HOST CANT PING TO IT's PUBLIC IP ADDRESS NATTED BY PIX [7:34429]

2002-02-04 Thread Grad Alfons Kanon 

Hi team,

I have host with IP: 10.1.1.5/24 and on the pix I create static NAT as 
200.200.200.239/24. I permit all icmp packet

Can anyone explain why from my host itself, I can't ping to 
200.200.200.239..? Anyone from 10.1.1.0 can ping, and from host can ping to 
200.200.200.239 as well except it's own public IP address from static NAT.


thanks


Grad



PIX Version 6.0(1)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
access-list acl_in permit icmp any any
access-list acl_out permit icmp any any
access-list ipsec permit ip 10.0.0.0 255.0.0.0 10.243.60.0 255.255.255.0
access-list nonat permit ip 10.1.1.0 255.255.255.0 10.1.2.0 255.255.255.0
access-list 101 permit ip 10.0.0.0 255.0.0.0 10.0.0.0 255.0.0.0
interface ethernet0 auto
interface ethernet1 auto
ip address outside 200.200.200.1 255.255.255.0
ip address inside 10.1.1.1 255.255.255.0
ip local pool POOL 10.1.1.240-10.1.1.254
global (outside) 1 200.200.200.240-202.95.84.253
global (outside) 1 200.200.200.254
nat (inside) 0 access-list 101
nat (inside) 1 10.0.0.0 255.0.0.0 0 0
static (inside,outside) 200.200.200.239 10.1.1.5 netmask 255.255.255.255 0 0
access-group acl_out in interface outside
access-group acl_in in interface inside
route outside 0.0.0.0 0.0.0.0 200.200.200.2 1
route inside 10.0.0.0 255.0.0.0 10.1.1.2 1


_
Chat with friends online, try MSN Messenger: http://messenger.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=34429t=34429
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

QoS Configuration Guidelines [7:33714]

2002-01-30 Thread Grad Alfons Kanon 

team,

For Cisco QoS configuration below, which one we should configure on  both 
routers which one is not..?


1. RED/WRED
2. FRTS/GTS
3. rSVP
4. CAR
5. CQ, PQ
6. RTP..?


thanks


Grad

_
Join the worlds largest e-mail service with MSN Hotmail. 
http://www.hotmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=33714t=33714
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

levelling of enable secer can't work [7:33360]

2002-01-27 Thread Grad Alfons Kanon 

Hello team,

I have problem here, I configured two different level of enable password on 
my OHIO router to enable different privilege of accessing the router, but 
seems can't work because when I telnet from Michigan, OHIO is no even 
considered has the enable secret configured

below is the config.



OHIO ROUTER
===
!
hostname Ohio
!
enable secret level 2 5 $1$maWB$LVrsaUTyQGfCjUssdGVAN0
enable secret level 3 5 $6PRD$oza0RE5ve6QdSB3rAVG7h/
!
privilege exec level 3 show version
privilege exec level 2 show interfaces


MICHIGAN ROUTER


Michigan#135.2.56.6
Trying 135.2.56.6 ... Open


User Access Verification

Password:
Michiganen
% No password set



_
Join the worlds largest e-mail service with MSN Hotmail. 
http://www.hotmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=33360t=33360
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CAN NOT PING TO ITSELF ON BRI [7:22030]

2001-10-04 Thread Grad Alfons Kanon 

Helo all,

I configure my router BRI on r1 with:

interface BRI0/0
ip address 122.5.12.1 255.255.255.252
ip directed-broadcast
encapsulation ppp
no ip mroute-cache
dialer idle-timeout 60
dialer map ip 122.6.12.2 name r2 broadcast 456789
dialer load-threshold 128 outbound
dialer-group 1
isdn switch-type basic-5ess
ppp authentication chap
ppp chap hostname rack01
ppp chap password cisco
ppp multilink


and r2:

interface BRI0/0
ip address 122.6.12.2 255.255.255.252
ip directed-broadcast
encapsulation ppp
dialer map ip 122.6.12.1 name rack01 broadcast
dialer-group 1
isdn switch-type basic-5ess
no peer neighbor-route
ppp authentication chap
ppp multilink
end


But from r1 I can only ping to r2 BRI interface, I can't ping to r1 BRI0/0 
(itself)

any clue,

tx,

Grad

_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=22030t=22030
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CAN NOT PING TO ITSELF ON BRI [7:22030]

2001-10-04 Thread Grad Alfons Kanon 

Sorry,

the ip address on bri router is 122.6.12.1 , I made an error, because I 
wrote it manually instead of cut and and paste, becuase this ip address is 
opeartional and confidential...

Grad

PS. thanks any way


From: Schneider, Matt 
To: 'Grad Alfons Kanon' 
Subject: RE: CAN NOT PING TO ITSELF ON BRI [7:22030]
Date: Thu, 4 Oct 2001 08:21:20 -0400

change the ip address on bri1 to 12.6.12.1

-Original Message-
From: Grad Alfons Kanon [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 04, 2001 7:59 AM
To: [EMAIL PROTECTED]
Subject: CAN NOT PING TO ITSELF ON BRI [7:22030]


Helo all,

I configure my router BRI on r1 with:

interface BRI0/0
ip address 122.5.12.1 255.255.255.252
ip directed-broadcast
encapsulation ppp
no ip mroute-cache
dialer idle-timeout 60
dialer map ip 122.6.12.2 name r2 broadcast 456789
dialer load-threshold 128 outbound
dialer-group 1
isdn switch-type basic-5ess
ppp authentication chap
ppp chap hostname rack01
ppp chap password cisco
ppp multilink


and r2:

interface BRI0/0
ip address 122.6.12.2 255.255.255.252
ip directed-broadcast
encapsulation ppp
dialer map ip 122.6.12.1 name rack01 broadcast
dialer-group 1
isdn switch-type basic-5ess
no peer neighbor-route
ppp authentication chap
ppp multilink
end


But from r1 I can only ping to r2 BRI interface, I can't ping to r1 BRI0/0
(itself)

any clue,

tx,

Grad

_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=22170t=22030
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Aux port - Dialer setup question [7:21088]

2001-09-25 Thread Grad Alfons Kanon 

you can use AUX port as the backup of the primary link. The aux port will be 
the

interface asynchrnous xx (you can check the xx by typing show line, and you 
can see which number xx is that)...

so at the primary link, tyou can use:

backup interface async xx


regards

Grad



From: Robert  Fowler 
Reply-To: Robert  Fowler 
To: [EMAIL PROTECTED]
Subject: Aux port - Dialer setup question [7:21088]
Date: Tue, 25 Sep 2001 21:51:20 -0400

While studying for my BCRAN test, I decided to test some of what I learned
however I think I may have hit a bump. I think the problem is you can't put
an aux port into a dialer pool because it doesn't have a physical 
interface.
However for the purpose of this exercise I let you in on what I have
attempted.

I have 2 routers, I have a modem connected to each aux port. The 2 routers
have a link between them, if that link goes down I want 1 router to call 
the
2nd and establish a connection using the aux ports.

Do I have to have an asynch port in order to accomplish this?


Thank You,
Robert Fowler
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=21104t=21088
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

SCORING ON NEW LAB FORMAT [7:20375]

2001-09-19 Thread Grad Alfons Kanon 

Hello all,

Does anyone have any idea, how Cisco will scoring the candidate..? Is it 
still minimum 80?

and is the rule below 20 mark still applied..?


thanks


Grad

_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=20375t=20375
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

QUERY ON IPX WAN [7:19242]

2001-09-10 Thread Grad Alfons Kanon 

Hi all,

need help,

does any one know how to ensure that physical interface on FR connection has 
been point to point..?
I can't find out. I was only able if I am using FR sub interface point to 
point.

thanks

Grad

_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=19242t=19242
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

TO SUMMARIZE LOOPBACK IN OSPF [7:18064]

2001-08-31 Thread Grad Alfons Kanon 

Hello all,

I configure loopback interface with /24 ip address, buat when I put into the 
ospf area, I only see the route /32. I tried to use AREA XX RANGE command, 
but still failed,

any idea how to enable this route bcome /24 ..?


regards

Grad

_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=18064t=18064
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: TO SUMMARIZE LOOPBACK IN OSPF [7:18064]

2001-08-31 Thread Grad Alfons Kanon 

And the other one is for AREA 0, if we use for FR hub and spoke, let says 
using /29, eventhough I summarize it (AREA 0 RANGE command), i still get /29 
on the routing table


  --
  From:   Grad Alfons Kanon[SMTP:[EMAIL PROTECTED]]
  Reply To:   Grad Alfons Kanon
  Sent:   Friday, August 31, 2001 6:01 PM
  To: [EMAIL PROTECTED]
  Subject:TO SUMMARIZE LOOPBACK IN OSPF [7:18064]
 
  Hello all,
 
  I configure loopback interface with /24 ip address, buat when I put into
  the
  ospf area, I only see the route /32. I tried to use AREA XX RANGE 
command,
 
  but still failed,
 
  any idea how to enable this route bcome /24 ..?
 
 
  regards
 
  Grad
 
  _
  Get your FREE download of MSN Explorer at 
http://explorer.msn.com/intl.asp
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=18088t=18064
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

QUERY ON FRAME RELAY: DISABLE FRAME RELAY INARP [7:15586]

2001-08-10 Thread Grad Alfons Kanon 

Hello all,

I found something wierd in my scenario.
I configured my FR switch for fully meshed. I have three routers, A (hub) , 
B and C as the spokes.

But I want to configure the three routers ONLY with partial mesh (hub and 
spoke),

on router A , I configure on Physical interfaces.
on Router B and C, I try with sub interface and DISABLE inverse arp (to 
prevent ip address resolve from B directly to C and vice versa)..

But when I show frame-relay map) on either B and C, I still can see 
resolved IP address with pvc (DLCI) directly connected to each other ( B and 
C)..

and also, when I  show frame-relay pvc, I still can see that the other PVC 
is considered as USAGE

any one can figure out how can I over come this one..?


tx,


Grad

_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=15586t=15586
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: QUERY ON FRAME RELAY, Can't ping to it's own i [7:13875]

2001-07-28 Thread Grad Alfons Kanon 

this make sense, thanks..

Grad

From: Arthur Simplina 
Reply-To: Arthur Simplina 
To: [EMAIL PROTECTED]
Subject: RE: QUERY ON FRAME RELAY, Can't ping to it's own i [7:13875]
Date: Sat, 28 Jul 2001 00:28:01 -0400

I am not an expert in frame relay but let me share my experience in the
classroom lab where we did this exercise on frame relay.

I have the same situation where from the local router I can't ping the
interface that is connected to the frame relay. I also cannot ping the
ethernet ip address of another router in the other frame relay connection.

I was asked that question why I can't ping the local interface with the
frame relay connection. I can't seem to find an answer but managed to say
that since the ping command is on the layer 3 and the serial interface in
encapsulated in frame relay (which is layer 2), so the ping command fails 
as
it cannot locate the layer 3 ip address of the serial interface that is
mapped to the dlci which is layer 2. I hope that it makes sense and you got
my point.

As to why I cannot ping the ethernet ip address of the other router, the
reason is that the ping source ip address carries the serial interface ip
address that is inversed mapped to the frame relay connection which it
cannot locate and that is why it fails. But if I do an extended ping
specifying the source ip address of the ethernet of the local router, the
ping is successful which means that I have a full connectivity across the
frame relay cloud to the other LAN segments of the other routers.

Perhaps, a frame relay expert could clarify this further.

Cheers,

Art S.
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=14045t=13875
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

QUERY ON MOBILE IP [7:14046]

2001-07-28 Thread Grad Alfons Kanon 

Hello all,

I did one mobile ip scenario, but I'm not sure either my config is wrong or 
I tested wrongly.

I have two routers, A and B, A as the HA, and B as the FA.
How I tested is lik this:
I configure my laptop ip address with 130.4.9.2 and gateway is 130.4.9.1, 
and then I moved my laptop to segment 130.4.14.0/24. (All the routing is 
OK),

But when I try to ping 130.4.9.1 (,y home gateway) can't be successfull. I 
can only ping to 130.4.14.1 which is the gateway in FA.


any comments are very appreciated,

Grad




HOME AGENT (HA)


router mobile
interface Ethernet0/1
ip address 130.4.9.1 255.255.255.0
no ip directed-broadcast

ip mobile home-agent broadcast roam-access 5
access-list 5 permit any
ip mobile host 130.4.9.2 130.4.9.10 interface Ethernet0/1



FOREIGN AGENT (FA)

router mobile
ip mobile foreign-agent care-of Ethernet0/1

interface Ethernet0/1
ip address 130.4.14.1 255.255.255.0
no ip directed-broadcast
ip irdp
ip irdp maxadvertinterval 10
ip irdp minadvertinterval 7
ip mobile foreign-service
ip mobile registration-lifetime 3600


FA#sh debug
IP routing:
  IP mobility events debugging is on
  IP mobility for mobile node debugging is on
  IP mobility agent advertisements debugging is on


MobileIP: Ethernet0/1 add 130.4.9.2 rejected
MobileIP: Ethernet0/1 add 130.4.9.2 rejected




_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=14046t=14046
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

QUERY ON FRAME RELAY, Can't ping to it's own interface [7:13862]

2001-07-26 Thread Grad Alfons Kanon 

Hello,

Can anybody explain why we I can't ping to local multipoint sub interface..?

int s0
encapsulation frame relay
frame-relay lmi-type ansi
int 0.1 multipoint
ip add 172.16.1.1 255.255.255.248
frame-relay interface-dlci 200
frame-relay interface-dlci 300

i can't ping to 172.16.1.1 locally,

tx

Grad

_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=13862t=13862
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: QUERY ON FRAME RELAY, Can't ping to it's own inter [7:13875]

2001-07-26 Thread Grad Alfons Kanon 

Thanks,

it doesn't matter whether I use frame relay map and interface dlci, still 
can't ping.

Router A

int s0
encap frame-relay
frame-relay lmi-type ansi
int s0.1 multipoint
ip add 172.16.1.1 255.255.255.248
frame-relay map ip 172.16.1.2 200 broadcast
frame-relay map ip 172.16.1.3 300 broadcast
int s0.2 point-to-point
frame-relay interface-dlci 100
ip add 172.16.2.1 255.255.255.252

so from router A, locally, I can ping to ALL interfaces connected EXCEPT to 
local interface 172.16.1.1 ONLY (for 172.16.2.1 is OK)

grad




From: dragi radovanovic 
Reply-To: dragi radovanovic 
To: [EMAIL PROTECTED]
Subject: RE: QUERY ON FRAME RELAY, Can't ping to it's own inter [7:13862]
Date: Thu, 26 Jul 2001 09:38:09 -0400

Hi!
Maybe you should add a map for it?
Dragi
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=13875t=13875
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

QUERY ON DLSW [7:13188]

2001-07-21 Thread Grad Alfons Kanon 

Hello need Help,

I have three routers:
Router A with ethernet
Router B with Token RIng and Ethernet
Router C with TOken RIng.

How can i configure my routers to guarranty that only TR talk to TR and 
Etehernet to Ethernet , not between them,


Tx

Grad

_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=13188t=13188
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: QUERY ON DLSW [7:13188]

2001-07-21 Thread Grad Alfons Kanon 

Thanks,

I'm using dlsw.
The tricky part that I am not too expert is on router B since it has both TR 
and Eth, so how can I guarranty that Router A to B only ethernet to 
ethernet, and Router B to C only TR...not between them (TR to Eth),

Grad




From: Nigel Taylor 
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: QUERY ON DLSW [7:13188]
Date: Sat, 21 Jul 2001 12:41:51


I guess the first question would be what technologies do you have 
implemented?  Bridging, DLSW... I guess on the most basic level you could 
apply ACLs to limit what media talks to what.

HTH

Nigel

From: Grad Alfons Kanon 
Reply-To: Grad Alfons Kanon 
To: [EMAIL PROTECTED]
Subject: QUERY ON DLSW [7:13188]
Date: Sat, 21 Jul 2001 07:32:43 -0400

Hello need Help,

I have three routers:
Router A with ethernet
Router B with Token RIng and Ethernet
Router C with TOken RIng.

How can i configure my routers to guarranty that only TR talk to TR and
Etehernet to Ethernet , not between them,


Tx

Grad

_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=13191t=13188
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VPN QUERY [7:12068]

2001-07-11 Thread Grad Alfons Kanon 

All,

need help,

I have such scenarios like this.

Router A as the headquesrter connect to router B, C and D, (let says using 
star connection)

Segment A's ethernet: 172.10.0.0
segment B's ethernet: 10.0.0.0
segment C's ethernet: 170.20.0.0
segment D's ethernet: 170.30.0.0

let's assume that all of the WAN interfaces from B C D to A are using /30 
mask and using 170.100.0.0 segment.
Routing protocol is dynsmic (EIGRP or OSPF)

The problem is:

there's one small segment in C router (let says in other ethernet) that has 
10.1.1.0/24.

How can I create a VPN from B to C, so if client from D want to go to 
10.1.1.0 segment, they will go to B first , not direcly go to C.

regards

Grad



_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=12068t=12068
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

IPX debug queries [7:11505]

2001-07-09 Thread Grad Alfons Kanon 

Hello,

Is there anyone know, how to get the IPX network and encapsulation type of 
IPX network from remote router, using debug command locally..?


tx

Grad
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=11505t=11505
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: let's talk about BGP! [7:10297]

2001-06-30 Thread Grad Alfons Kanon 

put on every router:

no synchronization
network x.x.x.x mask y.y.y.y (proper mask for the network should be 
advertised)

grad




From: CiscoG 
Reply-To: CiscoG 
To: [EMAIL PROTECTED]
Subject: let's talk about BGP! [7:10297]
Date: Thu, 28 Jun 2001 14:45:43 -0400

Hello fellow successful Engineer's;

  For all you BGP gurus, I have a situation here. Currently
preparing for my BSCN exam, I have a lab at home that I recently 
implemented
BGP on. With only 3 routers, it worked fantastic! Then I decided that 
wasn't
good enough and now I wanted to setup a Route Reflector. In a Hub and Spoke
topology, I chose to make the Hub router the Router reflector and have the
two spoke routers clients. Performing a show ip bgp neighbor on each
router, displays the correct information and verifies connection is
established. The problem is, not one router is learning any BGP routes! I
will post my basic BGP configuration below just to verify that is correct.
Any ideas on this challenge would be appreciated! Thank you!


-C


(Hub Router)
router bgp 100
network 172.16.0.0
network 172.20.0.0
network 10.0.0.0
neighbor 172.16.0.2 remote-as 100
neighbor 172.16.0.2 route-reflector-client
neighbor 172.20.0.2 remote-as 100
neighbor 172.20.0.2 route-reflector-client

(spoke router 1)
router bgp 100
network 10.0.0.0
network 172.16.0.0
network 172.20.0.0
neighbor 172.16.0.1 remote-as 100

(spoke router 2)
router bgp 100
network 10.0.0.0
network 172.16.0.0
network 172.20.0.0
neighbor 172.20.0.1 remote-as 100
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=10483t=10297
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP Community queries [7:9616]

2001-06-24 Thread Grad Alfons Kanon 

Hello Mike and Bradley,

My mistake, R5 is not in AS300, that should be R4, so I'm asking the 
possibility, how can I configure on R1 (which advertise 10.1.1.0) to send 
community with community 100:10, and then R4 in AS300 will prepend the 
network that is coming with 100:10 community (which is 10.1.1.0) from AS100 
, and prepend it with 1000 2000 3000 (so AS200 will chose R2 (As100) rather 
than AS300 to go to 10.1.1.0




Thanks,

grad

From: Bradley J. Wilson 
Reply-To: Bradley J. Wilson 
To: [EMAIL PROTECTED]
Subject: Re: BGP Community queries [7:9616]
Date: Sat, 23 Jun 2001 08:46:46 -0400

I'm not quite clear on what you're trying to accomplish here.

Since R1 doesn't have any external neighbors, I don't think you'd configure
it to set any community strings.  R5 is not in AS300, and therefore can't
force the routers in AS300 to prepend anything.  It looks like you're 
trying
to force the traffic to 10.1.1.0 (/24?) through either AS200 or AS300, but
again I'm not clear.  Are you trying to set a community string, or prepend
an as-path?




From: Mike 
To: \Grad Alfons Kanon\ 
Subject: Re: BGP Community queries [7:9616]
Date: Sat, 23 Jun 2001 14:49:19 -0400

It seems to me that you are trying to force traffic from AS 300 destined to
10.1.1.0/24 through AS 200, rather then directly to AS 100.  If this is
correct you really don't need to do anything on R5.  The following will
accomplish this:


//Assume R3 is neighor 3.3.3.3 for R1://

route-map pre-pend permit 10
  match ip address prefix-list pre-pend
  set community 100:10
!
!
route-map pre-pend permit 20
  match ip address
!
!
ip prefix-list pre-pend seq 10 permit 10.1.1.0/24
access-list 1 permit any
!
!
//In your router bgp  section//
neighbor 3.3.3.3 route-map pre-pend out
!


Assume R4 is neighbor IP address 4.4.4.4 for R3
Assume R3 is neighbor IP address 33.33.33.33 for R4
route-map pre-pend permit 10
  match community 10:100
  set as-path prepend 1000 2000 3000
!
!
route-map pre-pend permit 20
  match ip address
!
!
ip prefix-list pre-pend seq 10 permit 10.1.1.0/24
access-list 1 permit any

//In your router bgp  section//
neighbor 33.33.33.33 route-map pre-pend in


- Original Message -
From: Grad Alfons Kanon 
Newsgroups: groupstudy.cisco
Sent: Saturday, June 23, 2001 3:04 AM
Subject: BGP Community queries [7:9616]


  Dear All, need help:
 
  Given:
  ==
  As 100 = R1, R2, R3
  AS 200 = R5
  AS 300 = R4
 
  Physical connection:
 
  R3 has three connection: R1, R2 and R4
  R2 has two : R5 and R3
  R4 has two: R3 and R5
 
 
 
  R1 to R2 with IBGP
  R3 to R4 with EBGP
  R3 to R2 with IBGP
  R2 to R5 with EBGP
  R4 and R5 with EBGP
  R3 is route reflector
  R1 will advertise 10.1.1.0
 
  Question:
  How can Iconfigure R1 and R5 so,
  AS300 will prepend with 1000 2000 3000 for network 10.1.1.0 with 
community
  100:10 that coming from AS100..?
 
 
  tx,
 
  Grad
 
 
 
  
_
  Get Your Private, Free E-mail from MSN Hotmail at 
http://www.hotmail.com.
_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com


_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=9715t=9616
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP Community queries [7:9616]

2001-06-23 Thread Grad Alfons Kanon 

Dear All, need help:

Given:
==
As 100 = R1, R2, R3
AS 200 = R5
AS 300 = R4

Physical connection:

R3 has three connection: R1, R2 and R4
R2 has two : R5 and R3
R4 has two: R3 and R5



R1 to R2 with IBGP
R3 to R4 with EBGP
R3 to R2 with IBGP
R2 to R5 with EBGP
R4 and R5 with EBGP
R3 is route reflector
R1 will advertise 10.1.1.0

Question:
How can Iconfigure R1 and R5 so,
AS300 will prepend with 1000 2000 3000 for network 10.1.1.0 with community 
100:10 that coming from AS100..?


tx,

Grad



_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=9616t=9616
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cable PIN OUT for Token Ring Intreface to MBAU [7:7954]

2001-06-11 Thread Grad Alfons Kanon 

Hello all,

Does any one know how to create the UTP cable to connect the Cisco token 
Ring interface to MBAU (Token Ring hub)..?


thanks..

Grad
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=7954t=7954
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE #7354 - for Jeff McCoy [7:3998]

2001-05-11 Thread Grad Alfons Kanon 

and don't forget...
nobody's care about how many times a CCIE to attempt the lab...but the most 
important thing is, they're CCIEs but us, is not...!!!


From: Jack Williams 
Reply-To: Jack Williams 
To: [EMAIL PROTECTED]
Subject: Re: CCIE #7354 - for Jeff McCoy [7:3998]
Date: Thu, 10 May 2001 17:16:27 -0400

Huh?

For future reference, when someone achieves something significant, the
correct response is CONGRATULATIONS!.

I don't know what our friend does for a living, but if I can pass the CCIE
lab on the second try, I'll be very pleased with myself.



--Original Message--
From: Q
To: [EMAIL PROTECTED]
Sent: May 10, 2001 5:08:12 PM GMT
Subject: Re: CCIE #7354 - for Jeff McCoy [7:3998]


Yeah, but what do u do for a living? And do you have any real experience 
and
to what extent? Survey says!

Q

DUNG H. LE  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  May 7-8, 2001 - RTP Lab facility
 
  This was attempt 2. I changed my study habits from attempt 1, and
therefore
  testing technique, for my attempt 2  (you perform like you
  practice..right?).  It paid off. The change was to monotonously ping 
every
  interface IP / IPX address from every router. I made a list of the
addresses
  and ran through all of them from every router. I believe this lack of
  attention to detail is what did me in on attempt one.
 
  Time management was key.  If I didn't know the config off the top of my
  head, I skipped it.  This allowed me to complete the entire day 1 
portion
3
  hours early.  I had 4 areas that I needed to think about, so I saved 
them
  for last.  I methodically approached each of the 4 areas, knocked out 
each
  requirement, and had 1 hour left to do the testing above.  My strategy 
was
  that no matter what, I would take the last hour to test thoroughly, I 
just
  happened to get my 4 items done.  Day 2 was the same way...although only 
3
  hours for the first part, I still had 45 minutes to test it all.
 
  Troubleshooting was by far the most nerve-racking experience.  I had a
  trouble ticket list and was told to find as many problems as I could 
and
  document/fix them (one liners).  Unexpectedly I had to troubleshoot a
  different network than the one I had spent a day and a half configuring.
3
  hours was the time limit to learn a new topology, IP scheme, protocol
  intent, and then fix as much as possible.  I don't feel like I was ready
for
  this, and must have just kept calm enough to manage it.
 
  The waiting is a nerve killer.  You wait before the lab starts about an
hour
  for everything and everyone to get ready.  You wait all night long for
  status on day 1's score.  You wait after day 2 build out...1.5 hours for
  me to find out if you made it to troubleshooting.  Then you wait 
while
  they add up the points and spit a number out of the computer or not.
  Howard  was the best!!! Comic relief goes a long way to ease my
stress,
  and he delivered. I was very comfortable in the RTP environment.
 
  Study material used / frequency:
  Caslow 2nd edition - read it cover to cover once.
  Ccbootcamp labs - practiced daily (almost and minus weekends) for 4
  months 4-6 hours per day on a rack of equipment that was very 
similar
to
  the real thing.  I was very comfortable with what was required of me for
day
  1 and 2 build out.  In retrospect I would have practiced a bit more on
  troubleshooting.  I was not comfortable with this at all and could have
used
  some familiarity with strategy and tactic on this part.
  FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
  Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FAQ, list archives, and subscription info: 
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=4145t=3998
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Back To Back for WIC-1DSU-T1 [7:2058]

2001-04-26 Thread Grad Alfons Kanon 

Hello I have two routers 2620 which has WIC-1DSU-T1 each.
The ports are RJ-45

Can I configure both with back to back, if can, what;s the type of cable 
should I use and how is the config.

tx,

Grad
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=2058t=2058
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Back To Back for WIC-1DSU-T1 [7:2058]

2001-04-26 Thread Grad Alfons Kanon 

thanks,

I've found it,

http://www.cisco.com/warp/customer/471/75.html


From: Joe McCormack 
To: Grad Alfons Kanon 
Subject: Re: Back To Back for WIC-1DSU-T1 [7:2058]
Date: Thu, 26 Apr 2001 06:00:21 -0700

We did this with two 2651s.  I do not remember the exact wiring but CCO had
an article which gave instructions.

Joe

- Original Message -
From: Grad Alfons Kanon 
To: 
Sent: Thursday, April 26, 2001 12:20 AM
Subject: Back To Back for WIC-1DSU-T1 [7:2058]


  Hello I have two routers 2620 which has WIC-1DSU-T1 each.
  The ports are RJ-45
 
  Can I configure both with back to back, if can, what;s the type of cable
  should I use and how is the config.
 
  tx,
 
  Grad
  
_
  Get Your Private, Free E-mail from MSN Hotmail at 
http://www.hotmail.com.
  FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
  Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
 


_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=2096t=2058
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

LAST REMINDER FOR JIM KONIECKI [7:1805]

2001-04-24 Thread Grad Alfons Kanon 

Hello Jim,

I hope that you still keep your promise to send me the CVOICE material as  
the trade-off for MCNS that I have sent U.

I have sent you the soft copy few months ago, but I STILL DIDN'T RECEIVE 
yours.


regards

Grad
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=1805t=1805
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

enabling dynamic routing on AUX Back to back [7:1095]

2001-04-18 Thread Grad Alfons Kanon 

Hello,

I have configured my two routers with AUX back to back:


ip address 192.168.10.1 255.255.255.0
  encapsulation ppp
  set PPP as encapsulation
  async dynamic routing
  async mode dedicatedu
!
line aux 0
  modem InOut
  transport input all
  rxspeed 38400
  txspeed 38400
  flowcontrol hardware


the opposite router is the same except ip address in the same segment.


But I only can configure with static routes. Does any body know how to 
enable dynamic routing (eigrp, rip, etc) in this back to back..?


regards

Grad
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=1095t=1095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VOIP questions - studying for CCIE Written [7:77]

2001-04-10 Thread Grad Alfons Kanon 

Not necessarily...
Let says in FXS env.


if at the opposite site you connect four phones with number 2001, 2001, 2003 
and 2002, you only need to configure one dial peer, but with destination 
pattern using wild card (200.)

regards

Grad



From: "Michael Bambic" 
Reply-To: "Michael Bambic" 
To: [EMAIL PROTECTED]
Subject: VOIP questions - studying for CCIE Written [7:77]
Date: Tue, 10 Apr 2001 13:02:04 -0400

I'm reading the Lammle book on VOIP and it shows a configuration on R1 that
looks like this:

dial-peer voice 2000 voip
destination-pattern 2000
session target ipv4:10.10.10.2

In the diagram the 2000 is a telephone on the otherside of R2 router and
10.10.10.2 is the IP of the next hop address on R2.

In R2 config it uses a command of:
dial-peer voice 2000 voip
destination-pattern 199.
session target ipv4:10.10.10.1

My question is this,
  Do you have to put in a dial-peer command on the router for every single
phone connected? What would a sample config look like if you had R1 with
extensions 1000 through 1999 out 1/0/0 ?

Thanks
Mike Bambic

[GroupStudy.com removed an attachment of type application/ms-tnef which had
a name of winmail.dat]
FAQ, list archives, and subscription info: 
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=177t=77
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Create users in Router

2001-04-05 Thread Grad Alfons Kanon 

!
service password-encryption
username xxx password yyy
!

--- your password will be encrypted then --

Grad



From: "Daniel ma" [EMAIL PROTECTED]
Reply-To: "Daniel ma" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Create users in Router
Date: Thu, 5 Apr 2001 18:44:23 +0800

How to create user with encrypted password? When I type the command
'username  password 7 xxx', it ask for calculated password.
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Wait for dial tone in VoIP

2001-04-03 Thread Grad Alfons Kanon 

Hello group,

I am configuring VoIP over FR, from A (EM) to B (EM) and C (FXO)  with 
(two sub interfaces)..
the dial plan is, user from every location must press dial plan TO GET THE 
TONE from opposite PABX and then it's up to user whether they want to call 
extension or off-premises call.

The problem is, user from A can always get the tone from B and C with 100 % 
success rate, but when user B and C want to call A, they can only get succes 
rate 70 % to get the tone.

I have ensure that all of the config is same. I'm thinking that may be ,the 
router in A can not wait for the ACK from PABX in A too long, so the tone 
sometimes cannot be heard from opposite.

Any idea..?

Grad
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VOIP over FR..how can get the tone from opposite PABX..?

2001-03-06 Thread Grad Alfons Kanon 

Thanks,

I have followed the cable specification from Cisco to EM interface.
But for the grounding, I stick the EM grounding to Cisco chasis.

SO, Is there anything left on the config..?

regards

Grad


From: "Igor Glavanic" [EMAIL PROTECTED]
Reply-To: "Igor Glavanic" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: VOIP over FR..how can get the tone from opposite PABX..?
Date: Tue, 6 Mar 2001 16:20:43 +1100

I have just done the same thing few weeks ago.
Make sure that you have the cables from PBX to EM interfaces made by the
Cisco specification. You can get the wiring details from the 1700 Series
Hardware installation guide or the web.

Cheers.



_
FAQ, list archives, and subscription info: 
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VOIP over FR..how can get the tone from opposite PABX..?

2001-03-05 Thread Grad Alfons Kanon 

I have scenario to install:

Headquarter (HQ) connect to Branch A (A) and B (B) using Frame Relay
HQ using EM conect to PABX HQ and Branch A using EM but Branch B using 
FXO.

We make dial plane like this:

x-111-yyy -- to HQ from the rest
x-222-yyy -- to A from the rest
x-333-yyy -- to B from the rest

x = number that user must dial to get the tone from Voip configured in PABX

yyy = local extension number.

The problem is, when we dial from HQ to Branch A/B, we can only reach the 
user at the opposite site if we dial x-222-yyy / x-333-yyy all at once. We 
can not press x-222 to get the tone from PABX A and then extension number.

How can we configure the router to enable user get the tone from opposite 
PABX after dial 111 or 222 or 333.?

CONFIG in HQ

dial-peer voice 1 pots
destination-pattern 111
port 1/0/0
!
dial-peer voice 222 voip
destination-pattern 222...
session target ipv4:192.168.100.1
!
dial-peer voice 333 voip
destination-pattern 333...
ip precedence 5
session target ipv4:192.168.100.5

voice-port 1/0/0
timing percentbreak 50
operation 4-wire
type 5
signal immediate


regards

Grad
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Where is your promise Jim Koniecki

2001-02-28 Thread Grad Alfons Kanon 

Jim,

I hope that you can keep your promise. I have sent mine to you for trade off 
but I still didn't received yours till now.

Please reply


Grad
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CVOICE 2.0 Beta version

2001-02-20 Thread Grad Alfons Kanon 

Hellooo all,

If somebody has the questions that comeout from CVOICE 2.0 Beta / Real exam, 
I can trade with MCNS 2.0 Beta/ Real exam questions, guarranted !!

Just reply directly to my email

tx..

Grad
_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]