Re: Send BREAK to console thru term server [7:27572]
Hi Download a copy of TeraTerm and telnet thru any number of hops to get to the terminal sever. Make the reverse telnet connection to the router/switch in question and press Alt+B and you have just sent a break to it. HTH -- John Hardman CCNP Sean Wu wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Thanks for info. It does give a fairly long list of different combination on generating BREAK However, none of those works for me so far. Of course I didn't exhaust all combinations. My assumption is simple you are accessing a terminal server from somewhere via certain network access, but you get to the terminal server using telnet that comes with Win2k Pro. Then you access the console port of a router via reverse telnet. if you don't have physical access to the device however, someone power off and power it back for you. So how can you do a password recovery i.e. How to send a break key sequence to the console port, which might be several hops away, say, you ssh to A, telnet to B, then telnet to router c, and finally you telnet to terminal server. thanks. Maybe we can't do anything with telnet itself. So which terminal can send a better BREAK? teraterm? thanks Hartnell, George wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The term to search on at CCO is 'break key sequence' which should bring up the following page: http://www.cisco.com/warp/customer/701/61.html I'd cut-n-paste, but there is a wealth of information there, with many different hardware and applications documented. Best, G. VP OGC -Original Message- From: Sean Wu [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 28, 2001 1:01 PM To: [EMAIL PROTECTED] Subject: Send BREAK to console thru term server [7:27572] How can we send a BREAK signal via telnet session? I access some device via terminal server, the only thing I am wondering is how to send a BREAK so that I can do password recovery. thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27614t=27572 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: what is feature license? [7:24220]
Hi No it would not be present in the software. If you want to those features you will need to buy the image that supports. HTH -- John Hardman CCNP steven wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Do i need to order some feature license to get additional service? For example ,for one 2948G-L3 ,CCO said The base Cisco IOS Release 12.0(7)WX5(15a) software, which includes RIP and RIP 2, comes with the Catalyst 2948G-L3 switch router. Use license number FR2948GL3-IP to order software that includes OSPF, IGRP, and EIGRP. if i don't order it ,could i run ospf ?or i can run it just illegally? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24230t=24220 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Spliting 2 B channels between 2 routers, how? [7:24187]
Hi All... I have a question... I remember reading somewhere that it was possible to split two B channels of a BRI line between two routers. Here is my layout... ISDN Network -- Adtran NT1 ACE -- S/T#1 -- Router1 S/T#2 -- Router2 Things work great if I config to have both B channels on one router, or have just one B channel on one router. However when I split them, the first router to boot contacts the ISDN switch and gets two TE assigned, even though I have only one SPID config'ed on the BRI interface. When the second router contacts the switch to get a TE it gets an error, TE not assigned, terminal down state. Here are the relivent configs and show outputs. Any ideas what is a miss here? TIA - Router 1 - interface BRI0 ip address 172.20.10.1 255.255.255.0 encapsulation ppp no ip route-cache no ip mroute-cache dialer idle-timeout 900 dialer map ip 172.20.10.2 name r3 broadcast 6025551212 dialer-group 1 isdn switch-type basic-ni isdn spid1 6025551313 ppp authentication chap -- Show ISDN Status Router 2 - Global ISDN Switchtype = basic-ni ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-ni Layer 1 Status: ACTIVE Layer 2 Status: TEI = 88, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED TEI 88, ces = 1, state = 5(init) spid1 configured, no LDN, spid1 sent, spid1 valid Endpoint ID Info: epsf = 0, usid = 0, tid = B Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x8003 Total Allocated ISDN CCBs = 0 - Router 2 - interface BRI0 ip address 172.20.10.2 255.255.255.0 encapsulation ppp no ip route-cache ip ospf demand-circuit no ip mroute-cache dialer idle-timeout 900 dialer map ip 172.20.10.1 name r4 broadcast 6025551313 dialer load-threshold 80 outbound dialer-group 1 isdn switch-type basic-ni isdn spid2 6025551212 6025551212 ppp authentication chap -- Show ISDN Status Router 2 - Global ISDN Switchtype = basic-ni ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-ni Layer 1 Status: ACTIVE Layer 2 Status: TEI = 82, Ces = 1, SAPI = 0, State = TEI_ASSIGNED TEI Not Assigned, ces = 2, state = 1(terminal down) spid2 configured, spid2 NOT sent, spid2 NOT valid Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x8003 Total Allocated ISDN CCBs = 0 -- John Hardman CCNP Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24187t=24187 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Spliting 2 B channels between 2 routers, how? [7:24187]
Hi Well your advice and a timely bit of telco magic (they called me right after I posted, don't know what they did, nor do I think they do either ;-) the TE problems have been solved. However I am now getting this... 00:03:55: %ISDN-4-INVALID_CALLEDNUMBER: Interface BR0, Ignoring call, LDN and Ca lled Party Number mismatch Number mismatch... humm... any ideas? I have tried playing with the dialer map number and the LDN number to no avail. BTW the config now matches to the advice from Paul. TIA -- John Hardman CCNP Paul Lalonde wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi John, Two things I've noticed. If you use basic-ni as the ISDN switch, you should configure your 'isdn spid' statement as follows. Note that you include the LDN (local dial number) in the SPID with no area code: On router #1: isdn spid1 6025551313 5551313 On router #2: isdn spid1 6025551212 5551212 ALSO... *don't* configure 'isdn spid1' on router #1 and 'isdn spid2' on router #2. Instead, configure 'isdn spid1' on BOTH routers. Both routers should then pick up the relevant TEI from the ISDN switch. 'spid2' is only valid if you've already defined 'spid1' on the unit. I've been successful doing this a number of times. Let me know how it works. Paul John Hardman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi All... I have a question... I remember reading somewhere that it was possible to split two B channels of a BRI line between two routers. Here is my layout... ISDN Network -- Adtran NT1 ACE -- S/T#1 -- Router1 S/T#2 -- Router2 Things work great if I config to have both B channels on one router, or have just one B channel on one router. However when I split them, the first router to boot contacts the ISDN switch and gets two TE assigned, even though I have only one SPID config'ed on the BRI interface. When the second router contacts the switch to get a TE it gets an error, TE not assigned, terminal down state. Here are the relivent configs and show outputs. Any ideas what is a miss here? TIA - Router 1 - interface BRI0 ip address 172.20.10.1 255.255.255.0 encapsulation ppp no ip route-cache no ip mroute-cache dialer idle-timeout 900 dialer map ip 172.20.10.2 name r3 broadcast 6025551212 dialer-group 1 isdn switch-type basic-ni isdn spid1 6025551313 ppp authentication chap -- Show ISDN Status Router 2 - Global ISDN Switchtype = basic-ni ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-ni Layer 1 Status: ACTIVE Layer 2 Status: TEI = 88, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED TEI 88, ces = 1, state = 5(init) spid1 configured, no LDN, spid1 sent, spid1 valid Endpoint ID Info: epsf = 0, usid = 0, tid = B Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x8003 Total Allocated ISDN CCBs = 0 - Router 2 - interface BRI0 ip address 172.20.10.2 255.255.255.0 encapsulation ppp no ip route-cache ip ospf demand-circuit no ip mroute-cache dialer idle-timeout 900 dialer map ip 172.20.10.1 name r4 broadcast 6025551313 dialer load-threshold 80 outbound dialer-group 1 isdn switch-type basic-ni isdn spid2 6025551212 6025551212 ppp authentication chap -- Show ISDN Status Router 2 - Global ISDN Switchtype = basic-ni ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-ni Layer 1 Status: ACTIVE Layer 2 Status: TEI = 82, Ces = 1, SAPI = 0, State = TEI_ASSIGNED TEI Not Assigned, ces = 2, state = 1(terminal down) spid2 configured, spid2 NOT sent, spid2 NOT valid Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x8003 Total Allocated ISDN CCBs = 0 -- John Hardman CCNP Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24215t=24187 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PPP Multilink studies - interesting results [7:21623]
Hi Very interesting. I would be interested in seeing the CPU load between methods too. I will venture to say that CPU usage of the multilink is the highest. John Hardman CCNP Chuck Larrieu wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... A couple of weeks ago there were a couple of discussions on this board about using multiple T1's to improve data throughput. If memory serves, there were two possible ways to do this: 1) per packet load sharing and 2) PPP multilink for no particular reason I decided to do a little study on PPP multilink. Well, OK, I do have two particular reasons - an upcoming Lab and a customer who is asking about this. So, I build a scenario as follows: serial0 token ring R6R5---R4 || serial1 to test throughput, I used extended ping, with multiple pings and various size payloads, from a loopback on R4 to a loopback on R6. the routing protocol was EIGRP, done to assure per packet routing between R6 and R5 as a control. My results were interesting, to say the least. unexpected, but so consistent that there is no question, in my mind, anyway, about some of the assumptions many of us make about various load sharing and multiplexing options. a summary of the results are using the Cisco router reporting of min/avg/max round trip times - the middle number is the one to watch. packet size PPP multilinksingle serial link configured as PPP multilink 1000 24/24/13220/20/104 1500 28/29/52 24/27/112 500 16/19/64 12/13/104 64 12/14/60 4/7/104 note that in every case, the single link, configured for PPP multilink, is SIGNIFICANTLY faster than the dual link. Interesting. So I constructed some further experiments, using extended ping, multiple packets of variable size - range 64 to 1500: PPP multilinkper packet load share single T1 8/17/136 4/17/136 4/17/144 these figures are from over 15,000 pings per scenario, so it is not a case of random chance here. there is no difference whatsoever between the results of a single serial link, per packet load sharing over two serial links, and PPP multilink. what is most surprising is that a single serial connection proves JUST AS FAST as a dual serial connection. Now what I conclude from this is an opinion that multiple T1's DO NOT really do much for you in terms of more bandwidth. At least for the kinds of data flows I am able to generate in the lab. Furthermore, PPP multilink is actually harmful to throughput. So I gotta ask - is load sharing really adding anything to the mix? Really? In real world scenarios and data flows, where is it that you are gaining anything? Lastly, I set up a final scenario in which I sent 5000 byte packets. this means fragmentation and reassembly would occur, because the MTU on all wan interfaces is 1500 bytes. Here are the results when pinging 5000 times using a 5000 byte payload: single serial link: 64/66/168 per packet load share: 64/64/168 ppp multilink: 48/52/172 note here that the load sharing scenario is slightly faster than the single serial link, and that the ppp multilink is FAR AND AWAY faster that the other two. I suspect the reason for this is efficiencies gained under the multilink scenario when fragmenting and reassembling the oversized payloads In any case, I hope this presentation will lead to some good discussion of bandwidth and results. would it be fair to suggest that peoples' efforts to solve what they perceive as bandwidth issues by implementing multiple WAN links is really a study in fruitless activity? Maybe I should have set up some IPX scenarios? Chuck Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21624t=21623 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: new purchase [7:19334]
Hi Yes it is worth it. But... (there's always a but)... you will either need to upgrade the boot ROMS or deal with a less than router. Once upgraded they are basically a 2501 with one serial instead of two. They run 2500 images. BTW don't pay too much for one... HTH -- John Hardman CCNP MCSE Dwayne Saunders wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all was just wondering wether or not the Cisco 3102 would be worth having for a home lab I know that they are eol was just wondering if anyone had a opinion on this product the will be used for my CCNP. D'Wayne Saunders Network Admin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=19367t=19334 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Voice Ports Need to handle?? [7:17792]
Hi Likely the cheapest solution is to get a 1750 and 1751 with a couple of VIC-2FXS cards and a couple of telephone handsets. Price new for a 1750 is about $1000 less on ebay. Price new for a 1751 is about $1700 less on ebay. Likely there will more of the cheap ebay specials, as I _think_ did a NFR of the 1751 which means there will be some hit ebay sooner or later. Price new for a VIC-2FXS is about $275 and referb for about $250 The 1751 will also do 1Q trunking, and add some serial WICs they can server several lab situations. HTH -- John Hardman CCNP MCSE Cisco Lover wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi Guys, Again with old Q..But I haven;t get any good response?? If I want to implement VOIP/VOFR in my Lab setup. Which port nos I need to enable?? Thanks for help. ;) _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17795t=17792 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Does access list work for router originated packets [7:17383]
Hi Yep sure enough! I knew I should have put the sniffer on the test, but it was late and I wanted to get to bed. Oh well, it was a good learning experience. -- John Hardman CCNP MCSE Jason Couch wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The access list is actually only blocking the icmp packets on the return path from the pinged router or host. The icmp packets sent outbound by the router sourcing the pings are actually allowed through the outbound access list. This can be seen by adding the log extension to your access list commands. Then you should see the following message: %SEC-6-IPACCESSLOGDP: list 100 denied icmp 192.168.10.50 - 192.168.10.20 (0/0), 1 packet The key is that you won't see the same log message for the outbound icmp packets. You can also run debug ip packet to see something similar to the following: IP: s=192.168.10.20 (local), d=192.168.10.50 (Ethernet0), len 100, sending ICMP type=8, code=0 IP: s=192.168.10.50 (Ethernet0), d=192.168.10.20 , len 100, access denied ICMP type=0, code=0 The outbound packets were sent, but the return packets were access denied. Hence you get: C2501-R2#ping 192.168.10.50 Type escape sequence to abort. Sending 5, 100-byte ICMP Echoes to 192.168.10.50, timeout is 2 seconds: . because the entire ping path consists of both the forwarding AND the return path. HTH, Jason John Hardman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi I can't believe I am challenging Priscilla! I just tried what you are talking about, i.e. that the ACL on the router does not effect the traffic generated by the router it's self. I created an extended ACL to block all ICMP traffic and applied it to E0 as both IN and OUT. Before appling the ACL I can ping just fine to any host on the network and any host on the network can ping the router. After Appling the ACL I am not able to ping from the router, or to the router. I am running 11.1 IOS, maybe it would yield different results with a different IOS version. What IOS and platform did you see this behavior? Here's my config. Windoze PC 192.168.10.50 --- E0 Router2 192.168.10.20 RedHat PC 192.168.10.2 -Router config-- Current configuration: ! version 11.1 service udp-small-servers service tcp-small-servers ! hostname C2501-R2 ! enable secret 5 XXX enable password none ! ip subnet-zero ! interface Ethernet0 ip address 192.168.10.20 255.255.255.0 ip access-group 100 in ip access-group 100 out no ip mroute-cache no ip route-cache ! interface Serial0 ip address 192.168.50.1 255.255.255.252 no ip mroute-cache encapsulation ppp no ip route-cache ! interface Serial1 no ip address no ip mroute-cache no ip route-cache shutdown ! ip classless logging buffered access-list 100 deny icmp any any access-list 100 permit ip any any ! line con 0 exec-timeout 0 0 line aux 0 transport input all line vty 0 4 exec-timeout 0 0 password login ! end ---Router Config-- ---Ping results- C2501-R2#ping 192.168.10.50 Type escape sequence to abort. Sending 5, 100-byte ICMP Echoes to 192.168.10.50, timeout is 2 seconds: . Success rate is 0 percent (0/5) C2501-R2#conf t Enter configuration commands, one per line. End with CNTL/Z. C2501-R2(config)#int e0 C2501-R2(config-if)#no ip access-group 100 in C2501-R2(config-if)#no ip access-group 100 out C2501-R2(config-if)#^Z C2501-R2# %SYS-5-CONFIG_I: Configured from console by console C2501-R2#ping 192.168.10.50 Type escape sequence to abort. Sending 5, 100-byte ICMP Echoes to 192.168.10.50, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms C2501-R2# Windoze Ping with ACL C:\ping 192.168.10.20 Pinging 192.168.10.20 with 32 bytes of data: Reply from 192.168.10.20: Destination net unreachable. Reply from 192.168.10.20: Destination net unreachable. Reply from 192.168.10.20: Destination net unreachable. Reply from 192.168.10.20: Destination net unreachable. Ping statistics for 192.168.10.20: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms Windoze Ping without ACL C:\ping 192.168.10.20 Pinging 192.168.10.20 with 32 bytes of data: Reply from 192.168.10.20: bytes=32 time wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I know it's not what you said. What you said was obvious. I guess it comes about because I said to test with end devices. Router A is acting like an end device in your example. I should have been more clear. What is not obvious is that ACLs on Router B do not apply to pings
Re: Does access list work for router originated packets [7:17357]
Hi I can't believe I am challenging Priscilla! I just tried what you are talking about, i.e. that the ACL on the router does not effect the traffic generated by the router it's self. I created an extended ACL to block all ICMP traffic and applied it to E0 as both IN and OUT. Before appling the ACL I can ping just fine to any host on the network and any host on the network can ping the router. After Appling the ACL I am not able to ping from the router, or to the router. I am running 11.1 IOS, maybe it would yield different results with a different IOS version. What IOS and platform did you see this behavior? Here's my config. Windoze PC 192.168.10.50 --- E0 Router2 192.168.10.20 RedHat PC 192.168.10.2 -Router config-- Current configuration: ! version 11.1 service udp-small-servers service tcp-small-servers ! hostname C2501-R2 ! enable secret 5 XXX enable password none ! ip subnet-zero ! interface Ethernet0 ip address 192.168.10.20 255.255.255.0 ip access-group 100 in ip access-group 100 out no ip mroute-cache no ip route-cache ! interface Serial0 ip address 192.168.50.1 255.255.255.252 no ip mroute-cache encapsulation ppp no ip route-cache ! interface Serial1 no ip address no ip mroute-cache no ip route-cache shutdown ! ip classless logging buffered access-list 100 deny icmp any any access-list 100 permit ip any any ! line con 0 exec-timeout 0 0 line aux 0 transport input all line vty 0 4 exec-timeout 0 0 password login ! end ---Router Config-- ---Ping results- C2501-R2#ping 192.168.10.50 Type escape sequence to abort. Sending 5, 100-byte ICMP Echoes to 192.168.10.50, timeout is 2 seconds: . Success rate is 0 percent (0/5) C2501-R2#conf t Enter configuration commands, one per line. End with CNTL/Z. C2501-R2(config)#int e0 C2501-R2(config-if)#no ip access-group 100 in C2501-R2(config-if)#no ip access-group 100 out C2501-R2(config-if)#^Z C2501-R2# %SYS-5-CONFIG_I: Configured from console by console C2501-R2#ping 192.168.10.50 Type escape sequence to abort. Sending 5, 100-byte ICMP Echoes to 192.168.10.50, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms C2501-R2# Windoze Ping with ACL C:\ping 192.168.10.20 Pinging 192.168.10.20 with 32 bytes of data: Reply from 192.168.10.20: Destination net unreachable. Reply from 192.168.10.20: Destination net unreachable. Reply from 192.168.10.20: Destination net unreachable. Reply from 192.168.10.20: Destination net unreachable. Ping statistics for 192.168.10.20: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms Windoze Ping without ACL C:\ping 192.168.10.20 Pinging 192.168.10.20 with 32 bytes of data: Reply from 192.168.10.20: bytes=32 time wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I know it's not what you said. What you said was obvious. I guess it comes about because I said to test with end devices. Router A is acting like an end device in your example. I should have been more clear. What is not obvious is that ACLs on Router B do not apply to pings to and from Router B. Every newbie has probably been bitten by that one, especially in simple labs. Priscilla At 09:42 PM 8/26/01, Brad Ellis wrote: Priscilla, that's not what I said. Here's what I said: ...pings sent by one router will not be filtered by another router? Hence my diagram for further explanation: Router A -=- Router B -=- Device A (-=- can be ethernet x-over, serial back-to-back, etc) An ACL is applied on Router B's interface (applied inbound) that is connected to Router A. What I originally said, and continue to say, is that Router B will most certainly block packets (pings or whatever) coming from Router A...and it is irrelevant if Router A is a router or a host device. The ACL on Router B doesnt care if the device sending packets is a router or an end host device! If Router B was initiating the ping and Router B had the ACL applied, that would be a different story. ttyl, -Brad Ellis CCIE#5796 [EMAIL PROTECTED] used Cisco: www.optsys.net Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... At 08:06 PM 8/26/01, Brad Ellis wrote: Priscilla, Are you saying that pings sent by one router will not be filtered by another router? I beg to differ. Of course not. Pings sent by the router where the ACL is configured are not affected by the ACL. Try it. Priscilla -Brad Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... At 06:26 PM 8/26/01, Brad Ellis wrote: Sami, You'll need to give more info than that. The router does not care if the packets are originated from a host or another router. It will filter packets based on
Re: e0 on 4000-m router [7:15861]
Hi If the NP has one RJ-45 and one AUI then you do not have 2 ethernet ports, you have one. The NP-1E has one RJ45 and one AUI, the NP-2E has two each. You use either the AUI or the RJ45, but not both at the same time. To use one or the other use the interface command media and follow the options available. BTW, you may need a cross over cable to your switch too. HTH -- John Hardman CCNP MCSE Vik wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have a Cisco 4000 with 2 serial, 1 token ring and 2 ethernet interface. However, when a show interfaces command is executed, there is only one ethernet interface shown. On the back of the router where the ethernet ports are, one is a typical 10baseT, RJ-45 connection, but the other is AUI which I do not have a transceiver for; I just have a CAT5 cable from the 10baseT connector going to my switch. When I do a show interfaces command, ethernet 0 is up, but the protocol is down. On my swith I do not see any activity lights for that port, so I am thinking that my e0 is actually the AUI port. How do I use the 10baseT interface? -- Vik Evans - MCSE, CCNA, CCDA [EMAIL PROTECTED] Cell: (602) 677-8214 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=15863t=15861 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: e0 on 4000-m router [7:15861]
Hi The 4000 and 4000M support the NP-1E and NP-2E, the strange part is that the NP-1E is not supported on the 4500 or 4700 series... -- John Hardman CCNP MCSE guyman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... It is only a single port ethernet... You have a choice of AUI or RJ45.. I do not think the 4000M supports a dual ethernet card.. = Original Message From Vik = I have a Cisco 4000 with 2 serial, 1 token ring and 2 ethernet interface. However, when a show interfaces command is executed, there is only one ethernet interface shown. On the back of the router where the ethernet ports are, one is a typical 10baseT, RJ-45 connection, but the other is AUI which I do not have a transceiver for; I just have a CAT5 cable from the 10baseT connector going to my switch. When I do a show interfaces command, ethernet 0 is up, but the protocol is down. On my swith I do not see any activity lights for that port, so I am thinking that my e0 is actually the AUI port. How do I use the 10baseT interface? -- Vik Evans - MCSE, CCNA, CCDA [EMAIL PROTECTED] Cell: (602) 677-8214 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=15871t=15861 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISP Best Practice Question [7:15554]
Hi Normally this refers to the number of subscribers per port, e.g. for dial-up service, the ISP might have 24 dial-up ports and 120 users at 5:1 or 192 at 8:1. The idea being that not every subscriber will need a port at the same time, i.e. busy signals during peak usage hours ;-) I would not put a label on an ISP based on ratios. One really needs to figure out how the user base is using the services sold. Some users will stay connected all day, others are only on long enough to get email in the morning and evening. Most ISPs will base their ratio on a business decision rather a service level basis (ports are costly), which from a subscriber point of view maybe the wrong choice. For some ISPs 5:1 maybe very over subscribed making them a bad ISP, another ISP might have a 16:1 ratio that is under-subscribed making them a excellent ISP. HTH -- John Hardman CCNP MCSE Circusnuts wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... When it's said a good ISP utilizes the 5:1 subscription rule not the 8 or 10 to 1, is this expressing that the same service is offered to 5 logical for 1 physical. I've always been aware this existed from my early experiences working for a CLEC, but now that I'm sizing pricing pipes for critical applications I'm not sure what this exactly means. Thanks Phillip Lorenz Wheeler Network Design Inc. [EMAIL PROTECTED] Office- 301.429.6305 Cell-703.909.6643 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=15566t=15554 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN and Firewall [7:15375]
Hi I can't say if this is best practice or not... but is what I have deployed before and it worked well for the problems/needs I was trying to solve. Personally I like having the inside interface of the VPN on a interface on the PIX that is not quite trusted, e.g. vendor network. And the outside of the VPN box in a DMZ protected by the PIX. The big advantage of having the VPN inside interface on a not quite trusted interface is traffic control and access control to specific hosts on the inside of the PIX. For example if you had a bunch of non-employees that needed access to a web server and only that web service and nothing else, and you did not want to punch a hole in the PIX for them for whatever reason. You could use a unique IP range for the VPN users and then use ACLs on the PIX to only allow them access to the web server. You could assign another IP range for a different group of users that would allow to other areas, all nicely controlled by the PIX. The disadvantage here is the VPN user maintenance and IP management. For example, you have a user that needs to have access to hosts that belong to two different policies/groups at the same time, i.e. are passed thru the PIX based on different IP ranges. Now you end up having to create a third group that can access both sets of hosts, and so on and so on. This can lead to a nightmarish full time job to manage the VPN box and the resulting IP networks you create for each group. In a dynamic environment it is a problem, but in a pretty much static environment it is not bad to maintain at all. The advantage of having the outside VPN interface in a DMZ is that you can protect it from DoS and other attacks. It also helps for controlling management access to the VPN device, e.g. only allowing SSH or HTTP from a fixed IP. Can you tell I hate to drive to work at 3am when I could be doing in my bath rob from home ;-) The disadvantage is that there is a bit more to the PIX config to pass the traffic you want. For links, www.cco.com and go to the TAC configuration guides for VPN and PIX. Lots of examples to work from. HTH -- John Hardman CCNP MCSE SH Wesson wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Where is the best place to install a VPN box - vpn inside interface behind the pix, vpn outside interface behind the pix, vpn outside to internet, vpn inside to lan, etc. What should be the best practice and if someone can point out a link where I can see some configuration I would appreciate it. Thank you. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=15398t=15375 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: New WIC 2T - Qurery [7:14951]
Hi Yes that is what a WIC-2T is, nothing new or special about them. It uses the smart serial interface. If you need cross-over or straight cables one place you might look is www.pacificcable.com HTH -- John Hardman CCNP MCSE Rashid Lohiya wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, I have just acquired a 2nd user WIC-2T Card for my 3600 Router, but it does not have the regular 60pin interfaces, which I was expecting to see. Instead it has 2 x smaller, thinner female interfaces with 2 nuts on each end for the cable connector to screw into. The card is marked WIC 2T, and the two interfaces are labeled Serial 0 and Serial 1. Has anyone else seen this type of interface? Can anyone give me a cisco part number for the type of cable I would need? Will I be able to connect each of these connectors to a DCE/DTE crossover cable to connect to a regular 60pin connector? Is this normal or is this some special or new type of card? Pls. let me know Thanks -- Rashid Lohiya [EMAIL PROTECTED] 020 8509 2990 07785 362626 www.pioneer-computers.com London UK www.rashidl.co.uk Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=14957t=14951 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 6509 vs BlackDiamond [7:13837]
Hi It's true. It's also true that in similar tests with a Foundry will also out perform a Cat. But keep in mind that a lot of this works out to be FUD. Sales people from each company will have various reasons why you should choose their product over the other. The bottom line is that you have to choose which is right for your company based on it's business and technical needs. Both Extreme and Foundry are making a strong push into Cisco's enterprise switch market share. Their products are very competitive, especially at the price point. If I could get switches with Foundry's architecture, Extreme's network management software and CLI, and Cisco's end to end solutions, I would be a very happy engineer! $0.02 -- John Hardman CCNP MCSE mishaal wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... How true is this? Can anyone throw some light on this report from www.zdlabs.com, 70-80% packet loss is rather substantial..hope it's not true! thanks From ZDLAbs : In Layer 2 mode, the Black Diamond and Alpine switches forwarded 100% of the traffic offered during the test without dropping a single packet. This resulted in a throughput of 57.1 million packets/second for the Black Diamond and over 38 million packets/second for the Alpine using 64-byte packets. These results represent the maximum throughput possible, given the port configurations of the switches. The Cisco Catalyst 6509 lost over 78% of the packets offered during the Layer 2 full mesh test at the 64-byte packet size. According to the Catalyst 6509 documentation, the 6509 switch fabric is capable of forwarding 15 million packets/second. This rate is substantially less than the 57.1 million packets/second offered during our test, which explains the large packet loss. 'The Black Diamond and Alpine switches successfully routed 100% of the packets offered (over 5.7 billion 64-byte packets) during the test without dropping a single packet. This results in a Layer 3 throughput of over 95.2 million packets/second for the Black Diamond and over 47.6 million packets/second for the Alpine with 64-byte packets. The Layer 3 full mesh results for the Cisco Catalyst 6509 were very similar to the Layer 2 results. The switch dropped a large number of packets at all block sizes (86.86% with 64-byte packets). As in the previous tests with Catalyst 6509 we verified that the internal switch counters matched the results from the SmartFlow application and that there were no packet errors during the test. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=13895t=13837 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 6509 vs BlackDiamond [7:13837]
Hi You have a point there, but I will bet Foundry will be, not too sure about Extreme. Foundry just reported their 10th straight profitable quarter. -- John Hardman CCNP MCSE Perry J. Lucas wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The big question is will Extreme and Foundry be around next year? Perry J. Lucas -Original Message- From: John Hardman [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 26, 2001 2:18 PM To: [EMAIL PROTECTED] Subject: Re: Catalyst 6509 vs BlackDiamond [7:13837] Hi It's true. It's also true that in similar tests with a Foundry will also out perform a Cat. But keep in mind that a lot of this works out to be FUD. Sales people from each company will have various reasons why you should choose their product over the other. The bottom line is that you have to choose which is right for your company based on it's business and technical needs. Both Extreme and Foundry are making a strong push into Cisco's enterprise switch market share. Their products are very competitive, especially at the price point. If I could get switches with Foundry's architecture, Extreme's network management software and CLI, and Cisco's end to end solutions, I would be a very happy engineer! $0.02 -- John Hardman CCNP MCSE mishaal wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... How true is this? Can anyone throw some light on this report from www.zdlabs.com, 70-80% packet loss is rather substantial..hope it's not true! thanks From ZDLAbs : In Layer 2 mode, the Black Diamond and Alpine switches forwarded 100% of the traffic offered during the test without dropping a single packet. This resulted in a throughput of 57.1 million packets/second for the Black Diamond and over 38 million packets/second for the Alpine using 64-byte packets. These results represent the maximum throughput possible, given the port configurations of the switches. The Cisco Catalyst 6509 lost over 78% of the packets offered during the Layer 2 full mesh test at the 64-byte packet size. According to the Catalyst 6509 documentation, the 6509 switch fabric is capable of forwarding 15 million packets/second. This rate is substantially less than the 57.1 million packets/second offered during our test, which explains the large packet loss. 'The Black Diamond and Alpine switches successfully routed 100% of the packets offered (over 5.7 billion 64-byte packets) during the test without dropping a single packet. This results in a Layer 3 throughput of over 95.2 million packets/second for the Black Diamond and over 47.6 million packets/second for the Alpine with 64-byte packets. The Layer 3 full mesh results for the Cisco Catalyst 6509 were very similar to the Layer 2 results. The switch dropped a large number of packets at all block sizes (86.86% with 64-byte packets). As in the previous tests with Catalyst 6509 we verified that the internal switch counters matched the results from the SmartFlow application and that there were no packet errors during the test. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=13932t=13837 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can 2501 handle two T1s [7:13733]
Hi If you are just routing you should be fine. However if you are doing NAT, ACL, policy based routing or anything else that is CPU consuming you are likely to have some problems. Keep in mind that a Cisco router will start dropping packets at about 70% CPU and be totally brain dead at about 90% CPU. HTH -- John Hardman CCNP MCSE Frank Kim wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey guys, I know no one in the world would put two T1s on a 2501 router. But I maybe doing this soon. I am currently using a 7200 router for my two T1s but I feel like taking it offline and sell it to pay for my ECP1 and my trip to San Jose for the lab test. So I'm going take out my 2501 and see if it can handle two T1s which is constantly pushing at 2.8-3.0 mbps all the time. Has anyone done this before? Am I going to blow up this router? Will the cpu utilization go skyrocket? Thanks for any advice. -Frank Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=13771t=13733 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Certification Statistics [7:13477]
Hi Likely this is from a Cisco Academy instructor. An instructor posted the same format of information about this time last year. From what the instructor said Cisco gives them the information from time to time. $0.02 -- John Hardman CCNP MCSE Dennis H wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Once again, what is the source of this info? Cisco only publishes stats for CCIE's so it's not them. cheekin wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The numbers are the total number of engineers certified up to May this year. EMEA stands for Europe, Middle East, Africa. cheekin - Original Message - From: To: cheekin Sent: Tuesday, July 24, 2001 18:14 Subject: Re: Certification Statistics [7:13477] Very interesting figures . Also the figures given indicates upto May or in MAy alone?What is EMEA? cheekin home.netcc: Sent by: Subject: Certification Statistics [7:13477] nobody@groups tudy.com 07/24/2001 03:02 PM Please respond to cheekin FYI. Breakdown by certification through May 2001 US/CAN EMEA Asia/Pac Americas Japan CCIE 2,876 1,940 755 135 267 CCNA87,72426,69434,231 1,972 23,689 CCNP20,7789,633 9,244 40723,689 CCDA14,8256,580 3,705 6521,038 CCDP4,264 3,911 1,449 94 245 cheekin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=13508t=13477 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DS3 (PA-T3) ? - Please Help [7:13380]
Hi Yes you can get one made, as long as it is the same as the Cisco one. I forget what exactly the specification for it is, but I am sure if you either ask Cisco or the Telco they will tell you. Also be aware that you may have to adjust the cable length setting on the PA-T3 controller. I was at a shop where we had a OC12 MUX'ed out into several DS-3 lines. We ran from the MUX to a patch panel, to a patch panel to the routers. We ended up with about 150 feet of coax on each line. I had problems bringing up the first one, until I found the cable length setting on the PA-T3+ and up'ed it to 200 feet, then everything ran fine. HTH -- John Hardman CCNP MCSE Paul Timmerman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have a PA-T3 about 25 feet away from OC3 (Ameritech). The Cisco documentation is very unclear on whether I can you a non-Cisco cable for this. The Cisco cable is only 10 feet long, so I can't get it from the demarc into the server room. DS3 documenation says that I can go upto 400 feet or so, but it all depends on the CSU/DSU. So my question is whether or not I can have a coax cable made up (50 feet), and if I did that, what kind of problems might I run into. Thanks in advance, paul timmerman Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=13416t=13380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: HSSI .VS. PA-T3 [7:13384]
Hi I have ran both, and from a data transfer point of view there really is not any difference. But from a trouble shooting point of view, I really like to have a CSU/DSU built into the PA/WIC. There is quite a bit of information and testing to be done from a built-in CSU/DSU. I am one of those network engineers that prefers to work from home in the middle of the night instead of driving in to the shop, so having the ability to trouble shoot through the router is a big advantage. Otherwise I have to setup a terminal server or OOB line to the external CSU/DSU to trouble shoot. HTH -- John Hardman CCNP MCSE Paul Timmerman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What advantages would there be in purchasing a HSSI card instead of a PA-T3 card. I realize the PA-T3 has a build in CSU/DSU - is this a true advantage or a limitation? Does having a HSSI card allow me more flexibility in the future? Do some CSu/DSU have special feature I would want? thanks in advance, paul Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=13418t=13384 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN in labs [7:12563]
Hi Check your local ISDN rates. Where I am a ISDN BRI line is $70USD a month, with a small install fee. I use routers with S/T interfaces and a Adtran NT1 and split the two B channels between routers. Since I am only making local calls there is no time/long-distance charges. Pros: Cheap, cheap, and cheap. Cons: You can not recover your costs. HTH -- John Hardman CCNP MCSE anthony moore wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Is there any way to incorporate ISDN into my lab without spending $1800 on an emulator? Are there any ISDN crossover cables? I don't a lot of money to spend on emulators and simulators. Any advice is greatly appreciated. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=12585t=12563 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: help me on ISDN emulator [7:12245]
Hi You may also want to check the local rates for BRI. Here in Phoenix you can get a BRI line with unlimited local usage for about $70 a month. Even if you have the line year it's less than a simulator, but you also can't recover your money either. $0.02 -- John Hardman CCNP MCSE Dennis H wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Wow... you did get lucky... I see them sell used for around $1,500 all the time! Neil Schneider wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Unless you get very lucky! I just found one for $800.00. Neil Dennis H wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Sorry to tell you but you won't find an ISDN simulator for less than $1,500... Ahmed Mamoor Amimi wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, I have setup all my lab for my CCIE but i am in lack of ISDN lines or emulator. can anyone help me out what is the cheapest ISDN emulator. have anyone worked on PCs based ISDN emulator i think that will be not so much expensive... i have some sites on net that give ISDN emulator but they are expesive. if anyone selling his ISDN emulator then please let me know Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=12326t=12245 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FYI CCIE Changes announced [7:12345]
Hi All Well Cisco has announced their plans... http://www.cisco.com/warp/public/625/ccie/ccie_program/whatsnew.html -- John Hardman CCNP MCSE Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=12345t=12345 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX recommendations !!! [7:11336]
Hi I had a very similar problem to solve at work myself. The recommendation I finally came up with to meet the business needs of... 1) Content filtering 2) Logging of Internet activity 3) Improved usage of Internet bandwidth So we used... 1) PIX 520 UR with fail-over 2) WebSense content filtering 3) And add a cache engine using WCCP 4) Added a Private I syslog server/analyzer for detailed usage reports If I also had the need to do authentication against an NT domain I would have also added Cisco Secure ACS and had it use the NT SAM as it's database. I guess you could also use the MS RADUIS server to authenticate against the domain, but I have never used this so I can not guarantee that it will work. HTH -- John Hardman CCNP MCSE Raees Ahmed Shaikh wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all, I just need some of the recommendations to install a PIX box 525 in our network, currently we have MS proxy in our network, Should I replace proxy with the PIX, or use two level of defense, comprising of PIXProxy. We have some application level url filtering software running on that proxy as well. Moreover the MS-proxy is using the NT Domain Security Model and thus using cut-through proxy feature, can that security be available if I go on, with PIX. Without the Ms-proxy is it possible to use the same NT database for cut-through authentication. Some helpful tips please which will help me in the designing process. Thanks in advance and Best Regards, Shaikh Raees, CCNP,CCNA,CCDA,MCSE,MCP,CNE,CCIE Written. [GroupStudy.com removed an attachment of type image/jpeg which had a name of Glacier Bkgrd.jpg] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=11339t=11336 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FYI Check out the CCIE whats new page. [7:11128]
Hi All There are a couple of new items on the whats new page of the CCO CCIE site. Interesting... http://www.cisco.com/warp/public/625/ccie/ccie_program/whatsnew.html -- John Hardman CCNP MCSE Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=11128t=11128 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Written [7:9484]
Hi It follows the blue print very well, however it does not have a great deal of depth. It is a good starting point, but you will need to supplement it with other sources. HTH -- John Hardman CCNP MCSE wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... How good is the Que 350-001 study guide, it goes after the CCIE Blueprint ? Regards, Tarry -Original Message- From: EA Louie [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 21, 2001 11:58 PM To: [EMAIL PROTECTED] Subject: CCIE Written [7:9434] passed. whew! relief! CCIE Written candidates... the following are what to watch out for: parameters around EtherChannel/Fast Etherchannel Performance management router commands (queuing and traffic shaping) BGP (as usual) OSPF (especially inter-area stuff) tricky questions around bridging (lots of SRB/RSRB/DLSw) Cisco-specific ATM questions the normal multiservice questions (H.323 and Erlang) obscure facts about IPX-RIP routing behavior and updates config-reg stuff TCP/IP protocol-specific questions I used Caslow, the Que 350-001 study guide, CCPrep.com exam guide, and lots of Cisco webpages. There were a few questions that caught me off-guard, and I'm highly recommending that you use the CCIE Blueprint as your guide and check off the subjects as you develop your expertise. My spreadsheet (based on the blueprint) helped some, as did my immense study of Token Ring bridging, but I can assure you that there will be questions there that will make you ask huh? -e- PS - thanks to Nathan, Bri@sonicboom, and the rest of the list for your encouragement EA Louie wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm scheduled to retake the CCIE Written (fater a 1-1/2 year break) on Wednesday - I've been watching the discussions on the list and they have been really helpful. I'll be taking a LOT of pre-tests between now and then, and any help that you all would provide would be greatly appreciated. And of course, your encouragement is already strongly felt!! thx -e- -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net -- GMX Tipp: Machen Sie Ihr Hobby zu Geld bei unserem Partner 11! http://profiseller.de/info/index.php3?ac=OM.PS.PS003K00596T0409a Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9522t=9484 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
A post in alt.certification.cisco all should read [7:9286]
Hi All... There is a post on the Usenet news group alt.certification.cisco that anyone interested in the CCIE certification should read. The post is titled Changes to CCIE Exams Upcoming. I would just cut and paste it here, but frankly it appears to be a email for the director of the CCIE program that was not intended for the public. HTH -- John Hardman CCNP MCSE Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9286t=9286 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certs [7:8807]
Hi There seems to be a move a foot for companies to require a 4 year degree. But it seems to be somewhat limited to your age group. IMHO if you are under 35 you had better have/get that BS degree, but if you are over 35 then it really depends more on your experience. Many companies placing people in senior positions are much more concerned with experience than degrees. Which makes it fairly easy for someone over 35 or so to land and retain that senior job without a degree. The assumption is that someone older has had the opportunity to gain many more years of experience than someone in their twenties. Where a degree or certification for that matter, really come into play are with pay scale and if you are a contractor in getting your foot in the door. I have worked at a couple of companies that have two or three different pay scales based on rather you are degreed and/or certified or not. To address the idea that a EE is required to make a good CCIE. Well I have worked as a engineer and worked with many engineers in fields that are not engineering related. I find that engineers tend to have a different thought process than the average person doing IT work, which is a benefit to their work. Engineers tend to be much more capable of seeing both the fine details and the big picture, they tend to be very methodical in their approach to everything they do and this is a benefit IMHO. Bottom line, some of the best minds the world has ever known have not been classically educated, Einstein (you know the guy that came up with the relativity theory and was a high school drop out) comes to mind. It is not how many certs or degrees you have, it's what you can do. $0.02 -- John Hardman CCNP MCSE Omer Ehsan Dar wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all, In the danger of getting flamed I will enter this message. There is a great deal of debate here that you cannot become a a good Cisco Certified Network Engineer without having a Electrical Engineering Degree majoring in communications well the list has members who dont have the degree but the requisite experience and certs. My question is that does the engineering degree matter or not. Lets a say a person is a CCIE and a good one does he need to be an engineer or will the CCIE cert be enough. Thanks Omer Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8842t=8807 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 10s 12.0 help needed [7:7821]
Hi It means that your configuration was made on a different version of IOS than you are running now. It is a standard warning that not all commands may be understood by the current IOS. For example... If you had IOS 12.0.x IP only and had configured NAT, then later for some reason downgraded to IOS 11.3 IP only, your NAT configuration would not work because NAT did not ship in IP only IOS until 12.0. Another example is TACACS+, which is very different from one major version to the next, even from minor version to minor version. HTH -- John Hardman CCNP MCSE Omer Ehsan Dar wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all I keep on receiving this message on my router that the 12.1 commands may not be executed properly what does this mean? Omer Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7839t=7821 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How do identify Boot ROM FW1 FW2 [7:7807]
Hi You should have also received a installation manual with the ROMs, which details the placement of the two ROMs. HTH -- John Hardman CCNP MCSE Tim Rutherford wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I just received the latest boot rom's for my 2511. The two chips are labeled as follows: C002349 08-0197-02 FW1 11.0 10c xB2 1B7326A1 C000449 08-0197-02 FW1 11.0 10c xB2 14B570A3 Which one goes in socket FW1 and which one goes in FW2? Any ideas. I don't have a TAC contract or I would call them. Thanks, Tim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7840t=7807 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: [7:7789]
Hi Ebay is still the primary end market for used Cisco gear. But much of what you see there from regular sellers are bought at auctions (not the online kind) and the like. With all of the dot bombs of late there are quite a few auctions that one can attend, and sometimes you can find a very good deal. I doubt you will find a 3920 in a public auction, but you never know... Cat 5K are there all the time, same with access routers, and even core routers. Check your local paper for auctions. HTH -- John Hardman CCNP MCSE Dar wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, I was making a lab of mine, I have a few questions. First of all are there any other sites like ebay from where i can get equipment. Then wot isdn simulators are available and from where i can get them. Basically i need Cat3920, Cat5000 and an isdn simulator. I want to know what options do i have. First i thought of getting a TokenRing module for Cat5000 but then i came to know that 3920 is menu based and it wont help me in the lab much. Are there any other alternatives like anyother switches whos configurations are similar to 3920. I have 2900 switches and they are Ios based, can i use them as set based switches? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7792t=7789 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cs-516 Access Server [7:7318]
Hi Yes. The CS-500 series are very old in terms of Cisco equipment. They will not run 10.x code without an upgrade. I got mine with upgraded RAM which allows me to TFTP boot 10.3 code. Also read the CCO documentation as they are a little strange for things like password recovery... HTH -- John Hardman CCNP MCSE Stefan Dozier wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... At 11:07 AM 6/6/01 -0400, John Hardman wrote: Thanks John. I really appreciate you taking the time to post your config. Any other caveats I should be aware of? Stefan Hi Here you go Keep in mind that line 1 and line 9 are special prupose lines that are not connected to Cisco gear. John Hardman CCNP MCSE Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7529t=7318 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cs-516 Access Server [7:7318]
Hi Here you go Keep in mind that line 1 and line 9 are special prupose lines that are not connected to Cisco gear. -- Current configuration: ! ! No configuration change since last restart ! version 10.3 no service pad service udp-small-servers service tcp-small-servers ! hostname term1 ! clock timezone ariazona -7 boot system cs500-c-m.103-19a.Z.bin 192.168.10.50 aaa new-model aaa authentication login TAC tacacs+ enable aaa authorization exec tacacs+ local aaa accounting exec start-stop tacacs+ aaa accounting commands 15 start-stop tacacs+ enable password ! ip subnet-zero no ip domain-lookup ! interface Ethernet0 ip address 192.168.10.254 255.255.255.0 no lat enabled ntp broadcast client no mop enabled ! ip host C3102 2002 192.168.10.254 ip host C1900 2003 192.168.10.254 ip host C2502A 2004 192.168.10.254 ip host C2621 2005 192.168.10.254 ip host C2502B 2006 192.168.10.254 ip host C4500 2007 192.168.10.254 ip host C2517A 2008 192.168.10.254 ip host C2501 2010 192.168.10.254 ip host C5000 2011 192.168.10.254 ip host R6 2002 192.168.10.254 ip host R5 2004 192.168.10.254 ip host R1 2006 192.168.10.254 ip host R7 2007 192.168.10.254 ip host R3 2008 192.168.10.254 ip host R2 2010 192.168.10.254 logging buffered logging 192.168.10.2 logging 192.168.10.50 tacacs-server host 192.168.10.50 tacacs-server key xxx snmp-server community x RW ! line con 0 exec-timeout 0 0 line 1 transport input telnet line 2 8 no exec transport input all line 9 no exec terminal-type VT100 transport input all line 10 16 no exec transport input all line vty 0 4 exec-timeout 0 0 password x login authentication TAC ! ntp clock-period 17301573 end -- John Hardman CCNP MCSE Stefan Dozier wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Can somewhat post a working config from a CS-516 Access Server? I'm considering purchasing one vice a 2509/11 ? Stefan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7344t=7318 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS Upgrades [7:7284]
Hi Sorry about www.shopper.com, something is messed up with their site. Checkout www.accessmicro.com and do a search on Cisco IP feature and you find IP only IOS for $14.51 plus shipping. -- John Hardman CCNP MCSE Circusnuts wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm assuming you don't have a CCO login. You would need to buy some sort of feature set. They're usually around $20 come with multiple IOS version. www.shopper.com does not look to be the best place: http://shopper.cnet.com/shopping/search/results/1,10214,0-1257,00.html?tag=s rchqt=cisco+2500+ioscn=ca=1257 Ebay seems in line: http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItemitem=1243070538 Phil - Original Message - From: Bob Edmonds To: Sent: Tuesday, June 05, 2001 11:27 PM Subject: IOS Upgrades [7:7284] I was wondering where one might find and IOS upgrade from version 11.2 to 12.0? Also how much does such an upgrade usually cost? Is the upgrade preformed merely through tftp? Any answers to these questions would be greatly appreciated : ) Bob Edmonds Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7347t=7284 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS Upgrades [7:7284]
Hi www.memoryx.com for cheap pricing. HTH -- John Hardman CCNP MCSE Bob Edmonds wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Thanks, You guys have been a huge help!!! I have downloaded the 12.1 IOS but now I need room to stick it on the router I only have 8MB of Flash. Looks like that'll be another fun chore to find Flash and install it!!! Thanks, Bob Edmonds CCNA, Network+ University of Toledo (General purpose computer-monkey/manual labor) Bob Edmonds wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I was wondering where one might find and IOS upgrade from version 11.2 to 12.0? Also how much does such an upgrade usually cost? Is the upgrade preformed merely through tftp? Any answers to these questions would be greatly appreciated : ) Bob Edmonds Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7404t=7284 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS Upgrades [7:7284]
Hi There are two legal ways to get your upgrades... 1) Buy it. You can get IOS from any Cisco reseller, including many listed on the web. A quick search of www.shopper.com will show just how cheap one can get IP only IOS for! Do not buy it from an auction, as most people do not have a clue as to the apx $15 MSRP from Cisco and as a result pay way too much for it. 2) Get a Smartnet contact for your router that includes upgrades. This can be quite confusing, as there are many options for Smartnet and they do not always contain the same benefits. HTH -- John Hardman CCNP MCSE Bob Edmonds wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I was wondering where one might find and IOS upgrade from version 11.2 to 12.0? Also how much does such an upgrade usually cost? Is the upgrade preformed merely through tftp? Any answers to these questions would be greatly appreciated : ) Bob Edmonds Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7290t=7284 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: traffic can't cross pix [7:6895]
HI Call TAC or search CCO. There is an ICMP bug in the 5.2 and 5.3 code. This _might_ be the problem. HTH -- John Hardman CCNP MCSE pat wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have this problem. I can't ping anything outside the pix from machines inside. Pix inside IP is the default gateway for all the machines they can ping the gateway. I can also ping outside world from pix. What is causing this problem...? I have pasted pix configs below. this is new pix it never worked before. I have seen identical pix configs working earlier. thanks_ PIX Version 5.2(3) nameif ethernet0 outside security0 nameif ethernet1 inside security100 hostname pix-con fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 1720 fixup protocol rsh 514 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol sip 5060 names access-list 101 permit ip 192.168.0.0 255.255.255.0 192.168.100.0 255.255.255.0 access-list 102 permit ip 192.168.0.0 255.255.255.0 192.168.100.0 255.255.255.0 access-list check permit tcp any host 212.19.133.231 eq www access-list check permit tcp any host 212.19.133.227 eq smtp access-list check permit tcp any host 212.19.133.228 eq pop3 access-list check permit icmp any any pager lines 24 logging on no logging timestamp no logging standby no logging console no logging monitor logging buffered warnings no logging trap no logging history logging facility 20 logging queue 512 interface ethernet0 auto interface ethernet1 auto mtu outside 1500 mtu inside 1500 ip address outside 212.19.133.226 255.255.255.240 ip address inside 192.168.0.1 255.255.255.0 ip audit info action alarm ip audit attack action alarm arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list 101 nat (inside) 1 192.168.0.0 255.255.255.0 0 0 static (inside,outside) 212.19.133.227 192.168.0.2 netmask 255.255.255.255 0 0 static (inside,outside) 212.19.133.228 192.168.0.3 netmask 255.255.255.255 0 0 static (inside,outside) 212.19.133.231 192.168.0.4 netmask 255.255.255.255 0 0 access-group check in interface outside route outside 0.0.0.0 0.0.0.0 212.19.133.225 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 si p 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps floodguard enable sysopt connection permit-ipsec no sysopt route dnat crypto ipsec transform-set standard esp-des esp-md5-hmac crypto map peer_map 10 ipsec-isakmp crypto map peer_map 10 match address 102 crypto map peer_map 10 set peer 212.46.19.194 crypto map peer_map 10 set transform-set standard isakmp enable outside isakmp key l9k834 address 212.46.19.194 netmask 255.255.255.255 isakmp identity address isakmp policy 10 authentication pre-share isakmp policy 10 encryption des isakmp policy 10 hash md5 isakmp policy 10 group 1 isakmp policy 10 lifetime 3600 telnet 192.168.0.0 255.255.255.0 inside telnet timeout 15 terminal width 80 __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ PIX Version 5.2(3) nameif ethernet0 outside security0 nameif ethernet1 inside security100 hostname pix-con fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 1720 fixup protocol rsh 514 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol sip 5060 names access-list 101 permit ip 192.168.0.0 255.255.255.0 192.168.100.0 255.255.255.0 access-list 102 permit ip 192.168.0.0 255.255.255.0 192.168.100.0 255.255.255.0 access-list check permit tcp any host 212.19.133.231 eq www access-list check permit tcp any host 212.19.133.227 eq smtp access-list check permit tcp any host 212.19.133.228 eq pop3 access-list check permit icmp any any pager lines 24 logging on no logging timestamp no logging standby no logging console no logging monitor logging buffered warnings no logging trap no logging history logging facility 20 logging queue 512 interface ethernet0 auto interface ethernet1 auto mtu outside 1500 mtu inside 1500 ip address outside 212.19.133.226 255.255.255.240 ip address inside 192.168.0.1 255.255.255.0 ip audit info action alarm ip audit attack action alarm arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list 101 nat (inside) 1 192.168.0.0 255.255.255.0 0 0 static (inside,outside) 212.19.133.227 192.168.0.2 netmask 255.255.255.255 0 0 static (inside,outside) 212.19.133.228 192.168.0.3 netmask 255.255.255.255 0 0 static (inside,outside) 212.19.133.231 192.168.0.4 netmask 255.255.255.255 0 0 access-group check in interface outside route outside 0.0.0.0 0.0.0.0 212.19.133.225 1 timeout xlate
Re: Cisco 2500 Power Supply [7:6767]
Hi The classic used source Ebay and for new www.pacificcable.com HTH -- John Hardman CCNP MCSE Mark Rose wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Does anyone know of a good source for a replacement ps for a 2500 series router? TIA Mark Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=6769t=6767 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Strange Problem with router... [7:6293]
Hi Have you changed anything in the network of late? With the very little amount of information you have provided (about the network), my first thought is something with SNMP is polling the router at a regular time. There are several SNMP bugs in several versions of the IOS. The last time I was faced with something like this, a edge router was going brain dead (70-99% CPU) every hour on the hour. It required a reboot to get it back. I had recently added a fair amount of NAT and ACLs to the router and thought that was the problem, but it turned out that another admin working on getting Cisco Works up and running had inadvertently put Works on the production network. There was a bug in the IOS on the edge router and when Works polled it, it would hit 70-99% CPU and would have to rebooted. I upgraded the IOS and the problem went a away. HTH -- John Hardman CCNP MCSE Kiran Kumar M wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi Peter, Thanks for your mail. But I was using the same for last 16 months, almost with same setup. I never faced this problem. mtu is default, pps it can support upto 40,000 to 70,000 (according to cisco site), in my case it never reached to that point.. Thanks, Kiran On Tue, 29 May 2001, Peter I. Slow, CCNP Voice Specialist wrote: yup. thats going to happen when you plug that many serial links into the 3640. look at the mtu, look at your pps, and look at the 2640's forwarding capabilities. i have a cusdtomer who's 2640 freaks out the same way with 8 t-1s coming into it... Peter Slow, CCNP Voice Specialist Network Engineer Planetary Networks 535 West 34th Street New York, NY 10001 Cell:(516) 782.1535 Desk: (646) 792.2395 Mail: [EMAIL PROTECTED] Fax:(646) 792.2396 - Original Message - From: Kiran Kumar M To: Sent: Tuesday, May 29, 2001 4:19 PM Subject: Strange Problem with router... [7:6293] Hi, I am facing a strange problem from last two days. One of my 3640 router is behaving in a strange manner. Sudenly it is becoming 60 - 99 % CPU utilization.(Usally 20 - 30 %) at the same time It is droping the output packets on Main Serial link (which is using for uplink/downlink) and input packets on fastethernet (Used for LAN) port. Even these Interfaces are not overloading.. On the same router I am having 17 more serial links, and 1 more fast ethernet, and one ethernet interfaces and all are in working. I am using wccp v1, and BGP also on the same router. After Observing the problem I did the following things. 1) Increased the hold-queue to 4096 2) stopped the wccp and observed the status. But there is no use. It behaved in the same pasion. So I kept the things back. I am wondering.. if anybody help me.. The traffic is same and not varying.. but it is very much flutuating.. Please give me suggestions.. if anybody have any idea.. Thanks, Kiran PS: The router is not giving this problem continuously.. for 2 mins.. its working properly.. next 2 or 3 mins.. dropping the packets.. and next 2 mins.. working properly.. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=6330t=6293 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What do interVLAN routing and Layer 3 switching mean [7:6126]
Hi It means that the 4003 and 4006 has a L3 module that can provide Inter-VLAN routing. It might be limited to only provide Inter-VLAN routing on the FE ports and have full L3 function on the GE ports. Keep in mind that Cisco is still new to L3 and as such they have not fully implemented it on all platforms, e.g. the 2948G-L3 is not capable of doing full ACLs on all ports, just the GE ports, or at least in the last IOS I used on one. -- John Hardman CCNP MCSE frank wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What does the following mean ?it's cut from a description of WS-X4232-L3 on cisco website. The Catalyst 4003 and 4006 Layer 3 Services module provides interVLAN routing for the Catalyst 4000 family switch and provides Layer 3 switching between the Gigabit Ethernet interfaces. John Hardman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi OK I'll bite... Yes there is a difference. It gets a little convoluted, but there is a difference. L3 switching: Think of a L3 switch as a multi port router that operates at wire speed. The 2948G-L3 is an example. It is just a 50 port Ethernet router. So L3 switching is routing traffic at wire speeds. You could use one of these to route between VLANs, or route between networks. Inter-VLAN routing: This is a technique, technology that is only used to route traffic from one VLAN to other VLAN(s). It generally takes place at wire speeds inside a Cat switch with a L3 switch option, but is often see with routers that do not work at wire speeds. So the bottom line... think of a L3 switch as a device, and Inter-VLAN routing as a technology. HTH -- John Hardman CCNP MCSE frank wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Any difference? frank wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Thanks, Frank FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=6126t=6126 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What do interVLAN routing and Layer 3 switching mean [7:6084]
Hi OK I'll bite... Yes there is a difference. It gets a little convoluted, but there is a difference. L3 switching: Think of a L3 switch as a multi port router that operates at wire speed. The 2948G-L3 is an example. It is just a 50 port Ethernet router. So L3 switching is routing traffic at wire speeds. You could use one of these to route between VLANs, or route between networks. Inter-VLAN routing: This is a technique, technology that is only used to route traffic from one VLAN to other VLAN(s). It generally takes place at wire speeds inside a Cat switch with a L3 switch option, but is often see with routers that do not work at wire speeds. So the bottom line... think of a L3 switch as a device, and Inter-VLAN routing as a technology. HTH -- John Hardman CCNP MCSE frank wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Any difference? frank wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Thanks, Frank FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=6084t=6084 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Independent IP space, BGP [7:5429]
Hi The smallest IP space that ARIN assigns is a /19. Which means you are going to have to use your providers IP space until you can prove that can use a /20 in accordance with the guide lines that ARIN uses. I suggest you go to the ARIN site and read up. As for how long... that last time I filed for an ASN it took about one week to get it. There are restrictions to getting an ASN too... HTH -- John Hardman CCNP MCSE Richard Tufaro wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey guys/gals, Got a quick question. How long would it take (assuming that we can get a class C) to get a independent class C from ARIN and a AS for use with 2 ISPS and BGP? FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5434t=5429 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT -- BGP scalability [7:5468]
Hi Keep in mind that many people site the phone as a highly available system, but do you know that it is highly available? People get the impression that the phone system is very reliable because they are used to hearing a dial tone when they pick it up. But most people are not on the phone 24x7 and have no real idea if their phone is available or not. I wish I could find the URL, but there was a study done at one of the universities back east that actually checked the availability of the phone system there and compared it to peoples belief's as to the availability of the system. Most people felt the phone system was up more than 99.9% of the time, as they almost never picked up a dead phone, but in fact the phone system was only up about 98% of the time. Now this begs the next question... do people need 99.999% uptime on the phone system or on their network? Keep in mind that 99.999% uptime equals to apx 1 minute of downtime per 30 days. Many network managers want to give the 99.999% guarantee to their internal/external customer and are willing to give SLA's to that effect without ever seeing if there really is a need for it. I am asked a couple of times a month for a 99.999% solution. By the time they answer a few questions they figure out that they can easily withstand more than 1 minute per month of down time. With the idea that BGP is growing widely with all of the /24 companies joining the table, is a real shame. I would venture to say that many of the companies out there could stand to take the down time of a single connection or a multiple connection to the same ISP and never really hurt their business. I can not say if BGP will scale to meet this growing need, but I can tell you that having to get more and more memory and CPU to handle the larger and larger routing table is a burden and a pain. Hopefully someone much more intelligent than I will find a simple and easy solution. BTW, yes some places multihome their phones too... I was at one for awhile. $0.02 -- John Hardman CCNP MCSE Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Aside from Priscilla (not Geoff Huston): What if the phone system had evolved this way? How many companies have redundant trunk lines? Don't we just assume that the phone company will always provide service? We don't multihome to the phone system, (do we?) Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5482t=5468 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN Backup [7:4462]
Hi Depends who your provider is. For example in QWest land all local ISDN calls are not charged a usage fee. HTH -- John Hardman CCNP MCSE Jason Roysdon wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Great idea! Now, if only you didn't have to pay for an ISDN usage charges since you're calling yourself ;-) -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ Ambern, Jeff wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Just wanted to let the group know of a little trick I came across this weekend. I have an ISDN line that I hooked up to a NT1 with two S/T interfaces. I was able to connect 2 2504's back to back through the telco cloud. Each router pulled one TEI each. This makes it possible to perform dial-backup and other isdn simulations without paying for 2 isdn lines (just can't do multilink) or buying an expensive ISDN sumulator. Just thought I would share because I have never come across this configuration before. Jeff Ambern FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=4476t=4462 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IPS multihoming [7:4303]
Hi You will likely need to register your address space in the ARIN IRR. Some, but not all, providers create/use IRR to create their routing filters. For example a few months ago I setup peering with QWest and Level3 using address space from both providers. The QWest space went thru the world's BGP tables without anything being in an IRR, but the Level3 space was blocked. Once I added the Level3 space in their IRR everything was good. I could have added it to the ARIN IRR too, as the Level3 IRR is linked to ARIN's IRR. To keep the number of posts/emails to a minimum I will also address your question on memory size on your 2621... You can do a little research on the CCO for an exact number for the size of a route entry. But the bottom line is that you will not be able to take full routes... back in Jan 01 the full table was almost 128MB it might be more than 128MB by now. You might be able to take customer routes depending on how big your providers are. I have heard rumors that Genuity and UUNet together are more than 64MB. Also keep in mind that your router needs some memory to run the IOS and the routing processes. If you are also doing ACLs or queues there goes more memory. And if you run out of memory you are out of luck! I would also keep a close eye on the CPU usage, the 2600 does not have the most powerful CPU. So if you are running BGP, NAT, QoS, ACLs etc and have _lots_ of traffic you could pass that magic 70% CPU level at which a Cisco device will start dropping packets. HTH -- John Hardman CCNP MCSE Anthony wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Can anyone give me the steps in Multihoming with 2 ISP's. I have already obtained an ASN and both of my ISPs have agreed to announce my space as long as it is a /24 or lower. Since I registered the ASN with ARIN, my ISP has given me a different block of addresses that would satisfy the /24 requirement. Do I need to change anything now with ARIN? What else is involved here? Any tips on setting up BGP policies on my end? Thanks FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=4326t=4303 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Central Hub Site with six T1's. [7:3841]
Hi OK I am a little confused here, you say Frame relay is not an option because all of the sites are within about __15 miles__ of the central site I have chosen as their hub, and their bandwidth needs are such that a T1 is feasible. So does this mean that you think FR is not an option because all of the sites are a short distance away from the hub site? If this is your answer... FR can be done between floors of a building, just because they close doesn't mean that you can not use it. In fact in it is cheaper than doing to another state for example. If your customer is truly short on cash to do this, then putting in 6 point to point T1's is going to be WAY more expensive than FR. In most markets a p to p T1 is more per month than the equivalent FR line, not to mention the cost of a router to handle 6 T1's is going to be quite a bit more than one that can handle 6 PVCs. HTH -- John Hardman CCNP MCSE SJ wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello, I hope everyone is doing well today. Since this is my first time writing to the Cisco groupstudy I would like to say that I am glad to be a member. As each of you I to hope to someday reach CCIE status. However, as all of us I have to support myself and my family so work is always number one priority. With that being said I have a work related question. I have a customer who has 6 remote sites and a central site. Each remote site will be tied into the hub (central site) via T1's. Frame relay is not an option because all of the sites are within about 15 miles of the central site I have chosen as their hub, and their bandwidth needs are such that a T1 is feasible. So, now to my question. Which cisco router supports 6 or more T1 connections. This customer is on a limited budget, as such I will be deploying cisco 1750's at each remote site, however I want to tie all of the remote sites into the central site, so I need a router with enough interfaces to support 6 or more T1's. My goal is that each remote site will have default routes to the central site, and at the central site I will create static routes to the remote sites, as there is no need to run a routing protocol in this configuration. Can anyone give me a good central site router (cheap) that supports six or more T1 interfaces. Thanks, SJ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=3916t=3841 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: RFC 1149 is in use [7:3244]
Hi All Checkout http://news.cnet.com/news/0-1003-200-5825807.html?tag=tp_pr RFC 1149 in a successful test! -- John Hardman CCNP MCSE Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=3244t=3244 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Boson for the Lab [7:3053]
Humm... and not a one of them that answer or refer to this question. As to question, I down'ed the first that they have and played the demo. There are some good questions there, but if this is a lab prep test, then it will never be a replacement for hands on. It might be very helpful in working on weak areas. I am not too sure about the idea of a QA prep for the lab, maybe it has great value, maybe none at all. I guess one uses what one can when learning, each to their own. $0.02 -- John Hardman CCNP MCSE Jason Roysdon wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Over 13 posts for April with Boson;lab in them. Were you looking for CCIE-specific lab info? -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ Nick Lesewski wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I saw that Boson had some lab prep materials, but I didn't see anything in the archives about it. Has anybody tried it? FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=3142t=3053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Question .. CCIE lab and scheduling! [7:2461]
Hi You have one year from the day you passed the written to make your first attpemt at the lab. You then have a total of three years from the time you passed the written to pass the lab. You might want to schedule the lab on the east coast as their wait times seem to be less. Also write [EMAIL PROTECTED] and ask them for advice/help. BTW, the written has a $300 price now... HTH -- John Hardman CCNP MCSE Tony wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I've got a question that someone here will know the answer to. I took my CCIE written last August and due to a busy work schedule and lots of other certification requirements (AVVID, WLAN and other vendors) I have not been able to schedule my lab. Now I'm getting ready to change jobs and will immediately be looking to schedule my lab at the new company. If the written test is only good for a year ... when does this expiration kick in ? Is it based on the day you TAKE the lab or when you sign up to take the lab? With the long wait to get into the lab will I be required to spend another $200 if my lab can't happen before August? I'm sure someone who has taken the lab has been through this same scenario already. Thanks for your input .. Tony FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2469t=2461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco 4500 router [7:2378]
Yes, with the right IOS image, an IP+ image should be enough, but check the CCO to be sure. BTW, chances are pretty good you can get a 2620 or 2621 used for less than an used 4500/4700 with a NP-1FE. HTH -- John Hardman CCNP MCSE William Harrison wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Just a quickie? Im looking for a inexpensive alternative to a 2621 that could support ISL trunking. Does the 4500 with 1-FE interface support ISL and router on a stick? Thanks Bill Harrison CCNA FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2392t=2378 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OFF TOPIC -Job Offer without Interview?? [7:2375]
Hi Chances are pretty good that this a contact company that is short a person and are in jeopardy of losing money because they contacted to have x number of CCNP/CCDP on site and do not have that number on site now. Go with your first impressions, they are almost never wrong! But it doesn't hurt to do your research too just in case they are wrong. -- John Hardman CCNP MCSE Greg Macaulay wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Gd' Day Everyone, I need some input (comments, criticisms, enlightenment, suggestions, etc.) rather quickly. I'm in the DC metro area. Someone grabbed my resume off Monster and called me two weeks ago -- asked NO technical questions -- and basically gave me a brief synopsis of his company -- confirmed my salary requirements -- and said he would circulate my resume to others in his company and if there was interest, he'd get back to me. Last nite -- Friday 4/27 at about 8:00 p.m., he calls again -- asks only if I'm available -- and then says I can report to work on Tuesday 5/1. Again, no technical questions -- simply confirmed my salary requirements -- and simply wanted me to FAX a copy of my certs to him. Nothing else. Then I slowed him down. Asked about benefits, including training, etc. and then asked about the job Turns out he has a contract with a Freddie-something? Agency and needs a NP/DP as he put it (CCNP/CCDP) to show up on Tuesday for about 3 mos. Althought he assured me that I would be a PERMANENT employee and he had other projects to put me on after this job was complete. When I pushed questions about the benefits, he offered to have his benefits person call me Monday -- until I suggested that I come to his company offices Monday to SEE his site. Now I have to decide whether this is really a suitable position to want to put on my resume, and whether it's really legit. I have serious doubts about someone who would hire an employee over the phone, sight unseen (I could be picking my toes, drinking beer, a fat old redneck! -- I'm not!). If he's willing to hire in such a fashion -- isn't he doing a disservice to his client -- and won't he be just as likely to fire me -- on a whim. Is this a safe job -- am I really going to get paid? What do I say to the client if asked?? I''ve got very bad vibes about this -- but I don't know if my suspicions are justified!!! All replies will be appreciated! Greg Macaulay FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2393t=2375 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS for Home Lab [7:1531]
Hi The last time I bought IP only for 2500's it was $10.63. If you use www.shopper.com and search you should find it for about that much, maybe less with the slowdown. HTH -- John Hardman CCNP MCSE ""Circusnuts"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'd say 11.2, 11.3, 12.0, 12.1 images. The defaults bugs are different with each. You may find it surprising, bit I've seen more 11.2 11.3 in the field than 12.0 or 12.1 (unless dealing with new equipment applications). I have 12.0(8) 12.0(9) Enterprise in most of my 2500's (12.0(8) has been very solid) 12.1 in my 4500's. All of my beginner experience started with 9.1, 10.0, 11.0.(22), 11.2(18), so having all 12.X's is something of a treat. If you don't have a CCO login, the 2500 Feature Packs have a real nice group of lab IOS (11.2(18), 11.3(9) (9)T, 12.0(6)). Generally- I see them go for $20 on Ebay. I have no idea what the retail is, seeing the way some of those guys sell the probono's... it's probably free :o) Good Luck Phil - Original Message - From: RamG To: Sent: Sunday, April 22, 2001 12:20 PM Subject: IOS for Home Lab [7:1531] I have home lab of 7 routers with 16RAM/16FLASH. Which ios should I install on these routers to practice each and every ccie lab scenarios. Thanks / RamG FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1545t=1531 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Allowing the DNS in a config ??? [7:1240]
Hi Nope, UDP 53 for clients and TCP 53 for server zone transfers. HTH -- John Hardman CCNP MCSE ""No Data"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Heh, I bet most of us turn dns look-ups off when we are on routers :) Anyway, the command is 'ip domain-lookup' It should be on by default. When you set up the router as a firewall you need to allow tcp port 43 for DNS to come into your private network (please correct me if I am wrong on this). I hope that answers your questions. Ben Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1278t=1240 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Written questions [7:1005]
Hi Following your format... 1) Yes it has all the stuff droped from the lab. 2) The CCNx tests are frankly not all that deep compared to the CCIE written test. The depth and bredth of the CCIE is vast. Yes the test is fairly easy, IF YOU KNOW THE ANSWER. And they will throw in some pretty obscure and tricky subjects. I would strongly suggest that you do not under or over estimate this test. Go to the CCO site and use the recommended reading list and blueprint. 3) Well... there are two camps on this. Getting yourself up for that lab will definately help for the written. I figure that I really started studying for the lab the day I got my first router for home. But doing labs and developing a lab method will NOT beat RIFs into your head, it won't help you understand 4D/5D, etc, etc. On the other hand will studying for the written help with the lab, sure, every little bit of knowledge you can draw on is a good thing. $0.02 -- John Hardman CCNP MCSE ""No Data"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... 1. Does the CCIE Written test still contain the topics that have been droped from the lab (i.e. LANE, Appletalk, etc.) or have they been dropped from the written test as well? 2. How hard is the written test compared to the CCNP tests? I just have CIT to go and so far have been scoring right around 900, is the test significantly harder than the others? 3. I've heard that studying for the Lab and the Written at the same time is not a good idea. This doesn't make sense to me as the way I solidify my grasp of concepts is to log onto my routers, try it out, and see what it does. Does anyone have any comments on studying for both at the same time? Thanks, Ben PS Im new here so hi everyone :) __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1032t=1005 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2 hours are over and I passed the CCIE written [7:966]
Actually a year to take the lab, much more to time to pass. With the schedule delay growing Cisco will have to add more US lab sites or change the 12 month time limit for the first try. -- John Hardman CCNP MCSE ""Circusnuts"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Congrats !!! The clock is has begun- 12 months to pass the lab :o) Phil - Original Message - From: Buri, Heather H To: Sent: Tuesday, April 17, 2001 4:31 PM Subject: RE: 2 hours are over and I passed the CCIE written [7:966] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1054t=966 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE R/S Exam mechanics question [7:603]
Hi It is not true of the R/S exam. HTH -- John Hardman CCNP MCSE ""Dropped Packet"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The designers of each of the Cisco exams that I have taken so far (up through np/dp) have been nice enough to specify the number of answers one must select if it is a multiple answer question, e.g. "pick 2 of the following". Can anyone say (without trampling the nda) if this is true with the CCIE R/S written? Thanks _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=635t=603 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Telnet and mail problems [7:392]
Hi The first thing I would look at is name resolution. UNIX/Linux systems (telnet and email especially) both use reverse lookup. If the UNIX/Linux box can not find a name to go with the IP it will produce the situation you describe. As a quick experiment, add a host to the hosts file on the UNIX box you are telneting to. Then telnet to it from that host, I'll bet the connect is very fast. You can do the same for POP3/SMTP. HTH -- John Hardman CCNP MCSE ""Luis Oliveira"" wrote in message news:[EMAIL PROTECTED]... Fellow Cisco users This is my first post to the list. I've been watching the list for messages regarding a problem that we have at my company (newspaper business) that's probably related to our new network. We have recently changed for a new building and since we are now placed in several floors (as opposed to the situation we had before) we have taken this opportunity to build a new network infrastructure. We have a central Cisco Catalyst 6006 with 48 10/100 mbit ports, 2*8 fiber optic modules that connect to 5 floors (Cisco 3548 XL and Cisco 3524 switches) by fiber cable. We have a relatively large network of 400 machines (80% Macs, 20% PC's) divided by VLAN's. We also have 30 or so servers (ranging from Sun Solaris running Sybase, to Windows NT 4 and 2000 file servers, Microsoft SQL servers, Appleshare File servers, AIX machines running Oracle, etc. Our machines have fixed IP addresses. We are experimenting a problem when we try to telnet a Unix machine. It takes forever (almost half a minute). The same problem with e-mail checking ( 30 seconds to logon on the server). Before we had just two subnets. Now we have more (private networks), and the mail server is on a public network (DMZ) separated from us by a firewall. We think that the problem is related with the Ciscos or the implementation of the VLAN's. The company that implemented our network (which is a sister company of my company) until now as not found a solution to our problem and the mail users, which is everyone is becoming very upset with all this. Everything else works fine on the network works fine (copying files, browse the internet, that kind of stuff). Anyone have seen this kind of trouble before ? Can give some advice or steps to follow to eliminate this ? Sorry for the long post. Thanks // luis oliveira FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=396t=392 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Telnet and mail problems [7:392]
Yes. It has nothing to do with what address/name you are telneting to. It has everything to do with the IP/Name of the host you are telneting from. UNIX/Linux trys to do a reverse lookup on IP addresses for logging and other reasons. It will not "complete" the telnet session, e.g. present you with login: prompt until it times out the reverse resolve. Try the test I posted before, it takes only a couple of minutes and is definitive as it being a DNS reverse resolve problem or not. HTH -- John Hardman CCNP MCSE ""Luis Oliveira"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Should the logon time be so long even if I telnet by numeric address, say telnet xx.yy.zz.ww ? Regards // luis oliveira At 04:27 PM 4/12/01 -0400, Luis Oliveira wrote: Our machines have fixed IP addresses. We are experimenting a problem when we try to telnet a Unix machine. It takes forever (almost half a minute). The same problem with e-mail checking ( 30 seconds to logon on the server). Before we had just two subnets. Now we have more (private networks), and the mail server is on a public network (DMZ) separated from us by a firewall. We think that the problem is related with the Ciscos or the implementation of the VLAN's. The company that implemented our network (which is a sister company of my company) until now as not found a solution to our problem and the mail users, which is everyone is becoming very upset with all this. Everything else works fine on the network works fine (copying files, browse the internet, that kind of stuff). Anyone have seen this kind of trouble before ? Can give some advice or steps to follow to eliminate this ? Sorry for the long post. Thanks // luis oliveira Hm. It sounds a lot like DNS issues. Do you have guys pointing to an internal DNS server? Does your mail server resolve to an internal IP? If you do internal DNS, I can see where you might have "inside has problems", "outside is dandy" problems. Can you time the telnetting to the Unix box? Are you sure it is not 75 seconds? (If it is, it is almost definitely DNS issues). Have you tried doing "ping" floods to those hosts just to see what % of packet loss occurs, if any? It could very well be other issues, but check your DNS setups to see if anything seems fishy with your internal DNS. -Carroll Kong FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=418t=392 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: tftp server setting in Red HAt 7.0 [7:98]
Hi The version of TFTPd that ships with RH7 doesn't work right. You need a newer or older version. Note if you start the TFTPd with -c switch it will allow the creation of new files if your ACLs are correct. HTH -- John Hardman CCNP MCSE ""perryb"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The bugger about the Linux tftp server is that the file must already exist on the server before you can up or dowload to or from the server. - Original Message - From: "Modiene Kane" To: Sent: Tuesday, April 10, 2001 12:51 PM Subject: tftp server setting in Red HAt 7.0 [7:98] Hi folks, did someone set up SUCCESSFULLY a tftpserver in Red Hat 7.0? There is very few info out there concerning the whole process. Need some help. Thanks FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=141t=98 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Blocking Napster and Aol on Pix config/Setting up Tacus or Radius
Hi If you are running Linux or UNIX it is very easy to find TACACS+ as a freeware. Likely there are a couple of WinIntel freeware versions too, though I haven't looked for a WinIntel version. I installed tac_plus for Redhat and am using it in production. It can be found with just about any search engine, or www.rpmfind.com. It is pretty easy to setup and configure too. As for using TACACS+ or RADIUS, TAC has some very good docs, and samples for config's on the PIX and switches and routers. HTH -- John Hardman CCNP MCSE ""Bob Timmons"" [EMAIL PROTECTED] wrote in message 9an562$kg0$[EMAIL PROTECTED]">news:9an562$kg0$[EMAIL PROTECTED]... Kevin, --Snip-- As far as RADIUS TACACS, you'll probably have a hard time finding a shareware/freeware version of TACACS for NT, though RADIUS seems to be somewhat more available. Cisco has their ACS product, which does TACACS RADIUS, and runs on NT/2000. It's real easy to setup (about 30 mins from setup.exe to TACACS logins). I'd check the search engines for 'shareware /or freeware RADIUS'. If you really want TACACS, and are on a budget, you might want to check out some of the freeware Linux versions, there are many. Of course, you'd need to setup a Linux box. HTH Bob Before I ask this question I would like to give something back, below is the config to block aim and napster: access-list acl_out deny tcp any any eq 5190 access-list acl_out deny tcp any any eq 8875 access-list acl_out deny tcp any any eq access-list acl_out deny tcp any any eq 6699 access-list acl_out deny tcp any any eq access-group acl_out in interface inside access-list acl_out permit tcp any any access-list acl_out permit ip any any Now I would like to setup a Tacus+ or Radius Server on My network I have a widows 2000 domain and I am unsure of how to do this. Please advise. TIA, Kevin _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Lab Report - unsuccesful
Hi Sorry to hear you did not make it thru the first time around. I have followed your expeirence from close to the start of your list partisipation. I have not kept pace with you, but really I don't know too many people with drive of Chuck Larrieu either!! I have learned much from your questioning and answers, thanks for the input, both here and on the lab list. I sniped most of your report below with the exception of point #5. I have been trying to form a picture of the lab, trying to make it a part of me that I visit on a regular basis. When I was in Taekwon-Do I found that the more time I spent in visualization the better I got. It goes beyond just "seeing it", but a total emersion in the expeirence. And this is what I have been trying to do with the lab, so a little more detail will help me fill out my vision... NDA permiting, what can be asked of the proctor? TIA -- John Hardman CCNP MCSE ""Chuck Larrieu"" [EMAIL PROTECTED] wrote in message 000d01c0bfcc$08c90800$[EMAIL PROTECTED]">news:000d01c0bfcc$08c90800$[EMAIL PROTECTED]... Hey, everyone, how you all been? The short story is I did not make it to day 2. The rest of this is a bit long winded, and easily skipped. First of all, I was quite pleased to find upon reading through my Day 1 scenario that there was nothing I couldn't do, given time. There are plenty of practice labs from several different sources which cover all the core topics, so there were no surprises for me. Secondly, I was quite pleased when during my review of Day 1 results with the proctor, he told me they were going to change the written instruction on a particular section because of the solution I used. I'm actually quite surprised it hasn't been done before. I was grudgingly given points, although I was told my solution was definitely not what they had in mind. However, in the end, it was a few simple omissions that cost me the points I would have needed to squeak into Day 2. Only one of the six of us who began together was invited to the second day. Things I learned: --Snip-- 5) Good rapport with the proctor is helpful. I was able to get the information I needed by carefully wording my questions and making sure that my desired result was understood. The proctor is under a bit of stress himself, with so many folks vying for his attention. He may think you are asking something you are not. I made sure that if I was not getting an answer that made sense that I clarified my request, so that the answer was one that helped me understand. I will say also that the test I saw was reasonably clear. The questions I had tended to be the result of outputs from various show and debug commands, to clarify what the expectation was. --Snip-- _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RIF question
Hi You are right it is not a valid RSRB config, therefore there could not be a RIF as this would not work ;-) HTH -- John Hardman CCNP MCSE ""JD"" [EMAIL PROTECTED] wrote in message 9al78b$rg7$[EMAIL PROTECTED]">news:9al78b$rg7$[EMAIL PROTECTED]... Was wondering if someone can help me with this question: PC-A--Ring 001--Bridge 1---Virtual RingBridge 1---Ring 003---PC-B RSRB is configured here. PC-A sends a packet to PC-B. PC-A segment has a Virtual ring of 10, PC-B segment has a virtual ring of 0x10. What is the RIF seen on PC-B? Whats confusing me about this is the fact that is has 2 virtual ring and running RSRB. Automatically, this tells me that this is not a valid RSRB network. Can someone clarify this for me? Thanks. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX IOS upgrade
Hi There have been a lot posts in the Cisco news groups about people having ICMP problems with 5.3 code. Several stating that TAC has recommended a down grade to solve the problems. Personally I would not install a 5.3 code at this time. 5.2.x seems to be fine. HTH -- John Hardman CCNP MCSE ""Paul L Holloway"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm upgrading the IOS on a new PIX. What would be the downside of me upgrading to 5.3 without stepping up incrementally and just going directly from 4.4 to 5.3. I don't see anywhere in the Cisco documentation where they advise against this, but I seem to remember several threads here advising to go up one version at a time. Any thoughts?? Paul _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 508-CS versus 2509/2511
Hi Yes these are good boxes. As far as I know (anyone taken the lab correct me) the 2511 used in the lab is just for reverse telnet access to the rest of the rack and is not used in the labs. So the ability to run IOS above 10.3 shouldn't matter. Note, you will have to TFTP boot 10.3 for find the upgrade on Ebay if you want to run 10.3. As for the overall impression, they are great, a little slow on the boot up, but otherwise very nice and half the price of a 2509/2511. HTH John Hardman ""Ken W. Alger"" [EMAIL PROTECTED] wrote in message 99ufk5$1jh$[EMAIL PROTECTED]">news:99ufk5$1jh$[EMAIL PROTECTED]... For a CCNP/CCIE lab, is a 508-CS sufficient to act as a terminal server or is it better to go for the 2509/11? Thanks, Ken _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Dumb question of retansmits
Hi All, I know I should know this, but frankly I can not remember the details to save my life... Let's say we have two routers connected over a serial link, they are doing routing, not bridging. If the serial line takes a hit who is responsible for retransmitting? The sending host or the first router? Now let's say same config but the routers are bridging over the serial line. Who retansmits, the sending host or the first bridge? TIA John Hardman _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Dumb question of retansmits
Hi And thanks one and all for the help! I feel a lot more confident in my understanding. It has been my understanding that the sending host would always send any retransmitts, with the exception of something like a X25 or LLC2 network in between hosts. But I got to reading a bit more on RSRB and DLSw+ the other day, and the more I read the more I got confused... Therefore the question I posted today. Sometimes I hate the CCO pages ;-) I get too deep off on a tangent and lose sight of the forest. Thanks for defining the forest again. THX John Hardman ""Howard C. Berkowitz"" [EMAIL PROTECTED] wrote in message news:p0500191eb6e53e951c3a@[63.216.127.100]... Hi All, I know I should know this, but frankly I can not remember the details to save my life... Let's say we have two routers connected over a serial link, they are doing routing, not bridging. If the serial line takes a hit who is responsible for retransmitting? The sending host or the first router? Now let's say same config but the routers are bridging over the serial line. Who retansmits, the sending host or the first bridge? TIA John Hardman Retransmission is not inherently part of routing _or_ bridging. For most modern environments, retransmission is done between end hosts [1]. When retransmission is defined at the data link layer, it is done between whatever devices are at the two ends of the link -- hosts and hosts, hosts and routers, routers and routers, etc. [1] In networks that follow the "end to end" assumption of the Internet, and do not contain "midboxes" such as NATs, firewalls, proxies, tunneling devices, etc. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to Make Frame Relay Redundant?
Hi Well lets start out by saying I have worked with FR for many years, so let me share my pain with you. First, FR is not redundent, and in and of it's self can not be made redundent. There are several things one can do to help bring up the "up time" with a FR network. 1) Use a redundent layer 1 connection, e.g. SONET ring. This will insure that a single cut will not drop your connection. Be careful as many telcos are hot to sell SONET rings, but they do not provide full redundency, e.g. terminating in only one CO and passing thru the other. This is an expensive thing to do. 2) The closer you get to 100% uptime on any system/network, the cost to achive it will grow exponitionally. So you had better make sure that the business need is real and balanced against the costs. 3) Common methods to deal with FR outages. a) ISDN dial backup. Works well, but has limited bandwidth, e.g. replacing a 1Mbps PVC with a 128Kbps line. b) Analog dial. Same cavetes. c) VPN thru the Internet. Works fairly well, however can be a pain to setup, and you are using a public network that is known to be about as reliable as FR ;-) 4) Full or partial mess network. So you need to step back and ask, "what problem am I trying to solve". There are a ton of people that have had to deal with FR and it's outages, so there are lots of resources out there to tap. But none of it will mean anything unless you ask yourself the question. HTH John Hardman CCNP MCSE ""Raul De La Garza"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Please forgive me if this topic has already been explored. I am considering the purchase of a 3640 in order to provide Internet access to our office at 100 Mbps. I will outfit it with 2 10/100 2-port modules. I am also considering making our Frame Relay network redundant by adding two 1-port T1 w/CSU WICs, however, with only two FR lines coming in how would I make this a fault tolerant solution without having to obtain two more FR circuits? HSRP is definitely being considered. Obviously, an Ethernet hub or switch is out of the question. Any help you could provide would be greatly appreciated. Raul De La Garza III _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: Re: Radiius with Windows2000
Hi Yes I have had both the NT 4 MCIS version and the Win2K version of MS radius working on Cisco gear. Specifically I had it doing simple authentication for a 3005 VPN box and a 3810 with PPPoA DSL customers. I have had no problems. I suggest you call TAC, maybe you have a buggy IOS version. HTH -- John Hardman CCNP MCSE+I ""The.Rock"" [EMAIL PROTECTED] wrote in message 98g8a0$h2k$[EMAIL PROTECTED]">news:98g8a0$h2k$[EMAIL PROTECTED]... Has anyone got any Cisco products to run with the Windows2000 Radius? I was curios as we are trying to get the Cisco 5001 VPN to work with Win2K radius but have not been successful. It does work with funk radius, however I don't want to have to buy a third party product when windows has it built in. We did have it working at one time, but when we upgraded the IOS on the VPN box it suddenly stopped working...Still had errors when it worked, but at least it worked. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Simulated dial-tone
Hi I am not sure where you are getting your prices, but they are VERY high! Checkout www.shopper.com and check your prices, I think you will find that a VIX-2FXS goes for about USD$275... HTH -- John Hardman CCNP MCSE+I "Oleg Mazurov" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Try Cisco VIC-2FXS card. A pair of ports that are pretty close to the standard CO line. Approx. $600 a piece plus you need a $1200 cage to install it to the 3600 series, or a $3000 1750 router or 2600 router (dunno the price). Another idea is to shop for the secondhand phone equipment, some key systems are damn cheap if you buy it used. /felis _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Flash RAM erro - Cisco 2500
Hi Chances are pretty good that your boot proms do not recognize the newer flash. Call TAC and order new ones, they are free plus shipping. HTH -- John Hardman CCNP MCSE+I ""Ken W. Alger"" [EMAIL PROTECTED] wrote in message 97sf8d$6eg$[EMAIL PROTECTED]">news:97sf8d$6eg$[EMAIL PROTECTED]... I have a 2505, IOS 10.2(6) which I am attempting to add more Flash RAM to in order to run a more current IOS. I purchased an 8 MB chip, but when I install it and boot the router up I get the following error that doesn't occur with the current 4 MB chip: ERR: Invalid chip id 0x80B5(reversed: 0x1AD) detected in system flash Any ideas as to what this means as I have not encountered this one before. Thanks, Ken _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Boot Rom for Cisco 2500 series routers
Humm... Interesting, Cisco is willing to give them away free, but they do not ship for free. I wonder which is the better deal, your price for something free or something for free. HTH -- John Hardman CCNP MCSE+I ""CiScO"" [EMAIL PROTECTED] wrote in message 97kpdn$883$[EMAIL PROTECTED]">news:97kpdn$883$[EMAIL PROTECTED]... Is there anyone looking for Cisco 2500 router boot roms? I have the latest from Cisco, version 11.0(10c)XB2. I currently have several sets left. All brand new. I am willing to ship the item at no cost within the US. If you're interested please send an email so we can arrange shipping and payment. Helpful Links below: Boot Rom features and fixes: http://www.cisco.com/warp/public/471/30.shtml Replacing Boot Rom chips Instructions: http://www.cisco.com/univercd/cc/td/doc/product/access/acs_fix/cis2500/2500c fig/bootrom.htm Thanks! Joe N. CCNA http://www.tmjf.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ACLs and deny statements
Hi The basic answer is yes. The more detailed answer is that ACLs, when edited from the CLI, are handled in the squenial why, e.g. permit tcp any any 80 deny ip any any log permit tcp any any 23 The permit for telnet would be added at the end of the ACL list, and in this case would be useless becasue of the deny all above it. To overcome this (IMHO) shortcoming of IOS I use keep a commented copy of the ACL in a text file. Then when I need to edit the ACL, I edit in my favority text editor, then remove the ACL from the interface, delete the ACL, recreate the ACL and reapply it to the interface. The truth be told I really like this method better, as I can do some very detailed comments without having to have them take up configuration memory. Memory is generally not an issue, but I have had the unfortune to work a couple of 5000+ ACLs before which streches the limits of the IOS and config memory. HTH -- John Hardman CCNP MCSE+I "Andy Barkl" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... If you add your own deny all statement at the end of an Access-List, will all other statements then be added as well after the deny all? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Lab Purchase Deal
Hi Might I suggest you do a little research yourself... A few clicks on Ebay will yield the current selling price for each of these items. Then consider the Ebay price the high end. Also keep in mind that Ebay often has some items for more than retail, e.g. VIC-2FXS modules which go for about $275 new, but are listed used on Ebay for over $350. HTH -- John Hardman CCNP MCSE+I ""RamG"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello Friend, I am negotiating to buy following routers from a student. These routers were purchased new one year ago and only used exclusively Lab practice. I would appreciate, if someone can guide me at what price to buy. One Cisco 2509 with async cable 1- 9 16RAM/8FLASH Two Cisco 2513 with three TR Cables with 16RAM/16FLASH One Cisco 2520 with 16RAM/16FLASH Two Cisco 2501's with 16RAM/16FLASH Six AUI to Ethernet Transceviers Six Back-to-Back DTE-DCE 3' Cables One 8 Port Token Ring Hub Anew1 Anew2 Lab Configs Enterprise IOS 11.3.9 12.06 on CD Power Cords,Ears, Console Cables 6 No for each Router Thanks RamG _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: WAN degree?
Hi I have heard rumors that ASU has a 4 year degree program either planned or currently offered in networking. HTH -- John Hardman CCNP MCSE+I ""jay smith"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello, I am currently a MCSE/CCNA and I am finishing up my AA degree at the local junior college, and looking to start my 3rd year in the fall. Are there any colleges that offer a Bachelor's degree in networking? I have visited several college websites and it seems that they all offer just Computer Engineering, Computer Science, or Management Information Systems degrees. After reviewing the individual coarse outlines, there appears to be very few classes relating to networking. If anyone can offer there advise on this issue, I would greatly appreciate it! _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: what is the average age of people in this stuff?
LOL! I am 36, and have the same problem, thank Cisco that they put a ? in the IOS. Don't worry about it, most of the people I work (worked) with in the network business are between 20-60 with the majority being in their 40's. They say that memory is the first thing to go, I just wish would have told my body that! -- John Hardman CCNP MCSE+I ""rtc"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm 40--am I getting too old for this stuff? Cant remember anything worth a damn, especially the commands nd command syntax _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IP routing protocols and ACL lists
Hi Nope, you have to do that yourself. And in fact is a common mistake not to... HTH -- John Hardman CCNP MCSE+I "Dan West" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Howdy all, Quick question this time : Does enabling routing protocols like RIP or BGP automatically open up the related ports through respective interfaces? In other words, if you enable BGP, does it automatically ALLOW IN/OUT bound connections on TCP port 179? UDP port 520 for RIP, etc? = from The Big Lebowski... The Dude: You sure he won't mind? Bunny: Dieter doesn't care about anything. He's a nihilist. The Dude: Ohhh, that must be exhausting... __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices! http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE and 2500 series issue
Hi I think your co workers are off the mark a little bit. For the R/S lab you need routers and switches. To be more specific you need routers and switches that mirror the lab functionality, not necessarily the exact model. So from a functionality point of view what does a 2600 give that a 2500 can not. 1) VoIP, VoFR, and VoATM. But keep in mind that the 2600 series require a NV to use a VIC which are expensive, $1000+ and you still need a couple of VICs at about $300 each. Better to get a couple of 1750s with a built-in VIC slot. 2) ATM. Again there are other options, e.g. 4500 or 4700 3) FE for ISL trunking. Here the 2600 is dead on, unless somewhere down the line Cisco adds ISL capability to the 1700s. So get the 2500s and be happy that you have a valid router for your lab work. BTW, when you get labs, don't look at the router model, look at the functionality that it is providing, a 2600 as a FR switch is a laugh! HTH -- John Hardman CCNP MCSE+I "Elijah Savage" [EMAIL PROTECTED] wrote in message 83F1C14B5FC6D411B82400A0C90DEDDF0351A3@MRNT">news:83F1C14B5FC6D411B82400A0C90DEDDF0351A3@MRNT... All, I have 2 guys at work that have passed the ccie written and are going to take the practical at the end of this month. I have 3 2500 series at home 2 2501 and a 2503 along with a cisco 804. I have a chance to buy 3 more 2500 at a very very good price, Our job is replacing them with 2600. But these guys said its not a good idea to buy all that equipment because the 2500 will not help you anymore that it would be better to go to the 2600 modular series. We have a very nice lab that they have setup at work, and they have went out and purchased some CCIE labs paid like 700 bucks for them. And one of the labs basically required a 2600 be setup as a frame switch. I guess now you all can see the dilemma I am in, do I buy these 2500's. Everyone that is building labs at home to try and conquer this beast with 2500's are we missing the mark here. I mean I wonder how many have labs at home that think they are useful? Is it worth the investment anymore? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Lad scheduling question
Hi All With a little more study I will pass the written this month, and I am starting to wonder more about the process of scheduling the lab. I plan to use the SJ lab... So here is the question. Can I schedule the lab for a specific date? Yes I know there is a back log till August or later, but I more interested in a longer date, I am thinking 10 or 11 months after the written. I have quite a few big projects coming up at work, and it will be hard to keep my "study" mind set and energy, so the extended time will benefit me. TIA -- John Hardman CCNP MCSE+I _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco secure policy manager
Hi It won't install, comes back with something like "Requires NT 4 or Higher" what a laugh! -- John Hardman CCNP MCSE+I ""ML"" [EMAIL PROTECTED] wrote in message 96hqpe$dmc$[EMAIL PROTECTED]">news:96hqpe$dmc$[EMAIL PROTECTED]... Any particular reason why? I am not sure what you mean, wont install, wont run as in function? I know Cisco says they dont support it on 2000 but that is different than wont work. Thanks, ML Manny Colon [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Will not work with 2000 Regards, Manny Colon Computer Services Information Builders Inc. ML wrote: Anyone try running CSPM on a Windows 2000 box. Let me know how it worked. THanks, ML _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] -- _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Portable IP address
Hi "Portable" or address blocks that are "owned" by a company are assigned by ARIN (and others). Basicly there are addresses that you can use independent of your ISP. I suggest you make a visit to the ARIN web site. www.arin.net And learn more about this subject. There are all kinds of miths about this out there, better to get it from the source. HTH -- John Hardman CCNP MCSE+I ""Hubert Pun"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Anyone have heard of this term? I heard that anything smaller than 204.255.255.255 are portable and anything larger than 206.0.0.0 is non-portable. I was told that this is an industry standard between the several large ISP. (i.e. not the real "RFC" standard). Is that true? thanks _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst Wanted!!!
Hi The 2948G and the 2980G are based on the Cat 4000 OS, similar but not the same... HTH -- John Hardman CCNP MCSE+I ""angelo"" [EMAIL PROTECTED] wrote in message 009901c08eb6$7bcc1be0$[EMAIL PROTECTED]">news:009901c08eb6$7bcc1be0$[EMAIL PROTECTED]... I am looking for a catalyst switch that supports the same IOS commands as the 5000. Are there any other Catalyst low end models besides the 2926, 2901, 2948, and 2200 that support cat5000 IOS? What about the Catalyst 2980G and 2948G Switches? I am looking to buy a Catalyst for my lab. I recently had to re-deploy the Catalyst at work that I was using for my lab. If anyone is selling a catalyst that supports the same IOS commands as the 5000. Please drop me a line [EMAIL PROTECTED] angelo _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help me Urgent all CCIES please !!!!!!!!!!!!!!!
Humm... Interesting comparison! I guess I have always known the similarities, but never really thought about it before. I was in TaeKwon-Do (TKD) for about 15 years, thought class for much of that time. When I was coming up thru the colored ranks, I felt very sure of my knowledge/skills, the closer I got the black belt the more confident I was. But when I got the "big goal", it was anti-climatic in the long run. Sure it felt great for a few months, then the realization that I really didn't know S$%^T, and at best could only be considered a master of basics... well lets just say it was very humbling ;-) Eventually I retired from TKD, I was pushed more and more into a "management" role, which is not what I sought. I think now that I have taken some time to compare the CCIE R/S to the TKD black belt I feel much better about the whole certification ordeal. With TKD I finally came to place where I was very comfortable with my skills and the road that lay ahead, if I had not been pushed into a management role I would likely still be practicing. With CCIE it will be very similar, with the exception that I will have the power to stay hands on. Don't get me wrong, I enjoy the leadership/mentor role, what I hate is when the leadership/mentor role becomes the whole job. I feel much better, I have traveled this road before, know the pitfalls and rewards. Thanks very much for bringing this little comparison to light! -- John Hardman CCNP MCSE+I ""Circusnuts"" [EMAIL PROTECTED] wrote in message 040d01c08e9c$d543b300$[EMAIL PROTECTED]">news:040d01c08e9c$d543b300$[EMAIL PROTECTED]... What do you consider a paper CCIE? Weak knowledge of commands hardware (must always research topic). Inability to trouble shoot effectively (must always research topic) Always avoiding technical leadership roles Other CCIE's generally don't include their opinion they have no history of staying @ any one job for more than say 6 or 8 months. In general- these are the characteristics of a person who is over their head (just like any of us have the potential to be). Their are people who are passing the CCIE lab on sheer "will" (I'm gonna pass if it's the last thing I do) . Ask any active black belt, obtaining that status is only cool for a short period of time. When you pass such a crucial mark (among your peers) you have graduated to a point to be counted on heard. If the "journey" is all you know expected, then this kind of success is a scary thing (@ least for a couple of years :-) .02 Phil PS- Please don't misunderstand me, I still admire those who have completed the process... - Original Message - From: "Yonkerbonk" [EMAIL PROTECTED] To: "Circusnuts" [EMAIL PROTECTED]; "Chris Supino" [EMAIL PROTECTED]; "Ravi N Varma" [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Sunday, February 04, 2001 5:40 AM Subject: Re: Help me Urgent all CCIES please !!! What do you consider a paper CCIE? I've known some not-so-impressive CCIEs, but I don't know of any I'd consider paper. Michael --Snip-- _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco VPN 3000
Hi Yep installed one in the DC that I worked at for the other techies to have access from home durring off hours. Pros: Excellenct little box! Lots of control and easy to config once you find docs on CCO. Cons: The current cleint software doesn't support Win2K or WinME, which makes the Win2K and WinME L2TP/IPSEC config a royal pain in the A$$! The rummor is that there will be either a 2.6 or 3.0 version releasing soon that does support Win2K and WinME. Overall if you deal with the client config issues while you wait for the updated client software, it is a killer solution. HTH -- John Hardman CCNP MCSE+I "Mark" [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... Does anyone have the Cisco VPN 3000 series devices working in a production environment. I would like comments both good and bad on this. Particularly on the 3015 and 3030 if possible but all info will be great. Thanks, Mark _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2948G-L3 - Routing between bridge groups and routed FE interface
Hi I am not sure if it shows in the config or not, but did use set briding IRB? HTH -- John Hardman CCNP MCSE+I ""Ansari, Faisal (US/ATLANTA)"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Folks, I have a question related to setting up routing between bridge groups as well as to routed interfaces. Please take a look at the following setup and let me know if I'm doing anything incorrectly. Thanks for your help. current setup: VLAN1: FE ports 1-20, network 10.3.1.0/24, BVI1 address is 10.3.1.101. VLAN2: FE ports 21-24, network 10.3.2.0/24, BVI2 address is 10.3.2.101. If I connect a workstation (with default gateway being BVI1) and ping BVI1, it works. If I ping BVI2, it fails. Same results from a workstation connected to VLAN2 with BVI2 as default gateway. Any idea why it's happening? I have attached the config file for your review. ip subnet-zero bridge irb ! ! interface FastEthernet1 no ip address no ip directed-broadcast bridge-group 1 bridge-group 1 spanning-disabled ! . . . ! interface FastEthernet20 no ip address no ip directed-broadcast bridge-group 1 bridge-group 1 spanning-disabled ! interface FastEthernet21 no ip address no ip directed-broadcast bridge-group 2 bridge-group 2 spanning-disabled ! : : interface FastEthernet24 no ip address no ip directed-broadcast bridge-group 2 bridge-group 2 spanning-disabled ! : : ! interface BVI1 ip address 10.3.1.101 255.255.255.0 no ip directed-broadcast no ip route-cache cef ! interface BVI2 ip address 10.3.2.101 255.255.255.0 no ip directed-broadcast no ip route-cache cef ! interface BVI3 ip address 10.3.3.101 255.255.255.0 no ip directed-broadcast no ip route-cache cef ! ip classless ! bridge 1 protocol ieee bridge 1 route ip bridge 2 protocol ieee bridge 2 route ip bridge 3 protocol ieee bridge 3 route ip Sincerely, Faisal Ansari * The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. * _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Tacacs and Security question
Hi Here is an excellent link that has the comparison of TACACS+ and RADIUS, which would be a good thing to know. http://www.cisco.com/univercd/cc/td/doc/cisintwk/intsolns/aaaisg/c262c1.htm HTH -- John Hardman CCNP MCSE+I ""Greg"" [EMAIL PROTECTED] wrote in message 955t43$hhf$[EMAIL PROTECTED]">news:955t43$hhf$[EMAIL PROTECTED]... I am studying for the Written exam and I have heard that there are quite a few security questions that involve Tacacs and radius and when I went to Cisco's web site and did a search I didnt find alot of information on Tacacs and Radius. I am looking for information on the workings of Tacacs not the configuration. Am I doing the wrong kind of search? or does someone else have a better place to look? Thanks, Greg Lovato _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cable to connect 2502 to MAU
Hi You need a media filter, which is nothing more than a DB9 head shell with four pins connected. Here is a link for all kinds of pin outs, including TR. (watch the wrap) http://www.cisco.com/univercd/cc/td/doc/product/access/acs_fix/cis2500/2501/ 2500ug/pin.htm The head shell should'nt cost more than about $3 at the local electronics store. Then a straight Cat5 cable to the MAU. No offense, but $15 plus shipping for a head shell is crazy! HTH -- John Hardman CCNP MCSE+I ""trammer"" [EMAIL PROTECTED] wrote in message 952o5m$f4a$[EMAIL PROTECTED]">news:952o5m$f4a$[EMAIL PROTECTED]... Can anyone give me the proper name or part number for a cable that I can use to connect a 2502 Token Ring router to an RJ45 based Token Ring switch. I know there is the DB9 to Type 1 cables available, I just must be missing the boat on the name for DB9 Male to RJ45 cable that it seems like I need. If anyone has any insight it is appreciated. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 5000 for home
Humm... I remember reading one time that the SupI card's FE ports did not support ISL or 1.Q trunks or ehterchannle either. Did I remember wrong? TIA -- John Hardman CCNP MCSE+I ""louieb"" [EMAIL PROTECTED] wrote in message 000201c087a5$7842c810$[EMAIL PROTECTED]">news:000201c087a5$7842c810$[EMAIL PROTECTED]... The Sup 1 and 10 meg card will do all you need for the lab. Don't waste the extra bucks on the 100MB card unless you plan on keeping the cat for personal use after you pass the lab. When I bought mine, it had a sup I, 24 port 10MB card, 12 port 100FX card and an ATM LANE module. (Now that they have taken LANE off the lab, it looks like a big mistake). I've never used the 100 FX module and the ATM module is no longer needed. Be sure to keep several code release versions around as they tend to use older versions of code on the Cat's in the lab. LAB -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Albert Lu Sent: Thursday, January 25, 2001 11:03 PM To: GroupStudy Subject: Catalyst 5000 for home Hi, I would like to ask what's the minimum modules I need for a Cat5000 for a home lab? I'm considering a SupI(ws-x5009) and a ws-x5010 (24pt 10meg telco ports) or ws-x5012 (48pt 10meg telco ports). Is this sufficient for a CCIE lab, the SupI has a 100Meg uplink surely this is enough to to ISL trunking, routing, etc, etc? Or should I go for a ws-x5213a (12pt 100Meg). This module is much more expensive than the other because of the onboard RJ45 and being 100Meg. Thank you for you advice. Albert _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Access Lists on a Cisco 7200
Hi If you need to pass VPN traffic you will need to add permits for GRE and ESP as well. HTH John Hardman CCNP MCSE+I "John Starta" [EMAIL PROTECTED] wrote in message 5.0.2.1.2.20010117135118.037b0d10@popcorn">news:5.0.2.1.2.20010117135118.037b0d10@popcorn... Scott, The following example will block the full suite of NetBios inbound to you (presumably 195.50.79.0/24). This is not a complete ACL -- it will be necessary to either specifically allow the traffic you desire inbound, or add another line to the bottom (currently commented out) permitting everything else. access-list 101 deny udp any 195.50.79.0 0.0.0.255 eq netbios-dgm access-list 101 deny udp any 195.50.79.0 0.0.0.255 eq netbios-ns access-list 101 deny udp any 195.50.79.0 0.0.0.255 eq netbios-ss access-list 101 deny tcp any 195.50.79.0 0.0.0.255 eq 137 access-list 101 deny tcp any 195.50.79.0 0.0.0.255 eq 138 access-list 101 deny tcp any 195.50.79.0 0.0.0.255 eq 139 ! access-list 101 permit ip any any jas At 07:35 PM 1/17/01 +, Scott S. wrote: Our WatchGuard FireBox seems to be getting overloaded by the number of NetBios packets it is denying. We are thinking that it might be a good idea of blocking these at our router instead. It is a Cisco 7200 with a pretty light load. Does this sound like a sensible idea? If so I was thinking the following rule would be appropriate: access-list 101 deny any 195.50.79.0 eq 137 Is this correct, or am I way off? Thanks in advance for any replies. Sincerely, Scott _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What is a Cisco 3801?
Hi Look at the MC3810, it is the working replacement for the buggy MC3801. I would not recommend a 3801, but a 3810 is a nice router. HTH -- John Hardman CCNP MCSE+I ""Albert Lu"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all, I've been doing some research on the 3801, I don't think Cisco even knows it has it. I just wanted to know what sort of router it is, and what it is capable of. Is it worth getting for a home lab? Regards, Albert _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Router Serial Number
Hi It depends... I have never seen a chassis serial number in the IOS, however some of the higher end routers you can see the serial by using a show controller xxx. The serial number for the router is on a sticker on the "back" of the router, it has a bar code printed above/beloew it. HTH John Hardman CCNP MCSE+I ""Jake"" [EMAIL PROTECTED] wrote in message 93nmb0$1j3$[EMAIL PROTECTED]">news:93nmb0$1j3$[EMAIL PROTECTED]... Hi all, 'show version' on a switch (2900 or 3500) will show the switch's serial number (second to last line - right before the config-register). Is there a similar way to find the serial number of a router? I can't find it in the 'sh ver' output. Thanks, Jake _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: WAN Backbone over DSL?
Hi Being a DSL provider and working day to day with QWest/USWest, I can tell you do NOT want to run a mission critical WAN network over DSL. I have had outages on VC/VPs lasting days... Don't do it. John Hardman CCNP MCSE+I ""info"" [EMAIL PROTECTED] wrote in message 93l75r$65m$[EMAIL PROTECTED]">news:93l75r$65m$[EMAIL PROTECTED]... Anyone experimenting/using DSL for a WAN backbone? Please email me your experiencesand I'll share with you mine. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: WAN Backbone over DSL?
""Chuck Larrieu"" [EMAIL PROTECTED] wrote in message 007101c07c12$8bb93440$[EMAIL PROTECTED]">news:007101c07c12$8bb93440$[EMAIL PROTECTED]... --Snip-- Someone else mentioned reliability issues. I don't know. My DSL has been every bit as reliable as anything else I have ever had experience with. I once has a frame relay link between two of my offices down for a week while the telco swore to god they were able to test end to end. Wanna guess what they found after I told my account rep that I considered our contract null and void? So bad service and prolonged outages can happen with any transport. Yes you are quite correct, I did not get my point accorss well at all ;-) Here QWest, DSL is just is such a over loaded, under staffed, non-business type of service that you simply can not count on it. They just do not have the people and equipment to deal with the volume, both of install and repair. Here the QWest FR is rock solid, the only outages I have taken have been the five minute "sorry we need a quick maintanence window" type. I tell customers that it is the application and the value of that application that should drive any provisioning decision. DSL is cheap. But will it truly serve your purpose? Very correct! Do not get me wrong, DSL can and is a very good solution for many things, but the quality of provider/reseller, the busniness need and the like all count. John Hardman Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of info Sent: Thursday, January 11, 2001 11:53 AM To: [EMAIL PROTECTED] Subject: WAN Backbone over DSL? Anyone experimenting/using DSL for a WAN backbone? Please email me your experiencesand I'll share with you mine. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Disappointed with ccnp!!
Hi Don't worry too much about it. This time of year it is hard to find work, I know I am looking right now myself. A lot of the companies are just starting a new year, people just getting back from holiday vacations, new budgets and projects just starting to get going. Keep in mind that there really isn't a cert out there with the possible exception of the CCIE will get you a job by it's self. You have to fit the job, the environment, and have the knowledge/experience you will land the job. Be charming, friendly, likeable. Read the job description carefully, if you have the knowledge/experience they are looking for, MAKE sure it shows on your resume. Too many times we "geeks" assume knowledge on the hiring persons part, spell it out real simple, make sure they get it. I actually had a recruiter ask me "Since you have worked with DS-3 lines, you have ATM and frame relay experience, right?" So you tell me, what on earth does a layer 2 technology have to with a layer 1 technology? Anyway keep your sprits up, there are jobs to had. I have three interviews over the 2 weeks, one with the mother ship, Cisco. May my good luck land on you! -- John Hardman CCNP MCSE+I "park jeongwoo" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi group members. I need your help. I am having a hard time on finding a job. I recently got ccnp certification and looking for the entry level of job for network engineer. I am living in San Francisco, and graduated from college less than a year ago. I have less than a year of network experience that I got from school computer lab. I had a harder time finding a job before I became ccnp. So I studied hard believing that ccnp would get me somewhere at least as a entry level network engineer. Now I am kind of confused and disappointed with the fact that I am still having a hard time finding a job even with ccnp certification. I feel like I need more cisco certifications such as ccda, ccdp. Would these certification ever help me find job? It is really discouraging that cisco certification doesn't help me much find a job at this point, because I am also pursuing ccie too. I have to ask myself what is the point of getting cisco certification. Lots of CCNAs are having a job. Why not ccnp? Could somebody tell me why it goes like this, and what I should do? Am I looking for wrong job? I will appreiciate your input. jeongwoo __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IRR revistited, lessons learned.
Hi All A while back I posted a question here and in the dcom.cisco group about IRRs (Internet Routing Registry). I did not get a heck of lot of feedback, but what did come back was, "you don't need it". Since then I have found quite a few more web sites on the subject both in theory and in practice. I have setup eBGP and iBGP. Spent time cussing providers for having filters in place when they said they did not, etc, etc. Well, the big lesson learned... don't believe everything you read or hear. One of the providers I had to peer with is Level3, which requires that you register with their IRR or have none of your routes accepted. I had asked the sales manager if I needed to use IRR, asked the implantation manager too, both said "no IRR required". Finally got to trouble shooting the failure to see my routes on the looking glass sites, and got to talk to a real live BGP engineer (someone that does BGP everyday for a living), and found out that indeed some providers require IRR objects before they will accept a route. Amazing how much you can learn from someone that really does it day in and day out! Anyway, my advise to any deploying BGP in the real world, talk to the BGP engineers from both providers both you are trying to peer with. Do not let the red tape get in your way, demand to speak to them, not the help desk, not the manager, not the FAQ, not the "instructions", but talk to the engineers that you will be working with. Get it from the source and no where else, otherwise you are risking your network connectivity. Well I hope my experience helps someone else out. -- John Hardman CCNP MCSE+I _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix Firewall License R or UR ?
HI Show Version Not the number of lic'ed connections near the bottom. HTH -- John Hardman CCNP MCSE+I ""A.C"" [EMAIL PROTECTED] wrote in message 9384i4$f0a$[EMAIL PROTECTED]">news:9384i4$f0a$[EMAIL PROTECTED]... Hi, Does anyone know a command on Pix Firewall 520 that shows what kind of license it has (R -UR license)? Thank you _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Lab
Hi Add some more 2500 or some 1700 for more serial interface and VoX. Kill the ISDN simulator, it is much cheaper (in most areas) to simply order a ISDN BRI line and use a NT1 to split the B channels between the routers. $0.02 -- John Hardman CCNP MCSE+I ""Albert Lu"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... This is the list of equipment I'm looking to purchase, I've been doing almost 4 weeks of research on this, and came up with this list. 2x2513 2x2503 2509 or 2511 2520 1x2901 Catalyst Switch Emutel Lite ISDN Simulator. Serial Cables 2 Token Ring hubs Ethernet transceivers All routers running IOS12 Enterprise so you need 16Flash/16Dram, less if your clever. Other things such as ATM and VoIP I intend to do using remote labs. Everyone else, please give me some feed back on this. -- From: Tariq Bin Azad [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: CCIE Lab Date: Thursday, January 04, 2001 9:51 PM Hello Everybody. I am just curious that which equipment I may need to build CCIE lab at my home. Somebody told me that I have to buy ISDN Simulators, Switches and different series of routers.. I will appreciate if anybody can send me list of all equipments / simulators / routers / switches with their series nos to build this home lab ... Thanks Tariq Bin Azad _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Lab
Hi It's really not the number of routers, it's the number and function of the ports. A lot of what you are going to do on a lab exersise is going to be over serial ports, either point to point or frame relay. Let me give you a small little lab that requires 5 routers; Creat a simulation so that you have two routers connect with a GRE tunnel over the Internet, and simulate a Internet failure that is between the ISP routers. Very simple lab, but it requires a minimum of five routers. If you are going to do any really life like labs you will need to string several routers together, with several ports each. Right now I have 12 routers in my lab and sometimes come out wishing I had just one or two more... As for frame relay, you will want a router or two with at least 4 serial ports to act as the frame switch. VoX = VoiceOver IP, Frame Relay, ATM HTH John Hardman CCNP MCSE+I ""Albert Lu"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, How many more 2500s do you recommend, which one specifically, and how would it help with lab scenarios? I'm already looking at 6 routers. What do you mean by VoX? Voice over IP? ------ From: John Hardman [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: CCIE Lab Date: Friday, January 05, 2001 1:43 AM Hi Add some more 2500 or some 1700 for more serial interface and VoX. Kill the ISDN simulator, it is much cheaper (in most areas) to simply order a ISDN BRI line and use a NT1 to split the B channels between the routers. $0.02 -- John Hardman CCNP MCSE+I ""Albert Lu"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... This is the list of equipment I'm looking to purchase, I've been doing almost 4 weeks of research on this, and came up with this list. 2x2513 2x2503 2509 or 2511 2520 1x2901 Catalyst Switch Emutel Lite ISDN Simulator. Serial Cables 2 Token Ring hubs Ethernet transceivers All routers running IOS12 Enterprise so you need 16Flash/16Dram, less if your clever. Other things such as ATM and VoIP I intend to do using remote labs. Everyone else, please give me some feed back on this. -- From: Tariq Bin Azad [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: CCIE Lab Date: Thursday, January 04, 2001 9:51 PM Hello Everybody. I am just curious that which equipment I may need to build CCIE lab at my home. Somebody told me that I have to buy ISDN Simulators, Switches and different series of routers.. I will appreciate if anybody can send me list of all equipments / simulators / routers / switches with their series nos to build this home lab .. Thanks Tariq Bin Azad _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: So what SHOULD a CCIE know?
Humm... interesting question. From one point of view... What should be tested (or not tested): In over 10 years of IT work I have only ran across AppleTalk once, so drop AppleTalk (which they are doing). In the same time frame I have only ran across one IPX network that wasn't either in the process of being converted to 100BaseT or was only being used in the DC to connect to a Novell server that was a file server which had it's drives mapped to NT drives. So IPX should take a big back seat to IP. TR, well personally I like it, but again I have only seen one network with TR that wasn't planned to be changed to 100BaseT. Come to think of it, they announced the upgrade a couple of months after I left there. So TR should also be in the back seat. Bridging, humm... well in some respects it is rarely used in the networks I have seen, mostly to get to SNA servers. But then again you had better know your IRB pretty well with all of the L3 switching that companies are being sold these days. L3 switching, better know that pretty well. There are just too many companies being sold L3 that it had better take a bigger role in the lab. The R/S written and lab should take on more of the service provider element. I am not saying that the new SP track should be rolled into the RS track. But with outsourcing and the Internet with VPN, dial and the like taking a bigger and bigger role in most companies, better know your ATM, dial, VPN, BGP, etc, etc. The same can be said for security. Not having taken the lab, I can not really say as to how IPX, TR, or bridging is tested. It could be that it is tested as a primary thing and not as a secondary, e.g. "well looks like we are going to have to deal with that TR segment over rather we want to or not". The same could be said for ATM, maybe it should be a primary and not a secondary. Well there is $0.02 from one point of view, HTH. -- John Hardman CCNP MCSE+I ""Chuck Larrieu"" [EMAIL PROTECTED] wrote in message 002c01c0703c$c2ef8680$[EMAIL PROTECTED]">news:002c01c0703c$c2ef8680$[EMAIL PROTECTED]... We've all seen a number of comments about the CCIE written and the CCIE Lab, regarding content. Most of those comments have been negative. So, what SHOULD be tested? What SHOULD a CCIE know? Anyone? Chuck -- I am Locutus, a CCIE Lab Proctor. Xx_Brain_dumps_xX are futile. Your life as it has been is over ( if you hope to pass ) From this time forward, you will study US! ( apologies to the folks at Star Trek TNG ) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: T3 and Ds3
Hi Yep terminology, typically T1, T3 in the telco world imply the capabillity to carry voice and/or data. DS1, DS3 are typically used to refer to data only lines. HTH -- John Hardman CCNP MCSE+I ""nsamuel"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Is there a difference in a T3 and DS3, or is this just termilogy? Nigel _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Token Ring in home lab questions
Hi There are two types of TR MAU (hubs) out there. One has the old block style connector, the other has a RJ-45 style port. Hopefully you have the later, if not they are real cheap on ebay. Anyway, (assuming the RJ-45 style) a straight regular old ethernet cable between the PC NIC and the hub and between the media filter and the hub. Nothing special here, a straight cable is a straight cable rather it uses the same pairs to communicate or not. HTH -- John Hardman CCNP MCSE+I ""Lori S Carter"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Dug through the archives and found very little on setting up Token Ring in a home lab. I'm still confused. How is this done? Any good sites that I can go to find out this information? Among other equipment, I've got an SMC MAU, a Token Ring NIC installed in a PC, DB-9 to RJ45 media filter, and a 2504. What type of cable do I need between the media filter on the router and the MAU? I know it's not a standard Cat 5 cable because Token Ring uses different pins than Ethernet. What about the cable between the PC and the MAU? The NIC card can handle either RJ-45 or DB-9. On the MAU, there are two ports that are labeled RO and RI with small push button switches next to them to enable or disable "wrap". What are these for? Any information would be appreciated. Thanks, Lori Get FREE Email/Voicemail with 15MB at Lycos Communications at http://comm.lycos.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]