Re: DSL over Dry Copper [7:74117]
Thanks everyone for the great comments and replies. This was all very helpfull. Dain Brad Dodds wrote in message news:[EMAIL PROTECTED] Where I work, we have 5 dry pair circuits to customers (out of 1300). We provide the signaling on the lines with sets of Campus brand pair gain units at the sites and 14 card chassis style pair gain unit at our POP. They are much less expensive ($18 per month vs. $100 for business class DSL) but I can say the savings of $80 dollars or so a month is NOT WORTH IT for an organization that needs 24 X 7 availability of the circuit. The telco only garuntees that the wire won't have any opens or shorts, they make no promise of the medium having low noise ratio on the line. These legacy circuits have been very much a problem when it rains, gets hot or anytime the weather changes, but our customers are spoiled by the inexpensive price and won't upgrade to another, more reliable delivery. The telco seems very aware of the low/no profit margin on these circuits and are generally not very motivated to spend much time on them when there is a problem. I strongly discourage service providers from deploying this type of technology, however, we are getting ready to test a newer type of magic box (called Storm Port by vendor-I think) which is supposedly able to deliver 6Meg across dry pair at much greater distances. We are very skeptical of the vendors claims, but one of our customers which the vendor pitched wants to try it. I will report back to the group on how it works out. Chuck Whose Road is Ever Shorter wrote in message news:[EMAIL PROTECTED] Priscilla Oppenheimer wrote in message news:[EMAIL PROTECTED] Uh, what is dry copper? Is it analogous to dark fiber? as a matter of fact, yes. copper from your friendly telco with no dial tone. a local loop with no signaling equipoment attached. alarm companies use it extensively, place their own signal on it, and thwart the burglars I have heard tell of folks using dry pair to create private point to point DSL. I don't personally know anyone who has done so. HTH Thanks Priscilla Chuck Whose Road is Ever Shorte wrote: Dain Deutschman wrote in message news:[EMAIL PROTECTED] Hi All, Does anyone know if Cisco makes a product similar to the Pairgain Campus HRS or Celsian G250 LAN Extenders? I want to create a dsl connection over dry copper between two sites. Cisco reseller helpline was mildly helpfull. What are some of you using for this type of situation? I have heard it said that all you need to do is connect a couple of 827's and you are done. I don't know the specifics.. :- http://www.pbs.org/cringely/pulpit/pulpit20010823.html http://www.isp-planet.com/technology/homebrew_dsl.html one place I saw said to check out what alarm companies order - they use dry copper. or you can use the Long Reach ethernet product from Cisco at each end. I'm sure there are competitors. Thanks, -- Dain Deutschman ccnp, css-1, cnss infosec, mcp, cna Data Communications Manager New Star Sales and Service, Inc. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74765t=74117 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: DSL over Dry Copper [7:74117]
Here is an interesting link about dry copper... http://www.panix.com/~oppedahl/lads/ Dain Deutschman wrote in message news:[EMAIL PROTECTED] Hi All, Does anyone know if Cisco makes a product similar to the Pairgain Campus HRS or Celsian G250 LAN Extenders? I want to create a dsl connection over dry copper between two sites. Cisco reseller helpline was mildly helpfull. What are some of you using for this type of situation? Thanks, -- Dain Deutschman ccnp, css-1, cnss infosec, mcp, cna Data Communications Manager New Star Sales and Service, Inc. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74177t=74117 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: DSL over Dry Copper [7:74117]
I used a couple of Pairgain Campus HRS devices to do this a couple of years ago. We had an occasional disruption of service...but overall it worked very well. To order dry copper you just call your phone company and ask the about it. A couple of years ago it was appr. $70 p/m from qwest at each location. It was an HDSL signal that ran at roughly 2Mbps over about 1 mile. We ran it in ethernet bridge mode...but you can also configure them to do routing, nat, etc. I was hoping someone would know of a less expensive solution than Pairgain. I did find a product from Black Box that is about $700 per unit. Do the Cisco LRE run over POTS? If so...how does this work and what kind of bandwidth can you get? Thanks, Dain http://www.panix.com/~oppedahl/lads/ Dain Deutschman wrote in message news:[EMAIL PROTECTED] Hi All, Does anyone know if Cisco makes a product similar to the Pairgain Campus HRS or Celsian G250 LAN Extenders? I want to create a dsl connection over dry copper between two sites. Cisco reseller helpline was mildly helpfull. What are some of you using for this type of situation? Thanks, -- Dain Deutschman ccnp, css-1, cnss infosec, mcp, cna Data Communications Manager New Star Sales and Service, Inc. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74176t=74117 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
DSL over Dry Copper [7:74117]
Hi All, Does anyone know if Cisco makes a product similar to the Pairgain Campus HRS or Celsian G250 LAN Extenders? I want to create a dsl connection over dry copper between two sites. Cisco reseller helpline was mildly helpfull. What are some of you using for this type of situation? Thanks, -- Dain Deutschman ccnp, css-1, cnss infosec, mcp, cna Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74117t=74117 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: GRE Tunnel Recursive Routing Error [7:74035]
I would think security point of view...there would be better solutions...however...this is just a lab scenario. Thanks so much for your help though. I see the problem now and changed the static route to point to tunnel destination. Thanks! Dain Zsombor Papp wrote in message news:[EMAIL PROTECTED] r1 (bb2) learns the route to the destination of the GRE tunnel, 150.50.22.2, via that same GRE tunnel. Add a static route like this to r1's configuration: ip route 150.50.22.2 255.255.255.255 Ethernet0 As a side note, is this (GRE tunnel through the PIX) a good design from the security point of view? Thanks, Zsombor Dain Deutschman wrote: Hi all, I'm getting a recursive routing error when trying to tunnel with gre. r1-pix-r2 The error follows along with my configs and route tables. Thanks! 00:52:21: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down bb2# 00:53:21: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up 00:53:30: %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routin g 00:53:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down 00:54:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up 00:54:40: %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routin g bb2#wr t Building configuration... Current configuration : 913 bytes ! version 12.1 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname bb2 ! ! ! ! ! ! ip subnet-zero ip domain-name hellocomputers.com ip name-server 4.1.1.1 ! ! ! ! ! ! interface Loopback0 ip address 112.112.112.112 255.255.255.0 ! interface Tunnel0 ip address 172.16.22.112 255.255.255.0 tunnel source 10.10.112.112 tunnel destination 150.50.22.2 ! interface Ethernet0 ip address 10.10.112.112 255.255.255.0 ! interface Serial0 no ip address shutdown no fair-queue ! interface Serial1 no ip address shutdown ! interface BRI0 no ip address shutdown isdn x25 static-tei 0 ! router eigrp 100 network 172.16.0.0 no auto-summary no eigrp log-neighbor-changes ! ip classless ip route 0.0.0.0 0.0.0.0 10.10.112.12 ip route 172.16.22.2 255.255.255.255 Ethernet0 ip http server ! ! alias exec c config t ! line con 0 line aux 0 line vty 0 4 login ! end bb2# r2#wr t Building configuration... Current configuration : 2557 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname r2 ! logging buffered 4096 debugging ! username all memory-size iomem 10 ip subnet-zero ! ! ip domain name hellocomputers.com ip name-server 4.1.1.1 ! ip audit notify log ip audit po max-events 100 ! ! ! key chain keyr2 key 1 key-string 7 151A0E000825 ! voice call carrier capacity active ! ! ! ! ! ! ! ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 22.22.22.22 255.255.255.0 ! interface Tunnel0 ip address 172.16.22.2 255.255.255.0 tunnel source 150.50.22.2 tunnel destination 150.50.22.112 ! interface FastEthernet0/0 ip address 150.50.22.2 255.255.255.0 ip rip authentication mode md5 ip rip authentication key-chain keyr2 duplex auto speed auto ! interface Serial0/0 no ip address encapsulation frame-relay frame-relay lmi-type ansi ! interface Serial0/0.21 point-to-point ip address 150.50.12.2 255.255.255.0 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 7 04530E0A032E ip ospf network point-to-point frame-relay interface-dlci 121 ! interface Serial0/0.23 point-to-point ip address 150.50.23.2 255.255.255.0 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 7 130D121E0703 frame-relay interface-dlci 123 ! interface Serial0/0.24 point-to-point ip address 150.50.24.2 255.255.255.0 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 7 011B03085704 frame-relay interface-dlci 124 ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/1 no ip address shutdown ! router eigrp 100 network 150.50.0.0 network 172.16.0.0 no auto-summary no eigrp log-neighbor-changes ! router ospf 100 router-id 22.22.22.22 log-adjacency-changes area 1 virtual-link 11.11.11.11 network 22.22.22.0 0.0.0.255 area 1 network 150.50.12.0 0.0.0.255 area 1 network 150.50.23.0 0.0.0.255 area 2 network 150.50.24.0 0.0.0.255 area 1 ! router rip version 2 passive-interface Serial0/0.21 passive-interface Serial0/0.23 passive-interface Serial0/0.24 network 150.50.0.0
GRE Tunnel Recursive Routing Error [7:74035]
Hi all, I'm getting a recursive routing error when trying to tunnel with gre. r1-pix-r2 The error follows along with my configs and route tables. Thanks! 00:52:21: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down bb2# 00:53:21: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up 00:53:30: %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routin g 00:53:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down 00:54:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up 00:54:40: %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routin g bb2#wr t Building configuration... Current configuration : 913 bytes ! version 12.1 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname bb2 ! ! ! ! ! ! ip subnet-zero ip domain-name hellocomputers.com ip name-server 4.1.1.1 ! ! ! ! ! ! interface Loopback0 ip address 112.112.112.112 255.255.255.0 ! interface Tunnel0 ip address 172.16.22.112 255.255.255.0 tunnel source 10.10.112.112 tunnel destination 150.50.22.2 ! interface Ethernet0 ip address 10.10.112.112 255.255.255.0 ! interface Serial0 no ip address shutdown no fair-queue ! interface Serial1 no ip address shutdown ! interface BRI0 no ip address shutdown isdn x25 static-tei 0 ! router eigrp 100 network 172.16.0.0 no auto-summary no eigrp log-neighbor-changes ! ip classless ip route 0.0.0.0 0.0.0.0 10.10.112.12 ip route 172.16.22.2 255.255.255.255 Ethernet0 ip http server ! ! alias exec c config t ! line con 0 line aux 0 line vty 0 4 login ! end bb2# r2#wr t Building configuration... Current configuration : 2557 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname r2 ! logging buffered 4096 debugging ! username all memory-size iomem 10 ip subnet-zero ! ! ip domain name hellocomputers.com ip name-server 4.1.1.1 ! ip audit notify log ip audit po max-events 100 ! ! ! key chain keyr2 key 1 key-string 7 151A0E000825 ! voice call carrier capacity active ! ! ! ! ! ! ! ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 22.22.22.22 255.255.255.0 ! interface Tunnel0 ip address 172.16.22.2 255.255.255.0 tunnel source 150.50.22.2 tunnel destination 150.50.22.112 ! interface FastEthernet0/0 ip address 150.50.22.2 255.255.255.0 ip rip authentication mode md5 ip rip authentication key-chain keyr2 duplex auto speed auto ! interface Serial0/0 no ip address encapsulation frame-relay frame-relay lmi-type ansi ! interface Serial0/0.21 point-to-point ip address 150.50.12.2 255.255.255.0 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 7 04530E0A032E ip ospf network point-to-point frame-relay interface-dlci 121 ! interface Serial0/0.23 point-to-point ip address 150.50.23.2 255.255.255.0 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 7 130D121E0703 frame-relay interface-dlci 123 ! interface Serial0/0.24 point-to-point ip address 150.50.24.2 255.255.255.0 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 7 011B03085704 frame-relay interface-dlci 124 ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/1 no ip address shutdown ! router eigrp 100 network 150.50.0.0 network 172.16.0.0 no auto-summary no eigrp log-neighbor-changes ! router ospf 100 router-id 22.22.22.22 log-adjacency-changes area 1 virtual-link 11.11.11.11 network 22.22.22.0 0.0.0.255 area 1 network 150.50.12.0 0.0.0.255 area 1 network 150.50.23.0 0.0.0.255 area 2 network 150.50.24.0 0.0.0.255 area 1 ! router rip version 2 passive-interface Serial0/0.21 passive-interface Serial0/0.23 passive-interface Serial0/0.24 network 150.50.0.0 neighbor 150.50.22.12 no auto-summary ! ip classless ip route 172.16.22.112 255.255.255.255 FastEthernet0/0 ip http server ip pim bidir-enable ! ! access-list 2 permit 112.112.112.112 access-list 2 permit 150.50.22.2 ! call rsvp-sync ! voice-port 1/0/0 ! voice-port 1/0/1 ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! alias exec c config t ! line con 0 line aux 0 line vty 0 4 login ! ! end r2#sh ip route Gateway of last resort is 150.50.22.12 to network 0.0.0.0 172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks C 172.16.22.0/24 is directly connected, Tunnel0 S 172.16.22.112/32 is directly connected, FastEthernet0/0 22.0.0.0/24 is subnetted, 1 subnets C 22.22.22.0 is directly connected, Loopback0 150.50.0.0/24 is subnetted, 1 subnets C 150.50.22.0 is directly connected, FastEthernet0/0 R* 0.0.0.0/0 [120/1] via 150.50.22.12, 00:00:03, FastEthernet0/0 r2# r2# ts129 [Resuming connection 9 to bb2 ... ] 00:5 bb2#sh ip route Gateway of last resort is 10.10.112.12 to network 0.0.0.0 172.16.0.0/32 is subnetted, 1 subnets S
OT: Unix and 2511 Access Router [7:73982]
Hi group, I'm curious to know if anyone has used a unix box in the same way as a cisco 2511 terminal server with async octal cable ( in order to access other device console ports ). One should be able to use the tty lines in unix in the same way as a 2511 connected to other devices console ports via the octal async cable right? Thanks, Dain Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73982t=73982 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Unix and 2511 Access Router [7:73982]
anyone know the pinouts? Dain Deutschman wrote in message news:[EMAIL PROTECTED] Hi group, I'm curious to know if anyone has used a unix box in the same way as a cisco 2511 terminal server with async octal cable ( in order to access other device console ports ). One should be able to use the tty lines in unix in the same way as a 2511 connected to other devices console ports via the octal async cable right? Thanks, Dain **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74000t=73982 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: What cables need to be used for an AS2511-rj [7:73987]
are you referring to an async octal cable to plug into the async connectors on a 2511? The asyncs look like scsi interfaces. you connect the async cables to console ports on other serial devices. Natchaya Radhikulkaralak wrote in message news:[EMAIL PROTECTED] Hello everyone: I am having difficulty finding this out. Does anyone have a definite answer on what type of cable do I use to connect from (lets say)Port 1, on the AS2511-rj, to a 3600/2600/2500 router console port? I am basically trying to set the as2511-rj as a terminal server. Is it a straight through cable? Is it a roll over cable? Is it a special cable? Please help a gurl out... **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73999t=73987 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: OSPF Neighbor State is Flapping [7:72874]
Figured it out... It was an mtu mismatch ( router e0 mtu 1500, cat vlan15 mtu 1518 ). A deb ip ospf adj on r1 revealed the problem. Since changing mtu on lan interface is not possible in IOS...the interface command ip ospf mtu-ignore allowed OSPF to deal with the mismatch and just form the adjacency. The cisco url is:www.cisco.com/warp/public/104/12.pdf Thanks anyway! Dain Dain Deutschman wrote in message news:[EMAIL PROTECTED] Hi all, I have 3 devices on an ethernet segment where all ethernet interfaces are in the same vlan and ospf area 0 catalyst 3550priority 0rid 1.1.1.1 router5priority 2 rid 55.55.55.55BDR router1priority 3 rid 11.11.11.11DR The problem is that the switch keeps changing it's state. For example, from the router 1 perspective I get the following: ( sh ip ospf nei command ) Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 0 DOWN/DROTHER -150.50.15.8 Ethernet0 55.55.55.55 2 FULL/BDR00:00:35150.50.15.5 Ethernet0 Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 0 EXSTART/DROTHER 00:00:35150.50.15.8 Ethernet0 55.55.55.55 2 FULL/BDR00:00:38150.50.15.5 Ethernet0 and on and on, back and forth etc. router 5 perspective: Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 0 EXSTART/DROTHER 00:00:38150.50.15.8 Ethernet0/0 11.11.11.11 3 FULL/DR 00:00:30150.50.15.1 Ethernet0/0 Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 0 DOWN/DROTHER -150.50.15.8 Ethernet0/0 11.11.11.11 3 FULL/DR 00:00:32150.50.15.1 Ethernet0/0 ..switch perspective: Neighbor ID Pri State Dead Time Address Interface 55.55.55.55 2 INIT/DROTHER00:00:33150.50.15.5 Vlan15 11.11.11.11 3 INIT/DROTHER00:00:39150.50.15.1 Vlan15 Neighbor ID Pri State Dead Time Address Interface 55.55.55.55 2 INIT/DROTHER00:00:37150.50.15.5 Vlan15 11.11.11.11 3 EXCHANGE/DR 00:00:36150.50.15.1 Vlan15 Neighbor ID Pri State Dead Time Address Interface 55.55.55.55 2 EXCHANGE/BDR00:00:39150.50.15.5 Vlan15 11.11.11.11 3 EXCHANGE/DR 00:00:39150.50.15.1 Vlan15 So...it seems as though r1 and r5 are recognizing eachother's roles as dr and bdr correctly. But they see the switch as down or init or exchange DROTHER. The switch however, sees itelf as DROTHER and r1/r5 as DROTHER or init/exchange dr and bdr. Here is the output from sh ip ospf int vlan15 on the switch: Vlan15 is up, line protocol is up Internet Address 150.50.15.8/24, Area 0 Process ID 100, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 1 Transmit Delay is 1 sec, State DROTHER, Priority 0 No designated router on this network No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:07 Index 1/1, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 0, maximum is 0 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 2, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Then two seconds laterit changes... Vlan15 is up, line protocol is up Internet Address 150.50.15.8/24, Area 0 Process ID 100, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 1 Transmit Delay is 1 sec, State DROTHER, Priority 0 Designated Router (ID) 11.11.11.11, Interface address 150.50.15.1 Backup Designated router (ID) 55.55.55.55, Interface address 150.50.15.5 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:05 Index 1/1, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 0, maximum is 0 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 2, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Any ideas? Thanks, -- Dain Deutschman CCNP, CSS-1, MCP, CNA Data Communications Manager New Star Sales and Service, Inc. -- Dain Deutschman CCNP, CSS-1, MCP, CNA Data Communications Manager New Star Sales and Service, Inc. 800.261.0475 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72877t=72874 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF Neighbor State is Flapping [7:72874]
Hi all, I have 3 devices on an ethernet segment where all ethernet interfaces are in the same vlan and ospf area 0 catalyst 3550priority 0rid 1.1.1.1 router5priority 2 rid 55.55.55.55BDR router1priority 3 rid 11.11.11.11DR The problem is that the switch keeps changing it's state. For example, from the router 1 perspective I get the following: ( sh ip ospf nei command ) Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 0 DOWN/DROTHER -150.50.15.8 Ethernet0 55.55.55.55 2 FULL/BDR00:00:35150.50.15.5 Ethernet0 Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 0 EXSTART/DROTHER 00:00:35150.50.15.8 Ethernet0 55.55.55.55 2 FULL/BDR00:00:38150.50.15.5 Ethernet0 ..and on and on, back and forth etc. router 5 perspective: Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 0 EXSTART/DROTHER 00:00:38150.50.15.8 Ethernet0/0 11.11.11.11 3 FULL/DR 00:00:30150.50.15.1 Ethernet0/0 Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 0 DOWN/DROTHER -150.50.15.8 Ethernet0/0 11.11.11.11 3 FULL/DR 00:00:32150.50.15.1 Ethernet0/0 .switch perspective: Neighbor ID Pri State Dead Time Address Interface 55.55.55.55 2 INIT/DROTHER00:00:33150.50.15.5 Vlan15 11.11.11.11 3 INIT/DROTHER00:00:39150.50.15.1 Vlan15 Neighbor ID Pri State Dead Time Address Interface 55.55.55.55 2 INIT/DROTHER00:00:37150.50.15.5 Vlan15 11.11.11.11 3 EXCHANGE/DR 00:00:36150.50.15.1 Vlan15 Neighbor ID Pri State Dead Time Address Interface 55.55.55.55 2 EXCHANGE/BDR00:00:39150.50.15.5 Vlan15 11.11.11.11 3 EXCHANGE/DR 00:00:39150.50.15.1 Vlan15 So...it seems as though r1 and r5 are recognizing eachother's roles as dr and bdr correctly. But they see the switch as down or init or exchange DROTHER. The switch however, sees itelf as DROTHER and r1/r5 as DROTHER or init/exchange dr and bdr. Here is the output from sh ip ospf int vlan15 on the switch: Vlan15 is up, line protocol is up Internet Address 150.50.15.8/24, Area 0 Process ID 100, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 1 Transmit Delay is 1 sec, State DROTHER, Priority 0 No designated router on this network No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:07 Index 1/1, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 0, maximum is 0 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 2, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Then two seconds laterit changes... Vlan15 is up, line protocol is up Internet Address 150.50.15.8/24, Area 0 Process ID 100, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 1 Transmit Delay is 1 sec, State DROTHER, Priority 0 Designated Router (ID) 11.11.11.11, Interface address 150.50.15.1 Backup Designated router (ID) 55.55.55.55, Interface address 150.50.15.5 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:05 Index 1/1, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 0, maximum is 0 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 2, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Any ideas? Thanks, -- Dain Deutschman CCNP, CSS-1, MCP, CNA Data Communications Manager New Star Sales and Service, Inc. -- Dain Deutschman CCNP, CSS-1, MCP, CNA Data Communications Manager New Star Sales and Service, Inc. 800.261.0475 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72913t=72874 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF Neighbor State is Flapping [7:72874]
Hi all, I have 3 devices on an ethernet segment where all ethernet interfaces are in the same vlan and ospf area 0 catalyst 3550priority 0rid 1.1.1.1 router5priority 2 rid 55.55.55.55BDR router1priority 3 rid 11.11.11.11DR The problem is that the switch keeps changing it's state. For example, from the router 1 perspective I get the following: ( sh ip ospf nei command ) Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 0 DOWN/DROTHER -150.50.15.8 Ethernet0 55.55.55.55 2 FULL/BDR00:00:35150.50.15.5 Ethernet0 Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 0 EXSTART/DROTHER 00:00:35150.50.15.8 Ethernet0 55.55.55.55 2 FULL/BDR00:00:38150.50.15.5 Ethernet0 and on and on, back and forth etc. router 5 perspective: Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 0 EXSTART/DROTHER 00:00:38150.50.15.8 Ethernet0/0 11.11.11.11 3 FULL/DR 00:00:30150.50.15.1 Ethernet0/0 Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 0 DOWN/DROTHER -150.50.15.8 Ethernet0/0 11.11.11.11 3 FULL/DR 00:00:32150.50.15.1 Ethernet0/0 ..switch perspective: Neighbor ID Pri State Dead Time Address Interface 55.55.55.55 2 INIT/DROTHER00:00:33150.50.15.5 Vlan15 11.11.11.11 3 INIT/DROTHER00:00:39150.50.15.1 Vlan15 Neighbor ID Pri State Dead Time Address Interface 55.55.55.55 2 INIT/DROTHER00:00:37150.50.15.5 Vlan15 11.11.11.11 3 EXCHANGE/DR 00:00:36150.50.15.1 Vlan15 Neighbor ID Pri State Dead Time Address Interface 55.55.55.55 2 EXCHANGE/BDR00:00:39150.50.15.5 Vlan15 11.11.11.11 3 EXCHANGE/DR 00:00:39150.50.15.1 Vlan15 So...it seems as though r1 and r5 are recognizing eachother's roles as dr and bdr correctly. But they see the switch as down or init or exchange DROTHER. The switch however, sees itelf as DROTHER and r1/r5 as DROTHER or init/exchange dr and bdr. Here is the output from sh ip ospf int vlan15 on the switch: Vlan15 is up, line protocol is up Internet Address 150.50.15.8/24, Area 0 Process ID 100, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 1 Transmit Delay is 1 sec, State DROTHER, Priority 0 No designated router on this network No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:07 Index 1/1, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 0, maximum is 0 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 2, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Then two seconds laterit changes... Vlan15 is up, line protocol is up Internet Address 150.50.15.8/24, Area 0 Process ID 100, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 1 Transmit Delay is 1 sec, State DROTHER, Priority 0 Designated Router (ID) 11.11.11.11, Interface address 150.50.15.1 Backup Designated router (ID) 55.55.55.55, Interface address 150.50.15.5 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:05 Index 1/1, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 0, maximum is 0 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 2, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Any ideas? Thanks, -- Dain Deutschman CCNP, CSS-1, MCP, CNA Data Communications Manager New Star Sales and Service, Inc. -- Dain Deutschman CCNP, CSS-1, MCP, CNA Data Communications Manager New Star Sales and Service, Inc. 800.261.0475 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72874t=72874 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
HSRP and IPSEC VPN [7:72034]
Hi, Does anyone know if HSRP would be appropriate in the following scenario? ROUTERA with T1 to corporate office ROUTERB with IPSEC VPN to Corporate only used as a backup path in case the T1 on ROUTERA fails Is there any reason that this will not work or has anyone had experience with this type of situation? -- Dain Deutschman CCNP, CSS-1, MCP, CNA Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72034t=72034 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: HSRP and IPSEC VPN [7:72034]
..that's what I thought...just needed a sanity check! Thanks! MADMAN wrote in message news:[EMAIL PROTECTED] If router A anb B share an ethernet then sure HSRP was designed exactly for this scenerio Dave Dain Deutschman wrote: Hi, Does anyone know if HSRP would be appropriate in the following scenario? ROUTERA with T1 to corporate office ROUTERB with IPSEC VPN to Corporate only used as a backup path in case the T1 on ROUTERA fails Is there any reason that this will not work or has anyone had experience with this type of situation? -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 Government can do something for the people only in proportion as it can do something to the people. -- Thomas Jefferson Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72039t=72034 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN Partial Connectivity [7:62639]
VPN Terminates at the PIX. The problem ended up being that a few internal hosts did not have thier gateway setup...also...the mail server was a Team Internet ( appliance )...and it refused to see any other gateway other than itself...hmmm. Anywaywe are providing a work around for the remote user to get his mailbut after adding a gateway ip and static route to the novell server...it works. And the adtran TSU had no gateway also... Thanks for your input though.. Cheers Albert Lu wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, You mentioned that you were doing static nat on the router, this could effect it if the vpn client terminates on the router. The ip addresses that you have statics for is translated to the global IP address, and doesn't go through your vpn, since the access-list in your crypto map doesn't identify it as traffic needing to be encrypted. Albert -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dain Deutschman Sent: Saturday, February 08, 2003 3:49 AM To: [EMAIL PROTECTED] Subject: VPN Partial Connectivity [7:62639] Hi, When connecting a vpn via VPN Client 3.x I am able to ping only certain addresses... 192.168.1.180 Server 192.168.1.10 LAN Station But Not Others... 192.168.1.1 Inside Interface Of PIX 192.168.1.2 Mail Server 192.168.1.3 CSU/DSU management address I have a vpn setup as follows: Vpn Client--INTERNET--1721Router--PIX--LAN *The 1721 router is doing static nat to the outside interface of the pix. The vpn terminates at the pix. *I'm using vpngroup to assign ip info to the client. * The LAN ip scheme is 192.168.1.0/24 where the first 9 addresses are left out of the local dhcp pool *The vpn client is getting assigned from local-pool range 192.168.2.1-50 *I have a route on the pix route inside 192.168.2.0 255.255.255.0 192.168.1.1 *The inside interface of the pix is 192.168.1.1 Here is my config... PIX(config)# wr t Building configuration... : Saved : PIX Version 6.2(2) nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password encrypted passwd encrypted hostname PIX fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol ils 389 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol sip 5060 fixup protocol skinny 2000 names access-list 101 permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0 pager lines 24 interface ethernet0 10baset interface ethernet1 10baset mtu outside 1500 mtu inside 1500 ip address outside 172.16.2.2 255.255.255.240 ip address inside 192.168.1.1 255.255.255.0 ip audit info action alarm ip audit attack action alarm ip local pool NEWMEX 192.168.2.1-192.168.2.50 pdm history enable arp timeout 14400 global (outside) 1 172.16.2.3 nat (inside) 0 access-list 101 nat (inside) 1 0.0.0.0 0.0.0.0 0 0 conduit permit icmp any any echo-reply conduit permit icmp any any echo route outside 0.0.0.0 0.0.0.0 172.16.2.1 1 route inside 192.168.2.0 255.255.255.0 192.168.1.1 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 si p 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius aaa-server LOCAL protocol local no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps floodguard enable sysopt connection permit-ipsec no sysopt route dnat crypto ipsec transform-set myset esp-3des esp-sha-hmac crypto dynamic-map dynmap 10 set transform-set myset crypto map mymap 1 ipsec-isakmp dynamic dynmap crypto map mymap interface outside isakmp enable outside isakmp identity address isakmp policy 10 authentication pre-share isakmp policy 10 encryption 3des isakmp policy 10 hash sha isakmp policy 10 group 2 isakmp policy 10 lifetime 86400 vpngroup vpn address-pool NEWMEX vpngroup vpn dns-server x.x.x.y x.x.x.z vpngroup vpn default-domain domain.com vpngroup vpn split-tunnel 101 vpngroup vpn idle-time 1800 vpngroup vpn password telnet timeout 5 ssh timeout 5 dhcpd address 192.168.1.10-192.168.1.42 inside dhcpd lease 3600 dhcpd ping_timeout 750 dhcpd enable inside terminal width 80 Cryptochecksum:a71ebfc24ae Any ideas?? I'm sort of stumped at this point. Thanks! -- Dain Deutschman CCNP, CSS-1, CCNA, MCP, CNA Data Communications Manager Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62773t=62639 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPN Partial Connectivity [7:62639]
Hi, When connecting a vpn via VPN Client 3.x I am able to ping only certain addresses... 192.168.1.180 Server 192.168.1.10 LAN Station But Not Others... 192.168.1.1 Inside Interface Of PIX 192.168.1.2 Mail Server 192.168.1.3 CSU/DSU management address I have a vpn setup as follows: Vpn Client--INTERNET--1721Router--PIX--LAN *The 1721 router is doing static nat to the outside interface of the pix. The vpn terminates at the pix. *I'm using vpngroup to assign ip info to the client. * The LAN ip scheme is 192.168.1.0/24 where the first 9 addresses are left out of the local dhcp pool *The vpn client is getting assigned from local-pool range 192.168.2.1-50 *I have a route on the pix route inside 192.168.2.0 255.255.255.0 192.168.1.1 *The inside interface of the pix is 192.168.1.1 Here is my config... PIX(config)# wr t Building configuration... : Saved : PIX Version 6.2(2) nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password encrypted passwd encrypted hostname PIX fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol ils 389 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol sip 5060 fixup protocol skinny 2000 names access-list 101 permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0 pager lines 24 interface ethernet0 10baset interface ethernet1 10baset mtu outside 1500 mtu inside 1500 ip address outside 172.16.2.2 255.255.255.240 ip address inside 192.168.1.1 255.255.255.0 ip audit info action alarm ip audit attack action alarm ip local pool NEWMEX 192.168.2.1-192.168.2.50 pdm history enable arp timeout 14400 global (outside) 1 172.16.2.3 nat (inside) 0 access-list 101 nat (inside) 1 0.0.0.0 0.0.0.0 0 0 conduit permit icmp any any echo-reply conduit permit icmp any any echo route outside 0.0.0.0 0.0.0.0 172.16.2.1 1 route inside 192.168.2.0 255.255.255.0 192.168.1.1 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 si p 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius aaa-server LOCAL protocol local no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps floodguard enable sysopt connection permit-ipsec no sysopt route dnat crypto ipsec transform-set myset esp-3des esp-sha-hmac crypto dynamic-map dynmap 10 set transform-set myset crypto map mymap 1 ipsec-isakmp dynamic dynmap crypto map mymap interface outside isakmp enable outside isakmp identity address isakmp policy 10 authentication pre-share isakmp policy 10 encryption 3des isakmp policy 10 hash sha isakmp policy 10 group 2 isakmp policy 10 lifetime 86400 vpngroup vpn address-pool NEWMEX vpngroup vpn dns-server x.x.x.y x.x.x.z vpngroup vpn default-domain domain.com vpngroup vpn split-tunnel 101 vpngroup vpn idle-time 1800 vpngroup vpn password telnet timeout 5 ssh timeout 5 dhcpd address 192.168.1.10-192.168.1.42 inside dhcpd lease 3600 dhcpd ping_timeout 750 dhcpd enable inside terminal width 80 Cryptochecksum:a71ebfc24ae Any ideas?? I'm sort of stumped at this point. Thanks! -- Dain Deutschman CCNP, CSS-1, CCNA, MCP, CNA Data Communications Manager Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62639t=62639 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
URGENT Frame Relay Encapsulation Failing [7:62614]
Hello, I have a Frame circuit to my service provider who provides internet access to us. The PVC is active...I'm able to ping the remote peer...however, no other access to anywhere...further more...the encapsulation is failing on debug outputshere is the output... sh frame pvc PVC Statistics for interface Serial0 (Frame Relay DTE) Active Inactive Deleted Static Local 1000 Switched 0000 Unused 0000 DLCI = 114, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0 input pkts 4100 output pkts 15 in bytes 288952 out bytes 1560 dropped pkts 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 0 out bcast bytes 0 5 minute input rate 3000 bits/sec, 6 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec pvc create time 01:28:58, last time pvc status changed 00:03:08 sh frame map Serial0 (up): ip x.x.x.x dlci 114(0x72,0x1C20), static, IETF, BW = 256000, status defined, active deb ip packet 01:40:33: IP: s=x.x.x.x (Serial0), d=y.y.y.y (Serial0), len 84, rcvd 3 01:40:33: IP: s=y.y.y.y (local), d=x.x.x.x (Serial0), len 84, sending 01:40:33: IP: s=y.y.y.y (local), d=x.x.x.x(Serial0), len 84, encapsu lation failed Basic Encap Settings encapsulation frame-relay ietf frame-relay map ip z.z.z.z 114 ietf frame-relay lmi-type ansi Thia is very urgent...any help as to what might be happening would be greatly appreciated!! Thanks!! -- Dain Deutschman CCNP, CSS-1, CCNA, MCP, CNA Data Communications Manager New Star Sales and Service, Inc. 800.261.0475 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62614t=62614 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Frame Relay...Serial Int Flapping [7:62411]
Hi all, I have a Frame Relay circuit to an adtran ts120 and then v.35 to a cisco1721. My serial interface keeps flapping 01:11:40: Serial0: attempting to restart 01:11:40: PowerQUICC(0/0): DCD is up. Line protocol changes to up...then down...and stays down. But debug output shows the above. Any ideas? interface Serial0 bandwidth 512 ip address x.x.x.x x.x.x.x encapsulation frame-relay IETF frame-relay map ip x.x.x.x 114 IETF frame-relay lmi-type ansi -- Dain Deutschman CCNP, CSS-1, CCNA, MCP, CNA Data Communications Manager New Star Sales and Service, Inc. 800.261.0475 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62411t=62411 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX Scenario [7:62047]
Ok..thanksi was worried about the public to private ip mapping with NAT and IPSEC. But since esp does not modify the original header...I should be fine to have the vpn clients connect to a public ip that is statically natted to the private ip on the outside pix interface. Right? Thanks again... Dain BJ Rice wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... This isn't entirely correct. You can have a private IP address on your outside interface and have it NAT'd to a public IP address and then terminate the tunnel there. I am assuming this is what you are doing. Yes it can be done. Yes it will work with IKE Mode Configuration which is the same functionality of the vpngroup. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62266t=62047 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX Scenario [7:62047]
Hello everyone, I would like to install a PIX behind a router and had some questions... 1. Can the VPN clients connect to a public ip that translates ( static nat ) to the private ip assigned to the outside interface of the PIX?( if i use esp) 2. Will it work if I use IKE Mode Configuration to auto assign IPs to the remote clientsor does the vpngroup configuration with PIX v6.01 work the same way? Thanks for any suggestions...If i am being to vague I would be happy to discuss in more detail. Thanks! -- Dain Deutschman CCNP, CSS-1, CCNA, MCP, CNA Data Communications Manager New Star Sales and Service, Inc. 800.261.0475 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62047t=62047 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Switching EXAM (Hex Conversion Chart) [7:61108]
You should just learn how to convert decimal to hex...then you won't need a chart. -- Dain Deutschman CCNA, CSS-1, MCP, CNA Data Communications Manager New Star Sales and Service, Inc. 800.261.0475 Bond, Jeffrey T wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... On the Switching exam, are we provided a HEX conversion chart for reference? thanks in advance -Original Message- From: Aaron Ajello [mailto:[EMAIL PROTECTED]] Sent: Friday, January 10, 2003 8:01 AM To: [EMAIL PROTECTED] Subject: RE: Switching Exam on Monday 13/1/03 [7:60785] Spend a lot of time on MLS. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61228t=61108 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Aironet 350 Access Point and US Robotics USR2216 Cards [7:60843]
Hi, I have an Aironet 350 AP and USR 2216 802.11b cards on the clients. The signal remains Very Good most of the time...but then totally drops randomly. The following is part of the log.. 01:22:45 (Info): Disassociating [ ], reason Sender is Leaving (has left) BSS 01:05:27 (Info): Disassociating [ ], reason Not Associated 01::05:26 (Info): Station [x.x.x.x], roamed Any ideas why? -- Dain Deutschman CCNA, CSS-1, MCP, CNA Data Communications Manager Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60843t=60843 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Off Topic but interesting - RS networking future? [7:59657]
I agree...technology is converging more and moreyou need know r/s, security, unix, voip, databases, programming, etc Besides...why would one want to limit oneself only to R/S? -- Dain Deutschman CCNA, CSS-1, MCP, CNA Data Communications Manager New Star Sales and Service, Inc. 800.261.0475 nrf wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Definitely. Janitors now use vacuum-cleaners as well as brooms. Telephone operators now use keyboards, not patchcords. Networkers will need to know more than just layers 2 and 3. But there will be a continued demand for R/S as part of the networkers job. I think you just said the key word right there, the word part - it will just be part of a job. Not like today or the recent past where R/S was a job all in itself. Another point is that bandwidth is not necessarily cheap all over the world, Europe is more expensive than the US, and Asia even worse, so engineering is required, in fact surely traffic engineering is all the rage at the moment. Europe may be more expensive than the US, but European providers still have far too much bandwidth than the market demands. After all, look at what happened to KPNQwest. Actually I find traffic-engineering to be of little importance in today's market as a whole, except in certain pockets like in Asia. Most providers in the world just shrug their shoulders at traffic-engineering. I guess what I want to say is that when an economy is booming, people unrealistically believe it's forever and they will be millionaires by next June. Conversely when the economy is in a trough then people get gloomy and believe that they'll never pay off their credit card bills. Neither view is realistic. R/S is not dead, it's sleeping and will wake up. Granted there will not be the insane rush into network builds that we saw a few years ago but the wireless boom is around the corner Is that the same wireless boom that has basically bankrupted every European telco? rgds Marc Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59657t=59657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
How many VPN connections supported? [7:56395]
Hi group, Could someone point me to a resource that gives statistics on how many VPN connections are supported by some of the access routers? ( such as 800, 1600, 1700, 2600 series) Thanks! Dain Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56395t=56395 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Inside Interface accepts DHCP lease...but it has a static [7:55094]
There is a router/modem connecting to the ISP using PPoA. This router was in place and works...the customer just wanted some packet filtering as well ( which the router in place does not provide ). So I am using a Cisco SOHO 71. E1 is the outside interface which connects to the inside interface of the existing router. E1 has a static ip of 172.16.0.2 ( there is no ip address dhcp it is ip address 172.16.0.2 255.255.255.0 E0 has ip address 192.168.0.9 255.255.255.0 There is a static route on the existing ( non Cisco ) router pointing all 192.168.0.0/24 destined traffic back to 172.16.0.2 ( E1 of Cisco ). There is also a default route on the cisco pointing to 172.16.0.1 ( the inside interface of the non-cisco router ) The non-cisco router does NAT INTERNET-WANinterface(non-Cisco Router)172.16.0.1(inside) | | Win2000Server(DHCP)--|--192.168.0.9(E0)(Cisco SOHO71)172.16.0.2(E1) | | LAN Every few days ( there doesn't seem to be an exact regularity yet), interface E0's ip address will change. So far it has always changed to 192.168.0.16. If I view the DHCP Manager in Windows 2000 Server, it indicates that IP address associated with the router. The config of e0 ( when working normal) looks like this: Interface Ethernet 0 ip address 192.168.0.9 255.255.255.0 Any ideas??? I think I will configure syslog debugging level and turn on dhcp debugging. With that I should get at very least the moment that the address changes...and hopefully some dhcp debug output. I suppose I could also put a sniffer in and try to detect it. Thanks Erick B. wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... That is strange. What type of router and IOS version? Just to clarify, the interface has 'ip address x.x.x.x y.y.y.y' config and not 'ip address dhcp' with a static DHCP assigned address. Being DSL, is it PPPoE by chance? Does e0 connect to DSL/Internet and e1 to their network or vice versa? --- Dain Deutschman wrote: Hi all, I have a problem with a client on a dsl connection. Ethernet 0 and 1 both have statically assigned IP addresses. I leave the customer site and 3 days later they call and have no internet. I check the router config and E0 has the wrong IP address. I check the Win2000 DHCP server and that address is listed as leased to the router. Any ideas why the router is allowing this to happen? -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager [EMAIL PROTECTED] __ Do you Yahoo!? Faith Hill - Exclusive Performances, Videos More http://faith.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55094t=55094 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Inside Interface accepts DHCP lease...but it has a static [7:54998]
Hi all, I have a problem with a client on a dsl connection. Ethernet 0 and 1 both have statically assigned IP addresses. I leave the customer site and 3 days later they call and have no internet. I check the router config and E0 has the wrong IP address. I check the Win2000 DHCP server and that address is listed as leased to the router. Any ideas why the router is allowing this to happen? -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54998t=54998 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Passed MCNS, PIX and VPN! [7:54607]
Hey everyone... I passed MCNS, PIX and VPN last week! Just letting everyone know that this group is a great learning resource and I use it all the time...it helps! Thanks! -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54607t=54607 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: TACACS/RADIUS on CISCO Router [7:53621]
just using a local username database exchange wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey, is there a possibility to set up a router acting as a radius or tacacs server with local authentication without external server ? Please let me know best regards Michael Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53889t=53621 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP authentication. [7:53513]
Maybe this is wrong...and not the best thing to do in a production network...but would a clear ip route * do the trick? I think the problem is that the routes already exist in the routing table...clearing the neighbor relationship may not have an effect. I may be off base...please correct me if that is the case. Dain. enginedrive2002 wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... If Router A and Router B are connected using serial interface, both of them are running EIGRP. On Router A, I have configure ip authentication mode eigrp AS# md5 and ip authentication key-chain eigrp AS# under interface configuration mode, also configure the key chain, key-string under global configuration mode. On Router B, I didn't nothing with EIGRP authentication. Router A and B suppose should not be able to set up neighbour relationship, but now Router A and Router can see each other while running show ip eigrp neighbour, the subnet information of Router A also appear in Router B routing table, and vice versa. Any configuration commands I missed? What debug command I can use to verify the authentication is working or not? Thank you for your input! E.D. __ Post your ad for free now! http://personals.yahoo.ca Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53533t=53513 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Telnet session traversing PIX are timingout [7:53490]
What happens if you telnet from the pix to the external host...does it timeout then? Dain KM Reynolds wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, I have telnet sessions that orginate on the internal side of a PIX to a server on the external side that are timing out (after 60 seconds). Is there a command to increase the timeout period for telnet? If there is what is the max? TIA KR _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53534t=53490 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to manage the pix 501 remotely via telnet or pdm [7:52826]
do you have the conduit configured to allow icmp? I think the PIX blocks icmp unless you specifically open a conduit for it. Dain mindiani mindiani wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi I just installed two PIX 501 with vpn tunnel over the internet for my client and I would like to allow telnet and pdm from one site to the other. The tunnels are up and I able to send traffic in both directions but I cannot telnet into the remote Pix from my PC.I tried the following command: telnet 172.16.1.2 255.255.255.255 outside This command would not allow my PC (IP address172.16.1.2) to telnet to the remote site but I am able to telnet to my servers behind the PIX. i have the same problem with PDM. Join the worlds largest e-mail service with MSN Hotmail. Click Here Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52826t=52826 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 2950 CRC Errors [7:51419]
I haven't tried disabling pwrmngmt yet. I'll give it a shot and post the results. Thanks, Dain. Frank Jimenez wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Might want to review this: http://www.cisco.com/warp/public/473/46.html Power management was causing a bunch of issues at one of my customer's sites. Might want to disable it and see if it helps any. Frank Jimenez, CCIE #5738 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Dain Deutschman Sent: Wednesday, August 14, 2002 10:26 PM To: [EMAIL PROTECTED] Subject: Re: Catalyst 2950 CRC Errors [7:51419] Also...I have tested the wiring(basic tester...no NEXT/FEXT or other factors...but lengths of cable are under 50ft) and replaced patch cables...still no luck. Dain. Dain Deutschman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello Everyone, I have a Cat2950 in a small office throwing up thousands of CRCs, input errors and several runts on the port connected to the server. Clients are getting disconnected and database on server is constantly having to be repaired. The errors always follow the server no matter which port I move it to. Have replaced NIC in server and a few key Wkst. Have also updated the NIC drivers. ( Win2000 w/3C905C-TX-M Nics ). I have forced speed and duplex settings and disabled spanning-tree. I'm suspecting dirty power...but it is connected to a UPS ( that only has limited EMI/RFI Filtering ). I connect a 3Com unmanaged 8 port switch to the key clients and the server...no more problems. Any ideas?!? It's driving me nuts! Thanks in advance... -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51556t=51419 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Security Labbooks recommendations [7:51394]
Security Lab Workbook from www.hellocomputers.com. 16 Labs with remote access to lab equipment. If you have your own lab...CCIE Lab Practice Kit ( McGraw Hill )However, I'm not a CCIE so take what I say with a grain of salt. Dain. Larry Melson wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Anyone have any comments on the Security lab preparation books that are available? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51418t=51394 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Catalyst 2950 CRC Errors [7:51419]
Hello Everyone, I have a Cat2950 in a small office throwing up thousands of CRCs, input errors and several runts on the port connected to the server. Clients are getting disconnected and database on server is constantly having to be repaired. The errors always follow the server no matter which port I move it to. Have replaced NIC in server and a few key Wkst. Have also updated the NIC drivers. ( Win2000 w/3C905C-TX-M Nics ). I have forced speed and duplex settings and disabled spanning-tree. I'm suspecting dirty power...but it is connected to a UPS ( that only has limited EMI/RFI Filtering ). I connect a 3Com unmanaged 8 port switch to the key clients and the server...no more problems. Any ideas?!? It's driving me nuts! Thanks in advance... -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51419t=51419 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 2950 CRC Errors [7:51419]
Also...I have tested the wiring(basic tester...no NEXT/FEXT or other factors...but lengths of cable are under 50ft) and replaced patch cables...still no luck. Dain. Dain Deutschman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello Everyone, I have a Cat2950 in a small office throwing up thousands of CRCs, input errors and several runts on the port connected to the server. Clients are getting disconnected and database on server is constantly having to be repaired. The errors always follow the server no matter which port I move it to. Have replaced NIC in server and a few key Wkst. Have also updated the NIC drivers. ( Win2000 w/3C905C-TX-M Nics ). I have forced speed and duplex settings and disabled spanning-tree. I'm suspecting dirty power...but it is connected to a UPS ( that only has limited EMI/RFI Filtering ). I connect a 3Com unmanaged 8 port switch to the key clients and the server...no more problems. Any ideas?!? It's driving me nuts! Thanks in advance... -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51426t=51419 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: passed BCMSN [7:51070]
Congrats! Deepak Achar wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hi all yestarday i passed BCMSN with a score of 815. not much changed in the exam. i studied 640-504 book. one year back i had cleared routing and remote access. by reading all the mails about new version of ccnp, i was bit nervous. but after facing the exam, i think not much has changed from 504 to 604. now i am preparing for CIT. Thanks deepak n achar mcp,ccna network engineer wipro technologies bangalore india Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51101t=51070 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cat2950 VLAN 1 ip address...can't connect [7:50331]
Thanks for everyones input. I guess where I was confused is that they recommend I think in the BCMSN book that VLAN 1 is used for management purposes only. But I guess that would be in a routed multiple vlan environment. I guess in a small network with one switch it really does not matter and vlan 1 could be used for everything right? Could someone clear that up for me? Thanks. Dain. Dain Deutschman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Any ideas why I cannot ping or otherwise connect to 192.168.0.8/24..the IP address of this Cat2950 Switch?? I can ping other devices on the network. Thanks for any input. ! version 12.1 service config no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname UPIJAK ! no logging console ! ip subnet-zero no ip finger no ip domain-lookup ! ! ! interface FastEthernet0/1 switchport access vlan 100 interface FastEthernet0/2 switchport access vlan 100 ! interface FastEthernet0/3 switchport access vlan 100 ! interface FastEthernet0/4 switchport access vlan 100 ! interface FastEthernet0/5 switchport access vlan 100 ! interface FastEthernet0/6 switchport access vlan 100 ! interface FastEthernet0/7 switchport access vlan 100 ! interface FastEthernet0/8 switchport access vlan 100 ! interface FastEthernet0/9 switchport access vlan 100 ! interface FastEthernet0/10 switchport access vlan 100 ! interface FastEthernet0/11 switchport access vlan 100 ! interface FastEthernet0/12 switchport access vlan 100 ! interface FastEthernet0/13 switchport access vlan 100 ! interface FastEthernet0/14 switchport access vlan 100 ! interface FastEthernet0/15 switchport access vlan 100 ! interface FastEthernet0/16 switchport access vlan 100 ! interface FastEthernet0/17 switchport access vlan 100 ! interface FastEthernet0/18 switchport access vlan 100 ! interface FastEthernet0/19 switchport access vlan 100 ! interface FastEthernet0/20 switchport access vlan 100 ! interface FastEthernet0/21 switchport access vlan 100 ! interface FastEthernet0/22 switchport access vlan 100 ! interface FastEthernet0/23 switchport access vlan 100 duplex half speed 10 ! interface FastEthernet0/24 switchport access vlan 100 duplex full speed 100 ! interface Vlan1 ip address 192.168.0.8 255.255.255.0 no ip route-cache ! no ip http server ! line con 0 exec-timeout 240 0 transport input none line vty 0 4 line vty 5 15 login ! end -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50373t=50331 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cat2950 VLAN 1 ip address...can't connect [7:50331]
I will just put the management vlan to 100. Thank you everyone for your help! Dain. Dain Deutschman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Any ideas why I cannot ping or otherwise connect to 192.168.0.8/24..the IP address of this Cat2950 Switch?? I can ping other devices on the network. Thanks for any input. ! version 12.1 service config no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname UPIJAK ! no logging console ! ip subnet-zero no ip finger no ip domain-lookup ! ! ! interface FastEthernet0/1 switchport access vlan 100 interface FastEthernet0/2 switchport access vlan 100 ! interface FastEthernet0/3 switchport access vlan 100 ! interface FastEthernet0/4 switchport access vlan 100 ! interface FastEthernet0/5 switchport access vlan 100 ! interface FastEthernet0/6 switchport access vlan 100 ! interface FastEthernet0/7 switchport access vlan 100 ! interface FastEthernet0/8 switchport access vlan 100 ! interface FastEthernet0/9 switchport access vlan 100 ! interface FastEthernet0/10 switchport access vlan 100 ! interface FastEthernet0/11 switchport access vlan 100 ! interface FastEthernet0/12 switchport access vlan 100 ! interface FastEthernet0/13 switchport access vlan 100 ! interface FastEthernet0/14 switchport access vlan 100 ! interface FastEthernet0/15 switchport access vlan 100 ! interface FastEthernet0/16 switchport access vlan 100 ! interface FastEthernet0/17 switchport access vlan 100 ! interface FastEthernet0/18 switchport access vlan 100 ! interface FastEthernet0/19 switchport access vlan 100 ! interface FastEthernet0/20 switchport access vlan 100 ! interface FastEthernet0/21 switchport access vlan 100 ! interface FastEthernet0/22 switchport access vlan 100 ! interface FastEthernet0/23 switchport access vlan 100 duplex half speed 10 ! interface FastEthernet0/24 switchport access vlan 100 duplex full speed 100 ! interface Vlan1 ip address 192.168.0.8 255.255.255.0 no ip route-cache ! no ip http server ! line con 0 exec-timeout 240 0 transport input none line vty 0 4 line vty 5 15 login ! end -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50392t=50331 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cat2950 VLAN 1 ip address...can't connect [7:50331]
Any ideas why I cannot ping or otherwise connect to 192.168.0.8/24..the IP address of this Cat2950 Switch?? I can ping other devices on the network. Thanks for any input. ! version 12.1 service config no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname UPIJAK ! no logging console ! ip subnet-zero no ip finger no ip domain-lookup ! ! ! interface FastEthernet0/1 switchport access vlan 100 interface FastEthernet0/2 switchport access vlan 100 ! interface FastEthernet0/3 switchport access vlan 100 ! interface FastEthernet0/4 switchport access vlan 100 ! interface FastEthernet0/5 switchport access vlan 100 ! interface FastEthernet0/6 switchport access vlan 100 ! interface FastEthernet0/7 switchport access vlan 100 ! interface FastEthernet0/8 switchport access vlan 100 ! interface FastEthernet0/9 switchport access vlan 100 ! interface FastEthernet0/10 switchport access vlan 100 ! interface FastEthernet0/11 switchport access vlan 100 ! interface FastEthernet0/12 switchport access vlan 100 ! interface FastEthernet0/13 switchport access vlan 100 ! interface FastEthernet0/14 switchport access vlan 100 ! interface FastEthernet0/15 switchport access vlan 100 ! interface FastEthernet0/16 switchport access vlan 100 ! interface FastEthernet0/17 switchport access vlan 100 ! interface FastEthernet0/18 switchport access vlan 100 ! interface FastEthernet0/19 switchport access vlan 100 ! interface FastEthernet0/20 switchport access vlan 100 ! interface FastEthernet0/21 switchport access vlan 100 ! interface FastEthernet0/22 switchport access vlan 100 ! interface FastEthernet0/23 switchport access vlan 100 duplex half speed 10 ! interface FastEthernet0/24 switchport access vlan 100 duplex full speed 100 ! interface Vlan1 ip address 192.168.0.8 255.255.255.0 no ip route-cache ! no ip http server ! line con 0 exec-timeout 240 0 transport input none line vty 0 4 line vty 5 15 login ! end -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50331t=50331 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cat2950 VLAN 1 ip address...can't connect [7:50331]
The PC I am pinging from is in VLAN 100. I realize that vlan to vlan communication requires a router...however, I was under the impression that the management vlan just worked when you gave it an IP. Much like entering set interface sc0 192.168.0.8 255.255.255.0 on a set based switch...or ip address 192.168.0.8 255.255.255.0 on a menu based switch in command mode. In those situations...you can just ping the ip address of the switch. I'm not sure why a default gateway would make a difference...if the management vlan is supposed to act as the switches manageble ip address. Especially when I'm on the same subnet Any other ideas? Dain Deutschman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Any ideas why I cannot ping or otherwise connect to 192.168.0.8/24..the IP address of this Cat2950 Switch?? I can ping other devices on the network. Thanks for any input. ! version 12.1 service config no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname UPIJAK ! no logging console ! ip subnet-zero no ip finger no ip domain-lookup ! ! ! interface FastEthernet0/1 switchport access vlan 100 interface FastEthernet0/2 switchport access vlan 100 ! interface FastEthernet0/3 switchport access vlan 100 ! interface FastEthernet0/4 switchport access vlan 100 ! interface FastEthernet0/5 switchport access vlan 100 ! interface FastEthernet0/6 switchport access vlan 100 ! interface FastEthernet0/7 switchport access vlan 100 ! interface FastEthernet0/8 switchport access vlan 100 ! interface FastEthernet0/9 switchport access vlan 100 ! interface FastEthernet0/10 switchport access vlan 100 ! interface FastEthernet0/11 switchport access vlan 100 ! interface FastEthernet0/12 switchport access vlan 100 ! interface FastEthernet0/13 switchport access vlan 100 ! interface FastEthernet0/14 switchport access vlan 100 ! interface FastEthernet0/15 switchport access vlan 100 ! interface FastEthernet0/16 switchport access vlan 100 ! interface FastEthernet0/17 switchport access vlan 100 ! interface FastEthernet0/18 switchport access vlan 100 ! interface FastEthernet0/19 switchport access vlan 100 ! interface FastEthernet0/20 switchport access vlan 100 ! interface FastEthernet0/21 switchport access vlan 100 ! interface FastEthernet0/22 switchport access vlan 100 ! interface FastEthernet0/23 switchport access vlan 100 duplex half speed 10 ! interface FastEthernet0/24 switchport access vlan 100 duplex full speed 100 ! interface Vlan1 ip address 192.168.0.8 255.255.255.0 no ip route-cache ! no ip http server ! line con 0 exec-timeout 240 0 transport input none line vty 0 4 line vty 5 15 login ! end -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50353t=50331 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Exam Monday [7:49286]
I just took this exam and passed. It was more difficult than I thought. I have some suggestions: 1. If CCIE is in your future...or if you just want a good reference, buy Routing TCP/IP Volumes I and II. It goes into more depth with better explainations than the BSCN book. ( Although if you are taking it on Monday...I guess it would be kind of hard to buy and read those books in time! ) 2. Know how to configure route redistribution and summarization in different scenarios. Know which commands go with which protocol and under what configuration mode and scenario to use them. This is the area of the test that was hardest for me. Hope that helps. Dain. Richard Tufaro wrote in message news:[EMAIL PROTECTED]... Hey all, got my routing exam on Monday 640-603. Any last minute advice. Been using Boson and Transcender along with reading the Cisco book for 503 threw and threw... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49333t=49286 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPN with Cisco 806 [7:49034]
Hi Everyone, VPN Question: I have a client with 16 small locations ( 2-8 nodes per location ) that may want to access a Windows Terminal Server at a central site in the future to run thier database app. Not all the locations have broadband internet access...although they will within a year or two. The speed of the broadband is on average around 400-500Kbps ( with the exception of the dial-up ). Will a Cisco 806 at the central site and a mix of software VPN clients and 806 routers at the remote sites work? Or would an 806 not be able to keep up on the performance side? Any suggestions? -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49034t=49034 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN with Cisco 806 [7:49034]
Thanks for the advice guys...very helpful. Dain. Dain Deutschman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi Everyone, VPN Question: I have a client with 16 small locations ( 2-8 nodes per location ) that may want to access a Windows Terminal Server at a central site in the future to run thier database app. Not all the locations have broadband internet access...although they will within a year or two. The speed of the broadband is on average around 400-500Kbps ( with the exception of the dial-up ). Will a Cisco 806 at the central site and a mix of software VPN clients and 806 routers at the remote sites work? Or would an 806 not be able to keep up on the performance side? Any suggestions? -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49089t=49034 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF Route Summary [7:49085]
I assume that Sydney is the backbone area 0? 10.64.0.0/22 would summarize all subnets in the OSPF network in the backbone Sydney 10.64.0.0./22 Paris 10.64.0.4./23 -Do you mean 10.64.4.0/23? LA 10.64.0.6./23 ---Do you mean 10.64.6.0/23? NYC 10.64.0.8./23 -Do you mean 10.64.8.0/23? If this is the case 10.64.4.0/23 would summarize for 10.64.4.0/24 and 10.64.5.0/24 Paris 10.64.6.0/23 would summarize for 10.64.6.0/24 and 10.64.7.0/24 LA etcetc... Am I helping or hindering??? Dain John Brandis wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... G'Day All, A client has sent me a list of IP's that are to be used in a new global network. Our Global network will IP is 10.64.x.x . Now, for for each office, we will have two networks, for example, Paris is 10.64.4.0 through to 10.64.6.0 . The only exception is Sydney, where the client will have 4 networks, 10.64.0.0-10.64.4.0 . Now I wish to use at each site, subnet mask 255.255.255.0 (24bit), however to summarise my routes in OSPF, my superior has handed me this Sydney 10.64.0.0./22 Paris 10.64.0.4./23 LA 10.64.0.6./23 NYC 10.64.0.8./23 This looks wrong to me. What am I missing. John Brandis ** visit http://www.solution6.com visit http://www.eccountancy.com - everything for accountants. UK Customers - http://www.solution6.co.uk * This email message (and attachments) may contain information that is confidential to Solution 6. If you are not the intended recipient you cannot use, distribute or copy the message or attachments. In such a case, please notify the sender by return email immediately and erase all copies of the message and attachments. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of Solution 6 are neither given nor endorsed by it. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49092t=49085 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Class C summarization question [7:48367]
Hey everyone, Thanks for all of your help. I have decided that 16 must be correct since it makes perfect sense and most of you back that up as well. I think the test question was just plain wrong. Anyway...I passed the CCNP Routing exam today so I'm pretty happy. : ) Groupstudy is a great learning resource. Thanks everyone. Dain. Dain Deutschman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm confused about a practice question for BSCN that I came across: Your routing tables are getting very large and you need to configure route summarization. How many class C internet addresses can you summarize with a /20 CIDR block? Answer: 8 Would it not be 16? Where am I going wrong? -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48536t=48367 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Class C summarization question [7:48367]
One of the choices in the question was 16but 14 was not a choice. Could it be that since 14 was not a choice that 8 was the closest thing since 16 is possibly wrong because of the 0 subnet? This seems a little off the wall to me butsometimes those cisco questions are off the wall. Dain. Bob Timmons wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Firstly, 2 to the power of 4 is 16 (2x2x2x2). Secondly, regarding Carl's post, would the answer be 14? I'm not sure the subnet-zero comes into play with CIDR. I was under the impression it was only relevant to subnetting as opposed to summarizing. Does anyone know for sure? I say 8. 2 to the power of 4 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48398t=48367 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Class C summarization question [7:48367]
I'm confused about a practice question for BSCN that I came across: Your routing tables are getting very large and you need to configure route summarization. How many class C internet addresses can you summarize with a /20 CIDR block? Answer: 8 Would it not be 16? Where am I going wrong? -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48367t=48367 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Class C summarization question [7:48367]
Thanks...it's good to know I'm not completely losing my mind. : ) Dain Dain Deutschman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm confused about a practice question for BSCN that I came across: Your routing tables are getting very large and you need to configure route summarization. How many class C internet addresses can you summarize with a /20 CIDR block? Answer: 8 Would it not be 16? Where am I going wrong? -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48370t=48367 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Class C summarization question [7:48367]
Actually...4 bits makes 16 combinations( 2 to the power of 4 = 16 ) ( 4 positions with 2 possibilities per bit position ) Dain Andy Hoang wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I would say 8 is correct. 4 bits make 8 combinations. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Michael L. Williams Sent: Monday, July 08, 2002 8:15 PM To: [EMAIL PROTECTED] Subject: Re: Class C summarization question [7:48367] I would say 16 as well. Mike W. Dain Deutschman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm confused about a practice question for BSCN that I came across: Your routing tables are getting very large and you need to configure route summarization. How many class C internet addresses can you summarize with a /20 CIDR block? Answer: 8 Would it not be 16? Where am I going wrong? -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48372t=48367 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Class C summarization question [7:48367]
FYI for who ever wants to knowA great website for learning subnetting ( actually learning the binary whys and hows instead of shortcuts ) is www.learntosubnet.com There are some great free resources...and very good explanations for those who are just starting to learn it. Dain Michael L. Williams wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Wow. According to my binary math, 4 bits = 16 combinations. 1 bit = 2 combinations (2^1 = 2) 2 bits = 4 combinations (2^2 = 4) 3 bits = 8 combinations (2^3 = 8) 4 bits = 16 combinations (2^4 = 16) Now. when converting from binary to decimal, the 4th bit (from the right) has a (decimal) value of 8 (2^[4-1]), but of course when you add the values of the bits from 4 down, you get 8+4+2+1 = 15 (thus giving 16 combinations, 0 through 15) (Too all that have read my posts in the past, now you know why I bitch up a storm when I hear someone encourage someone else to memorize subnetting charts and bitswapping charts instead of taking an hour and learning how binary actually works... geez) Mike W. - Original Message - From: Andy Hoang To: Michael L. Williams ; Sent: Monday, July 08, 2002 10:51 PM Subject: RE: Class C summarization question [7:48367] I would say 8 is correct. 4 bits make 8 combinations. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Michael L. Williams Sent: Monday, July 08, 2002 8:15 PM To: [EMAIL PROTECTED] Subject: Re: Class C summarization question [7:48367] I would say 16 as well. Mike W. Dain Deutschman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm confused about a practice question for BSCN that I came across: Your routing tables are getting very large and you need to configure route summarization. How many class C internet addresses can you summarize with a /20 CIDR block? Answer: 8 Would it not be 16? Where am I going wrong? -- Dain Deutschman CNA, MCP, CCNA Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48376t=48367 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: serial interface down/down or up/down [7:47101]
Would creating a loopback plug for the CSU side help to test if the problem is on the carriers side? In other words, if a up/up (looped) condition is maintained with a loppback plug...could one assume that it is not a local problem but the problem of the service provider? Dain. Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Here's the conclusion, since a few people have wondered about it. By the way, the question had to do with an external CSU/DSU. According to Cisco documentation, a down/down serial interface means the router interface cannot determine that CD has been asserted. As mentioned earlier, a CSU/DSU acts more like a DSU than a CSU and presents a synchronous signal to the router. The CSU/DSU must assert Data Carrier Detect (DCD or CD), Data Set Ready (DSR), and Clear to Send (CTS). The router, which is playing the DTE role, must assert Data Terminal Ready (DTR) and Request to Send (RTS). For all these control leads to be asserted, and for the router to recognize that they are asserted, the router and CSU/DSU hardware must be operational, and the cabling must be properly constructed. However, even if all hardware checks out, there are still cases when the interface may be down/down or flapping between up/up, up/down, and down/down. For example, some CSU/DSUs won't assert CD if the link to the carrier is having problems. In these cases, check the CSU/DSU configuration. Make sure the right clocking, framing, and encoding are configured. If they are correctly configured, then call the service provider and work with the provider to isolate the problem. Priscilla At 03:42 PM 6/22/02, Kevin Cullimore wrote: Some wrap-up comments: Challenged by the incompleteness of the cisco-press materials, I attempted to produce a complete taxonomy mapping configurations/conditions to interface/line up/down states. An unimaginably short attention-span cut that short, but I realized that maybe a superset of that information, up/down states AND the serial indicators shown at the bottom of the show interface command. That project ended similarly, but I believe that working in the other direction might be easier, wherein you tackle the task of categorizing the large set of circumstances responsible for the four interface states by examining the entirety of the output for both interface controller show commands per misconfiguration, and gradually developing a profile for the entirety of the show output, allowing patterns to emerege that might render the first line of the show interface command somewhat intelligible. A real possibility is that the case of the integrated csu/dsu serial interface might have to be treated seperately from the the one involving a mere serial interface, due to the lack of interaction with an external device for those functions. The two references that dramatically increased my understanding of layer 1 operations are the paradyne 3160 manual and uyless s black's Physical Layer Interfaces and Protocols book. - Original Message - From: Priscilla Oppenheimer To: Sent: 21 June 2002 8:02 pm Subject: Re: serial interface down/down or up/down [7:47101] At 07:17 PM 6/21/02, Chuck wrote: Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I guess the question is too hard for a practice test if NOBODY can answer it!? CL: surprise surprise we all THINK we know the answer byt realy we don't ;- My messages arrived asynchronously, when I meant for them to arrive isochronously. ;-) Seriously, they arrived out of order. Despite all the confusion, I do feel like I have an answer now. Thanks to everyone who answered. Priscilla Here's the thing: Cisco says that a down/down interface means the router interface is not sensing a Carrier Detect signal (that is, the CD is not active). Now, from my studies of V.35 I know that data carrier detect (DCD or CD) comes from the DCE side of the V.35 link, carried on pin 8, yadda, yadda. It comes from the data interface on the DSU side of the CSU/DSU. If the router is correctly connected to the CSU/DSU, will it see CD or does the answer depend on whether the CSU/DSU is also correctly talking to the telco? Does carrier detect mean literally what it sounds like it means? Would the CSU/DSU not assert CD if there was a problem on the telco side? And hence the router wouldn't see CD and would say the interface was down/down. CL: in my old dial up to the BBS days, I always interpreted carrier as essentially a completed telephone call. I've carried that idea into the T1 world I live in now. however, I think we all know the problem with Frame or ATM, where the line is up ( i.e. there is carrier ) because of LMI or the ATM equivalent signalling, so dial backup
Re: admin distance question [7:47147]
If the intent is to route the packets to the external AS, then the eBGP route would be the most favorable because more likely than not...eBGP is the routing protocol between autonomous systems. In other words/for example...if there is more than 1 route to 10.0.0.0/16, which is a network in an external AS, then the eBGP route should be the prefered route ( since it is an external AS ). If the network were in the same AS, then an IGP route should be used but...it wouldn't be in the same AS if it was learned via eBGP. Am I making sense? Someone please jump in or correct me if I am wrong. Thanks...Dain. bergenpeak wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Looking at the administrative distance values for the different routing mechanisms. Why would eBGP have a lower admin distance for a route than if learned via an IGP (like OSPF or ISIS)? Why wouldn't the default behavior be to prefer routes learned from the local IGP rather than via eBGP? THanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47269t=47147 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: admin distance question [7:47147]
Great article. I'm studying for CCNP routingwas looking for real world/case study examples. This will be very helpful. Thanks! Dain. Darren Ward wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... There is of course an exception to this rule :) BGP Backdoor makes an external route go to an admin distance of 200 so IGP routes take precedence without having to change the eBGP distance. Case Study at: http://www.cisco.com/warp/customer/459/14.html#A14.0 Darren Ward (PGradCS, CCIE #8245, CCNP, CCDP, MCP) On Sun, 23 Jun 2002, Dain Deutschman wrote: If the intent is to route the packets to the external AS, then the eBGP route would be the most favorable because more likely than not...eBGP is the routing protocol between autonomous systems. In other words/for example...if there is more than 1 route to 10.0.0.0/16, which is a network in an external AS, then the eBGP route should be the prefered route ( since it is an external AS ). If the network were in the same AS, then an IGP route should be used but...it wouldn't be in the same AS if it was learned via eBGP. Am I making sense? Someone please jump in or correct me if I am wrong. Thanks...Dain. bergenpeak wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Looking at the administrative distance values for the different routing mechanisms. Why would eBGP have a lower admin distance for a route than if learned via an IGP (like OSPF or ISIS)? Why wouldn't the default behavior be to prefer routes learned from the local IGP rather than via eBGP? THanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47274t=47147 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP Prefix List Question [7:47117]
Ok...I understand. The book I have here did not explain it very well. I will definately play around with it in the lab to get a better idea. Thanks! Dain. Paulo Roque wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have developed a method. I draw a generic rule like this: lenge-value---le-value---32 For the command ip prefix-list MYLIST permit prefix/24 ge 25 I put that values on the rule: len=24 ge=25 (values greater than 25 marked with *) le= not present 2425***32 So the command ip prefix-list MYLIST permit prefix/24 ge 25 match the prefix length from 25 to 32. For the command ip prefix-list MYLIST permit prefix/24 le 28 I put the values on the rule: len=24 ge= not present le= 28 (values lower than 28 marked with *) 24***2832 So the command ip prefix-list MYLIST permit prefix/24 le 28 match the prefix length from 24 to 28. === Finally for the command ip prefix-list MYLIST permit prefix/24 ge 25 le 28. I put the values on the rule: len=24 ge=25 le=28 24--25***28--32 So the command ip prefix-list MYLIST permit prefix/24 ge 25 le 28 match the prefix from 25 to 28. -- Eng. Paulo Roque Network Engineer Cisco Certified Network Associate [EMAIL PROTECTED] Dain Deutschman escreveu na mensagem [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Could someone explain to me what the ge and le options are used for in a prefix list statement? Example: ip prefix-list MYLIST permit 11.11.11.0/24 ge le Thanks! Dain Deutschman CNA, MCP, CCNA Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47153t=47117 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP Prefix List Question [7:47117]
Could someone explain to me what the ge and le options are used for in a prefix list statement? Example: ip prefix-list MYLIST permit 11.11.11.0/24 ge le Thanks! Dain Deutschman CNA, MCP, CCNA Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47117t=47117 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Security CCIE lab preparation [7:45524]
www.hellocomputers.com sells a great CCIE security lab prep book and 24 hour rack access. Dain. . . wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What is a good lab preparation course for the Security CCIE? i am aware about the ACP4 by Global knowledge and Security prepartion from ccbootcamp. Anyone has taken them and what do you think about this? And any other lab bootcamp besides these two? _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45609t=45524 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Materials on Internet. [7:45426]
Check out www.hellocomputers.com or contact someone there 877-79 HELLO They have a great LAB book and www.ciscopress.com Suggested reading materials are listed under the CCIE program description on cisco's website...many of which are cisco press books. Dain. Hosui Tse wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello, Besides the CISCO WebSite and this StudyGroup. Any good site for study CCIE? I cannot find the books that you guys said which is good for CCIE Study in HK. Can I find it (Soft copy) on the Net? FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45605t=45426 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: teaching CCNA [7:45489]
Hi Priscilla, I used that book amoung others for the exam that I took recently. I did not run into any switch configuration command questions on the test...only switching theory..but that does not mean someone else might not get a question like that. I guess it's my opinion that studying switch configs on paper is sufficient for the CCNA exam. Although Odom goes into more detail on many topics than is necessary for the exam...I'm glad I studied the topics because it is helping me see the bigger picture as I study for the BSCN exam. In regards to the router sim...it does allow abbr. I used copy run start, Ctrl+Z and en. However, the simulation is rather buggy. I had trouble telnetting to the routers in the simulation. After trying various things for about 15 minutes it finally worked. Also...it did not save my configuration completely so I had to re-enter and do a copy run start a couple of times. I'm not sure about the Token Ring thing. Hope that helps. Dain Deutschman CNA, MCP, CCNA Data Communications Manager New Star Sales and Service, Inc. 800.261.0475 [EMAIL PROTECTED] Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I will be teaching a CCNA class next week. I've never taught an intro class before. ;-) The textbook will be Wendell Odom's Cisco CCNA Exam #640-607 Certification Guide. I didn't choose it, but I'm fine with it. I have some questions, however: Wendell covers Catalyst 1900 configuration in quite a bit of detail. Cisco's list of topics for 640-607 doesn't include this, so I'm not planning to teach it, and in fact, we won't have a switch in the lab probably. Will this be OK? Does anyone know if the 640-607 test has Catalyst 1900 configuration questions?? Does anyone know if the test (which now includes router simulation questions) allows one to use abbreviations for commands? (such as cop run start instead of copy running-config startup-config)? Token Ring doesn't support multicast (He says this many times.) I know IEEE 802.5 does officially support it. I also know that many Token Ring NICs didn't support it in the early 1990s. Didn't they fix that??? I would have thought that Token Ring NIC vendors would have added support for multicast by now. Thanks! Priscilla Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45494t=45489 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]