Re: IPSec tunnels [7:34742]

2002-02-09 Thread JEK 

Patrick,

What you can also do, is when your within the PIX you can issue the command
"show crypto ipsec sa".  What you're looking for is the Outbound/Inbound
SPI's
(Security Parameters Index) this is a 32bit number that is negotiated
between the
peers during the IPSec SA negotiation.  There are 2 SA's for each IPSec peer
per IP Subnet and they are uni-directional (inbound/outbound).  What you
should
see is on the PIX side your outbound SPI will be equal to the inbound on the
Concentrator side & then on the PIX inbound SPI will be equal to the
outbound
on the Concentrator side.  If these are equal, then you can look at the
IPSec SA
counters with the same command (show crypto ipsec sa) and look at the
traffic
counters, and you should see the enciphering and the deciphering of data on
both
sides.  Such as, use ping with a set packet count and verify on both sides
that the
enciphering/deciphering of data is happening between the 2 peers.  Check
those
out and give us an update.  HTH.  Thanks,

   - jek


"Patrick Donlon"  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi All
>
> I'm looking for some information on how to verify the configuration of a
PIX
> with an IPsec tunnel to a VPN concentrator. I have a tunnel that keeps
> bouncing, I think that instabilities across the internet could be causing
> some of the problems as I see the path changing quite a lot from the
> Netherlands to Dubai. I can't find the command(s), or understand the ones
> I've used, which tells me whether the tunnel is up on the PIX, I can see
> from the concentrator that it's down but I want to know about the PIX too.
> Any other advise is appreciated
>
> Cheers
>
> Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34968&t=34742
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Layer 3 configuration from CAT4000 CWI [7:34736]

2002-02-09 Thread JEK 

I believe that the 8500/6500/6000/5500/5000 are the only Cat's that will do
L3 switching/routing.  HTH.

    - jek


"Cisco Breaker"  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I know that you can create VLAN or enable a port from CWI software inside
> the CAT4000. Is it possible to configure layer3 routing (if you have the
> module SUP3) from the CWI of the CAT4000? Because my customer doesnt want
to
> buy CiscoWorks2000 for only one switch.
>
> Best regards,




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34966&t=34736
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IGRP over EIGRP...How?? [7:33760]

2002-01-30 Thread JEK 

Mike/cisconuts

That's true on the longest match wins, but that's not the exact issue here.
The problem is
that IGRP is classful and EIGRP is classless.  So essentially IGRP will
install the classful
route of 6/8 and EIGRP will install the route of 6.6.6.6/32 into the routing
table.  Cheers,

    - jek


"Mike Bernico"  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Longest match wins over admin distance.  admin distance only breaks a tie
> between two routes of equal length.
>
> Mike
>
> ---
> Mike Bernico [EMAIL PROTECTED]
> Illinois Century Network  http://www.illinois.net
> (217) 557-6555
>
>
> > -Original Message-
> > From: Cisco Nuts [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, January 30, 2002 3:02 PM
> > To: [EMAIL PROTECTED]
> > Subject: IGRP over EIGRP...How?? [7:33760]
> >
> >
> > Hello,
> > I have 3  routers  running  both  Eigrp 1 and Igrp  100.  I
> > configed. a
> > distance  of 4 for Igrp so that it  would  be the  preferred
> > protocol  but
> > the  routing  table shows both Eigrp and Igrp learned route
> > for the same
> > netw.  I am  trying to understand why?  I expected to only
> > see Igrp learned
> > routes since the lower admin  dist.  of 4 would take over
> > Eigrp's  dist.
> > of 90...but it is not apparently so.  Any ideas?  Thank you.
> >
> > Example
> > on RTC:
> > 6.0.0.0/8  is  variably  subnetted,  2  subnets,  2 masks
> > D  6.6.6.6/32 [90/4064] via 192.168.10.241,  00:00:05, Serial0
> > I  6.0.0.0/8  [4/158750] via 192.168.10.241, 00:00:05, Serial
> >
> > Config.  on RTC:!
> > router eigrp 1
> > passive-interface  Ethernet0
> > network 7.0.0.0
> > network 192.168.10.0
> > no auto-summary
> > !
> > router igrp 100
> > passive-interface  Ethernet0
> > network 7.0.0.0
> > network 192.168.10.0
> > distance 4
> > !
> >
> > _
> > Chat with friends online, try MSN Messenger: http://messenger.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33787&t=33760
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: is it possible to bridge accross a tunnel? [7:33567]

2002-01-29 Thread JEK 

Well guys I think that should do it for the config, tell me if anything
looks wrong.
Also as a side note you may also want to use an ACL in the range of 700-799
(MAC Address Acl) to limit what traffic that you want to be sent over the
dlsw
circuits.  I hope this info helps and all my syntax is correct.  Thanks,

- jek

Router A
!
hostname RouterA
dlsw local-peer peer-id 10.10.10.254
dlsw remote-peer 0 tcp 10.10.20.254
dlsw bridge-group 1
!
interface Tunnel0
 ip unnumbered Ethern0
 tunnel source Ethernet0
 tunnel destination 128.29.183.247
!
interface Ethernet0
 ip address 10.10.10.254 255.255.255.0
 bridge-group 1
!
interface Serial0
 ip address 128.29.182.247 255.255.255.252
!
bridge 1 protocol ieee
 bridge 1 route ip
 no bridge 1 bridge ip
!


Router B
!
hostname RouterB
dlsw local-peer peer-id 10.10.20.254
dlsw remote-peer 0 tcp 10.10.10.254
dlsw bridge-group 1
!
interface Tunnel0
 ip unnumbered Ethern0
 tunnel source Ethernet0
 tunnel destination 128.29.182.247
!
interface Ethernet0
 ip address 10.10.20.254 255.255.255.0
 bridge-group 1
!
interface Serial0
 ip address 128.29.183.247 255.255.255.252
!
bridge 1 protocol ieee
 bridge 1 route ip
 no bridge 1 bridge ip
!



 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> how do you configure this with dlsw?
>
> 10.10.10.x --(R1)--(public network)--(R2)---10.10.10.x
>
>
> ""Jason""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Is this something you just want to do for the sake of doing?  If so, I
say
> > have at it.  Will it work, don't know.  I have never tried it.  If you
are
> > looking to do this to fulfill a production requirement I would question
> why
> > you weren't looking at using DLSW?
> >
> > Jason
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> > Eric Waguespack
> > Sent: Tuesday, January 29, 2002 9:38 AM
> > To: [EMAIL PROTECTED]
> > Subject: is it possible to bridge accross a tunnel? [7:33567]
> >
> >
> > ok, I have looked into this, and supposedly the answer
> > is "yes" but the config is "unsupported"
> >
> > here is the network diagram
> >
> >
> > 10.10.10.x --(R1)--(public network)--(R2)---10.10.10.x
> >
> > this is supposed to do it but i can't seem to make it
> > work:
> >
> > >int tunnel 2
> > >no ip addr
> > >tunnel source eth 0
> > >tunnel destination 128.29.183.247
> > >bridge-group 1
> >
> >
> > should this work? what will work? anything? do i need
> > to do l2f instead? what did you have for breakfast?
> >
> > thanks
> >
> > -Eric
> >
> > __
> > Do You Yahoo!?
> > Great stuff seeking new owners in Yahoo! Auctions!
> > http://auctions.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33651&t=33567
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: levelling of enable secer can't work [7:33360]

2002-01-28 Thread JEK 

Grad,

Below your post shows that you're telnetting from Michigan back to Michigan
again.  Don't know if you mis-typed the information for your telnet session
info,
but that is what it looks like.

       - jek

"Grad Alfons Kanon"  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello team,
>
> I have problem here, I configured two different level of enable password
on
> my OHIO router to enable different privilege of accessing the router, but
> seems can't work because when I telnet from Michigan, OHIO is no even
> considered has the enable secret configured
>
> below is the config.
>
>
>
> OHIO ROUTER
> ===
> !
> hostname Ohio
> !
> enable secret level 2 5 $1$maWB$LVrsaUTyQGfCjUssdGVAN0
> enable secret level 3 5 $6PRD$oza0RE5ve6QdSB3rAVG7h/
> !
> privilege exec level 3 show version
> privilege exec level 2 show interfaces
>
>
> MICHIGAN ROUTER
> 
>
> Michigan#135.2.56.6
> Trying 135.2.56.6 ... Open
>
>
> User Access Verification
>
> Password:
> Michigan>en
> % No password set
>
>
>
> _
> Join the worlds largest e-mail service with MSN Hotmail.
> http://www.hotmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33535&t=33360
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Runts and Giants [7:32281]

2002-01-17 Thread JEK 

Pieter,

I would check out the hardware information on CCO about the differences
between the 2 switches.  I do know that the switching matrix is better on
the
2950's and you can actually achieve full line speed on the ports, and there
are
a few other specs that are different than the 2900's but I can't think of
what
they are off the top of my head.  Anyways.  HTH :o)

        - jek

"Pieter Jordaan"  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi
>
> I have a cisco 2924 switch connected to a 6509, the port is configured as
a
> trunk. when I use ISL encaptulation between the switches I get a lot of
> giant frames, and when I use dot1q I get a lot of runts.
>
> If I replace the switch with a 2950 (which only supports dot1q) I dont get
> any runts or giants and all works well. I am experiencing this behaviour
on
> 30 + 2900XL switches but not on any of my 2950's
>
> Any Idea what could be happening here?
>
> Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=32391&t=32281
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IPSec passthrough [7:32338]

2002-01-17 Thread JEK 

Have him check to see if the VPN client has the "Allow IPSec thru NAT mode"
box checked within the settings of the connection entry.

      - jek

"Jim Bond"  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello,
>
> One of my clients use Cisco VPN client behind a
> SpeedStream 5660 DSL router to connect to a 3030 but
> it doesn't work. I remembered seeing "enable IPSec
> passthrough" on other routers, but there is no such
> option on SpeedStream 5660. What's "IPSec
> passthrough"? Does it do anything on the IP packets?
>
> Thanks in advance.
>
> Jim
>
> __
> Do You Yahoo!?
> Send FREE video emails in Yahoo! Mail!
> http://promo.yahoo.com/videomail/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=32385&t=32338
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VLAN's [7:32351]

2002-01-17 Thread JEK 

In your original post as seen below, you said that you didn't want to make
this
routeable between the vlans.  But are you wanting to route the traffic
anywhere
else, cause if you aren't, then just put the following in under the port
config.
"switchport access vlan 1", and you can then put what ever network devices
you
want in that "vlan port" with the same IP Subnet and they will only be able
to talk
with one another.  And then do another, but make it "switchport access vlan
2",
and just put the desired devices you wish to communicate with each other on
the
ports setup that way.  That should work no problem.  But if you are going to
want
to route between the Vlans, then you'll need to run IRB.

Devices in IP Subnet 192.168.0/24 are plugged into the ports setup for
vlan1,
and the devices in IP Subnet 192.168.1/24 are plugged into the port setup
for
vlan2. HTH,

  jek

!
interface FastEthernet0/1
  duplex full
  speed 100
  switchport access vlan 1
!
interface FastEthernet0/2
  duplex full
  speed 100
  switchport access vlan 1
!
interface FastEthernet0/3
  duplex full
  speed 100
  switchport access vlan 2
!
interface FastEthernet0/4
  duplex full
  speed 100
  switchport access vlan 2



" 416South"  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Have a 2948GL 3 and want to set up a vlan but it docs state that you have
to
> set up ISL .  I don't want ISL enabled.  is there a way to just create
VLANS
> like in other L3 switches?  I don't want to make these routeable or
anything
> just L2 VLANS simple VLANS
>
> ie. when I do a "int vlan 400" this would normally create a new vlan and
put
> me into interface mode
>
> when i do a "int vlan ?"  the options are to put in the vlan # but when I
do
> all i get is a wrong command with the famous ^ at the vlan point in the
> command
>
> docs doc's dont seem to give enough info
>
> any Ideas
>
> thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=32384&t=32351
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ipsec set up [7:32130]

2002-01-16 Thread JEK 

Daniel,

You can also do this with a "tunnel" interface and a "loopback"
interface on the router, but that will also depend on what you will
be terminating your IPSec/ISAKMP peer to.  I hope this helps,
if you have any questions please ask.

  - jek


"Daniel Kekai"  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Maybe someone can help me out. I have to configure ipsec on a cisco 2600.
My
> company wants to use this for a vpn to one of our partners. My question is
> how do I configure this using only one ethernet port. (that's all that is
on
> the 2600 we have)
>
> I came up with the following configs for both ends: (not sure if I can do
it
> on one interface)
>
> side-- A:
>
> crypto isakmp policy 1
> authentication pre-share
> hash md5
> group 2
> lifetime 43200
>
> crypto isakmp key TEST address 209.111.111.28
> crypto ipsec transform-set SETNAME esp-3des esp-md5-hmac
> crypto map vpnmap 10 ipsec-isakmp
> set peer 209.111.111.28
> set transform-set form0
> match address 101
>
> interface fastEthernet A_inside
> ip address 199.199.75.x  255.255.255.x
> interface fastEthernet A_outside
> ip address 199.199.75.51 255.255.255.192
> crypto map ourvpnmap
> access-list 101 permit ip 199.199.75.128 0.0.0.63 209.111.111.32
> 0.0.0.31
>
>
>
> side-- B:
>
> crypto isakmp policy 1
> authentication pre-share
> hash md5
> group 2
> lifetime 43200
>
> crypto isakmp key TEST address 199.199.75.51
> crypto ipsec transform-set SETNAME esp-3des esp-md5-hmac
> crypto map vpnmap 10 ipsec-isakmp
> set peer 199.199.75.51
> set transform-set form0
> match address 101
>
> interface fastEthernet B_inside
> ip address 209.111.111.x  255.255.255.x
> interface fastEthernet B_outside
> ip address 209.111.111.28 255.255.255.224
> crypto map ourvpnmap
> access-list 101 permit ip 209.111.111.32 0.0.0.31 199.199.75.128
> 0.0.0.63
>
> any help would be appreciated...
>
> thanks
> -d
>
>
> _
> Join the worlds largest e-mail service with MSN Hotmail.
> http://www.hotmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=32238&t=32130
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX with no NAT [7:31353]

2002-01-14 Thread JEK 

there are different situations when you will want to do what you are doing,
but here's a quick breakdown.

"nat (inside) 0 access-list not-nated" [1]
"nat (inside) 1 0.0.0.0 0.0.0.0 0 0" [2]
"access-list not-nated permit ip IP_not_nated_to_the_Internet
Subnet_Mask_of_device_not_nated any" [3]
"global (outside) 1 IP_Address_used_for_PAT_pool" [4]

[1] Traffic NOT Nat'd defined by the ACL "not-nated"
[2] Traffic Nat'd when outbound to the Internet (0.0.0.0 0.0.0.0 0 0 =
everybody)
[3] Source IP's that are NOT to be NAT'd when sending outbound traffic to the
Internet
[4] Devices on the (inside) Lan will use this IP Address as their Source IP
using PAT
 when accessing the Internet

What this will do is NOT 'NAT' the devices accessing the Internet that are in
the ACL "not-nated", and it
will then NAT everybody else to the IP Address that is PAT (Port Address
Translated) since you will be
allowing everybody else with the "0.0.0.0 0.0.0.0 0 0" of the "nat (inside)
1"
config command.  You also
can use an ACL on the "nat (inside) 1 access-list do-nat", and specify what
devices get NAT'd when sending
outbound traffic to the Internet.  I hope this information helps.  If you
have
any questions feel free to ask.

Thanks and there's my $0.02,

 - jek


"Allen May"  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> By default all outbound connections are enabled and all inbound are
blocked.
>
> - Original Message -
> From: "Philip Sousa"
> To:
> Sent: Wednesday, January 09, 2002 12:32 AM
> Subject: PIX with no NAT [7:31353]
>
>
> > I've been on Cisco's site for hours, but cannot find a conclusive answer
> to
> > my question.  When you disable NAT (NAT 0) to allow the use of public
IP's
> > behind the PIX, are the internal nodes allowed to start outbound
> connections
> > by default??  I need to selectively allow nodes behind the firewall to
> start
> > outbound connections on certain porthow should I accomplish this?
> > Access-lists?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31941&t=31353
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Layer 3 (2948G-L3) switching question

2000-10-09 Thread JEK 

Are you going to creat multiple Vlans at the remote locations or
are you wanting to route between vlans over Serial links; cause
you can't do that..If you just going to implement Vlans at the
remotes I would get some 2900XL-EN's or some 3500XL-EN's
this would do the job just fine.

HTH,

JEK
"Jeff Walzer" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have 4 remote offices that have the 2620 router installed but need the
> capability to use and route between VLANs. Being that the lowest router
> required to route between VLANs is the 3600 series (please correct me if I
> am wrong) I was considering buying the 2948G-L3 for these sites. Would
this
> be a good solution? These remote offices will have various projects going
on
> using people from other companies and I want to keep their traffic
separate
> from our internal network traffic.
>
> Thanks,
> Jeff
>
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: LAYER 3 SWITCHING

2000-10-08 Thread JEK 

FRS,

Layer 3 Switching, is not a situation when the CPU isn't involvedThat is
Fast Switching, This is actually when routing information is stored in CACHE
memory and it is processed without running as many interrupts to the
CPU.
And YES L3 switching does have everything to do with L2 frames.If it
didn't then switches wouldn't be involved[ Layer 3 Switching ] consists
of
the MLSP Protocol < Muli-Layer Switching Protocol >...What happens is
when you have a < Switch(s) / Router > where the Switches have redundant
connections to one another and you are running Vlans between the Switches,
what do they have to do to get to the other Vlan; they have to go to the
router
for the packe to be routed since our Vlans are on different subnets.Well
what happens is that your switches build a CACHE entry in their MLS Cache
and from the information that's in the packet that's stripped they see what
port
that it was sent out, and they also have the MAC Addresses of the
Destination /
Source / Port #; just depending on if your running Dst / Src / Port Layer
Switching.
They then add this to their CACHE entry database and they then switch the
packets from there on.Also there is a limited time that this information
will
stay in the L3 Cache Database ( 256 seconds ) if I remember correctly.
Your able to base the switching on Destination / Destination-Source /
Destination-Source-Port so then you would actually be doing L4
Switching.
HTH.

JEK



"FRS" <[EMAIL PROTECTED]> wrote in message 8qu1br$9th$[EMAIL PROTECTED]">news:8qu1br$9th$[EMAIL PROTECTED]...
> I need some help in understanding Layer 3 Switching.
>
> 1. What does the process Layer 3 switching refer to?
>
> 2. Is it packets or frames being switched out of interfaces or ports?
>
> 3. Using the 2948G-L3 as an example, how is the switching determined - by
> Routing table or CAM table?
>
> All help is appreciated.
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ISDN BRI Dialer Problem

2000-09-23 Thread JEK 

Kari,

The first thing that I would look at would be the spids that your
sending to the switch as it shows that they are INVALID.You
know that your switch type is correct and fine in that your receiving
TEI = Terminal Endpoint Identifiers from the switch on that part.
how did you configure the SPIDS on the config.Could you post a
config of some sort as this looks to be the problem, or before you do
that check with Telco to see if they are seeing the correct SPIDS
coming from the CPE Equipment.If they aren't then shut down the
interface and then bring it back up, and see what happens.You may
have to reload the router.If they are seeing the correct SPID's in the
ISDN switch coming from the router then verify them with what you have
programmed in the router then T/S as you would normally.Also listen
to what Rodgers Moore was saying as I know that in the major cities in
Texas, they are about to start going to the 10-Digit Dial plan also.Hope
this helps.

Also do you have the spids programmed as follows

 isdn spid1 <3 digit area code>< 7 digit dial number >< 4 digit trailing 0's
or 1's or 01's > < LDN >
 isdn spid2 <3 digit area code>< 7 digit dial number >< 4 digit trailing 0's
or 1's or 01's > < LDN >

ex:
 isdn spid1 9995550101 555
 isdn spid2 9995550101 555



-jek-


"Kari Nurdin" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi All, I need help,
>
> I have a central site and a remote site in a ISDN BRI bridged environment.
> I have over and over verified the configuration and it all looks fine. I
> have a number of installs that are similar configurations and they all
> function(I have compared the configs).
>
> I am not able to connect, the following message echos:
> "02:37:133143986176: %ISDN-4-INVALID_CALLEDNUMBER: Interface BR0, Ignoring
> call, LDN and Called Party Number mismatch
> 02:37:14602064: %ISDN-4-INVALID_CALLEDNUMBER: Interface BR0, Ignoring

> call, LDN and Called Party Number mismatch
> 02:37:158913789952: %ISDN-4-INVALID_CALLEDNUMBER: Interface BR0, Ignoring
> call, LDN and Called Party Number mismatch
> "
>
> When running the debug dialer command the following message echos:
> "02:35:28: BRI0 DDR: Dialing cause bridge (0xE0E0)
> 02:35:28: BRI0 DDR: Attempting to dial 9965
> 02:35:141733920768: BRI0: wait for isdn carrier timeout, call id=0x8276
> 02:35:33: BRI0 DDR: Dialing cause bridge (0xE0E0)"
>
> I am researching this problem(looking over all my books), I have spoke to
> the telco and they say all is good, show isdn status shows:
> Georgian_H1#show isdn stat
> Global ISDN Switchtype = basic-ni
> ISDN BRI0 interface
> dsl 0, interface ISDN Switchtype = basic-ni
> Layer 1 Status:
> ACTIVE
> Layer 2 Status:
> TEI = 79, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED
> TEI = 80, Ces = 2, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED
> TEI 79, ces = 1, state = 8(established)
> spid1 configured, spid1 sent, spid1 NOT valid
> TEI 80, ces = 2, state = 8(established)
> spid2 configured, spid2 sent, spid2 NOT valid
> Layer 3 Status:
> 0 Active Layer 3 Call(s)
> Activated dsl 0 CCBs = 1
> CCB:callid=82A0, sapi=0, ces=1, B-chan=2, calltype=DATA
> The Free Channel Mask:  0x8001
> Total Allocated ISDN CCBs = 1
> Georgian_H1
>
> I don't want to make this post to long, however, if anyone has any ideas.
> Thanks in advance.
>
> P.S. This problem is a good one for me because I am currently studing for
> the BCRAN.
>
> Kari
> CCNA CCDA
>
> _
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
> Share information about yourself, create your own public profile at
> http://profiles.msn.com.
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Secondary IP for Catalyst switches?

2000-09-17 Thread JEK 

Regardless, the Issue here is giving a Switch a << secondary ip address >>
on the
interface, which is pointless.Question to the Question is WHY?.When
you give
your switch an ip address it's only just an IP Address to remotely connecty
to the
switch to run diags on it thru a < telnet/ rlogin/ lat/ etc... > If the NT
Administrator
is trying to blame the network; and he doesn't understand that Switches run
on
Layer-2 then it sounds like he needs to go back to school or take the lovely
MS Networking Essentials < ha, ha, ha > or get some actual network
experience..
Since we all know that the Lan Admins are always right and that it's always
a network
problem so us Network Admins have to deal with it over and over...Okay
Okay, back
to the Question in Question here.If you put a Secondary IP Address on
the switch it's
not doing anything for the Network itself; unless your using a L3
switch.The reason
being is that the Switch is L2 and the Router-L3.Your PC/Server doesn't
have a GW
of the Switch does it (( NO )).Then why use up more IP's just cause the
Lan Admin doesn't know
how to network.I mean if he's trying to blame it on the Network then
replace the Switch
with a hub; it's going to do basically the same thing other than the Switch
is more sophiscated
and will have a better broadcast domain and cut down on those goodies.So
if the Lan Admin
wants to argue with that then tell him to go back to school and LEARN how
Networks really
function and then he can give you a reason of why it would be a network
problem and not
the NT Server's problem..Well there's my $0.02.Hope this helps.

JEK


"Derek Chung" <[EMAIL PROTECTED]> wrote in message
8q2dfl$8so$[EMAIL PROTECTED]">news:8q2dfl$8so$[EMAIL PROTECTED]...
> Can a secondary IP be assigned to a Catalyst switch SC0 interface
> temporarily?
> If so, once I logon (by console/telnet) to the switch, I can troubleshoot
> the connectivity to an attached PC/server by pinging its IP address
> (assuming the secondary IP temporarily added is the same subnet as this
> PC/server IP address.)
> This will help troubleshooting the functionality of the TCPIP stack of the
> PC/server, don't you think?
>
>
>
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 2509 Router configuration

2000-09-13 Thread JEK 

If you have a 10Mb port on the router then your able to get 10Mb half-duplex
and 20Mb full-duplex.When you set the Ethernet interface to full-duplex
it sets
the port @ 20Mb instead of 10Mb..Hope this helps.

-jek-

"Germain, PJ" <[EMAIL PROTECTED]> wrote in message
90AC1E60E79BD31187C900062938329501532C5B@COOPTSS4">news:90AC1E60E79BD31187C900062938329501532C5B@COOPTSS4...
> I know that this is a very limited Access Server, but has anyone ever
heard
> of setting full duplex on the Ethernet port???
> It doesn't appear to have the capability and I have check the web and the
> manual.
> Any help would be greatly appreciated.
> Thank you
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BCRAN Loopback int

2000-09-13 Thread JEK 

Stephen,

If you have 30 Async Ports that your wanting to bundle together..What
you would
do; would be in configuration mode would be to type the following

router(config)#interface group-async X
X = Whatever you want to give it.

router(config-if)#group-range YY-YY
Y = # of tty/async ports that your wanting to bundle to this interface

Then you can setup the << ip unnumbered loopback Z >> to look at
the IP Address of the Loopback interface..

Hope this Helps.

-jek-

"Stephen Skinner" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>
> Many thanks chaps..that has haelped a lot...
> another question though is :-
>
> if i have 30 async ports on an access server,
> assign the same loopback interface to all 30 ports
> set all ports to unmumbered
> and have only IP address can this work/and if so how does it
> tell the different ports
>
> i`m guessing it just uses the port number IF it works
>
>
> many thanks
>
> steve
>
> >From: "Atif Awan" <[EMAIL PROTECTED]>
> >Reply-To: "Atif Awan" <[EMAIL PROTECTED]>
> >To: "Stephen Skinner" <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
> >Subject: RE: BCRAN Loopback int
> >Date: Tue, 12 Sep 2000 17:13:27 +0500
> >
> >
> >You define a loopback interface using the global configuration mode
> >command:
> >
> >int loopback 0
> >
> >It immediately creates a virtual interface which is by default in the
up/up
> >state. This interface does not depend on other things ( like keepalives,
> >clocking, physical cable connectivity ) to remain in the up/up state and
> >remains up as long as the router is up and running.
> >
> >Take OSPF for example. In order for OSPF to function properly it requires
a
> >Router ID which is the highest IP address of an active interface on the
> >router. In case you have loopback interfaces configured then the highest
ip
> >address amongst those of the loopback interfaces will be chosen as the
> >router ID. The advantage you get is that if the Router ID is the ip
address
> >of a physical interface and the interface goes down then the OSPF
operation
> >is interrupted. However, if the Router ID is that of a loopback interface
> >then the OSPF operation will never get interrupted as long as the router
> >itself does not go down and a router going down is very uncommon as
> >compared
> >to an interface going down.
> >
> >BGP is another routing protocol that makes use of this advantage of the
> >loopback interface.
> >
> >I hope this clears up things a bit.
> >
> >Regards
> >Atif
> >
> >-Original Message-
> >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> >Stephen Skinner
> >Sent: Tuesday, September 12, 2000 4:35 PM
> >To: [EMAIL PROTECTED]
> >Subject: BCRAN Loopback int
> >
> >
> >Chuck,Altif,Priscilla.save me.
> >
> >it says in my book BCRAN
> >
> >"a loopback interface is a virtual interface that never goes down
> >,therefore
> >it is an ideal line to use as the reference when using the ip unnumbered
> >command"
> >
> >i don`t understand ... a loopback interface dosen`t go
> >anywhere...how,why would i reference this Can i have a real world
> >example as i don`t seem to understand WHY i would do this
> >
> >sorry i`m being a bit thick
> >
> >thanks to ALL in advance
> >_
> >Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
> >
> >Share information about yourself, create your own public profile at
> >http://profiles.msn.com.
> >
> >**NOTE: New CCNA/CCDA List has been formed. For more information go to
> >http://www.groupstudy.com/list/Associates.html
> >_
> >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> >FAQ, list archives, and subscription info: http://www.groupstudy.com
> >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
> >**NOTE: New CCNA/CCDA List has been formed. For more information go to
> >http://www.groupstudy.com/list/Associates.html
> >_
> >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> >FAQ, list archives, and subscription info: http://www.groupstudy.com
> >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> _

Re: Dialer Interface * VERY URGENT *

2000-09-04 Thread JEK 

The << dialer in-band >> has to be in the config if your the one that's
doing
the dialing.This command indicates that this is the interface that will
be
doing the dialing.Not only that; but the << dial wait-for-carrier-time
XX >>
indicates that it will wait up to 60 seconds for the interface to basically
receive
DCD from the interface that is associated with the Dialer / BRI interface
and
it will then do the dialing depending on how quick it receives DCD.Hope
this helps.Easiest thing to do is to go to www.cisco.com and do a look
up
on ISDN or just do a find on Dial Cookbook and this will help out.

-JEK-


NRS Hariharan <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi all,
>   I have installed a 2503 router for ISDN dial back for a leased
line.The
> vendor who configured it has included the following commands in the dilaer
> interface .
>
> (1) #dialer in-band
>
> and
>
> (2) #dialer wait-for-carrier-time 60
>
> Since the above commands should not be used for ISDN i removed
them .
> But when I saved the new config and saw the file,the following commands
were
> also missing fom the dialer interface which was there previously :
> #dialer idle-timeout
> #dialer string x Class xx
> #dilaer hold-queue xx
> #dialer load-threshold xxx either
> #dialer-group x
>
>and the only commands which were present from the previous config
were
> :
> #ip address negotiate
> #no ip directed-broadcast
> #encapsulation ppp
> #ppp authentication pap callin
> #ppp pap sent-user  password 
>
> Can anyone provide a solution for the above
>
>  Thanks in advance
>
>
> hari
>
>
> 
> Get free email and a permanent address at http://www.netaddress.com/?N=1
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Please help with the routing problem

2000-08-30 Thread JEK 

Okay, Okay, lets start from the beginning.Do you maintain the Firewall;
cause if you
do; then the only way for this to work is for the Firewall to have a static
route pointing
to the Ethernet Interface of  << Router-B >> and for the destination of that
static route
to be the Ethernet Interface of << Router-A >>.Unless you're using a <<
routing >>
protocol on the Firewall itself.Not only that; but does the Firewall
have any limitations
on the config itself.What rules/access-lists are setup.I would look
at trying to ping the
ethernet interface of the Firewall Iteself and then if you can; look at the
config on the
Firewall.Can you ping Router-A from the Firewall.What type of
Firewall is in place
that you're using PIX / Checkpoint / Raptor or what.Well there's my
$0.02.Thanks.

JEK



"Arya Salahi" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Is the IP network between routerA and routerB being routed in the
Internet?
> Remember, when you PING, the ICMP packets use the outgoing inerface as the
> source IP address.  Therefore when you PING from routerA your ISP would
need
> to have a route to that IP network for the packets to find their way back.
>
> Arya
>
>
> >From: Filomena <[EMAIL PROTECTED]>
> >Reply-To: Filomena <[EMAIL PROTECTED]>
> >To: [EMAIL PROTECTED]
> >Subject: Please help with the routing problem
> >Date: Sat, 19 Aug 2000 16:07:06 -0700 (PDT)
> >
> >Hi, everyone, I would appreciate if you could help me.
> >
> >Here is the network setup:
> >
> >
>
>-->E0-RouterA-S0<-->S0-RouterB-E0<-->Firewall<-->E0-RouterC-S0<--->Internet
> >
> >The problem is that RouterA cannot access Internet.
> >RouterB is configured with default route pointing to
> >the firewall's LAN interface, and it can get to the
> >Internet just fine. RouterA has default route pointing
> >to S0 on RouterB. RouterA can ping hosts on RouterB's
> >Ethernet subnet, but cannot ping Internet hosts. When
> >I try to trace Internet host from it, the trace stops
> >at the S0 interface on RouterB. The routing between A
> >and B is EIGRP, and it is working, because routers can
> >reach each other's Ethernet subnets. Firewall has all
> >the ports open.
> >
> >It seems to me that when packets addressed to Internet
> >from RouterA reach RouterB, RouterB does not know what
> >to do with them. How can I fix this?
> >
> >Thank you.
> >
> >
> >__
> >Do You Yahoo!?
> >Yahoo! Mail - Free email you can access from anywhere!
> >http://mail.yahoo.com/
> >
> >___
> >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> >FAQ, list archives, and subscription info: http://www.groupstudy.com
> >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> 
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Telnet & network mgmt

2000-08-25 Thread JEK 

Is the telnet daemon just like a Unix telnetd daemon.If so then if you
run
netstat -rn; and what's the GW of that shell / session / or if it's realtime
running
then is should be the same as if you ran ipconfig/all.If it doesn't show
a gateway then
that's where I would look into.Hope this helps.

-jek-

Peter McDonald <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Hey All,
> >
> > I have set up a network management server on NT to monitor my various
> > cisco routers, pix etc - these devices only allow a Telnet connection
from
> > the mgmt server. I would like to be able to dial into my 3661 which is
on
> > the same segment as the mgmt server, telnet into the server an then use
> > that as a staging point to telnet into the routers etc. I have trialed
> > setting up a telnet daemon (fictional) on the server - this worked ok
and
> > let me telnet into the server but I can't go from there to the routers.
I
> > really don't want to run pcanywhere on the mgmt box for obvious reasons
&
> > I don't want to allow telnet access from any other device but the mgmt
> > box. Due to my limited intelligence I can't figure out how to do what I
> > want to do ! Any help / suggestions would be greatly appreciated.
> > Cheers,
> > Peter
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: what is this match statement matching?

2000-08-23 Thread JEK 

Your match ip address 1 is allowing all traffic thru hence the 0.0.0.0 and
the
match ip next-hop 2 where the ip address of 172.16.20.1 is the next-hop
router or as this seems the default-gateway on this configuration.Hope
this helps.

-jek-

Luobin Yang <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi, group
>
> I have a configuration as following
>
> router ospf 10
> default-information originate route-map send_default_if
>
> access-list 1 permit 0.0.0.0
> access-list 2 permit 172.16.20.1
>
> route-map send_default_if permit 10
> match ip address 1
> match ip next-hop 2
>
> My question is, what routes is the access-list 1 matching ? IP route
> table? or OSPF database routes?
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Perfomance prob with Router-Router IPSEC tunnel..

2000-08-23 Thread JEK 



Nandu,
 
    From what your saying is that 
your using your tunnel as the encrypt/decrypt point of access
for the VPN internal connection.First question; 
is why are you wanting to run a VPN thru a
leased line on an internal network.Second; is 
all traffic on the leased line being encrypted.
What size of lease line are your working with 
<< 56 / 64 / FR / T1 / ISDN ? >>.You can 
use
an IPSec encrypted VPN without running thru 
a tunnel interface.All you have to do is
to setup your access-list properly.Send me your config's offline; along with the 
Size of the Circuit
and I'll work with you on going around the 
tunnel-to-tunnel config.....Thanks.
 
    -jek-

  Cisco Group <[EMAIL PROTECTED]> wrote in 
  message 15BC1866E5CFD111900E00A0C9A6F35E03FE8EFA@CTSINCSISXUC">news:15BC1866E5CFD111900E00A0C9A6F35E03FE8EFA@CTSINCSISXUC...
  Hi 
  Guyz,
   
  We are having a 
  cisco router-router IPSEC tunnel between two locations(Intranet VPN) over an 
  internal leased line.The performance is very poor even though the link is only 
  40% utilised. On examining we found that the tunnel bandwidth is only 9k..Is 
  there anyway I can increase the tunnel bandwidth or can i have an IPSEC 
  connection without using a tunnel so that i can use more bandwidth in the 
  link.. There is a bandwidth command in the interface mode but it is only for 
  calculation of cost and it has no impact on the actual tunnel 
  bandwidth
   
  Can anyone pls 
  help me out with this...Thanx in advance..
   
  Regards,
  Nandu

Re: Access List Question

2000-08-14 Thread JEK 

This is the subnet information.Inverse Mask is 0.0.0.15 so the mask that
the
destination range resides on is 255.255.255.240 or /28.

  No. Subnet   HostsHosts
Broadcast
Address  From To
Address
  10  194.72.6.160 194.72.6.161 194.72.6.174 194.72.6.175

Rose, if you look as the access-list this is a inverse mask working with the
subnet mask of the destination network.What this is doing is filtering
out
on < udp port's > from the host listed below to the 10th Subnet of the Class
C destination address only.Subnet=194.72.6.160
Hosts=194.72.6.161--194.72.6.174
Broadcast=194.72.6.175.Hope this helps..

JEK

"Rose Olsen" <[EMAIL PROTECTED]> wrote in message
8n8nib$mc7$[EMAIL PROTECTED]">news:8n8nib$mc7$[EMAIL PROTECTED]...
> Can someone explain to me how to interrupt the subnet mask for this access
> list.
>
> permit udp host 194.72.72.33 194.72.6.160 0.0.0.15
>
> Thank you.
> Rose
>
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: EIGRP & IGRP

2000-08-13 Thread JEK 

That's 100 for IGRP not EIGRP.
Eigrp is 90/170 where the 170 is an external learned route.....

JEK
"Tapas Das" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> what is max hop count for EIGRP & IGRP for IP
> 
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Help with Debug ip packet

2000-08-03 Thread JEK 

Your correct on the "g = ateway " "s = ource" "d = estination".
the len is the size of the packet.Depending on where the packet
will go will depend on your routing protocol.Your routing table
and if you have any loops in the network or not.So your source
and destination will rely on those.Hope this helps.

JEK


John Zaggat <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello group,
> Can some kind soul help with the following output I
> got for "IP debug packet"
>
> IP: s=172.16.5.59 (Serial0), d=172.17.5.100
> (Ethernet0), g=172.17.5.100, len 40,
>  forward
>
> Does "g" stand for gateway, and if so then why is that
> the same as destination and not the actual
> gateway/router which in this case is 172.17.5.10
>
> What does "len 40" mean ?
>
> Thanks for your help :-)
>
>
>
>
> =
> JZ
> [EMAIL PROTECTED]
>
>
>
> __
> Do You Yahoo!?
> Kick off your party with Yahoo! Invites.
> http://invites.yahoo.com/
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Switch 2900 and 3500 Question ?

2000-08-01 Thread JEK 

On a switch the address isn't addressed on the FE Interface it's addressed
on the
VLAN Interface.You can then setup the individual ports to be part of a
single
VLAN / multiple VLAN's / or a VLAN trunk port to a router or switch.Only
on a L3 switch would you address different FE Ports if needed.Hope this
helps.

JEK

"Javier Villegas" <[EMAIL PROTECTED]> wrote in message
8m4qr9$9e9$[EMAIL PROTECTED]">news:8m4qr9$9e9$[EMAIL PROTECTED]...
> How can I see the IP addresses conected in every FastEthernet Port ?
>
> Something like that
>
>
> FE0/010.50.69.35
> FE0/110.63.98.14
> FE0/210.23.10.1
>
> And so on ...
>
>
> Thanks
> Javier from Argentina
>
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF Demand Circuit - About to go crazy! :-)

2000-07-30 Thread JEK 

If you don't specify the < broadcast > in the dialer map statement then the
# that
the router is supposed to dial won't be broadcasted to the isdn
interface.The
only way to bring it up would be to ping the ip address in the dialer map ip
X.X.X.X
and this would broadcast the # in the statement to the dialing device
whether it be
the router interface or an external device.

-jek

"Ryan Moffett" <[EMAIL PROTECTED]> wrote in message
8lvv16$m67$[EMAIL PROTECTED]">news:8lvv16$m67$[EMAIL PROTECTED]...
> I am beating myself to death with the following:
>
> I am working through the following scenario in which R1 has a Frame Relay
> connection to R2 via Frame-Relay and ISDN.  R1 is configured with ip ospf
> demand-circuit on the ISDN interface as well as OSPF on the Frame Relay
> interface.   R1 forms an ajacency with R2 over the Frame Relay link, and
> they sucessfully exchange databases.   R2 is configured the same as R1
with
> the exception of the ip ospf demand-circuit, it does not have that
> configured.R1 does not show 2 entries in the show ip ospf neighbor
> output.   R1 and R2 are not forming adjacencies over the OSPF
> demand-circuit.I can ping between R1 and R2's BRI interfaces to bring
up
> the ISDN link, and it works properly, however, if I shut the Frame Relay
> interface down, shouldn't the ISDN link come up as both links are in area
0?
>
> R1 has the following relavent configuration:
>
> !
> int s0.102 point-to-point
> encapsulation frame-relay
> ip address 10.36.18.5 255.255.255.252
> frame-relay interface-dlci 102
> !
> int bri0
> encapsulation ppp
> dialer map ip 10.36.19.5 
> ip ospf demand-circuit
> dialer-group 1
> !
> router ospf 100
> network 10.36.18.5 0.0.0.0 area 0
> network 10.36.19.5 0.0.0.0 area 0
> !
> dialer-list 1 protocol ip permit
>
>
> R2 has the following relavent configuration
>
> !
> int S0.201 point-to-point
> encapsulation frame-relay
> ip address 10.36.18.6 255.255.255.252
> frame-relay interface-dlci 201
> !
> int bri0
> encapsulation ppp
> dialer map ip 10.36.19.6 
> ip ospf demand-circuit
> dialer-group 1
> !
> router ospf 100
> network 10.39.18.6 0.0.0.0 area 0
> network 10.39.19.6 0.0.0.0 area 0
> !
> dialer-list 1 protocol ip permit
>
> Thanks,
> Ryan Moffett
>
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst menu and command line

2000-07-29 Thread JEK 

First of all you will have to have Enterprise IOS Feature set for both
Switches
and then once that's uploaded you and press < CTRL-R > on the 3000 for
CLI Access and then on the 1900 you will be prompted for either CLI or
MENU Management access and you choose.CLI on the 1900 will put you
into user mode and then you can run < en > and then your enable secret
password
and this will be your < priv > mode for the 1900.

JEK
Senior Network/Hardware/Systems Engineer

"Rick Holden" <[EMAIL PROTECTED]> wrote in message
000f01bff8f1$c0928da0$[EMAIL PROTECTED]">news:000f01bff8f1$c0928da0$[EMAIL PROTECTED]...
> I have a Catalyst 3000 and a Catalyst 1900. I want to use these switches
to
> study for the BCMSN exam. However when I connect to the console port I a
> presented with a menu and I want to get to the command line to practice
> commands. Is there a command line option for these switches and if not can
I
> upgrade the software on them to get a command line option. Thanks.
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DHCP Broadcast thru WAN

2000-07-08 Thread JEK 

you can setup the below along with the helper address also.
ip dhcp-server < ip-address > or < name >.

JEK
Senior Network/Systems Engineer
CCNA

NRS Hariharan <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi all,
>Iam having a DHCP server the hosts receiving them are in another
place
> and they are connected thru a WAN link using 2 routers.Since routers dont
> broadcast by default,how can I broadcast my DHCP requests and replies
between
> the server and clients.Is it possible to use extended IP access-lists.
like
> that...
>
>   Thanks in advance,
>
> Hari
>
> 
> Get free email and a permanent address at http://www.netaddress.com/?N=1
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: interesting part 2

2000-07-08 Thread JEK 



On the remote locations router add the config line 
below and make sure that
there is a helper address on the ethernet interface 
pointing to the IP Address
of the DHCP Server..Global config.Hope this 
helps.
 
ip dhcp-server < ip-address > or < name 
>
 
JEK
Senior Network / Systems Engineer
CCNA
 

"Atif Awan" <[EMAIL PROTECTED]> 
wrote in message 010701bfe84f$83c74bc0$050100c0@Tech">news:010701bfe84f$83c74bc0$050100c0@Tech...

  well the scenario is the same .. 3 routers 
  connected in a hub and spoke topology with the 2620 ( IOS 12.1(1)) as the hub. 
  This time the DHCP is not working across the WAN. it used to work fine before 
  the 2620 came in .. are there any IOS 12.1(1) bugs or something like that 
  which will prevent it from functioning properly.
   
  i am also looking it up on the cisco web site but 
  if anyone knows the solution first do post it :)
   
  Regards
  Atif

Re: Vlan routing with 802.1q

2000-07-06 Thread JEK 

802.1Q is used for unrealated vendors; ie: Cisco Router >> HP Switch.
ISL is Cisco proprietary VLAN encap.It doesn't matter what encapsulation
you use, just whatever your most at ease with

-JEK-
Senior Network/Systems Engineer
CCNA


"Parrish B. Gamarra" <[EMAIL PROTECTED]> wrote in message
8k095s$jic$[EMAIL PROTECTED]">news:8k095s$jic$[EMAIL PROTECTED]...
> The recommended vlan encapsulation for Fast Ethernet is ISL. I've never
> tried using 802.1Q encapsulation with Fast Ethernet interfaces but if it
> woks then great. One thing thoughthe configuration you posted is Ok
for
> the most part but you need to configure a subinterface for VLAN 1 too so
the
> router can route between VLANs using 802.1Q encapsulation.
>
> Parrish.
>
> "lee" <[EMAIL PROTECTED]> wrote in message
> 8jt0p4$u0r$[EMAIL PROTECTED]">news:8jt0p4$u0r$[EMAIL PROTECTED]...
> > Hi all, I have a Cat4003 & 3640, i'm trying to configure 802.1q
> > encapsulation on both unit, and use 3640 as the vlan router. Finally, i
> can
> > make it working, but i hope someone can tell whether i have configure it
> > rightly.
> >
> > my configuration for vlan routing for 1,2 & 3 on 3640 router is like :
> >
> > interface FastEthernet1/0
> >  ip address 203.92.128.1 255.255.255.224
> >  no ip directed-broadcast
> > !
> > interface FastEthernet1/0.2
> >  encapsulation dot1Q 2
> >  ip address 203.92.128.193 255.255.255.248
> >  no ip directed-broadcast
> > !
> > interface FastEthernet1/0.3
> >  encapsulation dot1Q 3
> >  ip address 203.92.128.130 255.255.255.192
> >  no ip directed-broadcast
> >
> >
> > Hope someone can give me some idea on 802.1q vlan routing configuration.
> >
> > Thanks in advance.
> >
> > regards,
> > lee
> >
> >
> >
> > ___
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> > ---
>
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Use Async Port

2000-07-04 Thread JEK 

What, debug's are you running on this setup.Could you post what
debug's you're running and what the output is.You will need to setup
a chat-script and probably a few extra setups in the chat-script.Are
the routers timing out for a encapsulation setup or what.Do the LCP's
ever come to an open status when you look at the Async Interface.
Need more information.

-JEK-
Senior Network/Systems Engineer
CCNS


"Erwin Novriyanto" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Actually, I have Cisco Router 3640 which has 16 terminal lines and Cisco
> Router 2610 which has 2 Low-speed serial(sync/async) network interface(s).
I
> already configure for both router that Cisco 2610 from interface serial
> async can connect to Cisco 3640 but connection cannot establish. Here I
send
> the configure :
>
> Cisco 3640
> !
> !
> interface Async112
>  description Dial Up Conn to GJKTggl01
>  no ip directed-broadcast
>  ip nat inside
>  encapsulation ppp
>  ip tcp header-compression passive
>  dialer in-band
>  dialer idle-timeout 300
>  dialer map snapshot 1 name GJKTggl01
>  dialer map ip 10.1.4.2 name GJKTggl01 broadcast
>  dialer hold-queue 10
>  dialer-group 1
>  async default routing
>  async mode dedicated
>  snapshot server 5 dialer
>  no cdp enable
>  ppp authentication chap
> !
> router eigrp 10
>  network 10.0.0.0
> !
> !
> line 112
>  script dialer dialnum
>  script reset rstmdm
>  modem InOut
>  modem autoconfigure discovery
>  transport input all
>  stopbits 1
>  flowcontrol hardware
>
> Cisco 2610
>
> interface Serial0
>  physical-layer async
>  ip address 10.1.5.2 255.255.255.252
>  no ip directed-broadcast
>  encapsulation ppp
>  ip tcp header-compression passive
>  dialer in-band
>  dialer idle-timeout 600
>  dialer wait-for-carrier-time 20
>  dialer map snapshot 1 name JKTGSP01 5222146
>  dialer map ip 10.1.5.1 name JKTGSP01 broadcast 5222146
>  dialer hold-queue 10
>  dialer-group 1
>  async default routing
>  async mode dedicated
>  fair-queue 64 16 0
>  no cdp enable
>  ppp authentication chap
> !
> dialer-list 1 protocol ip permit
>
> line 1
>  script dialer dialnum
>  script reset rstmdm
>  modem InOut
>  modem autoconfigure discovery
>  transport input all
>  stopbits 1
>  speed 115200
>  flowcontrol hardware
>
> try to debug, ...encapsulation failed, DDR fair queue failed. Does anyone
> have configuration for this...?
>
> Thanks
>
>
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Single ISDN BRI Dial to 3 Sites

2000-07-04 Thread JEK 

What type of interesting traffic are you letting thru on the
B-Channels.Maybe
you should setup Dialer Profiles and then setup your map-class statements
and
then setup your access-list / dialer-list to filter out your desired traffic
for each
Profile.

-JEK-
Senior Network/Systems Engineer
CCNA

"Tan Choh Koon" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi,
>
> AT Hub site I had configure one physical BRI to dial to and receive call
> from 3 remotes router. So far it is working well, but I discovered if Hub
> router had initiated call to 2 remote sites, then when there is a traffic
to
> 3rd remote site the router initiated the 3rd call but there is not
available
> channel (2B is occupied ) to call. It should drop the 3nd call till the
> channels is available agains. But weird things is it Disconnected the
First
> called number and allowed the 3rd call ?
>
> How to prevent this ? I dont want to interrupt the previous connection
till
> the idle time is expired, then only the 3nd call traffice can make the
> connection.
>
> Thanks
>
> Choh Koon, Tan
> CCDA,CCNP
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: TeraTeram

2000-07-04 Thread JEK 



You just have to go to File and then Connection and 
then select Serial and then
what port your 
internal modem is using; then you just have to run the AT
command set for your 
specific modem.I hope this helps.
 
-JEK-
Senior Network/Systems Engineer
CCNA

  "Henrique Issamu Terada" <[EMAIL PROTECTED]> wrote in message 
  003601bfe50d$9fae5080$ca0310ac@hterada">news:003601bfe50d$9fae5080$ca0310ac@hterada...
  Can I use Teraterm for remote access 
  ?
  For exemple , using my internal modem of 
  laptop , dial to a modem which is attached to a aux port from 
  router.
  I can do that with Hyper Terminal , but I did not 
  find this option on TeraTerm.
   
  thanks
   
  Henrique Issamu TeradaCPM Comunicações - 
  BrazilCCNA Certified

Re: FastEtherchannel using Compaq Servers

2000-07-04 Thread JEK 

Are the Compaq servers using Tru64 Unix, Linux, or NT.

"Lex Luther" <[EMAIL PROTECTED]> wrote in message
8jq8lc$94b$[EMAIL PROTECTED]">news:8jq8lc$94b$[EMAIL PROTECTED]...
> Hello Everyone,
> One of my students has a compaq server with 2 nics, each configured on the
> Cisco 6500 switch.  The Trunking is 802.1Q
> Both ports are configured identically but only one port works.  Both ports
> are to work together to achieve the throughput speed.
> Spanningtree is off as it is supposed to and full duplex is turned on.
>
> Can anyone help or have suggestions?
> --Lex
>
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Clock rate on C1005 synch?

2000-07-04 Thread JEK 

So you've done a < frame-relay intf-type dce > and then tried to do
the < clock rate  >.Remember that when you go to configure
the clock rate that it's 2 words; but in the config it's just one
word.Is
the wonderful < ? > not helping.

-JEK-
Senior Network/Systems Engineer
CCNA

"SteveS" <[EMAIL PROTECTED]> wrote in message
8jpbj4$gu$[EMAIL PROTECTED]">news:8jpbj4$gu$[EMAIL PROTECTED]...
> I cannot seem to get the router to take a clock rate command.
>
> I have been trying to set up frame-relay, turned on frame-relay switching,
> etc.
>
> Seemed to get the router to go DCE as it shows in sh int s0, and in sh
> controll ser.
>
> but there is no clock speed. I tried an inverse clock to no avail.
>
> Any ideas? or am I stuck with DTE only on a C1005
>
> Thanks, Steve
>
> Yes, I have a DCE/DTE cable and the correct ends are hooked up to the
> correct router.
>
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: how to configure VLAN on 2900 switch

2000-07-04 Thread JEK 

Below is the way to configure a 2900 Series Switch that is running the
Enterprise IOS
subset for the switch.If there are anything that I've left out with this
please reply to
this.Thanks.

lab-switch#vlan database
lab-switch(vlan)#vtp domain < vlan1 > = whatever you want to name you vlan
domain
lab-switch(vlan)#vtp password < XXX > vtp password
lab-switch(vlan)#vtp server
^^^ = only on the first switch all other switches need to be ' vtp
client '

lab-switch#show vtp status

These commands are totally separate from the Trunk Ports.These commands
are for the
individual ports itself that belong to the Vlans.Whereas the Trunk port
are the port that
uplink with the Router.
lab-switch(config)#interface fastethernet x/x
lab-switch(config-if)#switchport access vlan X = whatever Vlan you want this
to have access too

There can only be one of the following below on an interface.Only one
Encapsulation per Port.
These commands are separate from the < switchport access vlan X
>.Whereas these uplink to the
Router for the Vlan trunk connection.
lab-switch(config-if)#switchport trunk encapsulation dot1q= for IEEE
802.1Q Encapsulation
lab-switch(config-if)#switchport trunk encapsulation isl  = for
Cisco proprietary ISL Encapsulation
lab-switch(config-if)#switchport mode trunk

-JEK-
Senior Network/Systems Engineer
CCNA



"Sim, CT (Chee Tong)" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Dear Friends,
>
> What is the procedure to configure VLan on 2900 switches,  wat command to
> use?  If we don't configured VLAN on 2900 switches, will it cause the
> slowness in the network
>
> Chee Tong
>
>
>
>
>
> ==
> De informatie opgenomen in dit bericht kan vertrouwelijk zijn en
> is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht
> onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en
> de afzender direct te informeren door het bericht te retourneren.
> ==
> The information contained in this message may be confidential
> and is intended to be exclusively for the addressee. Should you
> receive this message unintentionally, please do not use the contents
> herein and notify the sender immediately by return e-mail.
>
>
> ==
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: two T1s

2000-06-28 Thread JEK 

Also you can use floating static routes on the router for when the traffic
that is
defaultly going thru one T1 and fails and you want it to go thru the other
T1
that's up and running.You can also load balance with EIGRP also.

Joe
Senior Network / Systems Engineer
CCNA


"Joseph J Szczepanski" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> SH -
> What does the current setup look like?  What type of routing is currently
> being used?  For instance, if you are running ospf, most of this is
already
> taken care of for you.  If you running static routes, you will need to do
> some work, but not much.
>
> Joe
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> SH Wesson
> Sent: Wednesday, June 21, 2000 12:08 PM
> To: [EMAIL PROTECTED]
> Subject: two T1s
>
>
> I'm at one location with two T1s to corporate.  How can I configure these
> two T1s to load balance each other, provide redundancy for each other etc.
> For instance, if one T1 goes down, all traffic that normally goes through
> that T1 would now be re-routed to the other T1 which is up.  Also is there
a
> way to sort of multiplex or in Catalyst switch term port-channel, so that
> these two T1s can be load balancing and redundant.
> 
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Dial up usinng Asyn interface

2000-06-27 Thread JEK 



Tan,
 
    You need to run the command < 
show line > this will give you an output of all
of the < vty's / tty's / con >.What you 
need to do is then setup an Async interface
with the coorresponding tty# of the AUX 
Port.Then you need to setup a < dialer-rotary
group X > which 
you can then setup to correspond to to the < interface dialer X 
>.Then
you can setup your << pap / chap 
>><< encapsulation >><< dialer string >>And 
what
ever else that is needed.Your then good to 
go.
 
Example
 
show line
aux tty1
 
config mode
interface aysnc 1
 encap ppp
 dialer-rotary group 1
 
interface dialer 1
ip address X.x.x.x X.x.x.x
 dialer string XXX
 encap ppp
 ppp auth chap
 
Joe
Senior Network / Systems Engineer
CCNA
 
"Tan Choh oon" <[EMAIL PROTECTED]> wrote in 
message 002901bfd42f$9ab3f6a0$[EMAIL PROTECTED]">news:002901bfd42f$9ab3f6a0$[EMAIL PROTECTED]...

  Hi,
   
  I had 2501 router, 1 Ethernet , 2 Syn port and 1 
  Aux port.
  I like to coonect the 56k dial up modem to serial 
  0 , and configure it to DDR to ISP.
  My question is how do i configure the serial 0 ( 
  syn interface)  to dial out ?
   
  As far as i knew only asyn serial, Aux port and 
  syn/async serial is capable to do dial up. 
  Can Sync serial port do dial out ?? If can please 
  give sample config.
   
  Thanks.
   
  C.K.Tan

Re: #!$& lab setup problems

2000-06-27 Thread JEK 

Brian,

If you are using ADTRAN setup one of the CSU's to be the Master for
timing/clocking and then let the other CSU get the timing/clocking from the
Master CSU.

Joe
Senior Network/Systems Engineer
CCNA


"Brian Lodwick" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am having a rough time getting my home lab up and running, and would
love
> to get some reccomendations on what to try next from the group. I feel
like
> I have tried everything, but obviously I haven't, because it isn't
working.
> Anyone care to help out?
>
> CSU/DSU#1
> TXD=solid green light
> RXD=flashing green light
> RTS=solid green light
> CTS=solid green light
> DCD=flashing green light
> DTR=solid green light
> OOS=flashing red light
> LOS=flashing red light
> ERR=flashing red light
> TST=nothing
>
> CSU/DSU#2
> DSR=nothing
> RTS=nothing
> CTS=nothing
> DCD=solid green light
> TXD=nothing
> RXD=solid green light
> TST=nothing
> NIS=nothing
>
>   CSU/DSU#1 is set for internal clocking and #2 is set for external
> clocking. These are both set for synchronous 56k. The pinout noted in both
> instruction booklets shows pins 1 and 2 are transmit and pins 7 and 8 are
> receive and 3-6 are not used. I have 1 crossed to 8 and 2 crossed to 7.
 I
> also tried crossing 1 to 7 and 2 to 8 got the same thing).
> CSU/DSU#1 is an ADC Kentrox D-serv 56, and CSU/DSU#2 is a 56K ROUTERmate
> made by Cray Communications.
>   If I turn off #2 the flashing lights stop flashing and go dark, and the
> LOS goes to a solid red light.
>
>   I have a 2501 connected to CSU/DSU#1 and a 2502 connected to CSU/DSU#2
>
>   I just can't figure out what I am doing wrong anyone have any
suggestions?
> I would be more than happy to give information I am not sure what else
would
> be pertinent. Thank you in advance.
> >>>Brian
> 
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN & Hierarchical Design questions

2000-06-27 Thread JEK 

John,

( 1 )If your wanting to connect all of your remotes that will not
connect up to the same
logical lan; the host will need a connection to the internet and the remotes
will need the
same.You will then need to setup Tunnel Interfaces which are software
interfaces and
then setup your own certain criteria for your < tunnel mode / tunnel source
/ tunnel destination >
and then an IP Address on both ends that are in the same subnetThen you
can setup
static routes on the routers to forward information that they need on the
host LAN to the
IP Address if the Tunnel Interface on the host router.Then you can setup
your gateway of
last resort pointing out to the Internets IP Address...

PS: You don't even have to setup a routing protocol just a routed
protocol..Keep in mind
that all of your static routes would have to be setup properly..

( 2 )If your talking about the three Cisco Layers.Example would be

7200 Core

 4000366036403620 Distrbution

7008001000160017002500 Access


Joe
Senior Systems/Network Engineer
CCNA

"JohnMail" <[EMAIL PROTECTED]> wrote in message
006c01bfdb44$4b0ff7e0$[EMAIL PROTECTED]">news:006c01bfdb44$4b0ff7e0$[EMAIL PROTECTED]...
> Folks:
>
> I am preparing for the CCDA and plan to write same before 31 July, 2000. I
> have two questions.  The first one revolves around VPN.  The other
question
> deals with CISCO's Hierarchical Network Design concepts.
>
> (1)  Assume that I have six simple LANs - one HQ  LAN and 5 Branch LANs.
> Assume also that each LAN consists of one Server and 4 workstations.  If I
> want to link these simple networks using VPN;  what king of Hardware and
> Software would I have to buy. I would also like to compare and contrast
> Microsoft's VPN (which I believe is built into Win2000) and CISCO's VPN.
> Thanks in advance guys.
>
> (2)   In this second scenario, I want to connect a router at each LAN site
> and make use of CISCO'S hierarchical network design principles.  Can
anyone
> explain or draw a simple diagram of what the network structure would look
> like at the CORE, DISTRIBUTION, and ACCESS layers.
>
>
>
> Thanks,
> John
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 100Mbs to 10Mbs

2000-06-27 Thread JEK 

Collin,

Is this a FastEth0 Interface or a Eth0 Interface.If your using one
of the
onboard Ethernet Interfaces they are 10Mb half-duplex and 20Mb
full-duplex
So this is actually depending on what your using..You can either use the
following

speed 10
speed 20
speed 100 fas eth
speed 200 fas eth

duplex full
duplex half

Joe
Senior Network/Systems Engineer
CCNA

Luan Kim <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> collin,
> try this:
>
> conf t
> int e0
> speed 10
> end
>
>
> 
> Luan T. Kim, MCSE, CCNA*
> Systems/Network Infrastructure Engineer*
> MP3.COM, INC.  http://www.mp3.com  *
> Phone: 858-623-7341Cell:  858-382-3055 *
> Fax:   858-623-7400Email: [EMAIL PROTECTED] *
> 
>
>
> On Wed, 21 Jun 2000, Collin Clark wrote:
>
> > Is there a way to change E0 on a 2600 router from 100Mbs to 10Mbs?
> >
> >
> > ___
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]