorer at >http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18161&t=18070 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Working ISL/DOT1Q config [7:18070]
Hey Tony... Sorry its not workingAny other way to get this work? Router(config-subif)#encapsulation dot1Q 1 Native ^ % Invalid input detected at '^' marker. Router(config-subif)#enca Router(config-subif)#encapsulation dot Router(config-subif)#encapsulation dot1Q 1 ? Router(config-subif)#encapsulation dot1Q 1 >From: "Tony Medeiros" >Reply-To: "Tony Medeiros" >To: [EMAIL PROTECTED] >Subject: Re: Working ISL/DOT1Q config [7:18070] >Date: Fri, 31 Aug 2001 10:12:12 -0400 > >Put the word "Native" after the "encapulation dot1q 1" on interface >fast0\0.1 In the dot1q world, the native vlan for the port,(vlan 1) is >not tagged or encapsulated in the dot1q frame. Hence the need for the >command. Your native vlan for the trunk port (2/34) is vlan 1 accourding >to >your config cus you didn't assign it to anything else. > >Doing some big time switch study lately aren't you ? :) >Take care >Tony M. >#6172 > > >- Original Message - >From: "Cisco Lover" >To: >Sent: Friday, August 31, 2001 5:43 AM >Subject: Working ISL/DOT1Q config [7:18070] > > > > Hi friends.. > > > > Can any one send me any working configuration for trunking using cat5 >for > > intervlan routing.. > > > > I have followed all the instructions in books and everwhere but still >cant > > get it work..Donot know where I m wrong.(Config atttached) > > > > Thanks for the help.. > > > > Cisco Lover > > > > > > FE router: > > > > > > interface FastEthernet0/0 > > no ip address > > no ip directed-broadcast > > speed 100 > > full-duplex > > ! > > interface FastEthernet0/0.1 > > encapsulation dot1Q 1 > > ip address 190.100.1.10 255.255.255.0 > > no ip directed-broadcast > > ! > > interface FastEthernet0/0.2 > > encapsulation dot1Q 2 > > ip address 190.100.2.10 255.255.255.0 > > no ip directed-broadcast > > > > Router1 > > > > interface Ethernet0 > > ip address 190.100.1.1 255.255.255.0 > > no ip directed-broadcast > > > > router2 > > interface Ethernet0 > > ip address 190.100.2.1 255.255.255.0 > > > > CAtalyst: > > port32:Vlan1 > > port33:vlan2 > > > > set interface sc0 1 190.100.1.20/255.255.255.0 190.100.1.255 > > > > set interface sl0 down > > set interface me1 down > > set ip route 0.0.0.0/0.0.0.0 190.100.1.10 > > ! > > #syslog > > set logging level cops 2 default > > ! > > #set boot command > > set boot config-register 0x2 > > set boot system flash bootflash:cat4000.5-5-1.bin > > set boot system flash bootflash:cat5000-sup3.4-2-1.bin > > set boot system flash bootflash:cat4000.5-4-2.bin > > ! > > #module 1 : 2-port 1000BaseX Supervisor > > ! > > #module 2 : 34-port 10/100/1000 Ethernet > > set vlan 22/33 > > set port speed 2/34 100 > > set port duplex 2/34 full > > clear trunk 2/34 3-1005 > > set trunk 2/34 nonegotiate dot1q 1-2 > > > > > > > > > > > > > > > > > > _ > > Get your FREE download of MSN Explorer at >http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18094&t=18070 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Working ISL/DOT1Q config [7:18070]
Hi friends.. Can any one send me any working configuration for trunking using cat5 for intervlan routing.. I have followed all the instructions in books and everwhere but still cant get it work..Donot know where I m wrong.(Config atttached) Thanks for the help.. Cisco Lover FE router: interface FastEthernet0/0 no ip address no ip directed-broadcast speed 100 full-duplex ! interface FastEthernet0/0.1 encapsulation dot1Q 1 ip address 190.100.1.10 255.255.255.0 no ip directed-broadcast ! interface FastEthernet0/0.2 encapsulation dot1Q 2 ip address 190.100.2.10 255.255.255.0 no ip directed-broadcast Router1 interface Ethernet0 ip address 190.100.1.1 255.255.255.0 no ip directed-broadcast router2 interface Ethernet0 ip address 190.100.2.1 255.255.255.0 CAtalyst: port32:Vlan1 port33:vlan2 set interface sc0 1 190.100.1.20/255.255.255.0 190.100.1.255 set interface sl0 down set interface me1 down set ip route 0.0.0.0/0.0.0.0 190.100.1.10 ! #syslog set logging level cops 2 default ! #set boot command set boot config-register 0x2 set boot system flash bootflash:cat4000.5-5-1.bin set boot system flash bootflash:cat5000-sup3.4-2-1.bin set boot system flash bootflash:cat4000.5-4-2.bin ! #module 1 : 2-port 1000BaseX Supervisor ! #module 2 : 34-port 10/100/1000 Ethernet set vlan 22/33 set port speed 2/34 100 set port duplex 2/34 full clear trunk 2/34 3-1005 set trunk 2/34 nonegotiate dot1q 1-2 _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18070&t=18070 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: One Sided Chap????? [7:18056]
Hi , Thanks for the help?? Is the rest of the commands will remain the same??? DO we still have to put ppp authentication chap and username+password set at both ends?? Thanks again. >From: >To: "Cisco Lover" , >Subject: Re: One Sided Chap? [7:18056] >Date: Fri, 31 Aug 2001 15:43:14 +0400 > >ppp chap sent username xxx >- Original Message - >From: "Cisco Lover" >To: >Sent: Friday, August 31, 2001 3:12 PM >Subject: One Sided Chap? [7:18056] > > > > Hi Guys... > > > > Any Idea how to setup one sided chap???that is only one router is >sending > > challenge?? > > > > > > Thanks for the help.. > > > > _ > > Get your FREE download of MSN Explorer at >http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18067&t=18056 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: One Sided Chap????? [7:18056]
Hi Charlie,, Thanks for the help.. So, the rest of the commands will remain the same??I mean we still have to put ppp authentication chap and USERNAME+PASSWORD set on both sides?? Cisco Lover >From: Charlie Hartwell >Reply-To: [EMAIL PROTECTED] >To: Cisco Lover , [EMAIL PROTECTED] >Subject: Re: One Sided Chap? [7:18056] >Date: Fri, 31 Aug 2001 13:01:24 +0100 (BST) > >You want "ppp authentication chap callin" so that the router will >only authenticate incoming ppp connections but not outgoing. > >HTH. > >Charlie > > --- Cisco Lover wrote: > Hi Guys... > > > > Any Idea how to setup one sided chap???that is only one router is > > sending > > challenge?? > > > > > > Thanks for the help.. > > > > _ > > Get your FREE download of MSN Explorer at > > http://explorer.msn.com/intl.asp >[EMAIL PROTECTED] > > >Do You Yahoo!? >Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk >or your free @yahoo.ie address at http://mail.yahoo.ie _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18065&t=18056 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
One Sided Chap????? [7:18056]
Hi Guys... Any Idea how to setup one sided chap???that is only one router is sending challenge?? Thanks for the help.. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18056&t=18056 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
An Interesting routing+Sw Question:LAB Q [7:18026]
Hello Guys, This Question is from some Book Apendix pass by my friend(Let me knowthe book name and Author if u know ;)).Please help to clarify. Thanks. "Vlan1 Contains 28 servers in server farm.Configure R1&R2 so that in event of router failure the other router will take over for the subnet.Under normal conditions the load should be split evenly b/w these 2 routers . Fourteen of the servers are defined with ip 152.1.1.3 and other fouteen are defined with 152.1.1.4" any thing to do with HSRP???where these addresses need to configured??152.1.1.3 and .4 ?? _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18026&t=18026 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Catalyst Q. [7:18036]
Hi Guys, How we can restrict catalyst to allow telnet access to particular hosts?? Thanks for the help. Cisco Lover _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18036&t=18036 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IPSEC Challenge Problem [7:17844]
Wonderfull!!! GREA Kent U solved my problem.. Thanks a lot!!! >From: "Kent Hundley" >Reply-To: "Kent Hundley" >To: [EMAIL PROTECTED] >Subject: RE: IPSEC Challenge Problem [7:17844] >Date: Thu, 30 Aug 2001 17:03:25 -0400 > >The problem is most likely your access-lists. You need to create an acl >that allows telnet traffic from A to B and the return traffic from B to A: > >For telnet from A to B: > >on A: access-list 101 permit host A gt 1023 host B eq 23 >on B: access-list 101 permit host B eq 23 host A gt 1023 > >(create reverse images of these entries for telnet from B to A) > >Note that the acl's on B and A are "mirror images" of each other, as stated >in the Cisco docs. > >You need to remember that the source port for a client initiating telnet is >a randomly chosen port above 1023. > >You don't _have_ to list the 'gt 1023', but when using acl's for IPSec I >like to specify both src and dst ports if possible for consistency. > >HTH, >Kent > > >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of >Cisco Lover >Sent: Thursday, August 30, 2001 4:21 AM >To: [EMAIL PROTECTED] >Subject: IPSEC Challenge Problem [7:17844] > > >Guys, > >The objective of the problem I m going to explain you is to encrypt ONLY >TELNET traffic b/w these two routers. > >THe main problem I m facing is that IM not able to do this by implementing >specific host lists that permits only telnet traffic from one to another >host..Like > >access-list 101 permit tcp host A host B eq telnet. > >The only way I can run this is by using normal list allowing complete >traffic b/w these two hosts.Please have a look and let me know if u find >any >problem in my config. > >Thanks. > >ISDN1#sh crypto engine connections ac >ISDN1#sh crypto engine connections active > > ID Interface IP-Address State Algorithm Encrypt >Decrypt > >1 setHMAC_MD5+DES_56_CB0 >0 > >2 setHMAC_MD5+DES_56_CB0 >0 > >2000 Serial0/0 135.25.11.1 setHMAC_MD5+DES_56_CB0 > 54 > >2001 Serial0/0 135.25.11.1 setHMAC_MD5+DES_56_CB 40 >0 > > >ISDN1#sh run >Building configuration... > >Current configuration: >! >version 12.0 >service timestamps debug uptime >service timestamps log uptime >no service password-encryption >! >hostname ISDN1 >! >enable password cisco >! >! >! >! >! >memory-size iomem 7 >ip subnet-zero >ip telnet source-interface Loopback0 >no ip domain-lookup >! >isdn voice-call-failure 0 >cns event-service server >! >! >! >! >crypto isakmp policy 10 >hash md5 >authentication pre-share >crypto isakmp key hello address 135.25.11.2 255.255.255.255 >crypto isakmp key hello address 135.25.3.1 255.255.255.255 >! >! >crypto ipsec transform-set cisco esp-des esp-md5-hmac >! >! >crypto map CCIE local-address Loopback0 >crypto map CCIE 10 ipsec-isakmp >set peer 135.25.11.2 >set peer 135.25.3.1 >set transform-set cisco >match address 101 >! >! >! >! >interface Loopback0 >ip address 135.25.4.1 255.255.255.255 >no ip directed-broadcast >! >interface FastEthernet0/0 >no ip address >no ip directed-broadcast >shutdown >duplex auto >speed auto >! >interface Serial0/0 >ip address 135.25.11.1 255.255.255.0 >no ip directed-broadcast >no ip mroute-cache >no fair-queue >crypto map CCIE >! >interface BRI0/0 >no ip address >no ip directed-broadcast >shutdown >isdn guard-timer 0 on-expiry accept >! >interface FastEthernet0/1 >no ip address >no ip directed-broadcast >shutdown >duplex auto >speed auto >! >ip classless >ip route 0.0.0.0 0.0.0.0 135.25.11.2 >no ip http server >! >access-list 101 permit ip host 135.25.4.1 host 135.25.3.1 >! >! >voice-port 1/0/0 >! >voice-port 1/0/1 >! >voice-port 1/1/0 >! >voice-port 1/1/1 >! >! >! >line con 0 >password cisco >transport input none >line aux 0 >line vty 0 4 >password cisco >login >! > > > >hostname ISDN2 >! >enable password cisco >! >! >! >! >! >ip subnet-zero >ip telnet source-interface Loopback0 >no ip domain-lookup >! >isdn voice-call-failure 0 >cns event-service server >! >! >crypto isakmp policy 10 >hash md5 >authentication pre-share >crypto isakmp key hello address 135.25.11.1 >crypto isakmp key hello address 135.25.4.1 >! >! >crypto ipsec transform-set cisco esp-des esp-md
OSPF Challenge Q's :) [7:17852]
(1) How to change the OSPF cost of using ethernet interface to 90 and serial interface to 580 across whole network ,WITHOUT using ip ospf cost command??? (2)How to propagate SOme loopback interfaces via OSPF such that these loopback interfaces are not configured for ospf .Also these routes should not be seen as external. :( Is that tough?? _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17852&t=17852 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IPSEC Challenge Problem [7:17844]
Guys, The objective of the problem I m going to explain you is to encrypt ONLY TELNET traffic b/w these two routers. THe main problem I m facing is that IM not able to do this by implementing specific host lists that permits only telnet traffic from one to another host..Like access-list 101 permit tcp host A host B eq telnet. The only way I can run this is by using normal list allowing complete traffic b/w these two hosts.Please have a look and let me know if u find any problem in my config. Thanks. ISDN1#sh crypto engine connections ac ISDN1#sh crypto engine connections active ID Interface IP-Address State Algorithm Encrypt Decrypt 1 setHMAC_MD5+DES_56_CB0 0 2 setHMAC_MD5+DES_56_CB0 0 2000 Serial0/0 135.25.11.1 setHMAC_MD5+DES_56_CB0 54 2001 Serial0/0 135.25.11.1 setHMAC_MD5+DES_56_CB 40 0 ISDN1#sh run Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname ISDN1 ! enable password cisco ! ! ! ! ! memory-size iomem 7 ip subnet-zero ip telnet source-interface Loopback0 no ip domain-lookup ! isdn voice-call-failure 0 cns event-service server ! ! ! ! crypto isakmp policy 10 hash md5 authentication pre-share crypto isakmp key hello address 135.25.11.2 255.255.255.255 crypto isakmp key hello address 135.25.3.1 255.255.255.255 ! ! crypto ipsec transform-set cisco esp-des esp-md5-hmac ! ! crypto map CCIE local-address Loopback0 crypto map CCIE 10 ipsec-isakmp set peer 135.25.11.2 set peer 135.25.3.1 set transform-set cisco match address 101 ! ! ! ! interface Loopback0 ip address 135.25.4.1 255.255.255.255 no ip directed-broadcast ! interface FastEthernet0/0 no ip address no ip directed-broadcast shutdown duplex auto speed auto ! interface Serial0/0 ip address 135.25.11.1 255.255.255.0 no ip directed-broadcast no ip mroute-cache no fair-queue crypto map CCIE ! interface BRI0/0 no ip address no ip directed-broadcast shutdown isdn guard-timer 0 on-expiry accept ! interface FastEthernet0/1 no ip address no ip directed-broadcast shutdown duplex auto speed auto ! ip classless ip route 0.0.0.0 0.0.0.0 135.25.11.2 no ip http server ! access-list 101 permit ip host 135.25.4.1 host 135.25.3.1 ! ! voice-port 1/0/0 ! voice-port 1/0/1 ! voice-port 1/1/0 ! voice-port 1/1/1 ! ! ! line con 0 password cisco transport input none line aux 0 line vty 0 4 password cisco login ! hostname ISDN2 ! enable password cisco ! ! ! ! ! ip subnet-zero ip telnet source-interface Loopback0 no ip domain-lookup ! isdn voice-call-failure 0 cns event-service server ! ! crypto isakmp policy 10 hash md5 authentication pre-share crypto isakmp key hello address 135.25.11.1 crypto isakmp key hello address 135.25.4.1 ! ! crypto ipsec transform-set cisco esp-des esp-md5-hmac ! ! crypto map CCIE local-address Loopback0 crypto map CCIE 10 ipsec-isakmp set peer 135.25.11.1 set peer 135.25.4.1 set transform-set cisco match address 101 partition flash 2 16 8 ! ! ! ! ! ! ! interface Loopback0 ip address 135.25.3.1 255.255.255.255 no ip directed-broadcast ! interface Ethernet0/0 no ip address no ip directed-broadcast shutdown ! interface Serial0/0 no ip address no ip directed-broadcast shutdown ! interface BRI0/0 no ip address no ip directed-broadcast shutdown isdn guard-timer 0 on-expiry accept ! interface Ethernet0/1 no ip address no ip directed-broadcast shutdown ! interface Serial1/0 no ip address no ip directed-broadcast shutdown ! interface Serial1/1 ip address 135.25.11.2 255.255.255.0 no ip directed-broadcast clockrate 64000 crypto map CCIE ! interface Serial1/2 no ip address no ip directed-broadcast shutdown ! interface Serial1/3 no ip address no ip directed-broadcast shutdown ! interface Serial1/4 ip address 135.25.12.1 255.255.255.0 no ip directed-broadcast ! interface Serial1/5 no ip address no ip directed-broadcast shutdown ! interface Serial1/6 no ip address no ip directed-broadcast shutdown ! interface Serial1/7 no ip address no ip directed-broadcast shutdown ! ip classless ip route 0.0.0.0 0.0.0.0 135.25.11.1 no ip http server ! access-list 101 permit ip host 135.25.3.1 host 135.25.4.1 ! ! line con 0 exec-timeout 0 0 password cisco transport input none line aux 0 line vty 0 4 password cisco login ! end ISDN2# _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17844&t=17844 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Voice Ports Need to handle?? [7:17792]
Hi Guys, Again with old Q..But I haven;t get any good response?? If I want to implement VOIP/VOFR in my Lab setup. Which port nos I need to enable?? Thanks for help. ;) _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17792&t=17792 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IPSEC Q's [7:17646]
Thanks for the reply.. ITs actually the Question requirments.. "ALso use Loopback interface as peer address" ??? >From: "YY" >Reply-To: "YY" >To: [EMAIL PROTECTED] >Subject: RE: IPSEC Q's [7:17646] >Date: Wed, 29 Aug 2001 10:31:56 -0400 > >Hi, >Try removing the "set peer 135.25.3.1" under crypto map of isdn1, and >also "set peer 135.25.4.1" on isdn2. >They are not necessary and make you confused. Your purpose is to protect >the telnet traffic on the link between the 2 routers. Hence just creating >ipsec tunnel between the 2 routers should be fairly enough. > >Cheers, >YY > > >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of >Cisco Lover >Sent: Wednesday, August 29, 2001 6:28 PM >To: [EMAIL PROTECTED] >Subject: RE: IPSEC Q's [7:17646] > > >Dion, > >Thanks a lot for detailed analysis of my problem. > >In order to match my access lists..I put on both routers the command.. > > >ip telnet source interface loopback0 > >BUT What happened???Just after putting these Im no more able to telnet from >one router to another router Loopback interface,although I can still telnet >using interface addresses.Below is debug output.. > >Please advise... > >Thanks a lot.:) > >[Connection to 135.25.11.1 closed by foreign host] >ISDN1# telnet 135.25.3.1 >Trying 135.25.3.1 ... >04:43:20: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, >sending >04:43:20: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, >output >cry >pto map check failed. >04:43:22: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, >sending >04:43:22: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, >output >cry >pto map check failed. >04:43:26: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, >sending >04:43:26: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, >output >cry >pto map check failed. >04:43:34: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, >sending >04:43:34: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, >output >cry >pto map check failed. >% Connection timed out; remote host not responding >ISDN2#telnet 135.25.4.1 >Trying 135.25.4.1 ... >04:43:14: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, >sending >04:43:14: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN >04:43:14: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, >output >cry >pto map check failed. >04:43:14: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN >04:43:16: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, >sending >04:43:16: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN >04:43:16: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, >output >cry >pto map check failed. >04:43:16: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN >04:43:20: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, >sending >04:43:20: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN >04:43:20: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, >output >cry >pto map check failed. >04:43:20: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN >04:43:28: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, >sending >04:43:28: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN >04:43:28: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, >output >cry >pto map check failed. >04:43:28: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN >04:43:29: %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Informational mode >failed w >ith peer at 135.25.11.2 >04:43:30: %CRYPTO-4-IKMP_BAD_MESSAGE: IKE message from 135.25.11.2 >failed it >s sanity check or is malformed >04:43:44: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, >sending >04:43:44: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN >04:43:44: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, >output >cry >pto map check failed. >04:43:44: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN >% Connection timed out; remote host not responding > > > > > > > > > > >From: "Radford Dion" > >Reply-To: "Radford Dion" > >To: [EMAIL PROTECTED] > >Subject: RE: IPSEC Q's [7:17646] > >Date: Wed, 29 Aug 2001 05:28:29 -0400 > > > >The access-list is the important point - if you traffic doesn't get >caught > >by the access-list it wont be encrypted. > > > >Your access list encryp
RE: IPSEC Q's [7:17646]
Dion, Thanks a lot for detailed analysis of my problem. In order to match my access lists..I put on both routers the command.. ip telnet source interface loopback0 BUT What happened???Just after putting these Im no more able to telnet from one router to another router Loopback interface,although I can still telnet using interface addresses.Below is debug output.. Please advise... Thanks a lot.:) [Connection to 135.25.11.1 closed by foreign host] ISDN1# telnet 135.25.3.1 Trying 135.25.3.1 ... 04:43:20: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, sending 04:43:20: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, output cry pto map check failed. 04:43:22: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, sending 04:43:22: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, output cry pto map check failed. 04:43:26: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, sending 04:43:26: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, output cry pto map check failed. 04:43:34: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, sending 04:43:34: IP: s=135.25.4.1 (local), d=135.25.3.1 (Serial0/0), len 44, output cry pto map check failed. % Connection timed out; remote host not responding ISDN2#telnet 135.25.4.1 Trying 135.25.4.1 ... 04:43:14: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, sending 04:43:14: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:14: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, output cry pto map check failed. 04:43:14: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:16: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, sending 04:43:16: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:16: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, output cry pto map check failed. 04:43:16: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:20: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, sending 04:43:20: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:20: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, output cry pto map check failed. 04:43:20: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:28: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, sending 04:43:28: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:28: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, output cry pto map check failed. 04:43:28: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:29: %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Informational mode failed w ith peer at 135.25.11.2 04:43:30: %CRYPTO-4-IKMP_BAD_MESSAGE: IKE message from 135.25.11.2 failed it s sanity check or is malformed 04:43:44: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, sending 04:43:44: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN 04:43:44: IP: s=135.25.3.1 (local), d=135.25.4.1 (Serial1/1), len 44, output cry pto map check failed. 04:43:44: TCP src=11013, dst=23, seq=819906755, ack=0, win=4128 SYN % Connection timed out; remote host not responding >From: "Radford Dion" >Reply-To: "Radford Dion" >To: [EMAIL PROTECTED] >Subject: RE: IPSEC Q's [7:17646] >Date: Wed, 29 Aug 2001 05:28:29 -0400 > >The access-list is the important point - if you traffic doesn't get caught >by the access-list it wont be encrypted. > >Your access list encrypts telnet traffic that is sourced from the loopback >address. Now I could be wrong, but if you are on router ISDN1 and telnet to >the loopback address of ISDN2, the source address will be the ISDN1 routers >S0/0 interface IP address, NOT the ISDN1 loopback address. > >I would change your access-list. You can easily tell if your traffic is >matching your access list by doing a 'debug ip packet detail 110'. You can >see how many encrypted packets using the 'sh crypto engine connections >active' > >The 3DES IPSEC image is not easy to get a hold of if you're not in the US. > > > -Original Message- > > From: Cisco Lover [SMTP:[EMAIL PROTECTED]] > > Sent: Wednesday, August 29, 2001 9:51 AM > > To: [EMAIL PROTECTED] > > Subject:IPSEC Q's [7:17646] > > > > Hi Guys.. > > > > Can you please help for some IPSEC Stuf. > > > > Q1. Which ALgo in IPSEC supports 128Bit/Tripple DES?? > > Q2. Is there any way to confirm if Our VPN/IPSEC setup is working > > properly.. > > > > I used commands show crypto ipsec sa+show crypto isakmp sa ,But cant > > see any thing coming.Below is my config and Show command results. > > My concern is to protect Telnet traffic b/w thess two guys. > > >
IPSEC Q's [7:17646]
Hi Guys..
Can you please help for some IPSEC Stuf.
Q1. Which ALgo in IPSEC supports 128Bit/Tripple DES??
Q2. Is there any way to confirm if Our VPN/IPSEC setup is working properly..
I used commands show crypto ipsec sa+show crypto isakmp sa ,But cant
see any thing coming.Below is my config and Show command results.
My concern is to protect Telnet traffic b/w thess two guys.
ISDN1#sh run
Building configuration...
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname ISDN1
!
enable secret 5 $1$LYk/$PJGs8FlVtZXjf/dcBrwcO/
!
!
!
!
!
memory-size iomem 7
ip subnet-zero
no ip domain-lookup
!
isdn voice-call-failure 0
cns event-service server
!
!
!
!
crypto isakmp policy 10
hash md5
authentication pre-share
crypto isakmp key cisco address 135.25.3.1 255.255.255.255
crypto isakmp key cisco address 135.25.11.1 255.255.255.252
!
!
crypto ipsec transform-set Cisco ah-md5-hmac esp-des
crypto ipsec transform-set Cisco2 esp-des esp-md5-hmac
!
!
crypto map CCIE 10 ipsec-isakmp
set peer 135.25.11.1
set peer 135.25.3.1
set transform-set Cisco2
match address 110
!
!
!
!
interface Loopback0
ip address 135.25.4.1 255.255.255.255
no ip directed-broadcast
!
interface FastEthernet0/0
ip address 10.1.1.1 255.255.255.0
no ip directed-broadcast
ip nat inside
duplex auto
speed auto
!
interface Serial0/0
ip address 135.25.11.2 255.255.255.252
no ip directed-broadcast
ip nat outside
no ip mroute-cache
no fair-queue
crypto map CCIE
!
interface BRI0/0
no ip address
no ip directed-broadcast
shutdown
isdn guard-timer 0 on-expiry accept
!
interface FastEthernet0/1
ip address 135.25.11.9 255.255.255.252
no ip directed-broadcast
duplex auto
speed auto
!
router ospf 64
network 135.25.4.1 0.0.0.0 area 0
network 135.25.11.2 0.0.0.0 area 0
network 135.25.11.9 0.0.0.0 area 0
!
ip nat pool CCIE 135.25.11.2 135.25.11.2 prefix-length 30
ip nat inside source list 1 pool CCIE overload
ip classless
no ip http server
!
access-list 1 permit 10.1.1.0 0.0.0.255
access-list 110 permit tcp host 135.25.4.1 host 135.25.3.1 eq telnet
!
!
voice-port 1/0/0
!
voice-port 1/0/1
!
voice-port 1/1/0
!
voice-port 1/1/1
!
!
!
line con 0
exec-timeout 0 0
password cisco
transport input none
line aux 0
line vty 0 4
password cisco
login
ISDN2#sh run
Building configuration...
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname ISDN2
!
enable secret 5 $1$so9r$GFjeRLyea2vUgn2HbMvOG1
!
!
!
!
!
ip subnet-zero
no ip domain-lookup
!
isdn voice-call-failure 0
cns event-service server
!
!
crypto isakmp policy 10
hash md5
authentication pre-share
crypto isakmp key cisco address 135.25.11.2
crypto isakmp key cisco address 135.25.4.1
!
!
crypto ipsec transform-set Cisco ah-md5-hmac esp-des
crypto ipsec transform-set Cisco2 esp-des esp-md5-hmac
!
!
crypto map CCIE 10 ipsec-isakmp
set peer 135.25.11.2
set peer 135.25.4.1
set transform-set Cisco2
match address 110
partition flash 2 16 8
!
!
!
!
!
!
!
interface Loopback0
ip address 135.25.3.1 255.255.255.255
no ip directed-broadcast
!
interface Ethernet0/0
ip address 10.1.1.2 255.255.255.0
no ip directed-broadcast
no keepalive
!
interface Serial0/0
no ip address
no ip directed-broadcast
no ip mroute-cache
shutdown
no fair-queue
!
interface BRI0/0
no ip address
no ip directed-broadcast
shutdown
isdn guard-timer 0 on-expiry accept
!
interface Ethernet0/1
no ip address
no ip directed-broadcast
shutdown
!
interface Serial1/0
ip address 135.25.9.1 255.255.255.252
no ip directed-broadcast
fair-queue 64 32 1
clockrate 72000
ip rsvp bandwidth 16 13
!
interface Serial1/1
ip address 135.25.11.1 255.255.255.252
no ip directed-broadcast
clockrate 72000
crypto map CCIE
!
interface Serial1/2
ip address 135.25.9.5 255.255.255.252
no ip directed-broadcast
clockrate 72000
!
interface Serial1/3
no ip address
no ip directed-broadcast
shutdown
!
interface Serial1/4
ip address 135.25.11.5 255.255.255.252
no ip directed-broadcast
!
interface Serial1/5
no ip address
no ip directed-broadcast
shutdown
!
interface Serial1/6
no ip address
no ip directed-broadcast
shutdown
!
interface Serial1/7
no ip address
no ip directed-broadcast
shutdown
!
router ospf 64
network 135.25.3.1 0.0.0.0 area 0
network 135.25.9.1 0.0.0.0 area 0
network 135.25.9.5 0.0.0.0 area 0
network 135.25.11.1 0.0.0.0 area 0
network 135.25.11.5 0.0.0.0 area 0
!
ip classless
no ip http server
!
access-list 110 permit tcp host 135.25.3.1 host 135.25.4.1 eq telnet
!
!
line con 0
exec-timeout 0 0
password cisco
transport input none
line aux 0
line vty 0 4
password cisco
login
!
end
ISDN2# sh crypto ipsec sa
ISDN2# sh crypto ipsec sa
interface: Serial1/1
Crypto map tag: CCIE, local addr. 135.25.11.1
local ident (addr/mask/prot/port): (135.25.3.1/255.255.255.255/6/0)
remote ident (addr/mask/prot/port): (135.25.4.1/255.255.255.255/6/23)
current_peer: 135.25.11.2
PERMIT, flags={origin_is_acl,reass
Re: A Custom Queuing Question [7:17622]
Thanks a lot Tony SOme More Q's on your way.. :) >From: "Tony Medeiros" >To: "Cisco Lover" , >Subject: Re: A Custom Queuing Question [7:17622] >Date: Wed, 29 Aug 2001 00:41:05 -0700 > >The actual bandwidth is the clock rate of the link.period. The >bandwidth statment is for other protocols and processes, (IGRP and EIGRP, >etc ) to use as a reference in the metric caclulation. OSPF uses it too (I >think) to calculate "cost". Which just is a derivitive of link bandwidth. >You use the bandwidth statment to manaipulate the routing metrics to your >desire, for prefered links on equal cost paths, etc. > >Some queing methods and congestiong avoidance methods use the bandwidth >statement for their calculations. But custom queueing is NOT one of them. >Base you list on clock rate(or CIR if frame relay and using P toP >subinterfaces) of the link. Frame relay is going to make this a little >deeper. > >Good question though !! I going to investigate whether Class based wieghted >fair queuing depends on this statment. I know I can specify bandwith on in >my prioity maps. > >Sorry I missed what you were actually asking about. >Tony M >#6172 > >- Original Message - >From: "Cisco Lover" >To: >Sent: Tuesday, August 28, 2001 11:39 PM >Subject: Re: A Custom Queuing Question [7:17622] > > > > Ooppps... > > > > I think I am still failed to deliver my Q :( > > > > My only confusion in this topic is that what Bandwidth we need to >consider > > ,when we do our lab scenerios..Like u consider here 64K...and divide it >as > > per requirement.. > > > > Like for eg..I can see that IN FATKID LabA,they r saying that "As FR >link >BW > > is 64K ",and than diving 64K among different traffic. > > On the other hand in another Lab(with normal serial link),they are > > considering 32K as orignal BW and than playing with it.. > > > > As In usual Lab scenerios,we put 64K on Serial clock rates,Is that our > > actual BW.. > > But When I used Sh interface S0, it shows BW=128K?? > > > > This is my ACTUAL CONFUSIONWHAT SHOULD BE THE VALUE OF BW TO USE? > > > > > > Thanks for your help. > > > > Cisco Lover > > > > > > > > >From: "Tony Medeiros" > > >Reply-To: "Tony Medeiros" > > >To: [EMAIL PROTECTED] > > >Subject: Re: A Custom Queuing Question [7:17622] > > >Date: Wed, 29 Aug 2001 01:52:36 -0400 > > > > > >Assume a 64k link. Custom queueing used "Byte counts" not bits for it > > >queue sizes. So divide a 64KiloBIT link by 8 and you get a 8K BYTES >per > > >second link. Right ?? > > > > > >So here is a quick and dirty queue-list I wrote for a 64KiloBIT link: > > > > > >queue-list 10 protocol ip 1 tcp www > > >queue-list 10 protocol ip 2 tcp ftp > > >queue-list 10 default 3 > > >queue-list 10 queue 1 byte-count 2000 > > >queue-list 10 queue 2 byte-count 4000 > > >queue-list 10 queue 3 byte-count 2000 > > > > > >I made 3 queues and divided the 8k of BYTES that I can push through it. > > >Queue 1 does 2K bytes, Queue 2 does 4K bytes, and queue 3 does 2K >bytes. > > >All add up to 8K bytes that we can push through the link. > > > > > >WWW traffic get 2k bytes or 25% of the link, FTP traffic get 4K bytes >or > > >50% > > >of the link, and anything else (default, the catch all) gets 2K bytes >or > > >25% > > > > > >Does this help you understand? It's been a while since I wrote one of > > >these > > >so I hope I got all the syntax right. > > > > > >Tony M. > > >#6172 > > > > > >- Original Message - > > >From: "Cisco Lover" > > >To: > > >Sent: Tuesday, August 28, 2001 9:41 PM > > >Subject: A Custom Queuing Question [7:17622] > > > > > > > > > > Hi Friends, > > > > > > > > Can any one here please explain what should be the"bandwidth Value" >if > > >we > > > > need to divide traffic by percentage ,using Custom queuing. > > > > > > > > As far as I know(IF Im right )during our lab,as we usually take >clock >as > > > > 64Kbps,then we need to divide this factor (64/8) among the traffic. > > > > > > > > What about othersI m still confused.. > > > > > > > > HeyCan you please solve my confusion.,.(examples >preffered > > >:) > > > > > > > > > > > > Thanks. > > > > > > > > _ > > > > Get your FREE download of MSN Explorer at > > >http://explorer.msn.com/intl.asp > > _ > > Get your FREE download of MSN Explorer at >http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17642&t=17622 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: A Custom Queuing Question [7:17622]
Ooppps... I think I am still failed to deliver my Q :( My only confusion in this topic is that what Bandwidth we need to consider ,when we do our lab scenerios..Like u consider here 64K...and divide it as per requirement.. Like for eg..I can see that IN FATKID LabA,they r saying that "As FR link BW is 64K ",and than diving 64K among different traffic. On the other hand in another Lab(with normal serial link),they are considering 32K as orignal BW and than playing with it.. As In usual Lab scenerios,we put 64K on Serial clock rates,Is that our actual BW.. But When I used Sh interface S0, it shows BW=128K?? This is my ACTUAL CONFUSIONWHAT SHOULD BE THE VALUE OF BW TO USE? Thanks for your help. Cisco Lover >From: "Tony Medeiros" >Reply-To: "Tony Medeiros" >To: [EMAIL PROTECTED] >Subject: Re: A Custom Queuing Question [7:17622] >Date: Wed, 29 Aug 2001 01:52:36 -0400 > >Assume a 64k link. Custom queueing used "Byte counts" not bits for it >queue sizes. So divide a 64KiloBIT link by 8 and you get a 8K BYTES per >second link. Right ?? > >So here is a quick and dirty queue-list I wrote for a 64KiloBIT link: > >queue-list 10 protocol ip 1 tcp www >queue-list 10 protocol ip 2 tcp ftp >queue-list 10 default 3 >queue-list 10 queue 1 byte-count 2000 >queue-list 10 queue 2 byte-count 4000 >queue-list 10 queue 3 byte-count 2000 > >I made 3 queues and divided the 8k of BYTES that I can push through it. >Queue 1 does 2K bytes, Queue 2 does 4K bytes, and queue 3 does 2K bytes. >All add up to 8K bytes that we can push through the link. > >WWW traffic get 2k bytes or 25% of the link, FTP traffic get 4K bytes or >50% >of the link, and anything else (default, the catch all) gets 2K bytes or >25% > >Does this help you understand? It's been a while since I wrote one of >these >so I hope I got all the syntax right. > >Tony M. >#6172 > >- Original Message - >From: "Cisco Lover" >To: >Sent: Tuesday, August 28, 2001 9:41 PM >Subject: A Custom Queuing Question [7:17622] > > > > Hi Friends, > > > > Can any one here please explain what should be the"bandwidth Value" if >we > > need to divide traffic by percentage ,using Custom queuing. > > > > As far as I know(IF Im right )during our lab,as we usually take clock as > > 64Kbps,then we need to divide this factor (64/8) among the traffic. > > > > What about othersI m still confused.. > > > > HeyCan you please solve my confusion.,.(examples preffered >:) > > > > > > Thanks. > > > > _ > > Get your FREE download of MSN Explorer at >http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17632&t=17622 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: A Custom Queuing Question [7:17622]
John, Thanks a lot for this detailed reply..BUT Actually my main point of interest is ". If you want to base this on a total byte count of 10,000 bytes" I mean what should be the Value of bandwidth we need to consider for different port . I Can see in FAT Kid scenerios that he is considering total bandwidth as 64Kbps when dealing with FR(and diving this as per traffic),but on the other hand when dealing with normal serial line he is considering this factor actual to 32Kbps. This is my real confusion??? Thanks for ur help Again :) >From: John Neiberger >To: Cisco Lover >CC: [EMAIL PROTECTED] >Subject: Re: A Custom Queuing Question [7:17622] >Date: Tue, 28 Aug 2001 21:52:02 -0700 (PDT) > >Cisco's explanation of custom queueing is about as clear as the mud in my >front yard right now. I'll try to simplify this is a way that makes sense. > >With CQ, you define different types of traffic and then assign them a >certain byte count based on how much weight you want to give that traffic. >The total byte count of all queues is somewhat arbitrary in many cases, but >your choices can have unforseen results. > >Let's use an example and it will be more clear. Let's say you have three >types of traffic: One that is *really* important, another that is almost >as >important, and then a bunch of other traffic that isn't as important. You >arbitrarily decide that you want the highest priority traffic to get 50% of >the bandwidth. The next higher priority traffic gets 25%. The rest of the >traffic gets a measly 25% during periods of congestion. > >Now you need to know some basic math. :-) We have to convert these >percentages to some sort of byte count. If you want to base this on a >total >byte count of 10,000 bytes, your figures look like this: > >First queue: 50% of 10,000 = 5,000 >Second queue: 25% of 10,000 = 2,500 >Default queue: 25% of 10,000 = 2,500 > >This will roughly ( and I mean *roughly*) get you the percentages you >desire, but this is greatly affected by the frame size. In CQ, a queue >doesn't break up a frame and will queue up an entire frame before moving on >to the next queue. > >For example, if you already have 4,800 bytes in the first queue and another >1500 byte frame comes in for that queue, all 1500 bytes will go into the >queue before the queue is emptied. This can seriously mess up your >percentages so take that into consideration. > >If you're using smaller frames it might be a good idea to use a smaller >total byte count. For instance, if you're doing a lot of VoIP and for some >strange reason decide to use CQ (LLQ is better) then you'd definitely want >to use smaller queue sizes to avoid jitter and delay. > >For traffic not senstive to minor latency or one high speed links you can >feel safer using larger queue sizes. > >Does that help? If not, please let me know and I'll try to be more clear. >And if I've made any mistakes, someone please correct me. It's past my >bedtime and I'm dozing off. :-) > >Regards, >John > > >| Hi Friends, >| >| Can any one here please explain what should be the"bandwidth Value" if >we > >| need to divide traffic by percentage ,using Custom queuing. >| >| As far as I know(IF Im right )during our lab,as we usually take clock as >| 64Kbps,then we need to divide this factor (64/8) among the traffic. >| >| What about othersI m still confused.. >| >| HeyCan you please solve my confusion.,.(examples preffered >:) >| >| >| Thanks. >| >| _ >| Get your FREE download of MSN Explorer at >http://explorer.msn.com/intl.asp >| >| >| >| >___ >Send a cool gift with your E-Card >http://www.bluemountain.com/giftcenter/ > > _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17626&t=17622 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
A Custom Queuing Question [7:17622]
Hi Friends, Can any one here please explain what should be the"bandwidth Value" if we need to divide traffic by percentage ,using Custom queuing. As far as I know(IF Im right )during our lab,as we usually take clock as 64Kbps,then we need to divide this factor (64/8) among the traffic. What about othersI m still confused.. HeyCan you please solve my confusion.,.(examples preffered :) Thanks. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17622&t=17622 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Voice Ports Need to handle?? [7:17523]
Hi Guys, I want to implement Priority/Custom Queuing for Voice in my network. Which ports I need to handle with??? I read that voice uses UDP ports 16384-16624??? Any suggestions/Corrections?? Thanks. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17523&t=17523 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISL/DOT1Q Trunking [7:17488]
Hi Friends... Need your help Again.. I m crashing my head with last 2 days to get ISL/Dot1Q trunking work but still No Success..:( Although Its lookslike very simple..and should be...I donot what I m doing wrong.. I setup that way.. Trying to setup trunking two routers R1 & R2 with CAT5 and R3(FE) using for routing. The problem Im facing is that If I setup the default route on switch as FE Subinterface (0.1) (having same subnet as R1) Im able to ping from switch both interfaces of R3 as well as R1 but cant ping R2... Same problem when I setup FE(0.2) as default route, CAnt ping R1. Any suggestiong. ALso please guide if u know any good workable config. Thanks.. A Cisco Lover _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17488&t=17488 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR +OSPF Scenerio...CCBOOTCAMP LAB:3 [7:17117]
Chuck,Winston and All ... Thanks a lot for your replies.. Winston: Thanks a lot..Again ..Putting Multipoint at R1 for R4 solved my problem..:) Now I ab able to build OSPF+FR network without IP OSPF NETWORK Command.. Cheers.. Cisco Lover c >From: "Shaw, Winston Mr 5 SIG CMD" >Reply-To: "Shaw, Winston Mr 5 SIG CMD" >To: [EMAIL PROTECTED] >Subject: RE: FR +OSPF Scenerio...CCBOOTCAMP LAB:3 [7:17117] >Date: Sun, 26 Aug 2001 00:24:35 -0400 > >This is an interesting situation. You are not allowed to use the ip ospf >network command to change the network type ? Ok. Are you allowed to change >the ptp on R1 to multipoint ? No ? >The network type is a critical factor on whether full adjacency is >achieved. > >Frame map statements and ip ospf priority 0 statements on R2 and R3 in >conjunction with dcli and neigbor statements on R1 should take care of the >links between R1, R2 and R3. No ip ospf network command needed here. >The link between R1 and R4 will probably become two-way without achieving >full adjacency because the network types will always be different unless >you >are allowed to change it in some way. Is there a specific requirement to >keep R1's link to R4 as point-to-point ? If not this subinterface could be >changed to multipoint and OSPF should not have any problem with it. >Let us know if you find another solution. > >Winston(CCIE#7991). > >-Original Message- >From: Cisco Lover [mailto:[EMAIL PROTECTED]] >Sent: Saturday, August 25, 2001 2:13 AM >To: [EMAIL PROTECTED] >Subject: FR +OSPF Scenerio...CCBOOTCAMP LAB:3 [7:17117] > > >Hi Guys.. > >Facing some strange problem in OSPF.. >DO u know any condition if two routers become adjacent but still cant >exchange routes???What could be the reasons for it? > >In this Lab, We have 2 subinterfaces on R1.One multipoint subinterface is >connected to two routers R2 & R3 physical interfaces. >The other PtP subinterface on R1 is connected to R4 physical interface. >Now problem is that we are not allowed to use IP OSPF NETWORK COMMADN >on these interfaces in order to make the same network type. > >The problem I m facing is on R1 & R4 link.When I applied debug ip ospf,I >see Hello mismatch SO I match the Hello values on both sides .AFter that I >am able to see that R4 is now adjacent with R1 Point to point interface but >Still I cant see any route from R1 coming on R4 or vice versa.. > >Any Suggestion GUY; > >Thanks a lot > >_ >Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17307&t=17117 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BootCamp Lab 1..Help!!!!!!!!!!! [7:17094]
Hi Guys, Can any one explain How to set up and use Route-map on Spoke routers in order to guide them to use The Hub interface as next hop and not the other spokes router addresses. I tried using.. route-map match ip add 101 set ip default next hop "Hub router address" access-list 101 permit ip any any but it doesnot work.. any help appreciated. Thanks. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17094&t=17094 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Fwd: For FR Grus.... [7:16635]
Patrick.. The Scenerio I told u , Is not related to any phone company but its of my own company i.e my personal LAb :),created by myself. Because one of my friend told me that there is some way to disable those Unused DLCIS by playing with some commands,, and Im in search of that way.. Thanks for your reply... Any more FR GURU? ;) >From: "Patrick Ramsey" >To: , >Subject: Re: Fwd: For FR Grus [7:16635] >Date: Tue, 21 Aug 2001 10:06:17 -0400 > >You don't have unused dlci's because you are in a hub and spoke... > >You see those dlci's because the phone company you are going through >employs goobers that love to mis map pvc's :) > >And unless you can figure out a way to filter at the dlci level, they stay >until you call the phone company and tell them to remove them. > >-Patrick > > >>> "Cisco Lover" 08/21/01 10:08AM >>> >Oopss > >Sorry guys...I donto know where it lost in b/w..Any way..I have write it >here again. > >Thanks for the kind replies.. >For eg, > >our FR switch is setup for Full mesh,But out network is setup as Hub & >Spoke >environment.In that case there must be some unused DLCI's on spoke routers >which we would still be seeing as active on these routers although they >would be of no use offcourse for this envioronmetnt. >Is there any way If we can get rid of these DLCIS on the spokes.i.e to >disable them or USE any method which block them to be appearing on spoek >routers.(without touching FR switch) > >I know ....Must be confusing for majority here ..But .. > >I AM SURE I WILL GET THE SOLUTION HERE AS WELL. > > >Thanks. > > > > > > >From: "Cisco Lover" > >Reply-To: "Cisco Lover" > >To: [EMAIL PROTECTED] > >Subject: For FR Grus [7:16635] > >Date: Tue, 21 Aug 2001 07:06:08 -0400 > > > >Hi Guys.. > > > >Come with some New Queston.. > > > >For eg, > >our FR switch is setup for Full mesh,But out network is setup as Hub & > >Spoke > >FAQ, list archives, and subscription info: > >http://www.groupstudy.com/list/cisco.html > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > >_ >Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=16653&t=16635 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Fwd: For FR Grus.... [7:16635]
Oopss Sorry guys...I donto know where it lost in b/w..Any way..I have write it here again. Thanks for the kind replies.. For eg, our FR switch is setup for Full mesh,But out network is setup as Hub & Spoke environment.In that case there must be some unused DLCI's on spoke routers which we would still be seeing as active on these routers although they would be of no use offcourse for this envioronmetnt. Is there any way If we can get rid of these DLCIS on the spokes.i.e to disable them or USE any method which block them to be appearing on spoek routers.(without touching FR switch) I know Must be confusing for majority here ..But .. I AM SURE I WILL GET THE SOLUTION HERE AS WELL. Thanks. >From: "Cisco Lover" >Reply-To: "Cisco Lover" >To: [EMAIL PROTECTED] >Subject: For FR Grus [7:16635] >Date: Tue, 21 Aug 2001 07:06:08 -0400 > >Hi Guys.. > >Come with some New Queston.. > >For eg, >our FR switch is setup for Full mesh,But out network is setup as Hub & >Spoke >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=16650&t=16635 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
For FR Grus.... [7:16635]
Hi Guys.. Come with some New Queston.. For eg, our FR switch is setup for Full mesh,But out network is setup as Hub & Spoke FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
For ISDN GURUS... [7:16111]
Hi Every one, Having problem with running OSPF with ISDN. The multicast Hello packets of ISDN continuously casuing line to bounce. Have tried by putting Ip ospf demand circuit on one/both sides of connection but no succes. Any idea??? Thanks for ur help. Cheer.. CisoLover _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=16111&t=16111 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
