Re: Problem in 2948g switch
Yes, it does defeat the purpose of a Layer 3 switch. But according to the post, the user/customer isn't using layer 3 technologies. In most cases, customers buy Layer3 switches not understanding the capabilities of them and want to use them as a regular switch. To do so, all the ports need to be within the same bridge group. Again, here is a link on how to approach configuring the 2948G-L3 switch. http://www.cisco.com/univercd/cc/td/doc/product/l3sw/2948g-l3/rel_12_0/7wx51 5a/config_g/intfc_cg.htm Also notice under the section Additional Configurations on the Fast Ethernet and Gigabit Ethernet Interfaces, that Cisco states "... can configure the Fast Ethernet and the Gigabit Ethernet ports into a bridge group, which is the recommended configuration, or use the ports as router interfaces." To fix the Microsft Browsing Service problems that could be introduced within a switched environment is a whole other topic. Hopefully, this clears up any questions that people may have. Regards, Don Orlik ""Chuck Church"" <[EMAIL PROTECTED]> wrote in message 004001c02451$c38fb560$ae0a48a6@superdave">news:004001c02451$c38fb560$ae0a48a6@superdave... > Whoa! Doesn't bridging defeat the purpose of buying a layer 3 switch? I'd > only recommend that as a last resort. Get off of Netbeui if you're using > it, and go with IP and WINS. I think this should fix your problem. This > might not fix the problem with MS's crappy Master browser process, but some > creative IP helper statements should help there. > > Good luck; > Chuck Church > CCNP, CCDP, MCNE, MCSE > > **NOTE: New CCNA/CCDA List has been formed. For more information go to > http://www.groupstudy.com/list/Associates.html > _ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Problem in 2948g switch
The problem you are having is very common with the 2948G-L3. The reason your config doesn't work on the L3 Switch and works on a L2 Switch is that the L3 Switch is more like a 48 Port Router. Each Port is "individual". What I mean is that you need to create a bridge group and assign all the ports to that specific bridge group. Here is a link to a Cisco web-site that gives you a sample config. http://www.cisco.com/univercd/cc/td/doc/product/l3sw/2948g-l3/rel_12_0/7wx51 5a/config_g/bridging.htm#23388 Just follow the example on Configuring Bridging. This should solve your problem. Hope that Helps. Regards, Don Orlik Technical Consultant ArQana Technologies Inc. Professional Services Organization Internetworking Practice ""Hitesh Pathak (CSD-BBYRO-RTSG)"" <[EMAIL PROTECTED]> wrote in message EA1BEFF8C198D31183DD00104B233921D82025@MERCURY">news:EA1BEFF8C198D31183DD00104B233921D82025@MERCURY... > Dear group, > I hv a problem- I'm installing one 2948g (L3) switch. My network is windows > NT network with one server & several nodes. But I'm not able to connect to > the server . > with the same setup my L2 switch works fine. Pls tell me that do I need to > do any setup in switch for it to work. What is the diff in L3 & L2 switch. > > > thanks in adv > hp > > **NOTE: New CCNA/CCDA List has been formed. For more information go to > http://www.groupstudy.com/list/Associates.html > _ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: firewall interface
Hello Dennis, Most Firewalls don't allow the ICMP Requests and Echos to go through them. I myself have never used a Nokia Firewall, so I can't give you any direction in that manner. What I can say is that you should verify that ICMP is allowed or permited from the Outside to the inside. Ensure there is an open conduit or something along that line. Hope that helps. Don Orlik ""Dennis Ighomereho"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I would appreciate it if anyone can help me on this.I have a router which > its interface is connected to > nokia firewall.Another interface on the firewall is connected to a switch > which this client machine sits off > > > router(192.168.2.2)--firewall(192.168.2.1) > > firewall > int(192.168.1.254)---switchmachine(192.168.1.20) > > Nat is running on the firewall.The machine has 192.168.1.20 address has an > internet address on the nat. > The problem is that you cant seem to access this machine from the router.Can > anyone help out on this.I can ping as far as the 192.168.2.1 from the > router. > > cheers, > Dennis > _ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > > Share information about yourself, create your own public profile at > http://profiles.msn.com. > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX and NAT
The answer really depends on your Corporate Security Policy. Most security policies want the "physical" addresses of the boxes hidden, so NAT would be used. If there is no security policy, then I wouldn't really worry about using NAT. Again, this could be one of those corporate decisions or a personal one. It is really up to you. If it were me implementing this solution, I would use NAT for sure and most likely private addresses. Regards, Don Orlik. Oscar Rau <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > We are implementing a DMZ which will be using public IP addresses. The > DMZ systems interfacing the PIX interface will have a public IP > addresses and not a private IP addresses. In this case, can GLOBAL/NAT > statements be still used to add any valuable security to the DMZ > systems? Is there any point in using NAT, because we do not have private > > IP addresses to the DMZ systems? > > Any thoughts/ideas for this solution appreciated. > > Thank you in advance. > > Oscar Rau > [EMAIL PROTECTED] > > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: New Track
To make it easier on everyone, here is the link to Cisco's Website. CCNP Track http://www.cisco.com/warp/public/10/wwtraining/certprog/lan/programs/ccnp.ht ml CCDP Track http://www.cisco.com/warp/public/10/wwtraining/certprog/lan/programs/ccdp.ht ml I hope this helps..... Don Orlik "Croyle, James" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Oops, I stand corrected. No more answering emails after a 13 hour day. > > -Original Message- > From: Brian [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 25, 2000 8:44 PM > To: Croyle, James > Cc: '[EMAIL PROTECTED]' > Subject: RE: New Track > > > On Tue, 25 Jul 2000, Croyle, James wrote: > > > There is no relation of either test series to each other, nor for the CCIE > > is it a prerequisite to be a CCNA, or CCNP... Take anything you want in > any > > order! =) > > You must be a CCNA before you are a CCNP > You must be a CCDA and a CCNA before you are a CCDP > > Brian > > > > > Jim Croyle > > CCNA and 2 tests from the professional series... > > > > -Original Message- > > From: Wayne Roan [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, July 25, 2000 6:58 PM > > To: '[EMAIL PROTECTED]' > > Subject: New Track > > [EMAIL PROTECTED] > > > > Group, > > > > I am a CCNA 1.0. Do I have to take the CCNA 2.0 before I can take > > the CCNP 2.0 tests? I know the CCNP 1.0 retires on July 31, 2000, and I > > have not even started on the CCNP. Therefore, I am trying to figure out > if > > my CCNA 1.0 is valid for taking the CCNP 2.0 tests. > > > > Thanks, > > > > Wayne > > > > ___ > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > > FAQ, list archives, and subscription info: http://www.groupstudy.com > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > ___ > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > > FAQ, list archives, and subscription info: http://www.groupstudy.com > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > -- > - > Brian Feeny, CCNA [EMAIL PROTECTED] > 318-222-2638 x 109 http://www.shreve.net/~signal > Network Administrator ShreveNet Inc. (ASN 11881) > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: interesting part 2
Most likely if there is different networks, you may need to use a IP helper address. Take a look at that command because I feel that could be your problem. ""Atif Awan"" <[EMAIL PROTECTED]> wrote in message 010701bfe84f$83c74bc0$050100c0@Tech">news:010701bfe84f$83c74bc0$050100c0@Tech... well the scenario is the same .. 3 routers connected in a hub and spoke topology with the 2620 ( IOS 12.1(1)) as the hub. This time the DHCP is not working across the WAN. it used to work fine before the 2620 came in .. are there any IOS 12.1(1) bugs or something like that which will prevent it from functioning properly. i am also looking it up on the cisco web site but if anyone knows the solution first do post it :) Regards Atif
Cvoice
I just passed CVOICE today and wanted to let everyone that is planning to take the test, know a couple of things. Since there is no exam objectives here are a few things to consider. Understand the IOS commands to implement all Voice Over Technologies. Also, understand the physical hardware including the 2600, 3600, MC3810, and AS5300. Other then that understand the basics for Analog Telephony and Digital Voice Technologies. To study I used the Notes from the Course. Best of Luck to all in whatever you persue. Don Orlik ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: catalyst 5505 question
It looks like that from your show version that the software version running on your sup engine is 4.3. You should go to 5.4 or 5.5. Don <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > > Ladies and gents, > > I received a new module WS-X5234 ( RJ-45 10/100BTX for the catalyst 5505 . > I have not managed to make it work: > > talyst5500-SatFarm (enable) > Catalyst5500-SatFarm (enable) sh module > Mod Module-Name Ports Module-Type ModelSerial-Num > Status > --- --- - - - - -- - > > 1 2 1000BaseLX Supervisor WS-X5530 013385727 ok > 2 2410/100BaseTX Ethernet WS-X5225R 013495146 ok > 3 0 unknown WS-X5234 017585140 > faulty > > Mod MAC-Address(es)Hw Fw Sw > --- -- -- -- - - > --- > 1 00-30-b6-74-18-00 to 00-30-b6-74-1b-ff 3.35.1(2) 4.3(1a) > 2 00-d0-06-9e-c5-10 to 00-d0-06-9e-c5-27 3.34.3(1) 4.3(1a) > 3 00-30-7b-b3-53-e8 1.04.5(2) 0.0 > > Mod Sub-Type Sub-Model Sub-Serial Sub-Hw > --- - -- -- > 1 NFFC+WS-F5531 0013411310 1.0 > 1 uplink WS-U5536 0012761743 1.1 > Catalyst5500-SatFarm (enable) 02/16/2001,05:25:16:SYS-5:Module 3 not > responding. > ..resetting module > > I have surfed cisco's website and that particular module needs supervisor > engine version 4.5. > How do I find out which version I have installed? Can I easily upgrade? > > This is what I get when I issue the command show version: > > Catalyst5500-SatFarm (enable) sh version > WS-C5505 Software, Version McpSW: 4.3(1a) NmpSW: 4.3(1a) > Copyright (c) 1995-1998 by Cisco Systems > NMP S/W compiled on Nov 23 1998, 15:22:34 > MCP S/W compiled on Nov 23 1998, 15:19:30 > > System Bootstrap Version: 5.1(2) > > Hardware Version: 1.0 Model: WS-C5505 Serial #: 066554101 > > Mod Port Model Serial # Versions > --- -- - > 1 2WS-X5530 013385727 Hw : 3.3 > Fw : 5.1(2) > Fw1: 4.4(1) > Sw : 4.3(1a) > 2 24 WS-X5225R 013495146 Hw : 3.3 > Fw : 4.3(1) > Sw : 4.3(1a) > 3 0WS-X5234 017585140 Hw : 1.0 > Fw : 4.5(2) > Sw : 0.0 > >DRAMFLASH NVRAM > Module Total UsedFreeTotal UsedFreeTotal Used Free > -- --- --- --- --- --- --- - - - > 1 32640K 13423K 19217K 8192K 3979K 4213K 512K 108K 404K > > Uptime is 81 days, 3 hours, 39 minutes > Catalyst5500-SatFarm (enable) > > > > > > Regards. > MF > > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cvoice
Does anyone have any pointers or gotchas for the CVoice exam? I am getting to write it next week and would like to know what to look out for? Is there questions on the configuration of ATM, Frame Relay that doesn't deal with the Voice side of things? Any guidance would be much appreciated.. Don Orlik ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN setup
In the frame relay interface use the following command. backup-interface bri0 (or whatever the bri interface is). Configure your ISDN interface the same as you would normally and this should bring up the line if the frame relyay goes down. Don ""Omer Shommo"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Suppose I have router R1 with s0 connected to s0 of router R2 through Frame relay cloud. Both routers have ISDN > interfaces. How do I configure the ISDN interface of R1 to automatically dial R2 in case the serial link is down? > > Omer > > > > > _ > NetZero - Defenders of the Free World > Click here for FREE Internet Access and Email > http://www.netzero.net/download/index.html > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Do I need a RADIUS server for IPsec?
You can use either of the three or you can add the users manually to the router. Depending on the amount of users, you may want to use a TACACS+ Server or something along that line. Don "Patrick Gannon" <[EMAIL PROTECTED]> wrote in message 60B00056DADCD311BC7600508B9B1AC607BBB7@SERVER2">news:60B00056DADCD311BC7600508B9B1AC607BBB7@SERVER2... > > Hello all, > > I am implementing Cisco Secure VPN client v. 1.1 in a client-router > config. The router has IOS firewall feature set with IPsec capability. I > will be using a third-party CA (Verisign). Will I need to implement a > RADIUS, TACAS, or Kerberos server anywhere on my network, or will the router > handle all authentication? > > Thanks in advance, > > Patrick > > Patrick Gannon > Dataprise, Inc. - Enterprise Network Services > [EMAIL PROTECTED] > www.dataprise.com > > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]