Re: DSL over Dry Copper [7:74117]

[Dain Deutschman]

Thanks everyone for the great comments and replies. This was all very
helpfull.

Dain
Brad Dodds  wrote in message
news:[EMAIL PROTECTED]
 Where I work, we have 5 dry pair circuits to customers (out of 1300).
 We provide the signaling on the lines with sets of Campus brand pair gain
 units at the sites and 14 card chassis style pair gain unit at our POP.
 They are much less expensive ($18 per month vs. $100 for business class
DSL)
 but I can say the savings of $80 dollars or so a month is NOT WORTH IT for
 an organization that needs 24 X 7 availability of the circuit.
 The telco only garuntees that the wire won't have any opens or shorts,
they
 make no promise of the medium having low noise ratio on the line.
 These legacy circuits have been very much a problem when it rains, gets
hot
 or anytime the weather changes, but our customers are spoiled by the
 inexpensive price and won't upgrade to another, more reliable delivery.
 The telco seems very aware of the low/no profit margin on these circuits
and
 are generally not very motivated to spend much time on them when there is
a
 problem.
 I strongly discourage service providers from deploying this type of
 technology, however, we are getting ready to test a newer type of magic
 box (called Storm Port by vendor-I think) which is supposedly able to
 deliver 6Meg across dry pair at much greater distances.  We are very
 skeptical of the vendors claims, but one of our customers which the vendor
 pitched wants to try it.
 I will report back to the group on how it works out.

 Chuck Whose Road is Ever Shorter  wrote in
 message news:[EMAIL PROTECTED]
  Priscilla Oppenheimer  wrote in message
  news:[EMAIL PROTECTED]
   Uh, what is dry copper? Is it analogous to dark fiber?
 
 
  as a matter of fact, yes.
 
  copper from your friendly telco with no dial tone. a local loop with no
  signaling equipoment attached. alarm companies use it extensively, place
  their own signal on it, and thwart the burglars
 
  I have heard tell of folks using dry pair to create private point to
point
  DSL. I don't personally know anyone who has done so.
 
  HTH
 
  
   Thanks
  
   Priscilla
  
   Chuck Whose Road is Ever Shorte wrote:
   
Dain Deutschman  wrote in message
news:[EMAIL PROTECTED]
 Hi All,

 Does anyone know if Cisco makes a product similar to the
Pairgain Campus
HRS
 or Celsian G250 LAN Extenders? I want to create a dsl
connection over dry
 copper between two sites. Cisco reseller helpline was mildly
helpfull.
What
 are some of you using for this type of situation?
   
   
I have heard it said that all you need to do is connect a
couple of 827's
and you are done. I don't know the specifics.. :-
   
http://www.pbs.org/cringely/pulpit/pulpit20010823.html
   
http://www.isp-planet.com/technology/homebrew_dsl.html
   
one place I saw said to check out what alarm companies order -
they use dry
copper.
   
or you can use the Long Reach ethernet product from Cisco at
each end. I'm
sure there are competitors.
   
   

 Thanks,

 --
 Dain Deutschman
 ccnp, css-1, cnss infosec, mcp, cna
 Data Communications Manager
 New Star Sales and Service, Inc.
 **Please support GroupStudy by purchasing from the GroupStudy
Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
   **Please support GroupStudy by purchasing from the GroupStudy Store:
   http://shop.groupstudy.com
   FAQ, list archives, and subscription info:
  http://www.groupstudy.com/list/cisco.html
  **Please support GroupStudy by purchasing from the GroupStudy Store:
  http://shop.groupstudy.com
  FAQ, list archives, and subscription info:
 http://www.groupstudy.com/list/cisco.html
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74765t=74117
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: DSL over Dry Copper [7:74117]

[Dain Deutschman]

Here is an interesting link about dry copper...
http://www.panix.com/~oppedahl/lads/


Dain Deutschman  wrote in message
news:[EMAIL PROTECTED]
 Hi All,

 Does anyone know if Cisco makes a product similar to the Pairgain Campus
HRS
 or Celsian G250 LAN Extenders? I want to create a dsl connection over dry
 copper between two sites. Cisco reseller helpline was mildly helpfull.
What
 are some of you using for this type of situation?

 Thanks,

 -- 
 Dain Deutschman
 ccnp, css-1, cnss infosec, mcp, cna
 Data Communications Manager
 New Star Sales and Service, Inc.
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74177t=74117
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: DSL over Dry Copper [7:74117]

[Dain Deutschman]

I used a couple of Pairgain Campus HRS devices to do this a couple of years
ago. We had an occasional disruption of service...but overall it worked very
well. To order dry copper you just call your phone company and ask the about
it. A couple of years ago it was appr. $70 p/m from qwest at each location.
It was an HDSL signal that ran at roughly 2Mbps over about 1 mile. We ran it
in ethernet bridge mode...but you can also configure them to do routing,
nat, etc.
I was hoping someone would know of a less expensive solution than Pairgain.
I did find a product from Black Box that is about $700 per unit.

Do the Cisco LRE run over POTS? If so...how does this work and what kind of
bandwidth can you get?

Thanks,

Dain

http://www.panix.com/~oppedahl/lads/
Dain Deutschman  wrote in message
news:[EMAIL PROTECTED]
 Hi All,

 Does anyone know if Cisco makes a product similar to the Pairgain Campus
HRS
 or Celsian G250 LAN Extenders? I want to create a dsl connection over dry
 copper between two sites. Cisco reseller helpline was mildly helpfull.
What
 are some of you using for this type of situation?

 Thanks,

 -- 
 Dain Deutschman
 ccnp, css-1, cnss infosec, mcp, cna
 Data Communications Manager
 New Star Sales and Service, Inc.
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74176t=74117
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

DSL over Dry Copper [7:74117]

[Dain Deutschman]

Hi All,

Does anyone know if Cisco makes a product similar to the Pairgain Campus HRS
or Celsian G250 LAN Extenders? I want to create a dsl connection over dry
copper between two sites. Cisco reseller helpline was mildly helpfull. What
are some of you using for this type of situation?

Thanks,

-- 
Dain Deutschman
ccnp, css-1, cnss infosec, mcp, cna
Data Communications Manager
New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74117t=74117
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: GRE Tunnel Recursive Routing Error [7:74035]

[Dain Deutschman]

I would think security point of view...there would be better
solutions...however...this is just a lab scenario. Thanks so much for your
help though. I see the problem now and changed the static route to point to
tunnel destination.

Thanks!

Dain

Zsombor Papp  wrote in message
news:[EMAIL PROTECTED]
 r1 (bb2) learns the route to the destination of the GRE tunnel,
150.50.22.2,
 via that same GRE tunnel. Add a static route like this to r1's
configuration:

 ip route 150.50.22.2 255.255.255.255 Ethernet0

 As a side note, is this (GRE tunnel through the PIX) a good design from
the
 security point of view?

 Thanks,

 Zsombor

 Dain Deutschman wrote:
 
  Hi all,
 
  I'm getting a recursive routing error when trying to tunnel
  with gre.
 
  r1-pix-r2
 
  The error follows along with my configs and route tables.
 
  Thanks!
 
 
  00:52:21: %LINEPROTO-5-UPDOWN: Line protocol on Interface
  Tunnel0, changed
  state
   to down
  bb2#
  00:53:21: %LINEPROTO-5-UPDOWN: Line protocol on Interface
  Tunnel0, changed
  state
   to up
  00:53:30: %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to
  recursive
  routin
  g
  00:53:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface
  Tunnel0, changed
  state
   to down
  00:54:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface
  Tunnel0, changed
  state
   to up
  00:54:40: %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to
  recursive
  routin
  g
 
  bb2#wr t
  Building configuration...
 
  Current configuration : 913 bytes
  !
  version 12.1
  service timestamps debug uptime
  service timestamps log uptime
  no service password-encryption
  !
  hostname bb2
  !
  !
  !
  !
  !
  !
  ip subnet-zero
  ip domain-name hellocomputers.com
  ip name-server 4.1.1.1
  !
  !
  !
  !
  !
  !
  interface Loopback0
   ip address 112.112.112.112 255.255.255.0
  !
  interface Tunnel0
   ip address 172.16.22.112 255.255.255.0
   tunnel source 10.10.112.112
   tunnel destination 150.50.22.2
  !
  interface Ethernet0
   ip address 10.10.112.112 255.255.255.0
  !
  interface Serial0
   no ip address
   shutdown
   no fair-queue
  !
  interface Serial1
   no ip address
   shutdown
  !
  interface BRI0
   no ip address
   shutdown
   isdn x25 static-tei 0
  !
  router eigrp 100
   network 172.16.0.0
   no auto-summary
   no eigrp log-neighbor-changes
  !
  ip classless
  ip route 0.0.0.0 0.0.0.0 10.10.112.12
  ip route 172.16.22.2 255.255.255.255 Ethernet0
  ip http server
  !
  !
  alias exec c config t
  !
  line con 0
  line aux 0
  line vty 0 4
   login
  !
  end
 
  bb2#
 
  r2#wr t
  Building configuration...
 
  Current configuration : 2557 bytes
  !
  version 12.2
  service timestamps debug uptime
  service timestamps log uptime
  service password-encryption
  !
  hostname r2
  !
  logging buffered 4096 debugging
  !
  username all
  memory-size iomem 10
  ip subnet-zero
  !
  !
  ip domain name hellocomputers.com
  ip name-server 4.1.1.1
  !
  ip audit notify log
  ip audit po max-events 100
  !
  !
  !
  key chain keyr2
   key 1
key-string 7 151A0E000825
  !
  voice call carrier capacity active
  !
  !
  !
  !
  !
  !
  !
  !
  !
  mta receive maximum-recipients 0
  !
  !
  !
  !
  interface Loopback0
   ip address 22.22.22.22 255.255.255.0
  !
  interface Tunnel0
   ip address 172.16.22.2 255.255.255.0
   tunnel source 150.50.22.2
   tunnel destination 150.50.22.112
  !
  interface FastEthernet0/0
   ip address 150.50.22.2 255.255.255.0
   ip rip authentication mode md5
   ip rip authentication key-chain keyr2
   duplex auto
   speed auto
  !
  interface Serial0/0
   no ip address
   encapsulation frame-relay
   frame-relay lmi-type ansi
  !
  interface Serial0/0.21 point-to-point
   ip address 150.50.12.2 255.255.255.0
   ip ospf authentication message-digest
   ip ospf message-digest-key 1 md5 7 04530E0A032E
   ip ospf network point-to-point
   frame-relay interface-dlci 121
  !
  interface Serial0/0.23 point-to-point
   ip address 150.50.23.2 255.255.255.0
   ip ospf authentication message-digest
   ip ospf message-digest-key 1 md5 7 130D121E0703
   frame-relay interface-dlci 123
  !
  interface Serial0/0.24 point-to-point
   ip address 150.50.24.2 255.255.255.0
   ip ospf authentication message-digest
   ip ospf message-digest-key 1 md5 7 011B03085704
   frame-relay interface-dlci 124
  !
  interface FastEthernet0/1
   no ip address
   shutdown
   duplex auto
   speed auto
  !
  interface Serial0/1
   no ip address
   shutdown
  !
  router eigrp 100
   network 150.50.0.0
   network 172.16.0.0
   no auto-summary
   no eigrp log-neighbor-changes
  !
  router ospf 100
   router-id 22.22.22.22
   log-adjacency-changes
   area 1 virtual-link 11.11.11.11
   network 22.22.22.0 0.0.0.255 area 1
   network 150.50.12.0 0.0.0.255 area 1
   network 150.50.23.0 0.0.0.255 area 2
   network 150.50.24.0 0.0.0.255 area 1
  !
  router rip
   version 2
   passive-interface Serial0/0.21
   passive-interface Serial0/0.23
   passive-interface Serial0/0.24
   network 150.50.0.0

GRE Tunnel Recursive Routing Error [7:74035]

[Dain Deutschman]

Hi all,

I'm getting a recursive routing error when trying to tunnel with gre.

r1-pix-r2

The error follows along with my configs and route tables.

Thanks!


00:52:21: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed
state
 to down
bb2#
00:53:21: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed
state
 to up
00:53:30: %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive
routin
g
00:53:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed
state
 to down
00:54:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed
state
 to up
00:54:40: %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive
routin
g

bb2#wr t
Building configuration...

Current configuration : 913 bytes
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname bb2
!
!
!
!
!
!
ip subnet-zero
ip domain-name hellocomputers.com
ip name-server 4.1.1.1
!
!
!
!
!
!
interface Loopback0
 ip address 112.112.112.112 255.255.255.0
!
interface Tunnel0
 ip address 172.16.22.112 255.255.255.0
 tunnel source 10.10.112.112
 tunnel destination 150.50.22.2
!
interface Ethernet0
 ip address 10.10.112.112 255.255.255.0
!
interface Serial0
 no ip address
 shutdown
 no fair-queue
!
interface Serial1
 no ip address
 shutdown
!
interface BRI0
 no ip address
 shutdown
 isdn x25 static-tei 0
!
router eigrp 100
 network 172.16.0.0
 no auto-summary
 no eigrp log-neighbor-changes
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.10.112.12
ip route 172.16.22.2 255.255.255.255 Ethernet0
ip http server
!
!
alias exec c config t
!
line con 0
line aux 0
line vty 0 4
 login
!
end

bb2#

r2#wr t
Building configuration...

Current configuration : 2557 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname r2
!
logging buffered 4096 debugging
!
username all
memory-size iomem 10
ip subnet-zero
!
!
ip domain name hellocomputers.com
ip name-server 4.1.1.1
!
ip audit notify log
ip audit po max-events 100
!
!
!
key chain keyr2
 key 1
  key-string 7 151A0E000825
!
voice call carrier capacity active
!
!
!
!
!
!
!
!
!
mta receive maximum-recipients 0
!
!
!
!
interface Loopback0
 ip address 22.22.22.22 255.255.255.0
!
interface Tunnel0
 ip address 172.16.22.2 255.255.255.0
 tunnel source 150.50.22.2
 tunnel destination 150.50.22.112
!
interface FastEthernet0/0
 ip address 150.50.22.2 255.255.255.0
 ip rip authentication mode md5
 ip rip authentication key-chain keyr2
 duplex auto
 speed auto
!
interface Serial0/0
 no ip address
 encapsulation frame-relay
 frame-relay lmi-type ansi
!
interface Serial0/0.21 point-to-point
 ip address 150.50.12.2 255.255.255.0
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 7 04530E0A032E
 ip ospf network point-to-point
 frame-relay interface-dlci 121
!
interface Serial0/0.23 point-to-point
 ip address 150.50.23.2 255.255.255.0
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 7 130D121E0703
 frame-relay interface-dlci 123
!
interface Serial0/0.24 point-to-point
 ip address 150.50.24.2 255.255.255.0
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 7 011B03085704
 frame-relay interface-dlci 124
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/1
 no ip address
 shutdown
!
router eigrp 100
 network 150.50.0.0
 network 172.16.0.0
 no auto-summary
 no eigrp log-neighbor-changes
!
router ospf 100
 router-id 22.22.22.22
 log-adjacency-changes
 area 1 virtual-link 11.11.11.11
 network 22.22.22.0 0.0.0.255 area 1
 network 150.50.12.0 0.0.0.255 area 1
 network 150.50.23.0 0.0.0.255 area 2
 network 150.50.24.0 0.0.0.255 area 1
!
router rip
 version 2
 passive-interface Serial0/0.21
 passive-interface Serial0/0.23
 passive-interface Serial0/0.24
 network 150.50.0.0
 neighbor 150.50.22.12
 no auto-summary
!
ip classless
ip route 172.16.22.112 255.255.255.255 FastEthernet0/0
ip http server
ip pim bidir-enable
!
!
access-list 2 permit 112.112.112.112
access-list 2 permit 150.50.22.2
!
call rsvp-sync
!
voice-port 1/0/0
!
voice-port 1/0/1
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
alias exec c config t
!
line con 0
line aux 0
line vty 0 4
 login
!
!
end

r2#sh ip route

Gateway of last resort is 150.50.22.12 to network 0.0.0.0

 172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C   172.16.22.0/24 is directly connected, Tunnel0
S   172.16.22.112/32 is directly connected, FastEthernet0/0
 22.0.0.0/24 is subnetted, 1 subnets
C   22.22.22.0 is directly connected, Loopback0
 150.50.0.0/24 is subnetted, 1 subnets
C   150.50.22.0 is directly connected, FastEthernet0/0
R*   0.0.0.0/0 [120/1] via 150.50.22.12, 00:00:03, FastEthernet0/0
r2#
r2#
ts129
[Resuming connection 9 to bb2 ... ]

00:5
bb2#sh ip route


Gateway of last resort is 10.10.112.12 to network 0.0.0.0

 172.16.0.0/32 is subnetted, 1 subnets
S   

OT: Unix and 2511 Access Router [7:73982]

[Dain Deutschman]

Hi group,

I'm curious to know if anyone has used a unix box in the same way as a cisco
2511 terminal server with async octal cable ( in order to access other
device console ports ). One should be able to use the tty lines in unix in
the same way as a 2511 connected to other devices console ports via the
octal async cable right?

Thanks,

Dain




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73982t=73982
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Unix and 2511 Access Router [7:73982]

[Dain Deutschman]

anyone know the pinouts?

Dain Deutschman  wrote in message
news:[EMAIL PROTECTED]
 Hi group,

 I'm curious to know if anyone has used a unix box in the same way as a
cisco
 2511 terminal server with async octal cable ( in order to access other
 device console ports ). One should be able to use the tty lines in unix in
 the same way as a 2511 connected to other devices console ports via the
 octal async cable right?

 Thanks,

 Dain
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74000t=73982
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: What cables need to be used for an AS2511-rj [7:73987]

[Dain Deutschman]

are you referring to an async octal cable to plug into the async connectors
on a 2511? The asyncs look like scsi interfaces.
you connect the async cables to console ports on other serial devices.


Natchaya Radhikulkaralak  wrote in message
news:[EMAIL PROTECTED]
 Hello everyone:

 I am having difficulty finding this out.  Does anyone have a definite
answer
 on what type of cable do I use to connect from (lets say)Port 1, on the
 AS2511-rj, to a 3600/2600/2500 router console port?  I am basically trying
 to set the as2511-rj as a terminal server.

 Is it a straight through cable?
 Is it a roll over cable?
 Is it a special cable?

 Please help a gurl out...
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73999t=73987
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: OSPF Neighbor State is Flapping [7:72874]

[Dain Deutschman]

Figured it out...

It was an mtu mismatch ( router e0 mtu 1500, cat vlan15 mtu 1518 ). A deb
ip ospf adj on r1 revealed the problem. Since changing mtu on lan interface
is not possible in IOS...the interface command ip ospf mtu-ignore allowed
OSPF to deal with the mismatch and just form the adjacency.

The cisco url is:www.cisco.com/warp/public/104/12.pdf

Thanks anyway!

Dain



Dain Deutschman  wrote in message
news:[EMAIL PROTECTED]
 Hi all,

 I have 3 devices on an ethernet segment where all ethernet interfaces are
in
 the same vlan and ospf area 0

 catalyst 3550priority 0rid 1.1.1.1
 router5priority 2 rid 55.55.55.55BDR
 router1priority 3 rid 11.11.11.11DR

 The problem is that the switch keeps changing it's state. For example,
from
 the router 1 perspective I get the following:
 ( sh ip ospf nei command )


 Neighbor ID Pri   State   Dead Time   Address
Interface
 1.1.1.1   0   DOWN/DROTHER   -150.50.15.8
Ethernet0
 55.55.55.55   2   FULL/BDR00:00:35150.50.15.5
Ethernet0

 Neighbor ID Pri   State   Dead Time   Address
Interface
 1.1.1.1   0   EXSTART/DROTHER 00:00:35150.50.15.8
Ethernet0
 55.55.55.55   2   FULL/BDR00:00:38150.50.15.5
Ethernet0

 and on and on, back and forth etc.

 router 5 perspective:


 Neighbor ID Pri   State   Dead Time   Address
Interface
 1.1.1.1   0   EXSTART/DROTHER 00:00:38150.50.15.8
 Ethernet0/0
 11.11.11.11   3   FULL/DR 00:00:30150.50.15.1
 Ethernet0/0

 Neighbor ID Pri   State   Dead Time   Address
Interface
 1.1.1.1   0   DOWN/DROTHER   -150.50.15.8
 Ethernet0/0
 11.11.11.11   3   FULL/DR 00:00:32150.50.15.1
 Ethernet0/0

 ..switch perspective:

 Neighbor ID Pri   State   Dead Time   Address
Interface
 55.55.55.55   2   INIT/DROTHER00:00:33150.50.15.5 Vlan15
 11.11.11.11   3   INIT/DROTHER00:00:39150.50.15.1 Vlan15

 Neighbor ID Pri   State   Dead Time   Address
Interface
 55.55.55.55   2   INIT/DROTHER00:00:37150.50.15.5 Vlan15
 11.11.11.11   3   EXCHANGE/DR 00:00:36150.50.15.1 Vlan15

 Neighbor ID Pri   State   Dead Time   Address
Interface
 55.55.55.55   2   EXCHANGE/BDR00:00:39150.50.15.5 Vlan15
 11.11.11.11   3   EXCHANGE/DR 00:00:39150.50.15.1 Vlan15

 So...it seems as though r1 and r5 are recognizing eachother's roles as dr
 and bdr correctly. But they see the switch as down or init or exchange
 DROTHER.
 The switch however, sees itelf as DROTHER and r1/r5 as DROTHER or
 init/exchange dr and bdr. Here is the output from sh ip ospf int vlan15
on
 the switch:

 Vlan15 is up, line protocol is up
   Internet Address 150.50.15.8/24, Area 0
   Process ID 100, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 1
   Transmit Delay is 1 sec, State DROTHER, Priority 0
   No designated router on this network
   No backup designated router on this network
   Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
 Hello due in 00:00:07
   Index 1/1, flood queue length 0
   Next 0x0(0)/0x0(0)
   Last flood scan length is 0, maximum is 0
   Last flood scan time is 0 msec, maximum is 0 msec
   Neighbor Count is 2, Adjacent neighbor count is 0
   Suppress hello for 0 neighbor(s)

 Then two seconds laterit changes...

 Vlan15 is up, line protocol is up
   Internet Address 150.50.15.8/24, Area 0
   Process ID 100, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 1
   Transmit Delay is 1 sec, State DROTHER, Priority 0
   Designated Router (ID) 11.11.11.11, Interface address 150.50.15.1
   Backup Designated router (ID) 55.55.55.55, Interface address 150.50.15.5
   Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
 Hello due in 00:00:05
   Index 1/1, flood queue length 0
   Next 0x0(0)/0x0(0)
   Last flood scan length is 0, maximum is 0
   Last flood scan time is 0 msec, maximum is 0 msec
   Neighbor Count is 2, Adjacent neighbor count is 0
   Suppress hello for 0 neighbor(s)


 Any ideas?

 Thanks,


 -- 
 Dain Deutschman
 CCNP, CSS-1, MCP, CNA
 Data Communications Manager
 New Star Sales and Service, Inc.






 -- 
 Dain Deutschman
 CCNP, CSS-1, MCP, CNA
 Data Communications Manager
 New Star Sales and Service, Inc.
 800.261.0475
 [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72877t=72874
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OSPF Neighbor State is Flapping [7:72874]

[Dain Deutschman]

Hi all,

I have 3 devices on an ethernet segment where all ethernet interfaces are in
the same vlan and ospf area 0

catalyst 3550priority 0rid 1.1.1.1
router5priority 2 rid 55.55.55.55BDR
router1priority 3 rid 11.11.11.11DR

The problem is that the switch keeps changing it's state. For example, from
the router 1 perspective I get the following:
( sh ip ospf nei command )


Neighbor ID Pri   State   Dead Time   Address Interface
1.1.1.1   0   DOWN/DROTHER   -150.50.15.8 Ethernet0
55.55.55.55   2   FULL/BDR00:00:35150.50.15.5 Ethernet0

Neighbor ID Pri   State   Dead Time   Address Interface
1.1.1.1   0   EXSTART/DROTHER 00:00:35150.50.15.8 Ethernet0
55.55.55.55   2   FULL/BDR00:00:38150.50.15.5 Ethernet0

..and on and on, back and forth etc.

router 5 perspective:


Neighbor ID Pri   State   Dead Time   Address Interface
1.1.1.1   0   EXSTART/DROTHER 00:00:38150.50.15.8
Ethernet0/0
11.11.11.11   3   FULL/DR 00:00:30150.50.15.1
Ethernet0/0

Neighbor ID Pri   State   Dead Time   Address Interface
1.1.1.1   0   DOWN/DROTHER   -150.50.15.8
Ethernet0/0
11.11.11.11   3   FULL/DR 00:00:32150.50.15.1
Ethernet0/0

.switch perspective:

Neighbor ID Pri   State   Dead Time   Address Interface
55.55.55.55   2   INIT/DROTHER00:00:33150.50.15.5 Vlan15
11.11.11.11   3   INIT/DROTHER00:00:39150.50.15.1 Vlan15

Neighbor ID Pri   State   Dead Time   Address Interface
55.55.55.55   2   INIT/DROTHER00:00:37150.50.15.5 Vlan15
11.11.11.11   3   EXCHANGE/DR 00:00:36150.50.15.1 Vlan15

Neighbor ID Pri   State   Dead Time   Address Interface
55.55.55.55   2   EXCHANGE/BDR00:00:39150.50.15.5 Vlan15
11.11.11.11   3   EXCHANGE/DR 00:00:39150.50.15.1 Vlan15

So...it seems as though r1 and r5 are recognizing eachother's roles as dr
and bdr correctly. But they see the switch as down or init or exchange
DROTHER.
The switch however, sees itelf as DROTHER and r1/r5 as DROTHER or
init/exchange dr and bdr. Here is the output from sh ip ospf int vlan15 on
the switch:

Vlan15 is up, line protocol is up
  Internet Address 150.50.15.8/24, Area 0
  Process ID 100, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 1
  Transmit Delay is 1 sec, State DROTHER, Priority 0
  No designated router on this network
  No backup designated router on this network
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:07
  Index 1/1, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 0, maximum is 0
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 2, Adjacent neighbor count is 0
  Suppress hello for 0 neighbor(s)

Then two seconds laterit changes...

Vlan15 is up, line protocol is up
  Internet Address 150.50.15.8/24, Area 0
  Process ID 100, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 1
  Transmit Delay is 1 sec, State DROTHER, Priority 0
  Designated Router (ID) 11.11.11.11, Interface address 150.50.15.1
  Backup Designated router (ID) 55.55.55.55, Interface address 150.50.15.5
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:05
  Index 1/1, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 0, maximum is 0
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 2, Adjacent neighbor count is 0
  Suppress hello for 0 neighbor(s)


Any ideas?

Thanks,


-- 
Dain Deutschman
CCNP, CSS-1, MCP, CNA
Data Communications Manager
New Star Sales and Service, Inc.






-- 
Dain Deutschman
CCNP, CSS-1, MCP, CNA
Data Communications Manager
New Star Sales and Service, Inc.
800.261.0475
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72913t=72874
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OSPF Neighbor State is Flapping [7:72874]

[Dain Deutschman]

Hi all,

I have 3 devices on an ethernet segment where all ethernet interfaces are in
the same vlan and ospf area 0

catalyst 3550priority 0rid 1.1.1.1
router5priority 2 rid 55.55.55.55BDR
router1priority 3 rid 11.11.11.11DR

The problem is that the switch keeps changing it's state. For example, from
the router 1 perspective I get the following:
( sh ip ospf nei command )


Neighbor ID Pri   State   Dead Time   Address Interface
1.1.1.1   0   DOWN/DROTHER   -150.50.15.8 Ethernet0
55.55.55.55   2   FULL/BDR00:00:35150.50.15.5 Ethernet0

Neighbor ID Pri   State   Dead Time   Address Interface
1.1.1.1   0   EXSTART/DROTHER 00:00:35150.50.15.8 Ethernet0
55.55.55.55   2   FULL/BDR00:00:38150.50.15.5 Ethernet0

and on and on, back and forth etc.

router 5 perspective:


Neighbor ID Pri   State   Dead Time   Address Interface
1.1.1.1   0   EXSTART/DROTHER 00:00:38150.50.15.8
Ethernet0/0
11.11.11.11   3   FULL/DR 00:00:30150.50.15.1
Ethernet0/0

Neighbor ID Pri   State   Dead Time   Address Interface
1.1.1.1   0   DOWN/DROTHER   -150.50.15.8
Ethernet0/0
11.11.11.11   3   FULL/DR 00:00:32150.50.15.1
Ethernet0/0

..switch perspective:

Neighbor ID Pri   State   Dead Time   Address Interface
55.55.55.55   2   INIT/DROTHER00:00:33150.50.15.5 Vlan15
11.11.11.11   3   INIT/DROTHER00:00:39150.50.15.1 Vlan15

Neighbor ID Pri   State   Dead Time   Address Interface
55.55.55.55   2   INIT/DROTHER00:00:37150.50.15.5 Vlan15
11.11.11.11   3   EXCHANGE/DR 00:00:36150.50.15.1 Vlan15

Neighbor ID Pri   State   Dead Time   Address Interface
55.55.55.55   2   EXCHANGE/BDR00:00:39150.50.15.5 Vlan15
11.11.11.11   3   EXCHANGE/DR 00:00:39150.50.15.1 Vlan15

So...it seems as though r1 and r5 are recognizing eachother's roles as dr
and bdr correctly. But they see the switch as down or init or exchange
DROTHER.
The switch however, sees itelf as DROTHER and r1/r5 as DROTHER or
init/exchange dr and bdr. Here is the output from sh ip ospf int vlan15 on
the switch:

Vlan15 is up, line protocol is up
  Internet Address 150.50.15.8/24, Area 0
  Process ID 100, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 1
  Transmit Delay is 1 sec, State DROTHER, Priority 0
  No designated router on this network
  No backup designated router on this network
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:07
  Index 1/1, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 0, maximum is 0
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 2, Adjacent neighbor count is 0
  Suppress hello for 0 neighbor(s)

Then two seconds laterit changes...

Vlan15 is up, line protocol is up
  Internet Address 150.50.15.8/24, Area 0
  Process ID 100, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 1
  Transmit Delay is 1 sec, State DROTHER, Priority 0
  Designated Router (ID) 11.11.11.11, Interface address 150.50.15.1
  Backup Designated router (ID) 55.55.55.55, Interface address 150.50.15.5
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:05
  Index 1/1, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 0, maximum is 0
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 2, Adjacent neighbor count is 0
  Suppress hello for 0 neighbor(s)


Any ideas?

Thanks,


-- 
Dain Deutschman
CCNP, CSS-1, MCP, CNA
Data Communications Manager
New Star Sales and Service, Inc.






-- 
Dain Deutschman
CCNP, CSS-1, MCP, CNA
Data Communications Manager
New Star Sales and Service, Inc.
800.261.0475
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72874t=72874
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

HSRP and IPSEC VPN [7:72034]

[Dain Deutschman]

Hi,

Does anyone know if HSRP would be appropriate in the following scenario?

ROUTERA with T1 to corporate office

ROUTERB with IPSEC VPN to Corporate only used as a backup path in case the
T1 on ROUTERA fails


Is there any reason that this will not work or has anyone had experience
with this type of situation?
-- 
Dain Deutschman
CCNP, CSS-1, MCP, CNA
Data Communications Manager
New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72034t=72034
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HSRP and IPSEC VPN [7:72034]

[Dain Deutschman]

..that's what I thought...just needed a sanity check!

Thanks!


MADMAN  wrote in message
news:[EMAIL PROTECTED]
 If router A anb B share an ethernet then sure HSRP was designed
 exactly for this scenerio

Dave

 Dain Deutschman wrote:
  Hi,
 
  Does anyone know if HSRP would be appropriate in the following scenario?
 
  ROUTERA with T1 to corporate office
 
  ROUTERB with IPSEC VPN to Corporate only used as a backup path in case
the
  T1 on ROUTERA fails
 
 
  Is there any reason that this will not work or has anyone had experience
  with this type of situation?


 -- 
 David Madland
 CCIE# 2016
 Sr. Network Engineer
 Qwest Communications
 612-664-3367

 Government can do something for the people only in proportion as it
 can do something to the people. -- Thomas Jefferson




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72039t=72034
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN Partial Connectivity [7:62639]

[Dain Deutschman]

VPN Terminates at the PIX. The problem ended up being that a few internal
hosts did not have thier gateway setup...also...the mail server was a Team
Internet ( appliance )...and it refused to see any other gateway other than
itself...hmmm.
 Anywaywe are providing a work around for the remote user to get his
mailbut after adding a gateway ip and static route to the novell
server...it works. And the adtran TSU had no gateway also...

Thanks for your input though..

Cheers
Albert Lu  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi,

 You mentioned that you were doing static nat on the router, this could
 effect it if the vpn client terminates on the router. The ip addresses
that
 you have statics for is translated to the global IP address, and doesn't
go
 through your vpn, since the access-list in your crypto map doesn't
identify
 it as traffic needing to be encrypted.

 Albert

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 Dain Deutschman
 Sent: Saturday, February 08, 2003 3:49 AM
 To: [EMAIL PROTECTED]
 Subject: VPN Partial Connectivity [7:62639]


 Hi,

 When connecting a vpn via VPN Client 3.x I am able to ping only certain
 addresses...
 192.168.1.180 Server
 192.168.1.10 LAN Station

 But Not Others...
 192.168.1.1 Inside Interface Of PIX
 192.168.1.2 Mail Server
 192.168.1.3 CSU/DSU management address

 I have a vpn setup as follows:

 Vpn Client--INTERNET--1721Router--PIX--LAN

 *The 1721 router is doing static nat to the outside   interface of the
pix.
 The vpn terminates at the pix.

 *I'm using vpngroup to assign ip info to the client.

 * The LAN ip scheme is 192.168.1.0/24 where the first 9 addresses are left
 out of the local dhcp pool

 *The vpn client is getting assigned from local-pool range 192.168.2.1-50

 *I have a route on the pix route inside 192.168.2.0 255.255.255.0
 192.168.1.1

 *The inside interface of the pix is 192.168.1.1

 Here is my config...

 PIX(config)# wr t
 Building configuration...
 : Saved
 :
 PIX Version 6.2(2)
 nameif ethernet0 outside security0
 nameif ethernet1 inside security100
 enable password encrypted
 passwd encrypted
 hostname PIX
 fixup protocol ftp 21
 fixup protocol http 80
 fixup protocol h323 h225 1720
 fixup protocol h323 ras 1718-1719
 fixup protocol ils 389
 fixup protocol rsh 514
 fixup protocol rtsp 554
 fixup protocol smtp 25
 fixup protocol sqlnet 1521
 fixup protocol sip 5060
 fixup protocol skinny 2000
 names
 access-list 101 permit ip 192.168.1.0 255.255.255.0 192.168.2.0
 255.255.255.0
 pager lines 24
 interface ethernet0 10baset
 interface ethernet1 10baset
 mtu outside 1500
 mtu inside 1500
 ip address outside 172.16.2.2 255.255.255.240
 ip address inside 192.168.1.1 255.255.255.0
 ip audit info action alarm
 ip audit attack action alarm
 ip local pool NEWMEX 192.168.2.1-192.168.2.50
 pdm history enable
 arp timeout 14400
 global (outside) 1 172.16.2.3
 nat (inside) 0 access-list 101
 nat (inside) 1 0.0.0.0 0.0.0.0 0 0
 conduit permit icmp any any echo-reply
 conduit permit icmp any any echo
 route outside 0.0.0.0 0.0.0.0 172.16.2.1 1
 route inside 192.168.2.0 255.255.255.0 192.168.1.1 1
 timeout xlate 3:00:00
 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323
 0:05:00 si
 p 0:30:00 sip_media 0:02:00
 timeout uauth 0:05:00 absolute
 aaa-server TACACS+ protocol tacacs+
 aaa-server RADIUS protocol radius
 aaa-server LOCAL protocol local
 no snmp-server location
 no snmp-server contact
 snmp-server community public
 no snmp-server enable traps
 floodguard enable
 sysopt connection permit-ipsec
 no sysopt route dnat
 crypto ipsec transform-set myset esp-3des esp-sha-hmac
 crypto dynamic-map dynmap 10 set transform-set myset
 crypto map mymap 1 ipsec-isakmp dynamic dynmap
 crypto map mymap interface outside
 isakmp enable outside
 isakmp identity address
 isakmp policy 10 authentication pre-share
 isakmp policy 10 encryption 3des
 isakmp policy 10 hash sha
 isakmp policy 10 group 2
 isakmp policy 10 lifetime 86400
 vpngroup vpn address-pool NEWMEX
 vpngroup vpn dns-server x.x.x.y x.x.x.z
 vpngroup vpn default-domain domain.com
 vpngroup vpn split-tunnel 101
 vpngroup vpn idle-time 1800
 vpngroup vpn password
 telnet timeout 5
 ssh timeout 5
 dhcpd address 192.168.1.10-192.168.1.42 inside
 dhcpd lease 3600
 dhcpd ping_timeout 750
 dhcpd enable inside
 terminal width 80
 Cryptochecksum:a71ebfc24ae

 Any ideas?? I'm sort of stumped at this point. Thanks!

 --
 Dain Deutschman
 CCNP, CSS-1, CCNA, MCP, CNA
 Data Communications Manager




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62773t=62639
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VPN Partial Connectivity [7:62639]

[Dain Deutschman]

Hi,

When connecting a vpn via VPN Client 3.x I am able to ping only certain
addresses...
192.168.1.180 Server
192.168.1.10 LAN Station

But Not Others...
192.168.1.1 Inside Interface Of PIX
192.168.1.2 Mail Server
192.168.1.3 CSU/DSU management address

I have a vpn setup as follows:

Vpn Client--INTERNET--1721Router--PIX--LAN

*The 1721 router is doing static nat to the outside   interface of the pix.
The vpn terminates at the pix.

*I'm using vpngroup to assign ip info to the client.

* The LAN ip scheme is 192.168.1.0/24 where the first 9 addresses are left
out of the local dhcp pool

*The vpn client is getting assigned from local-pool range 192.168.2.1-50

*I have a route on the pix route inside 192.168.2.0 255.255.255.0
192.168.1.1

*The inside interface of the pix is 192.168.1.1

Here is my config...

PIX(config)# wr t
Building configuration...
: Saved
:
PIX Version 6.2(2)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password encrypted
passwd encrypted
hostname PIX
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol ils 389
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
fixup protocol skinny 2000
names
access-list 101 permit ip 192.168.1.0 255.255.255.0 192.168.2.0
255.255.255.0
pager lines 24
interface ethernet0 10baset
interface ethernet1 10baset
mtu outside 1500
mtu inside 1500
ip address outside 172.16.2.2 255.255.255.240
ip address inside 192.168.1.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
ip local pool NEWMEX 192.168.2.1-192.168.2.50
pdm history enable
arp timeout 14400
global (outside) 1 172.16.2.3
nat (inside) 0 access-list 101
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
conduit permit icmp any any echo-reply
conduit permit icmp any any echo
route outside 0.0.0.0 0.0.0.0 172.16.2.1 1
route inside 192.168.2.0 255.255.255.0 192.168.1.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323
0:05:00 si
p 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
no sysopt route dnat
crypto ipsec transform-set myset esp-3des esp-sha-hmac
crypto dynamic-map dynmap 10 set transform-set myset
crypto map mymap 1 ipsec-isakmp dynamic dynmap
crypto map mymap interface outside
isakmp enable outside
isakmp identity address
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash sha
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
vpngroup vpn address-pool NEWMEX
vpngroup vpn dns-server x.x.x.y x.x.x.z
vpngroup vpn default-domain domain.com
vpngroup vpn split-tunnel 101
vpngroup vpn idle-time 1800
vpngroup vpn password
telnet timeout 5
ssh timeout 5
dhcpd address 192.168.1.10-192.168.1.42 inside
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd enable inside
terminal width 80
Cryptochecksum:a71ebfc24ae

Any ideas?? I'm sort of stumped at this point. Thanks!

--
Dain Deutschman
CCNP, CSS-1, CCNA, MCP, CNA
Data Communications Manager




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62639t=62639
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

URGENT Frame Relay Encapsulation Failing [7:62614]

[Dain Deutschman]

Hello,

I have a Frame circuit to my service provider who provides internet access
to us. The PVC is active...I'm able to ping the remote peer...however, no
other access to anywhere...further more...the encapsulation is failing on
debug outputshere is the output...

sh frame pvc

PVC Statistics for interface Serial0 (Frame Relay DTE)

  Active Inactive  Deleted   Static
  Local  1000
  Switched   0000
  Unused 0000

DLCI = 114, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0

  input pkts 4100  output pkts 15   in bytes 288952
  out bytes 1560   dropped pkts 0   in FECN pkts 0
  in BECN pkts 0   out FECN pkts 0  out BECN pkts 0
  in DE pkts 0 out DE pkts 0
  out bcast pkts 0 out bcast bytes 0
  5 minute input rate 3000 bits/sec, 6 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
  pvc create time 01:28:58, last time pvc status changed 00:03:08

sh frame map

Serial0 (up): ip x.x.x.x dlci 114(0x72,0x1C20), static,
  IETF, BW = 256000, status defined, active

deb ip packet

01:40:33: IP: s=x.x.x.x (Serial0), d=y.y.y.y (Serial0), len 84, rcvd
3
01:40:33: IP: s=y.y.y.y (local), d=x.x.x.x (Serial0), len 84, sending

01:40:33: IP: s=y.y.y.y (local), d=x.x.x.x(Serial0), len 84, encapsu
lation failed

Basic Encap Settings

encapsulation frame-relay ietf

frame-relay map ip z.z.z.z 114 ietf

frame-relay lmi-type ansi

Thia is very urgent...any help as to what might be happening would be
greatly appreciated!! Thanks!!

--
Dain Deutschman
CCNP, CSS-1, CCNA, MCP, CNA
Data Communications Manager
New Star Sales and Service, Inc.
800.261.0475
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62614t=62614
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Frame Relay...Serial Int Flapping [7:62411]

[Dain Deutschman]

Hi all,

I have a Frame Relay circuit to an adtran ts120 and then v.35 to a
cisco1721. My serial interface keeps flapping

01:11:40: Serial0: attempting to restart
01:11:40: PowerQUICC(0/0): DCD is up.

Line protocol changes to up...then down...and stays down. But debug output
shows the above.

Any ideas?

interface Serial0
 bandwidth 512
 ip address x.x.x.x x.x.x.x
 encapsulation frame-relay IETF
 frame-relay map ip x.x.x.x 114 IETF
 frame-relay lmi-type ansi
--
Dain Deutschman
CCNP, CSS-1, CCNA, MCP, CNA
Data Communications Manager
New Star Sales and Service, Inc.
800.261.0475
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62411t=62411
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX Scenario [7:62047]

[Dain Deutschman]

Ok..thanksi was worried about the public to private ip mapping with NAT
and IPSEC. But since esp does not modify the original header...I should be
fine to have the vpn clients connect to a public ip that is statically
natted to the private ip on the outside pix interface. Right?

Thanks again...

Dain
BJ Rice  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 This isn't entirely correct.  You can have a private IP address on your
 outside interface and have it NAT'd to a public IP address and then
 terminate the tunnel there.  I am assuming this is what you are doing.
Yes
 it can be done.

 Yes it will work with IKE Mode Configuration which is the same
functionality
 of the vpngroup.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62266t=62047
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX Scenario [7:62047]

[Dain Deutschman]

Hello everyone,

I would like to install a PIX behind a router and had some questions...

1. Can the VPN clients connect to a public ip that translates ( static nat )
to the private ip assigned to the outside interface of the PIX?( if i use
esp)

2. Will it work if I use IKE Mode Configuration to auto assign IPs to the
remote clientsor does the vpngroup configuration with PIX v6.01 work
the same way?

Thanks for any suggestions...If i am being to vague I would be happy to
discuss in more detail.

Thanks!
--
Dain Deutschman
CCNP, CSS-1, CCNA, MCP, CNA
Data Communications Manager
New Star Sales and Service, Inc.
800.261.0475
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62047t=62047
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Switching EXAM (Hex Conversion Chart) [7:61108]

[Dain Deutschman]

You should just learn how to convert decimal to hex...then you won't need a
chart.

--
Dain Deutschman
CCNA, CSS-1, MCP, CNA
Data Communications Manager
New Star Sales and Service, Inc.
800.261.0475
Bond, Jeffrey T  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 On the Switching exam, are we provided a HEX conversion chart for
reference?

 thanks in advance

 -Original Message-
 From: Aaron Ajello [mailto:[EMAIL PROTECTED]]
 Sent: Friday, January 10, 2003 8:01 AM
 To: [EMAIL PROTECTED]
 Subject: RE: Switching Exam on Monday 13/1/03 [7:60785]


 Spend a lot of time on MLS.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61228t=61108
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Aironet 350 Access Point and US Robotics USR2216 Cards [7:60843]

[Dain Deutschman]

Hi,

I have an Aironet 350 AP and USR 2216 802.11b cards on the clients. The
signal remains Very Good most of the time...but then totally drops randomly.
The following is part of the log..

01:22:45 (Info): Disassociating [ ], reason Sender is Leaving (has
left) BSS
01:05:27 (Info): Disassociating [  ], reason Not Associated
01::05:26 (Info): Station [x.x.x.x],   roamed

Any ideas why?

--
Dain Deutschman
CCNA, CSS-1, MCP, CNA
Data Communications Manager




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60843t=60843
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Off Topic but interesting - RS networking future? [7:59657]

[Dain Deutschman]

I agree...technology is converging more and moreyou need know r/s,
security, unix, voip, databases, programming, etc
Besides...why would one want to limit oneself only to R/S?

--
Dain Deutschman
CCNA, CSS-1, MCP, CNA
Data Communications Manager
New Star Sales and Service, Inc.
800.261.0475
nrf  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Definitely.  Janitors now use vacuum-cleaners as well as brooms.
  Telephone operators now use keyboards, not patchcords.  Networkers will
  need to know more than just layers 2 and 3.  But there will be a
  continued demand for R/S as part of the networkers job.

 I think you just said the key word right there, the word part - it will
 just be part of a job.  Not like today or the recent past where R/S was a
 job all in itself.


 
  Another point is that bandwidth is not necessarily cheap all over the
  world, Europe is more expensive than the US, and Asia even worse, so
  engineering is required, in fact surely traffic engineering is all the
  rage at the moment.

 Europe may be more expensive than the US, but European providers still
have
 far too much bandwidth than the market demands. After all, look at what
 happened to KPNQwest.

 Actually I find traffic-engineering to be of little importance in today's
 market as a whole, except in certain pockets like in Asia.   Most
providers
 in the world just shrug their shoulders at traffic-engineering.

 
  I guess what I want to say is that when an economy is booming, people
  unrealistically believe it's forever and they will be millionaires by
  next June.  Conversely when the economy is in a trough then people get
  gloomy and believe that they'll never pay off their credit card bills.
  Neither view is realistic.  R/S is not dead, it's sleeping and will wake
  up.  Granted there will not be the insane rush into network builds that
  we saw a few years ago but the wireless boom is around the corner

 Is that the same wireless boom that has basically bankrupted every
European
 telco?

 
  rgds
  Marc




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59657t=59657
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

How many VPN connections supported? [7:56395]

[Dain Deutschman]

Hi group,

Could someone point me to a resource that gives statistics on how many VPN
connections are supported by some of the access routers? ( such as 800,
1600, 1700, 2600 series)

Thanks!

Dain




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=56395t=56395
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Inside Interface accepts DHCP lease...but it has a static [7:55094]

[Dain Deutschman]

There is a router/modem connecting to the ISP using PPoA. This router was in
place and works...the customer just wanted some packet filtering as well (
which the router in place does not provide ). So I am using a Cisco SOHO 71.
E1 is the outside interface which connects to the inside interface of the
existing router. E1 has a static ip of 172.16.0.2 ( there is no ip address
dhcp it is ip address 172.16.0.2 255.255.255.0

E0 has ip address 192.168.0.9 255.255.255.0

There is a static route on the existing ( non Cisco ) router pointing all
192.168.0.0/24 destined traffic back to 172.16.0.2 ( E1 of Cisco ). There is
also a default route on the cisco pointing to 172.16.0.1 ( the inside
interface of the non-cisco router )

The non-cisco router does NAT

INTERNET-WANinterface(non-Cisco Router)172.16.0.1(inside)

|

|
  Win2000Server(DHCP)--|--192.168.0.9(E0)(Cisco SOHO71)172.16.0.2(E1)
  |
  |
LAN

Every few days ( there doesn't seem to be an exact regularity yet),
interface E0's ip address will change. So far it has always changed to
192.168.0.16. If I view the DHCP Manager in Windows 2000 Server, it
indicates that IP address associated with the router.

The config of e0 ( when working normal) looks like this:

Interface Ethernet 0
ip address 192.168.0.9 255.255.255.0

Any ideas???

I think I will configure syslog debugging level and turn on dhcp debugging.
With that I should get at very least the moment that the address
changes...and hopefully some dhcp debug output. I suppose I could also put a
sniffer in and try to detect it.

Thanks


Erick B.  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 That is strange. What type of router and IOS version?

 Just to clarify, the interface has 'ip address x.x.x.x
 y.y.y.y' config and not 'ip address dhcp' with a
 static DHCP assigned address. Being DSL, is it PPPoE
 by chance?

 Does e0 connect to DSL/Internet and e1 to their
 network or vice versa?

 --- Dain Deutschman  wrote:
  Hi all,
 
  I have a problem with a client on a dsl connection.
  Ethernet 0 and 1 both
  have statically assigned IP addresses. I leave the
  customer site and 3 days
  later they call and have no internet. I check the
  router config and E0 has
  the wrong IP address. I check the Win2000 DHCP
  server and that address is
  listed as leased to the router.
 
  Any ideas why the router is allowing this to happen?
 
  --
  Dain Deutschman
  CNA, MCP, CCNA
  Data Communications Manager
 [EMAIL PROTECTED]


 __
 Do you Yahoo!?
 Faith Hill - Exclusive Performances, Videos  More
 http://faith.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55094t=55094
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Inside Interface accepts DHCP lease...but it has a static [7:54998]

[Dain Deutschman]

Hi all,

I have a problem with a client on a dsl connection. Ethernet 0 and 1 both
have statically assigned IP addresses. I leave the customer site and 3 days
later they call and have no internet. I check the router config and E0 has
the wrong IP address. I check the Win2000 DHCP server and that address is
listed as leased to the router.

Any ideas why the router is allowing this to happen?

--
Dain Deutschman
CNA, MCP, CCNA
Data Communications Manager




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=54998t=54998
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Passed MCNS, PIX and VPN! [7:54607]

[Dain Deutschman]

Hey everyone...
I passed MCNS, PIX and VPN last week! Just letting everyone know that this
group is a great learning resource and I use it all the time...it helps!

Thanks!
--
Dain Deutschman
CNA, MCP, CCNA
Data Communications Manager
New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=54607t=54607
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: TACACS/RADIUS on CISCO Router [7:53621]

[Dain Deutschman]

just using a local username database
exchange  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hey,

 is there a possibility to set up a router acting
 as a  radius or tacacs server with local authentication
 without external server ?

 Please let me know

 best regards

 Michael




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=53889t=53621
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: EIGRP authentication. [7:53513]

[Dain Deutschman]

Maybe this is wrong...and not the best thing to do in a production
network...but would a clear ip route * do the trick? I think the problem
is that the routes already exist in the routing table...clearing the
neighbor relationship may not have an effect. I may be off base...please
correct me if that is the case. Dain.

enginedrive2002  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 If Router A and Router B are connected using serial interface, both of
them
 are running EIGRP.

 On Router A, I have configure ip authentication mode eigrp AS# md5 and
ip
 authentication key-chain eigrp AS#  under interface
 configuration mode, also configure the key chain, key-string under
 global configuration mode.

 On Router B, I didn't nothing with EIGRP authentication. Router A and B
 suppose should not be able to set up neighbour relationship, but now
Router
 A and Router can see each other while running show ip eigrp neighbour,
the
 subnet information of Router A also appear in Router B routing table, and
 vice versa.

 Any configuration commands I missed? What debug command I can use to
verify
 the authentication is working or not?

 Thank you for your input!


 E.D.



 __
 Post your ad for free now! http://personals.yahoo.ca




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=53533t=53513
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Telnet session traversing PIX are timingout [7:53490]

[Dain Deutschman]

What happens if you telnet from the pix to the external host...does it
timeout then?

Dain
KM Reynolds  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi,

 I have telnet sessions that orginate on the internal side of a PIX to a
 server on the external side that are timing out (after 60 seconds).  Is
 there a command to increase the timeout period for telnet? If there is
what
 is the max?

 TIA
 KR



 _
 Join the worlds largest e-mail service with MSN Hotmail.
 http://www.hotmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=53534t=53490
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How to manage the pix 501 remotely via telnet or pdm [7:52826]

[Dain Deutschman]

do you have the conduit configured to allow icmp? I think the PIX blocks
icmp unless you specifically open a conduit for it.
Dain
mindiani mindiani  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi  I just installed two PIX 501 with vpn tunnel over the internet for my
 client and I would like to allow telnet and pdm from one site to the
 other. The tunnels are up and I able to send traffic in both directions
 but I cannot telnet into the remote Pix from my PC.I tried the following
 command: telnet 172.16.1.2  255.255.255.255 outside  This command would
 not allow my PC (IP address172.16.1.2) to telnet to the remote site but I
 am able to telnet to my servers behind the PIX. i have the same problem
 with PDM.

 

 Join the worlds largest e-mail service with MSN Hotmail. Click Here




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=52826t=52826
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst 2950 CRC Errors [7:51419]

[Dain Deutschman]

I haven't tried disabling pwrmngmt yet. I'll give it a shot and post the
results. Thanks, Dain.
Frank Jimenez  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Might want to review this:

 http://www.cisco.com/warp/public/473/46.html

 Power management was causing a bunch of issues at one of my customer's
 sites.  Might want to disable it and see if it helps any.

 Frank Jimenez, CCIE #5738
 [EMAIL PROTECTED]

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
 Dain Deutschman
 Sent: Wednesday, August 14, 2002 10:26 PM
 To: [EMAIL PROTECTED]
 Subject: Re: Catalyst 2950 CRC Errors [7:51419]


 Also...I have tested the wiring(basic tester...no NEXT/FEXT or other
 factors...but lengths of cable are under 50ft) and replaced patch
 cables...still no luck. Dain.

 Dain Deutschman  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Hello Everyone,
 
  I have a Cat2950 in a small office throwing up thousands of CRCs,
  input errors and several runts on the port connected to the server.
  Clients are getting disconnected and database on server is constantly
  having to be repaired. The errors always follow the server no matter
  which port I move
 it
  to. Have replaced NIC in server and a few key Wkst. Have also updated
  the NIC drivers. ( Win2000 w/3C905C-TX-M Nics ). I have forced speed
  and
 duplex
  settings and disabled spanning-tree. I'm suspecting dirty power...but
  it
 is
  connected to a UPS ( that only has limited EMI/RFI Filtering ). I
  connect
 a
  3Com unmanaged 8 port switch to the key clients and the server...no
  more problems. Any ideas?!? It's driving me nuts! Thanks in advance...
  --
  Dain Deutschman
  CNA, MCP, CCNA
  Data Communications Manager
  New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=51556t=51419
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Security Labbooks recommendations [7:51394]

[Dain Deutschman]

Security Lab Workbook from www.hellocomputers.com. 16 Labs with remote
access to lab equipment. If you have your own lab...CCIE Lab Practice Kit
( McGraw Hill )However, I'm not a CCIE so take what I say with a grain
of salt. Dain.

Larry Melson  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Anyone have any comments on the Security lab preparation books that are
 available? Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=51418t=51394
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Catalyst 2950 CRC Errors [7:51419]

[Dain Deutschman]

Hello Everyone,

I have a Cat2950 in a small office throwing up thousands of CRCs, input
errors and several runts on the port connected to the server. Clients are
getting disconnected and database on server is constantly having to be
repaired. The errors always follow the server no matter which port I move it
to. Have replaced NIC in server and a few key Wkst. Have also updated the
NIC drivers. ( Win2000 w/3C905C-TX-M Nics ). I have forced speed and duplex
settings and disabled spanning-tree. I'm suspecting dirty power...but it is
connected to a UPS ( that only has limited EMI/RFI Filtering ). I connect a
3Com unmanaged 8 port switch to the key clients and the server...no more
problems. Any ideas?!? It's driving me nuts! Thanks in advance...
--
Dain Deutschman
CNA, MCP, CCNA
Data Communications Manager
New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=51419t=51419
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst 2950 CRC Errors [7:51419]

[Dain Deutschman]

Also...I have tested the wiring(basic tester...no NEXT/FEXT or other
factors...but lengths of cable are under 50ft) and replaced patch
cables...still no luck. Dain.

Dain Deutschman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hello Everyone,

 I have a Cat2950 in a small office throwing up thousands of CRCs, input
 errors and several runts on the port connected to the server. Clients are
 getting disconnected and database on server is constantly having to be
 repaired. The errors always follow the server no matter which port I move
it
 to. Have replaced NIC in server and a few key Wkst. Have also updated the
 NIC drivers. ( Win2000 w/3C905C-TX-M Nics ). I have forced speed and
duplex
 settings and disabled spanning-tree. I'm suspecting dirty power...but it
is
 connected to a UPS ( that only has limited EMI/RFI Filtering ). I connect
a
 3Com unmanaged 8 port switch to the key clients and the server...no more
 problems. Any ideas?!? It's driving me nuts! Thanks in advance...
 --
 Dain Deutschman
 CNA, MCP, CCNA
 Data Communications Manager
 New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=51426t=51419
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: passed BCMSN [7:51070]

[Dain Deutschman]

Congrats!
Deepak Achar  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 hi all
  yestarday i passed BCMSN with a score of 815. not much changed in the
exam.
 i studied   640-504 book. one year back i had cleared routing and remote
 access. by reading all the mails about new version of ccnp, i was bit
 nervous. but after facing the exam, i think not much has changed from 504
to
 604. now i am preparing for CIT.
 Thanks
 deepak n achar
 mcp,ccna
 network engineer
 wipro technologies
 bangalore
 india




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=51101t=51070
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cat2950 VLAN 1 ip address...can't connect [7:50331]

[Dain Deutschman]

Thanks for everyones input. I guess where I was confused is that they
recommend I think in the BCMSN book that VLAN 1 is used for management
purposes only. But I guess that would be in a routed multiple vlan
environment. I guess in a small network with one switch it really does not
matter and vlan 1 could be used for everything right? Could someone clear
that up for me? Thanks. Dain.
Dain Deutschman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Any ideas why I cannot ping or otherwise connect to 192.168.0.8/24..the IP
 address of this Cat2950 Switch??
 I can ping other devices on the network. Thanks for any input.

 !
 version 12.1
 service config
 no service pad
 service timestamps debug uptime
 service timestamps log uptime
 service password-encryption
 !
 hostname UPIJAK
 !
 no logging console
 !
 ip subnet-zero
 no ip finger
 no ip domain-lookup
 !
 !
 !
 interface FastEthernet0/1
  switchport access vlan 100

 interface FastEthernet0/2
  switchport access vlan 100
 !
 interface FastEthernet0/3
  switchport access vlan 100
 !
 interface FastEthernet0/4
  switchport access vlan 100
 !
 interface FastEthernet0/5
  switchport access vlan 100
 !
 interface FastEthernet0/6
  switchport access vlan 100
 !
 interface FastEthernet0/7
  switchport access vlan 100
 !
 interface FastEthernet0/8
  switchport access vlan 100
 !
 interface FastEthernet0/9
  switchport access vlan 100
 !
 interface FastEthernet0/10
  switchport access vlan 100
 !
 interface FastEthernet0/11
  switchport access vlan 100
 !
 interface FastEthernet0/12
  switchport access vlan 100
 !
 interface FastEthernet0/13
  switchport access vlan 100
 !
 interface FastEthernet0/14
  switchport access vlan 100
 !
 interface FastEthernet0/15
  switchport access vlan 100
 !
 interface FastEthernet0/16
  switchport access vlan 100
 !
  interface FastEthernet0/17
  switchport access vlan 100
 !
 interface FastEthernet0/18
  switchport access vlan 100
 !
 interface FastEthernet0/19
  switchport access vlan 100
 !
 interface FastEthernet0/20
  switchport access vlan 100
 !
 interface FastEthernet0/21
  switchport access vlan 100
 !
 interface FastEthernet0/22
  switchport access vlan 100
 !
 interface FastEthernet0/23
  switchport access vlan 100
  duplex half
  speed 10
 !
 interface FastEthernet0/24
  switchport access vlan 100
  duplex full
  speed 100
 !
 interface Vlan1
  ip address 192.168.0.8 255.255.255.0
  no ip route-cache
 !
 no ip http server
 !
 line con 0
  exec-timeout 240 0
  transport input none
 line vty 0 4
 line vty 5 15
  login
 !
 end


 --
 Dain Deutschman
 CNA, MCP, CCNA
 Data Communications Manager
 New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=50373t=50331
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cat2950 VLAN 1 ip address...can't connect [7:50331]

[Dain Deutschman]

I will just put the management vlan to 100. Thank you everyone for your
help! Dain.
Dain Deutschman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Any ideas why I cannot ping or otherwise connect to 192.168.0.8/24..the IP
 address of this Cat2950 Switch??
 I can ping other devices on the network. Thanks for any input.

 !
 version 12.1
 service config
 no service pad
 service timestamps debug uptime
 service timestamps log uptime
 service password-encryption
 !
 hostname UPIJAK
 !
 no logging console
 !
 ip subnet-zero
 no ip finger
 no ip domain-lookup
 !
 !
 !
 interface FastEthernet0/1
  switchport access vlan 100

 interface FastEthernet0/2
  switchport access vlan 100
 !
 interface FastEthernet0/3
  switchport access vlan 100
 !
 interface FastEthernet0/4
  switchport access vlan 100
 !
 interface FastEthernet0/5
  switchport access vlan 100
 !
 interface FastEthernet0/6
  switchport access vlan 100
 !
 interface FastEthernet0/7
  switchport access vlan 100
 !
 interface FastEthernet0/8
  switchport access vlan 100
 !
 interface FastEthernet0/9
  switchport access vlan 100
 !
 interface FastEthernet0/10
  switchport access vlan 100
 !
 interface FastEthernet0/11
  switchport access vlan 100
 !
 interface FastEthernet0/12
  switchport access vlan 100
 !
 interface FastEthernet0/13
  switchport access vlan 100
 !
 interface FastEthernet0/14
  switchport access vlan 100
 !
 interface FastEthernet0/15
  switchport access vlan 100
 !
 interface FastEthernet0/16
  switchport access vlan 100
 !
  interface FastEthernet0/17
  switchport access vlan 100
 !
 interface FastEthernet0/18
  switchport access vlan 100
 !
 interface FastEthernet0/19
  switchport access vlan 100
 !
 interface FastEthernet0/20
  switchport access vlan 100
 !
 interface FastEthernet0/21
  switchport access vlan 100
 !
 interface FastEthernet0/22
  switchport access vlan 100
 !
 interface FastEthernet0/23
  switchport access vlan 100
  duplex half
  speed 10
 !
 interface FastEthernet0/24
  switchport access vlan 100
  duplex full
  speed 100
 !
 interface Vlan1
  ip address 192.168.0.8 255.255.255.0
  no ip route-cache
 !
 no ip http server
 !
 line con 0
  exec-timeout 240 0
  transport input none
 line vty 0 4
 line vty 5 15
  login
 !
 end


 --
 Dain Deutschman
 CNA, MCP, CCNA
 Data Communications Manager
 New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=50392t=50331
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cat2950 VLAN 1 ip address...can't connect [7:50331]

[Dain Deutschman]

Any ideas why I cannot ping or otherwise connect to 192.168.0.8/24..the IP
address of this Cat2950 Switch??
I can ping other devices on the network. Thanks for any input.

!
version 12.1
service config
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname UPIJAK
!
no logging console
!
ip subnet-zero
no ip finger
no ip domain-lookup
!
!
!
interface FastEthernet0/1
 switchport access vlan 100

interface FastEthernet0/2
 switchport access vlan 100
!
interface FastEthernet0/3
 switchport access vlan 100
!
interface FastEthernet0/4
 switchport access vlan 100
!
interface FastEthernet0/5
 switchport access vlan 100
!
interface FastEthernet0/6
 switchport access vlan 100
!
interface FastEthernet0/7
 switchport access vlan 100
!
interface FastEthernet0/8
 switchport access vlan 100
!
interface FastEthernet0/9
 switchport access vlan 100
!
interface FastEthernet0/10
 switchport access vlan 100
!
interface FastEthernet0/11
 switchport access vlan 100
!
interface FastEthernet0/12
 switchport access vlan 100
!
interface FastEthernet0/13
 switchport access vlan 100
!
interface FastEthernet0/14
 switchport access vlan 100
!
interface FastEthernet0/15
 switchport access vlan 100
!
interface FastEthernet0/16
 switchport access vlan 100
!
 interface FastEthernet0/17
 switchport access vlan 100
!
interface FastEthernet0/18
 switchport access vlan 100
!
interface FastEthernet0/19
 switchport access vlan 100
!
interface FastEthernet0/20
 switchport access vlan 100
!
interface FastEthernet0/21
 switchport access vlan 100
!
interface FastEthernet0/22
 switchport access vlan 100
!
interface FastEthernet0/23
 switchport access vlan 100
 duplex half
 speed 10
!
interface FastEthernet0/24
 switchport access vlan 100
 duplex full
 speed 100
!
interface Vlan1
 ip address 192.168.0.8 255.255.255.0
 no ip route-cache
!
no ip http server
!
line con 0
 exec-timeout 240 0
 transport input none
line vty 0 4
line vty 5 15
 login
!
end


--
Dain Deutschman
CNA, MCP, CCNA
Data Communications Manager
New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=50331t=50331
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cat2950 VLAN 1 ip address...can't connect [7:50331]

[Dain Deutschman]

The PC I am pinging from is in VLAN 100. I realize that vlan to vlan
communication requires a router...however, I was under the impression that
the management vlan just worked when you gave it an IP. Much like entering
set interface sc0 192.168.0.8 255.255.255.0 on a set based switch...or ip
address 192.168.0.8 255.255.255.0 on a menu based switch in command mode.
In those situations...you can just ping the ip address of the switch.
I'm not sure why a default gateway would make a difference...if the
management vlan is supposed to act as the switches manageble ip address.
Especially when I'm on the same subnet

Any other ideas?

Dain Deutschman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Any ideas why I cannot ping or otherwise connect to 192.168.0.8/24..the IP
 address of this Cat2950 Switch??
 I can ping other devices on the network. Thanks for any input.

 !
 version 12.1
 service config
 no service pad
 service timestamps debug uptime
 service timestamps log uptime
 service password-encryption
 !
 hostname UPIJAK
 !
 no logging console
 !
 ip subnet-zero
 no ip finger
 no ip domain-lookup
 !
 !
 !
 interface FastEthernet0/1
  switchport access vlan 100

 interface FastEthernet0/2
  switchport access vlan 100
 !
 interface FastEthernet0/3
  switchport access vlan 100
 !
 interface FastEthernet0/4
  switchport access vlan 100
 !
 interface FastEthernet0/5
  switchport access vlan 100
 !
 interface FastEthernet0/6
  switchport access vlan 100
 !
 interface FastEthernet0/7
  switchport access vlan 100
 !
 interface FastEthernet0/8
  switchport access vlan 100
 !
 interface FastEthernet0/9
  switchport access vlan 100
 !
 interface FastEthernet0/10
  switchport access vlan 100
 !
 interface FastEthernet0/11
  switchport access vlan 100
 !
 interface FastEthernet0/12
  switchport access vlan 100
 !
 interface FastEthernet0/13
  switchport access vlan 100
 !
 interface FastEthernet0/14
  switchport access vlan 100
 !
 interface FastEthernet0/15
  switchport access vlan 100
 !
 interface FastEthernet0/16
  switchport access vlan 100
 !
  interface FastEthernet0/17
  switchport access vlan 100
 !
 interface FastEthernet0/18
  switchport access vlan 100
 !
 interface FastEthernet0/19
  switchport access vlan 100
 !
 interface FastEthernet0/20
  switchport access vlan 100
 !
 interface FastEthernet0/21
  switchport access vlan 100
 !
 interface FastEthernet0/22
  switchport access vlan 100
 !
 interface FastEthernet0/23
  switchport access vlan 100
  duplex half
  speed 10
 !
 interface FastEthernet0/24
  switchport access vlan 100
  duplex full
  speed 100
 !
 interface Vlan1
  ip address 192.168.0.8 255.255.255.0
  no ip route-cache
 !
 no ip http server
 !
 line con 0
  exec-timeout 240 0
  transport input none
 line vty 0 4
 line vty 5 15
  login
 !
 end


 --
 Dain Deutschman
 CNA, MCP, CCNA
 Data Communications Manager
 New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=50353t=50331
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Exam Monday [7:49286]

[Dain Deutschman]

I just took this exam and passed. It was more difficult than I thought. I
have some suggestions:

1. If CCIE is in your future...or if you just want a good reference, buy
Routing TCP/IP  Volumes I and II. It goes into more depth with better
explainations than the BSCN book. ( Although if you are taking it on
Monday...I guess it would be kind of hard to buy and read those books in
time! )

2. Know how to configure route redistribution and summarization in different
scenarios. Know which commands go with which protocol and under what
configuration mode and scenario to use them. This is the area of the test
that was hardest for me.

Hope that helps. Dain.

Richard Tufaro  wrote in message
news:[EMAIL PROTECTED]...
 Hey all, got my routing exam on Monday 640-603. Any last minute advice.
Been
 using Boson and Transcender along with reading the Cisco book for 503
threw
 and threw...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49333t=49286
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VPN with Cisco 806 [7:49034]

[Dain Deutschman]

Hi Everyone,

VPN Question: I have a client with 16 small locations ( 2-8 nodes per
location ) that may want to access a Windows Terminal Server at a central
site in the future to run thier database app. Not all the locations have
broadband internet access...although they will within a year or two. The
speed of the broadband is on average around 400-500Kbps ( with the exception
of the dial-up ).
Will a Cisco 806 at the central site and a mix of software VPN clients and
806 routers at the remote sites work? Or would an 806 not be able to keep up
on the performance side? Any suggestions?

--
Dain Deutschman
CNA, MCP, CCNA
Data Communications Manager




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49034t=49034
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN with Cisco 806 [7:49034]

[Dain Deutschman]

Thanks for the advice guys...very helpful. Dain.

Dain Deutschman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi Everyone,

 VPN Question: I have a client with 16 small locations ( 2-8 nodes per
 location ) that may want to access a Windows Terminal Server at a central
 site in the future to run thier database app. Not all the locations have
 broadband internet access...although they will within a year or two. The
 speed of the broadband is on average around 400-500Kbps ( with the
exception
 of the dial-up ).
 Will a Cisco 806 at the central site and a mix of software VPN clients and
 806 routers at the remote sites work? Or would an 806 not be able to keep
up
 on the performance side? Any suggestions?

 --
 Dain Deutschman
 CNA, MCP, CCNA
 Data Communications Manager




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49089t=49034
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF Route Summary [7:49085]

[Dain Deutschman]

I assume that Sydney is the backbone area 0?
10.64.0.0/22 would summarize all subnets in the OSPF network in the backbone

 Sydney 10.64.0.0./22
 Paris 10.64.0.4./23   -Do you mean 10.64.4.0/23?
 LA 10.64.0.6./23  ---Do you mean 10.64.6.0/23?
 NYC 10.64.0.8./23 -Do you mean 10.64.8.0/23?

If this is the case 10.64.4.0/23 would summarize for

10.64.4.0/24 and 10.64.5.0/24 Paris

10.64.6.0/23 would summarize for

10.64.6.0/24 and 10.64.7.0/24 LA

etcetc...

Am I helping or hindering???

Dain

John Brandis  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 G'Day All,

 A client has sent me a list of IP's that are to be used in a new global
 network. Our Global network will IP is 10.64.x.x  . Now, for for each
 office, we will have two networks, for example, Paris is 10.64.4.0 through
 to 10.64.6.0 . The only exception is Sydney, where the client will have 4
 networks, 10.64.0.0-10.64.4.0 . Now I wish to use at each site, subnet
mask
 255.255.255.0 (24bit), however to summarise my routes in OSPF, my superior
 has handed me this


 Sydney 10.64.0.0./22
 Paris 10.64.0.4./23
 LA 10.64.0.6./23
 NYC 10.64.0.8./23


 This looks wrong to me. What am I missing.


 John Brandis



 **

 visit http://www.solution6.com
 visit http://www.eccountancy.com - everything for accountants.

 UK Customers - http://www.solution6.co.uk

 *
 This email message (and attachments) may contain information that is
 confidential to Solution 6. If you are not the intended recipient you
cannot
 use, distribute or copy the message or attachments.  In such a case,
please
 notify the sender by return email immediately and erase all copies of the
 message and attachments.  Opinions, conclusions and other information in
 this message and attachments that do not relate to the official business
of
 Solution 6 are neither given nor endorsed by it.
 *




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49092t=49085
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Class C summarization question [7:48367]

[Dain Deutschman]

Hey everyone,

Thanks for all of your help. I have decided that 16 must be correct since it
makes perfect sense and most of you back that up as well. I think the test
question was just plain wrong. Anyway...I passed the CCNP Routing exam today
so I'm pretty happy. : ) Groupstudy is a great learning resource. Thanks
everyone. Dain.

Dain Deutschman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I'm confused about a practice question for BSCN that I came across:

 Your routing tables are getting very large and you need to configure route
 summarization. How many class C internet addresses can you summarize with
a
 /20 CIDR block?

 Answer: 8

 Would it not be 16? Where am I going wrong?

 --
 Dain Deutschman
 CNA, MCP, CCNA
 Data Communications Manager
 New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48536t=48367
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Class C summarization question [7:48367]

[Dain Deutschman]

One of the choices in the question was 16but 14 was not a choice. Could
it be that since 14 was not a choice that 8 was the closest thing since 16
is possibly wrong because of the 0 subnet? This seems a little off the wall
to me butsometimes those cisco questions are off the wall. Dain.

Bob Timmons  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Firstly, 2 to the power of 4 is 16 (2x2x2x2).

 Secondly, regarding Carl's post, would the answer be 14?  I'm not sure the
 subnet-zero comes into play with CIDR.  I was under the impression it was
 only relevant to subnetting as opposed to summarizing.  Does anyone know
for
 sure?

  I say 8. 2 to the power of 4




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48398t=48367
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Class C summarization question [7:48367]

[Dain Deutschman]

I'm confused about a practice question for BSCN that I came across:

Your routing tables are getting very large and you need to configure route
summarization. How many class C internet addresses can you summarize with a
/20 CIDR block?

Answer: 8

Would it not be 16? Where am I going wrong?

--
Dain Deutschman
CNA, MCP, CCNA
Data Communications Manager
New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48367t=48367
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Class C summarization question [7:48367]

[Dain Deutschman]

Thanks...it's good to know I'm not completely losing my mind. : )
Dain
Dain Deutschman  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I'm confused about a practice question for BSCN that I came across:

 Your routing tables are getting very large and you need to configure route
 summarization. How many class C internet addresses can you summarize with
a
 /20 CIDR block?

 Answer: 8

 Would it not be 16? Where am I going wrong?

 --
 Dain Deutschman
 CNA, MCP, CCNA
 Data Communications Manager
 New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48370t=48367
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Class C summarization question [7:48367]

[Dain Deutschman]

Actually...4 bits makes 16 combinations( 2 to the power of 4 = 16 )
( 4 positions with 2 possibilities per bit position )

Dain
Andy Hoang  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I would say 8 is correct.  4 bits make 8 combinations.

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 Michael L. Williams
 Sent: Monday, July 08, 2002 8:15 PM
 To: [EMAIL PROTECTED]
 Subject: Re: Class C summarization question [7:48367]


 I would say 16 as well.

 Mike W.


 Dain Deutschman  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  I'm confused about a practice question for BSCN that I came across:
 
  Your routing tables are getting very large and you need to configure
route
  summarization. How many class C internet addresses can you summarize
with
 a
  /20 CIDR block?
 
  Answer: 8
 
  Would it not be 16? Where am I going wrong?
 
  --
  Dain Deutschman
  CNA, MCP, CCNA
  Data Communications Manager
  New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48372t=48367
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Class C summarization question [7:48367]

[Dain Deutschman]

FYI for who ever wants to knowA great website for learning subnetting
( actually learning the binary whys and hows instead of shortcuts ) is
www.learntosubnet.com

There are some great free resources...and very good explanations for those
who are just starting to learn it.

Dain
Michael L. Williams  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Wow.  According to my binary math, 4 bits = 16 combinations.

 1 bit = 2 combinations (2^1 = 2)
 2 bits = 4 combinations (2^2 = 4)
 3 bits = 8 combinations (2^3 = 8)
 4 bits = 16 combinations (2^4 = 16)

 Now. when converting from binary to decimal, the 4th bit (from the
 right) has a (decimal) value of 8 (2^[4-1]), but of course when you add
the
 values of the bits from 4 down, you get 8+4+2+1 = 15 (thus giving 16
 combinations, 0 through 15)

 (Too all that have read my posts in the past, now you know why I bitch up
a
 storm when I hear someone encourage someone else to memorize subnetting
 charts and bitswapping charts instead of taking an hour and learning how
 binary actually works... geez)

 Mike W.

 - Original Message -
 From: Andy Hoang
 To: Michael L. Williams ;
 Sent: Monday, July 08, 2002 10:51 PM
 Subject: RE: Class C summarization question [7:48367]


  I would say 8 is correct.  4 bits make 8 combinations.
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
  Michael L. Williams
  Sent: Monday, July 08, 2002 8:15 PM
  To: [EMAIL PROTECTED]
  Subject: Re: Class C summarization question [7:48367]
 
 
  I would say 16 as well.
 
  Mike W.
 
 
  Dain Deutschman  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   I'm confused about a practice question for BSCN that I came across:
  
   Your routing tables are getting very large and you need to configure
 route
   summarization. How many class C internet addresses can you summarize
 with
  a
   /20 CIDR block?
  
   Answer: 8
  
   Would it not be 16? Where am I going wrong?
  
   --
   Dain Deutschman
   CNA, MCP, CCNA
   Data Communications Manager
   New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48376t=48367
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: serial interface down/down or up/down [7:47101]

[Dain Deutschman]

Would creating a loopback plug for the CSU side help to test if the problem
is on the carriers side? In other words, if a up/up (looped) condition is
maintained with a loppback plug...could one assume that it is not a local
problem but the problem of the service provider? Dain.
Priscilla Oppenheimer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Here's the conclusion, since a few people have wondered about it. By the
 way, the question had to do with an external CSU/DSU.

 According to Cisco documentation, a down/down serial interface means the
 router interface cannot determine that CD has been asserted. As mentioned
 earlier, a CSU/DSU acts more like a DSU than a CSU and presents a
 synchronous signal to the router. The CSU/DSU must assert Data Carrier
 Detect (DCD or CD), Data Set Ready (DSR), and Clear to Send (CTS). The
 router, which is playing the DTE role, must assert Data Terminal Ready
 (DTR) and Request to Send (RTS). For all these control leads to be
 asserted, and for the router to recognize that they are asserted, the
 router and CSU/DSU hardware must be operational, and the cabling must be
 properly constructed.

 However, even if all hardware checks out, there are still cases when the
 interface may be down/down or flapping between up/up, up/down, and
 down/down. For example, some CSU/DSUs won't assert CD if the link to the
 carrier is having problems. In these cases, check the CSU/DSU
 configuration. Make sure the right clocking, framing, and encoding are
 configured. If they are correctly configured, then call the service
 provider and work with the provider to isolate the problem.

 Priscilla

 At 03:42 PM 6/22/02, Kevin Cullimore wrote:
 Some wrap-up comments:
 
 Challenged by the incompleteness of the cisco-press materials, I
attempted
 to produce a complete taxonomy mapping configurations/conditions to
 interface/line up/down states. An unimaginably short attention-span cut
that
 short, but I realized that maybe a superset of that information, up/down
 states AND the serial indicators shown at the bottom of the show
interface
 command. That project ended similarly, but I believe that working in the
 other direction might be easier, wherein you tackle the task of
categorizing
 the large set of circumstances responsible for the four interface states
by
 examining the entirety of the output for both interface  controller show
 commands per misconfiguration, and gradually developing a profile for the
 entirety of the show output, allowing patterns to emerege that might
render
 the first line of the show interface command somewhat intelligible.
 
 A real possibility is that the case of the integrated csu/dsu serial
 interface might have to be treated seperately from the the one involving
a
 mere serial interface, due to the lack of interaction with an external
 device for those functions.
 
 The two references that dramatically increased my  understanding of layer
1
 operations are the paradyne 3160 manual and uyless s black's Physical
Layer
 Interfaces and Protocols book.
 
 
 - Original Message -
 From: Priscilla Oppenheimer
 To:
 Sent: 21 June 2002 8:02 pm
 Subject: Re: serial interface down/down or up/down [7:47101]
 
 
   At 07:17 PM 6/21/02, Chuck wrote:
   Priscilla Oppenheimer  wrote in message
   [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I guess the question is too hard for a practice test if NOBODY can
 answer
 it!?

   
   CL: surprise surprise we all THINK we know the answer byt realy we
don't
 ;-
  
   My messages arrived asynchronously, when I meant for them to arrive
   isochronously. ;-) Seriously, they arrived out of order. Despite all
the
   confusion, I do feel like I have an answer now. Thanks to everyone who
   answered.
  
   Priscilla
  
  
  
 Here's the thing: Cisco says that a down/down interface means the
 router
 interface is not sensing a Carrier Detect signal (that is, the CD
is
 not
 active).

 Now, from my studies of V.35 I know that data carrier detect (DCD
or
 CD)
 comes from the DCE side of the V.35 link, carried on pin 8, yadda,
 yadda.
 It comes from the data interface on the DSU side of the CSU/DSU.

 If the router is correctly connected to the CSU/DSU, will it see
CD
 or
   does
 the answer depend on whether the CSU/DSU is also correctly talking
to
 the
 telco?

 Does carrier detect mean literally what it sounds like it means?
 Would
 the CSU/DSU not assert CD if there was a problem on the telco
side?
 And
 hence the router wouldn't see CD and would say the interface was
   down/down.

   
   CL: in my old dial up to the BBS days, I always interpreted carrier
as
   essentially a completed telephone call. I've carried that idea into
 the
 T1
   world I live in now. however, I think we all know the problem with
Frame
 or
   ATM, where the line is up ( i.e. there is carrier ) because of LMI or
 the
   ATM equivalent signalling, so dial backup 

Re: admin distance question [7:47147]

[Dain Deutschman]

If the intent is to route the packets to the external AS, then the eBGP
route would be the most favorable because more likely than not...eBGP is the
routing protocol between autonomous systems. In other words/for example...if
there is more than 1 route to 10.0.0.0/16, which is a network in an external
AS, then the eBGP route should be the prefered route ( since it is an
external AS ). If the network were in the same AS, then an IGP route should
be used but...it wouldn't be in the same AS if it was learned via eBGP. Am I
making sense? Someone please jump in or correct me if I am wrong.
Thanks...Dain.
bergenpeak  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Looking at the administrative distance values for the different
 routing mechanisms.

 Why would eBGP have a lower admin distance for a route than
 if learned via an IGP (like OSPF or ISIS)?  Why wouldn't
 the default behavior be to prefer routes learned from the local
 IGP rather than via eBGP?

 THanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47269t=47147
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: admin distance question [7:47147]

[Dain Deutschman]

Great article. I'm studying for CCNP routingwas looking for real
world/case study examples. This will be very helpful. Thanks! Dain.
Darren Ward  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 There is of course an exception to this rule :)

 BGP Backdoor makes an external route go to an admin distance of 200 so IGP
 routes take precedence without having to change the eBGP distance.

 Case Study at:
 http://www.cisco.com/warp/customer/459/14.html#A14.0

 Darren Ward
 (PGradCS, CCIE #8245, CCNP, CCDP, MCP)


 On Sun, 23 Jun 2002, Dain Deutschman wrote:

  If the intent is to route the packets to the external AS, then the eBGP
  route would be the most favorable because more likely than not...eBGP is
 the
  routing protocol between autonomous systems. In other words/for
 example...if
  there is more than 1 route to 10.0.0.0/16, which is a network in an
 external
  AS, then the eBGP route should be the prefered route ( since it is an
  external AS ). If the network were in the same AS, then an IGP route
should
  be used but...it wouldn't be in the same AS if it was learned via eBGP.
Am
 I
  making sense? Someone please jump in or correct me if I am wrong.
  Thanks...Dain.
  bergenpeak  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   Looking at the administrative distance values for the different
   routing mechanisms.
  
   Why would eBGP have a lower admin distance for a route than
   if learned via an IGP (like OSPF or ISIS)?  Why wouldn't
   the default behavior be to prefer routes learned from the local
   IGP rather than via eBGP?
  
   THanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47274t=47147
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP Prefix List Question [7:47117]

[Dain Deutschman]

Ok...I understand. The book I have here did not explain it very well. I will
definately play around with it in the lab to get a better idea. Thanks!
Dain.
Paulo Roque  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I have developed a method.

 I draw a generic rule like this:

 lenge-value---le-value---32

 For the command  ip prefix-list MYLIST permit prefix/24 ge 25  I put
that
 values on the rule:

 len=24
 ge=25 (values greater than 25 marked with *)
 le= not present

 2425***32

 So the command ip prefix-list MYLIST permit prefix/24 ge 25 match the
 prefix length from 25 to 32.

 
 For the command  ip prefix-list MYLIST permit prefix/24 le 28  I put
the
 values on the rule:

 len=24
 ge= not present
 le= 28 (values lower than 28 marked with *)

 24***2832

 So the command ip prefix-list MYLIST permit prefix/24  le 28 match the
 prefix length from 24 to 28.

 ===
 Finally for the command  ip prefix-list MYLIST permit prefix/24 ge 25 le
 28. I put  the values on the rule:
 len=24
 ge=25
 le=28

 24--25***28--32

 So the command ip prefix-list MYLIST permit prefix/24  ge 25 le 28 match
 the prefix from 25 to 28.

 --
 Eng. Paulo Roque
 Network Engineer Cisco Certified Network Associate
 [EMAIL PROTECTED]


 Dain Deutschman  escreveu na mensagem
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Could someone explain to me what the ge and le options are used for
in
 a
  prefix list statement?
  Example: ip prefix-list MYLIST permit 11.11.11.0/24 ge le
 
  Thanks!
 
  Dain Deutschman
  CNA, MCP, CCNA
  Data Communications Manager
  New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47153t=47117
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP Prefix List Question [7:47117]

[Dain Deutschman]

Could someone explain to me what the ge and le options are used for in a
prefix list statement?
Example: ip prefix-list MYLIST permit 11.11.11.0/24 ge le

Thanks!

Dain Deutschman
CNA, MCP, CCNA
Data Communications Manager
New Star Sales and Service, Inc.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47117t=47117
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Security CCIE lab preparation [7:45524]

[Dain Deutschman]

www.hellocomputers.com sells a great CCIE security lab prep book and 24 hour
rack access. Dain.
. .  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 What is a good lab preparation course for the Security CCIE?  i am aware
 about the ACP4 by Global knowledge and Security prepartion from
ccbootcamp.
 Anyone has taken them and what do you think about this?  And any other lab
 bootcamp besides these two?



 _
 MSN Photos is the easiest way to share and print your photos:
 http://photos.msn.com/support/worldwide.aspx




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45609t=45524
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Materials on Internet. [7:45426]

[Dain Deutschman]

Check out www.hellocomputers.com or contact someone there 877-79 HELLO They
have a great LAB book and www.ciscopress.com Suggested reading materials are
listed under the CCIE program description on cisco's website...many of which
are cisco press books. Dain.

Hosui Tse  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hello,

 Besides the CISCO WebSite and this StudyGroup.  Any good site for study
CCIE?
 I cannot find the books that you guys said which is good for CCIE Study in
 HK.
 Can I find it (Soft copy) on the Net?


 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
 Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45605t=45426
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: teaching CCNA [7:45489]

[Dain Deutschman]

Hi Priscilla,

I used that book amoung others for the exam that I took recently. I did not
run into any switch configuration command questions on the test...only
switching theory..but that does not mean someone else might not get a
question like that. I guess it's my opinion that studying switch configs on
paper is sufficient for the CCNA exam. Although Odom goes into more detail
on many topics than is necessary for the exam...I'm glad I studied the
topics because it is helping me see the bigger picture as I study for the
BSCN exam.

In regards to the router sim...it does allow abbr. I used copy run start,
Ctrl+Z and en. However, the simulation is rather buggy. I had trouble
telnetting to the routers in the simulation. After trying various things
for about 15 minutes it finally worked. Also...it did not save my
configuration completely so I had to re-enter and do a copy run start a
couple of times.

I'm not sure about the Token Ring thing. Hope that helps.

Dain Deutschman
CNA, MCP, CCNA
Data Communications Manager
New Star Sales and Service, Inc.
800.261.0475
[EMAIL PROTECTED]
Priscilla Oppenheimer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I will be teaching a CCNA class next week. I've never taught an intro
class
 before. ;-) The textbook will be Wendell Odom's Cisco CCNA Exam #640-607
 Certification Guide. I didn't choose it, but I'm fine with it. I have
some
 questions, however:

 Wendell covers Catalyst 1900 configuration in quite a bit of detail.
 Cisco's list of topics for 640-607 doesn't include this, so I'm not
 planning to teach it, and in fact, we won't have a switch in the lab
 probably. Will this be OK? Does anyone know if the 640-607 test has
 Catalyst 1900 configuration questions??

 Does anyone know if the test (which now includes router simulation
 questions) allows one to use abbreviations for commands? (such as cop run
 start instead of copy running-config startup-config)?

 Token Ring doesn't support multicast (He says this many times.) I know
 IEEE 802.5 does officially support it. I also know that many Token Ring
 NICs didn't support it in the early 1990s. Didn't they fix that??? I would
 have thought that Token Ring NIC vendors would have added support for
 multicast by now.

 Thanks!

 Priscilla

 

 Priscilla Oppenheimer
 http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45494t=45489
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]