RE: Privilege mode prompt is on my routers [7:7154]
maybe prompt router -Original Message- From: Michael Bambic [mailto:[EMAIL PROTECTED]] Sent: Monday, June 04, 2001 1:58 PM To: [EMAIL PROTECTED] Subject: Privilege mode prompt is on my routers [7:7154] Students have been using my rack and now I've spent the last 1/2 an hour trying to figure out why or how my router prompt would be a after typing enable and entering the password. I know I'm in privilege mode because I can do things such as show run etc that you can't do in user mode. Hope somebody can help... Mike Bambic Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7156t=7154 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: anybody ever connected 2600 AUX ports back2back? [7:5844]
You might just need to clear both lines. Clear line x Also are you using a rollover cable? -Original Message- From: Doug Hammond [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 24, 2001 11:04 PM To: [EMAIL PROTECTED] Subject: Re: anybody ever connected 2600 AUX ports back2back? [7:5844] Some thoughts - Try putting in this command on your async interface: async default routing Also what type of cable are you using? I've always used the cisco black cable. And try to hard-code the rxspeed and txspeed. I never trust auto-select. Why are you using async65? Wouldn't it be async1? NRF wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Well, now I've just tried back2back aux between a 2610 and a 2514. It still doesn't work, exact same errors as before. NRF wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... So I'm trying to connect the AUX ports of 2 2610's back to back. I am following a known procedure on CCO where you can connect 2500's AUX ports back to back. http://www.cisco.com/warp/public/793/access_dial/auxback.html So I follow exactly what they do. But it doesn't work. Maybe the problem is that 2600's don't do back2back aux ports (the CCO example was for 2500's). But that doesn't make much sense, because why not? Anyway, has anybody ever gotten AUX 2600's (or any router for that matter) to connect back to back? For example, here is the Async config on one of the 2610's. interface Async65 ip address 192.168.10.1 255.255.255.0 no ip directed-broadcast encapsulation ppp async dynamic routing async mode dedicated Here is the aux line config: ine aux 0 modem InOut transport input all speed 38400 flowcontrol hardware So I believe that everything is good, it's exactly like the CCO config. Yet, the async interface just keeps bouncing up and down. For example: r1# 1d19h: %LINK-5-CHANGED: Interface Async65, changed state to reset r1# 1d19h: %LINK-3-UPDOWN: Interface Async65, changed state to up r1# 1d19h: %LINK-5-CHANGED: Interface Async65, changed state to reset Here's what happens when I debug async packet r1#debug async packet Async packet I/O debugging is on r1# 1d19h: %LINK-5-CHANGED: Interface Async65, changed state to reset r1# 1d19h: %LINK-3-UPDOWN: Interface Async65, changed state to up r1# 1d19h: APPP65: Output packet, len = 24, header = FF 3 C0 21 1d19h: APPP65: Output packet, len = 24, header = FF 3 C0 21 1d19h: APPP65: Output packet, len = 24, header = FF 3 C0 21 r1# 1d19h: APPP65: Output packet, len = 24, header = FF 3 C0 21 1d19h: APPP65: Input packet, len = 24, header = FF 3 C0 21 1d19h: APPP65: Output packet, len = 24, header = FF 3 C0 21 r1# Here's what happens when I debug async framing r1#debug async framing Async interface framing debugging is on r1# 1d19h: %LINK-5-CHANGED: Interface Async65, changed state to reset r1# 1d19h: Async65: Reset PPP framing on TTY65 r1# 1d19h: Async65: Setup PPP framing on TTY65 1d19h: As65 PPP: Processed packet cached during autoselect r1# 1d19h: %LINK-3-UPDOWN: Interface Async65, changed state to up r1# 1d19h: As65: Enabling PPP framing in UART Microcode on TTY65 r1# 1d19h: As65: Enabling PPP framing in UART Microcode on TTY65 r1# 1d19h: As65: Enabling PPP framing in UART Microcode on TTY65 r1# 1d19h: As65: Enabling PPP framing in UART Microcode on TTY65 r1# 1d19h: As65: Enabling PPP framing in UART Microcode on TTY65 r1# 1d19h: As65: Enabling PPP framing in UART Microcode on TTY65 FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5911t=5844 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco PIX vs Checkpoint FIrewall-1 [7:2878]
I don't think it is security holes at a lower layer. Checkpoint installs what they call a shiv between the network and data link layer to protect the IP stack. And if you were to take advantage of OS security flaws you would be doing it at the Session Layer and above, not the lower layers. About five years ago it used to be the case the application based firewalls did not protect the network as well as packet filtering. But that was because people didn't really understand what a firewall was. Most people considered a proxy server as a sort of firewall. I remember a client telling me they were protected because they used reserved ip address and M$ proxy. In fact at the time M$ was marketing their proxy server as a poormans firewall. But today firewalls protect the IP stack. And most people know that a proxy is not a firewall. So this hardware based is better than software based stuff does not ring true. When someone asks me which is better Pix or Checkpoint, I tell them it depends. I can find you studies that says Pix has better throughput than Checkpoint and vise versa. The real difference between them is that Checkpoint has a gui interface and Pix has the o'l command line. You can pretty much do the same thing with them, so what it comes down to is what are you or your staff more comfortable configuring. Are you a cisco shop, buy the pix, are you an NT/Unix shop, buy Checkpoint. Beyond that it is all marketing semantics. In fact I have heard, but not seen, that their is a new gui interface for the Pix. Anyone used it lately? I haven't had time to work with it, since I'm preparing for this little know lab called CCIE or something like that. What's an IGP? (oh my brain is starting to hurt...) -Original Message- From: Jim Brown [mailto:[EMAIL PROTECTED]] Sent: Friday, May 04, 2001 7:45 AM To: [EMAIL PROTECTED] Subject: RE: Cisco PIX vs Checkpoint FIrewall-1 [7:2878] Security holes in lower layers? Where did you come up with that, your Cisco rep? -Original Message- From: Eugene Nine [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 03, 2001 5:01 PM To: [EMAIL PROTECTED] Subject: Re: Cisco PIX vs Checkpoint FIrewall-1 [7:2878] PIX goes up to layer 4, so it won't do things like URL filtering. Checkpoint (or other SW) can do higher layer protection but may not be as well at the lower layers (due to security holes in the OS, etc) Eugene Chuck Larrieu wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Asked sincerely, what advantages do you see in provisions PIX plus checkpoint? Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, May 03, 2001 2:47 PM To: [EMAIL PROTECTED] Subject: Re: Cisco PIX vs Checkpoint FIrewall-1 [7:2878] It depends on your security policy , design and needs , generally what we advice our customers is checkpoint + pix together Hatim badr a icrit : Hi , I would like to know the pluses and minuses of each product . Currently We are using checkpoint and I want to convince my management to switch to cisco PIX firewall . Thanks Hatim Get free email and a permanent address at http://www.netaddress.com/?N=1 FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=3204t=2878 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Frame LMI Multicasting [7:2893]
What is the purpose of LMI Multicasting? I've seen the Allows a sender to transmit a single frame but have it delivered by the network to multiple recipients. But that doesn't quite cut it. How would you use LMI multicasting and what is the difference between the frame interface-dlci broadcast command. Has anyone tried to use it in there lab? Any help would be appreciated. thanks Drew Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2893t=2893 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: T1 pinout [7:1297]
Here you go http://www.cisco.com/warp/public/471/75.html#command -Original Message- From: SH Wesson [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 19, 2001 2:18 PM To: [EMAIL PROTECTED] Subject: T1 pinout [7:1297] Anyone know the pinout to a cable that use to connect two fractional T1 CSU/DSU back to back for testing. Thanks. _ Get your FREE download of MSN Explorer at http://explorer.msn.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1309t=1297 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame Relay switching [7:435]
I've also noticed that if you don't use the intf-dce command on the switch, regardless of whether the switch interface is or is not dce, you will not get lmi to work properly. -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Friday, April 13, 2001 9:30 AM To: [EMAIL PROTECTED] Subject: RE: Frame Relay switching [7:435] Once again, to clarify: The interface with the DCE end of the cable is the interface that requires the clock rate configured. This may be different than the interface that has the frame-relay intf-type DCE Frame relay intf-type dce does NOT require clock rate and does NOT require the DCE end of the cable. The difference is the physical versus the logical DCE. If you were to configure two Cisco routers back to back NNI, one of those routers would still require the clock rate set. A minor point, but one most misunderstood. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 12, 2001 11:45 PM To: [EMAIL PROTECTED] Subject:RE: Frame Relay switching [7:435] Thomas, On fr switch, dce side needs clock rate defined. If your interface is dte, simply assign clock rate on the dce side of other router (but of couse you must swap the dce-dte cable). No matter what you use, you may just use frame intf-type dce on the fr switch. This gives you the ability to define "frame route" which is what you want on the fr switch, right ? YY -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Thomas Sent: Friday, April 13, 2001 9:12 AM To: [EMAIL PROTECTED] Subject: Frame Relay switching [7:435] Hi All - I am setting up my 2501 router as a frame-relay switch. I succeed when setting both of its serial as DCE interfaces. However, I failed to have one serial acts as a DCE and one acts as a DTE. Is it possible to specify a switch as a "frame-relay" switch and have one of its serial acting as a DTE interface (and assign IP address...) ??? Thanks All FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=533t=435 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE:
Can you identify the type of DOS. What IOS is he running? If this is a known bug is there a cisco bug track ID on it? Thanks Drew -Original Message- From: Sean Young [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 28, 2001 2:57 PM To: [EMAIL PROTECTED] Subject: Hi everyone, I have a story that wish to share with everyone. One of my friends works for a company that uses Cisco PIX as the firewall. This afternoon, he called and told me that the company firewall is experiencing a Denial of Service (DOS) attack. The attack is so heavy that the PIX is just simply gives up. The company contacts Cisco and the TAC told my friend that there is a bug in the Cisco PIX code and he will have to wait a few days for the new code to arrive. Frustrated, he decides to use his workstation which is running NetBSD, put in an extra NIC, shutoff all essential services but SSH and netfilter. Amazingly, the new BSD firewall withstand the DOS and connectivity is restored. The point of the story. Not everything from Cisco is good. Their code is just buggy as everyone else. Just because it carries the name Cisco doesn't mean it is safe. _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Off Topic: Any interest in new Sniffer Certification?
Before we had all the great books that we had today, the SnifferU courses were a great source for information. A lot of the low level stuff that it is hard to find information on, like what is B8ZS, how does it work and how does it differ from D4AMI. I don't know if I'll go for the certification but I'm glad to see they are bringing it back. It is definatly worth a look. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 07, 2001 9:10 AM To: info; [EMAIL PROTECTED] Subject: Re: Off Topic: Any interest in new Sniffer Certification? It was a very interesting post. The poster probably should have used a private e-mail address so it wouldn't appear to be marketing spam, but it was still a relevant and important piece of news for the clueful people on the list. Priscilla At 06:00 AM 3/7/01, info wrote: Eh, big deal. The original post's header indicated it was Off topic. Plenty of threads on this list are about non Cisco certifications. Protocol Analysis is a skill reserved for experts. Some people on this list are CNX certified which is a certification being superceded by the new cert program.it will be interesting to see how they react to the new program. Therefore the post has relevance to the list. Even if it came from Sniffer's Marketing team, it wouldnt change that. .personally, I think protocol analysis is going to be extremely important in Wireless environments as a security measure. Andy [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Gee, thanks for spamming a Cisco cert list with your marketing jizz propaganda crap press release. If you want to spam a cert list, start your own.. On Tue, 6 Mar 2001, info wrote: http://biz.yahoo.com/prnews/010305/sfm057.html Was wondering if any of you had comments or interest in the new Sniffer Cerficication just announced. See link above or article below. Sniffer Certification Program to Accredit IT Professionals With First-Class Troubleshooting and Protocol Analysis Skills for Managing Enterprise Networks SANTA CLARA, Calif., March 5 /PRNewswire/ -- Sniffer Technologies, a business unit of Network Associates (Nasdaq: NETA - news), today is setting a worldwide standard by introducing its IT certification program for network management called the Sniffer Certified Professional Program (SCPP). While meeting the industry's demand for network professionals with vendor-specific certification, the SCPP will identify IT professionals with first-class Sniffer-specific troubleshooting and protocol analysis skills to protect and optimize networks across the enterprise. Developed through close collaboration with Sniffer University, the Sniffer Certified Professional Program will help employers identify professionals within their organizations who are equipped with the knowledge and skills to implement, operate and troubleshoot networks effectively. At the same time, SCPP will provide network professionals industry-recognized accreditation as experts in their field. ``The rapidly changing landscape of internetworking technologies is creating a shortage of qualified, trained professionals to manage business-critical networks,'' said Rich Baich, Director of Sniffer University's Educational Services, Sniffer Technologies. ``Companies recognize the critical role network availability plays in the success of their business, and the Sniffer Certified Professional Program ensures they have trained professionals to ensure maximum uptime of their network.'' The Sniffer Certified Professional Program was developed using proven psychometric processes to create quality tests targeted at network professionals with in-depth knowledge of Sniffer technologies and significant hands-on experience in real world environments. Each exam tests objectives and content that maps to Sniffer University's existing curriculum ensuring clear learning paths between product and technology emphasis areas. The Sniffer Certified Professional program consists of three levels. The first level, the Sniffer Certified Professional (SCP), includes a 60-minute required core exam designed to test a candidate's knowledge in the use of Sniffer Technologies' network analyzer. The SCP credential is the basis for the entire program. The following levels, the Sniffer Certified Expert (SCE) and the Sniffer Certified Master (SCM), evaluate a candidate's knowledge in their choice of a combination of other Sniffer products and technologies in various networking environments. Additional SCPP exams validate skills for products such as DSS/RMON Pro or the new Wireless LAN product as well as technology emphasis areas: Ethernet, TCP/IP, Windows NT and 2000, WAN and ATM. According to industry research, Sniffer Technologies is the
RE: back-to-back cable AGS+ and 2523
On the AGS, unlike the 2500's and above, the DTE, DCE setting is actually a jumper on the serial card. You will have to go in and remove the card and set/verify the jumpers. This link will provide you the correct jumper settings. More than likely it is set for DCE, the default http://www.cisco.com/univercd/cc/td/doc/product/core/cisagspl/agscfig/34084. htm#xtocid2857013 Let me know if you have any other questions. I have two AGS running in my lab. One for a frame-switch. The other is pretending to be a 2502 until I can purchase one. Regards, Drew -Original Message- From: Daniel Cotts [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 27, 2001 8:04 AM To: 'ciscojolof'; [EMAIL PROTECTED] Subject: RE: back-to-back cable AGS+ and 2523 Do a "show controllers s 4" on the 2523 to verify that the router sees a DCE cable. I have no experience with the AGS+. However, some serial ports are sync while others are async. Which ones do you have? -Original Message- From: ciscojolof [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 27, 2001 8:59 AM To: [EMAIL PROTECTED] Subject: back-to-back cable AGS+ and 2523 HI guys, I have a problem having my AGS+ (DB26 DTE) talk to my 2523 (DB60 DCE). I purchased a custome cable and tried to have it work in vain. THe configs are as follow Router_2523 is DCE (provides clocking at 56000) Router_AGS+#sh int s3 Serial3 is up, line protocol is down Hardware is MCI Serial Internet address is 172.17.10.4 255.255.255.0 MTU 1500 bytes, BW 56 Kbit, DLY 2 usec, rely 255/255, load 1/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec) Last input never, output 0:00:20, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Output queue: 0/64/0 (size/threshold/drops) Conversations 0/1 (active/max active) Reserved Conversations 0/0 (allocated/max allocated) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants 1 input errors, 0 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort 1258 packets output, 28716 bytes, 0 underruns 0 output errors, 0 collisions, 429 interface resets, 0 restarts 0 output buffer failures, 0 output buffers swapped out 841 carrier transitions Router_AGS+# Router_2523#sh int s4 Serial4 is up, line protocol is down Hardware is CD2430 in sync mode Internet address is 172.17.10.2/24 MTU 1500 bytes, BW 115 Kbit, DLY 2 usec, rely 255/255, load 88/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec) Last input 00:00:00, output 00:00:00, output hang never Last clearing of "show interface" counters never Input queue: 1/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/2/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) 5 minute input rate 4 bits/sec, 200 packets/sec 5 minute output rate 4 bits/sec, 200 packets/sec 1093746 packets input, 24255326 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 119 input errors, 119 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 1094957 packets output, 24283752 bytes, 0 underruns 65 output errors, 0 collisions, 443 interface resets 0 output buffer failures, 0 output buffers swapped out 776 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up Router_2523# _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR + Poison Reverse...
OSPF does use Split horizon. I don't think OSPF uses PR because PR sets the route to infinity and I'm not sure what an ' infinity' cost would mean in OSPF. -Original Message- From: Z [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 27, 2001 12:47 AM To: Brian; [EMAIL PROTECTED] Subject: Re: FR + Poison Reverse... But I thought that I'd seen or heard of using split horizon with OSPF...maybe I'm thinking of Frame Relay...long day I guess... This has been an Eyez Only streaming e-mail broadcast...We are watching. NetEyez ~ CCNP, CCDA - Original Message - From: "Brian" [EMAIL PROTECTED] To: "Z" [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, February 27, 2001 1:16 AM Subject: Re: FR + Poison Reverse... split horizon and PR are both associated with distance vector protocols, OSPF is a link state protocol. Brian On Mon, 26 Feb 2001, Z wrote: Hey Group, I recently pondered something while at work and nobody could give me a strait answer. Actually I feel a little embarrassed asking this due to me being an NP and I feel like I should know this. Guess this type of thing doesn't come up much around me. Question is: Can poison reverse (PR) be used with OSPF? I know split horizon is used with it but I just cant see why/how poison reverse would. My definition of PR is that it sets the link to the max hop count and deems it unreachable, hence the term poison. I can't see how this would work with OSPF because it doesn't use a hop count. Maybe I'm confused about PR. Does it set the link to the highest metric, and not hop count? Maybe I'm just used to hearing about PR in discussions of RIP that I'm assuming it set the hop count to the highest and has nothing to do with metric. Any clarity would help, thanks all... ...sorry for the rambling... This has been an Eyez Only streaming e-mail broadcast...We are watching. NetEyez ~ CCNP, CCDA _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] --- I'm buying / selling used CISCO gear!! email me for a quote Brian Feeny,CCDP,CCNP+VAS Scarlett Parria [EMAIL PROTECTED] [EMAIL PROTECTED] 318-222-2638 x 109318-222-2638 x 101 Netjam, LLC http://www.netjam.net 1401 Oden St. Suite 18 Shreveport, LA 71104 Fax 318-221-6612 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IPSec, IKE, VPN study resources?
For a starting out point I would recommend Enhanced IP Services for Cisco Networks by Donald Lee. He does a great job explaining how cisco handles IPSEC and IKE. Next I would recommend Cryptography and Network Security - Principles and Practice by William Stallings. Probably the best free book I received from cisco. (Besides Small Business Networking for Dummies--I keep it smack dab in the middle of all my cisco/networking books. You should see peoples faces when they come across it ;) After that you should probably head to the RFC's: (God I'm starting to sound like Howard :) RFC2104 Hashing RFC2402 AH RFC2406 IPSec ESP RCF2405 RFC2408 ISAKMP and a bunch more Have fun Drew -Original Message- From: Brian Lodwick [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 27, 2001 8:40 AM To: [EMAIL PROTECTED] Subject: IPSec, IKE, VPN study resources? Group, Can anyone out there help me out. I am trying to find resources for study. I want to get learn as much as possible about IPSec and VPN technology. I would like to see if anyone knows of some good resources to learn more about this kind of stuff -IPSec tunnel and transport modes, Security Associations, ISAKMP\OAKLEY process, The Diffie-Hellman algorithm, and ... What I would really like to find is a book that gets right into the guts of it and goes through it inside and out. I'd also like to learn the history, and where the forefront is trying to push this technology. If anyone knows of any resources they have found helpfull I would really be gratefull for your response. Thanks in advance guys- Brian _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Here's an easy one
Multicast MAC address' have the second bit odd. That is 01- or 03- to 0f- The 01-00-5E (I believe) is the multicast address assigned(?) to CGMP/IGMP -Original Message- From: Jack Williams [mailto:[EMAIL PROTECTED]] Sent: Friday, February 23, 2001 10:47 AM To: Williamson, Paul; [EMAIL PROTECTED] Subject: RE: Here's an easy one I'm sure the group will tell me if I put my foot in my mouth, but: Multicast *destination* MAC addresses start with 01-00-5E --Original Message-- From: "Williamson, Paul" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: February 23, 2001 3:23:34 PM GMT Subject: Here's an easy one Ok so we know how to convert a multicast ip into a mac, how about the reverse. I got a syslog message that made me curious:- "invalid traffic from multicast source address 0f:37:59:6f:df:0d" and i thought well i wonder what ip address that would be but i couldn't figure out the first octet. Should all multicast mac addresses start with 01-00-5e ?? Is this mac address invalid ? Anyone ? Thanks -Paul PLEASE READ: The information contained in this e-mail is confidential and intended for the named recipient(s) only. If you are not an intended recipient of this email you must not copy, distribute or take any further action in reliance on it and you should delete it and notify the sender immediately. Email is not a secure method of communication and Nomura International plc cannot accept responsibility for the accuracy or completeness of this message or any attachment(s). Please check this e-mail for virus infection, for which Nomura International plc accepts no responsibility. If verification of this email is sought then please request a hard copy. Unless otherwise stated any views or opinions presented are solely those of the author and do not represent those of Nomura International plc. This email is intended for informational purposes only and is not a solicitation or offer to buy or sell securities or related financial instruments. Nomura International plc is regulated by the Securities and Futures Authority Limited and is a member of the London Stock Exchange. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Strange problem with Cisco 2501 routers
Do you have a TFTP server on the segment maybe with a file net-conf? It could be pulling a bad configuration file from a tftp server. Also it might be trying to pull a IOS image from a TFTP server that is not there. It might have a boot system tftp command in the config. I assume you just got these and you are experiencing the problem. Try going into ROM mode and change the Configuration register to ignore the start up config file (confreg 0x142). reload the router and see what the config look like. I have a feeling it is looking for something off a TFTP server. If you want you can make a copy of the config and then do a write erase. Change back the Config Register to 0x2102 (Router#config-reg 0x2102). Reload the router and see if you get the same error. Hope this helps Drew -Original Message- From: Ole Drews Jensen [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 07, 2001 7:31 AM To: 'John Neiberger'; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: Strange problem with Cisco 2501 routers You're right, but I think he is talking about the UPDOWN messages. This could be due to a "shutdown" line in each interface, but it would help to see the configuration. Ole Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] http://www.CiscoKing.com NEED A JOB ??? http://www.oledrews.com/job -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 07, 2001 9:17 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Strange problem with Cisco 2501 routers The only startup errors evident in this output is this: Unknown or ambiguous service arg - udp-small-servers Unknown or ambiguous service arg - tcp-small-servers Illegal IP keyword - classless You're probably seeing this because you are running IOS 11.1(7), but your config is pasted in from a router running at least 11.2. 11.1(7) apparently doesn't understand these lines: service udp-small-servers service tcp-small-servers ip classless You can upgrade your IOS or remove those lines from your config. The status messages about the interfaces are not strange in any way. They look quite normal, assuming the ethernet port was connected to something but the serial ports were not. HTH, John Hi Folks, I have a few Cisco 2501 routers all eith the same startup problem. On startup, the routers behave normal, but after the "Press RETURN to get started" message, the routers come up with errors about the ethernet and serial interfaces, restarts and then hang up completely. Thinking that the problem may be with the DRAM, Flash or software, I have replaced these with ones from other Cisco 2501 routers in good working condition, but the problem remained the same. The typical output from these routers is as shown at the end of this posting. Any good ideas will be appreciated. Thank you. System Bootstrap, Version (3.3), SOFTWARE Copyright (c) 1986-1993 by cisco Systems 2500 processor with 4096 Kbytes of main memory Unknown or ambiguous service arg - udp-small-servers Unknown or ambiguous service arg - tcp-small-servers Illegal IP keyword - classless Booting ie11170n from Flash address space F3: 3731220+95304+191716 at 0x360 Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco Internetwork Operating System Software IOS (tm) 3000 Software (IGS-I-L), Version 11.1(7), RELEASE SOFTWARE (fc2) Copyright (c) 1986-1996 by cisco Systems, Inc. Compiled Wed 23-Oct-96 20:37 by tej Image text-base: 0x0301FC14, data-base: 0x1000 cisco 2500 (68030) processor (revision A) with 4096K/2048K bytes of memory. Processor board ID 01091217, with hardware revision Bridging software. X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. 1 Ethernet/IEEE 802.3 interface. 2 Serial network interfaces. 32K bytes of non-volatile configuration memory. 4096K bytes of processor board System flash (Read ONLY) Press RETURN to get started! %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1, changed state to down %LINK-3-UPDOWN: Interface Ethernet0, changed state to up %LINK-3-UPDOWN: Interface Serial0, changed state to down %LINK-3-UPDOWN: Interface Serial1,
Pix Bootp relay or IP forwarding
Is there a way to do bootp relay through a pix box; something similar to the IP forwarding in the router? The scenario: corporate network with a pix box separating separate areas of the corporate network. Problem is one side has the DHCP server on it and we need clients on the other side to receive dhcp addresses. How can I do this? After looking at CCO I think it can't be done. I know there is a DHCP Client and a minimal DHCP server with release 5.2 thank guys and gals Drew _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: **SLA help
www.sans.org is a good place to start. Do a search on Policy or Acceptable Use Policies. Another good place is: http://www.eff.org/pub/CAF/policies/ This site list some policies from different educational institutions. Regards, Drew Maness Information Security Engineer Veritect www.veritect.com -Original Message- From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]] Sent: Sunday, January 28, 2001 2:09 PM To: [EMAIL PROTECTED] Subject: Re: **SLA help The sort of topics you are looking for are more likely to be under corporate security policies, or Acceptable Use Policies, than SLAs. SLAs tend to be concerned with how fast/reliably something can be done, rather than whether it is permissible or not. Deepak Sharma wrote: Hello all Im making a SLA ( Service level agreement ) with my users in my region. Something along the lines of what type of internet browsing is allowed. What you are allowed to download and such and also something on how fast my IT dept. is going to be answering to user problems and requests. I recall someone posting a link of a web site where it had some examples of these type of documents. Plus any type of other help will be greatly appreciated. thanks Deepak _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IGS-R image
I have an old IGS-R that I'm trying to get up in my lab. The eprom has IOS 9. While it has been fun using IOS 9 I would like to use a more up to date IOS. At least IOS 11.0. But I can't figure out which IOS to use. Cisco does not list the IGS on their software site. Also this thing has no flash so I am trying to netboot it. I downloaded a couple of 11.1 images but it is not working. It only has 4 mb of Ram. Can anyone point me to the right image. I thought the IGS used the same image as the earlier 2500 but when I netboot those I get a buffer overflow error. Thanks for your help Drew _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cascading Switches
I've looked through the archives as well as on CCO but could not find a definite answer to the limit of "cascading" switches, specifically catalyst 2900's. I saw the discussion earlier this year/last year that talked about the difference between "cascading" and "stacking". I'm not looking for shared management (stacking) but just how many switches can I cascade together to get the highest port concentration. Just a simple (or bad network design)of one switch to another to another to N... because I ran out of ports and do not want to by a real switch scenario How many can I connect? My first reaction to this question was that it had to be limited by the CAM of each switch but can't find an answer. Again it is for the 2900 series switch. Thanks Drew _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: I'm stumped! (was EIGRP over ISDN) LONG
Your hold times look to be way low. From your example a hold of 12 would indicate a high bandwidth interface such as Ethernet, FDDI or token ring. On this router I would bet that the hold time is set to 5. H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num 0 10.120.226.1BR0/0 12 00:00:380 5000 1 0 Try setting the hold time with the ip eigrp hold-time interface command to 60 and set the ip eigrp hello-interval to 180 Hope that helps Drew -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 03, 2001 7:51 AM To: [EMAIL PROTECTED] Subject: I'm stumped! (was EIGRP over ISDN) LONG I'm reposting this in the hopes that someone who didn't see it before might have some ideas about this. Heck, SWAGs, educated guesstimates, or telephone psychic impressions are also welcome. We are completely stumped about how to resolve this. I've even posted this question on the CCO QA Forum but I don't think anyone has been answering questions on there lately. Here is the problem: we have an ISDN BRI backup link between two sites, and we want to run eigrp over the link when it's in use. The problem is that even though the line is not flapping, eigrp is behaving as if it were flapping. My side NEVER sees hellos from the other side, but it does receive updates. The other side receives my hellos, but it thinks the link is bouncing and that my router is intermittently unavailable. My side never establishes the other as a neighbor. I've used every debugging command I can find to no avail. Nothing is giving me any information that I don't already know. We have no access lists configured, except for distribute lists but that shouldn't affect neighbor relationships, should it? Here is sample debug output (debug eigrp neighbors and debug eigrp packet): 3d01h: EIGRP: Sending HELLO on BRI0 nbr 10.120.226.2 3d01h: AS 2, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 3d01h: EIGRP: Sending HELLO on BRI0 nbr 10.120.226.2 3d01h: AS 2, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 3d01h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up 3d01h: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state to up 3d01h: EIGRP: Sending HELLO on BRI0 nbr 10.120.226.2 3d01h: AS 2, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 3d01h: EIGRP: Received UPDATE on BRI0 nbr 10.120.226.2 3d01h: AS 2, Flags 0x1, Seq 67/0 idbQ 0/0 3d01h: EIGRP: Neighbor(10.120.226.2) not yet found 3d01h: EIGRP: Received UPDATE on BRI0 nbr 10.120.226.2 3d01h: AS 2, Flags 0x1, Seq 67/0 idbQ 0/0 3d01h: EIGRP: Neighbor(10.120.226.2) not yet found 3d01h: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 303xx theirrouter 3d01h: EIGRP: Sending HELLO on BRI0 nbr 10.120.226.2 3d01h: AS 2, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 3d01h: EIGRP: Received UPDATE on BRI0 nbr 10.120.226.2 3d01h: AS 2, Flags 0x1, Seq 67/0 idbQ 0/0 3d01h: EIGRP: Neighbor(10.120.226.2) not yet found 3d01h: EIGRP: Received UPDATE on BRI0 nbr 10.120.226.2 3d01h: AS 2, Flags 0x1, Seq 67/0 idbQ 0/0 3d01h: EIGRP: Neighbor(10.120.226.2) not yet found 3d01h: EIGRP: Sending HELLO on BRI0 nbr 10.120.226.2 3d01h: AS 2, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 3d01h: EIGRP: Sending HELLO on BRI0 nbr 10.120.226.2 3d01h: AS 2, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 3d01h: EIGRP: Received UPDATE on BRI0 nbr 10.120.226.2 3d01h: AS 2, Flags 0x1, Seq 67/0 idbQ 0/0 3d01h: EIGRP: Neighbor(10.120.226.2) not yet found Here is some info from the remote side: theirrouter# 1d02h: EIGRP: Retransmission retry limit exceeded 1d02h: EIGRP: Holdtime expired 1d02h: EIGRP: Neighbor 10.120.226.1 went down on BRI0/0 1d02h: EIGRP: New peer 10.120.226.1 theirrouter#sho ip eigrp neighbors IP-EIGRP neighbors for process 2 H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num 0 10.120.226.1BR0/0 12 00:00:380 5000 1 0 1d02h: EIGRP: Retransmission retry limit exceeded 1d02h: EIGRP: Holdtime expired 1d02h: EIGRP: Neighbor 10.120.226.1 went down on BRI0/0 1d02h: EIGRP: New peer 10.120.226.1 I'm
RE: Off topic
http://www.cisco.com/warp/public/701/14.html -Original Message- From: Naveen Sharma [mailto:[EMAIL PROTECTED]] Sent: Monday, January 01, 2001 10:08 PM To: [EMAIL PROTECTED] Subject: Off topic Dear Friends, Can any one give me wiring diagram for RJ-45 to DB 9 pin out and RJ-45 = to DB 25 pin out. Thanks for help Best regards Naveen _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Prototype and Pilot
A pilot is used when you want to prove a minimal amount of functionality. Let say, for security reasons, you want to implement SSH on your routers. You don't need to create a large scale network to test functionality for SSH. All you would do is take one router for each type, plus maybe take into account different IOS images and test the different configurations for SSH. This would be a pilot. A prototype is used when you need to prove a complex amount of functionality and interoperability. Let say you were asked to design a remote access solution for 10,000 sales people all using a small router XYZ connecting to a Core Router of type ZZZ. And you estimate that the Core Router of type ZZZ can handle N number of XYZ routers connecting to them. You also estimate that the company will need to purchase 1,000 ZZZ routers to handle the entire load. A prototype would be a couple of ZZZ routers and the appropriate amount of XYZ routers to test your theory. A prototype is usually a scaled version or modular version of your final design. Also note that the use of a pilot or a prototype is usually driven by the customer requirements. The more the customer requirements want you to prove the more likely you are to use a prototype. In short. A pilot test a minimal amount of functionality. A prototype is usually a scaled version of your design. Hope that helped more than it confused. Drew -Original Message- From: Hunt [mailto:[EMAIL PROTECTED]] Sent: Friday, December 29, 2000 1:23 PM To: [EMAIL PROTECTED] Subject: Prototype and Pilot Can anyone please tell me what is the difference between a prototype and a pilot? And when will you use them? Hunt _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Additional CCIE Written Question
The scores do not increase because you fail it. The passing score is set on a 3 month average so if a bunch of people suddenly start passing the test with a high score, the passing score will go up. But it has nothing to do with you personally failing or passing. Right now the passing score is still at 70% -Original Message- From: Curtis Call [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 20, 2000 7:46 AM To: [EMAIL PROTECTED] Subject: Additional CCIE Written Question Ok I have another question about the CCIE written. I've heard the comment that if you fail the test then when you retake it your required passing score is higher. Does anyone know how much the passing score is increased by? I am considering taking the written at the end of this week to assess what areas I am weak in and to get an idea of the difficulty of the test. Would that be a bad idea for me to do? Given the high wait time for the lab I would like to take the written as soon as possible, I'm positive I could pass it in January after a few weeks of concentrated study but I figure if it doesn't hurt me too bad I might as well try the test right now and I just might get lucky and pass. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DSU/CSU Connections
Yes you can. You just need to create a cross over cable. If you search the archives, I believe last month, someone actually gave the pinouts. -Original Message- From: Mike Murphy [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 19, 2000 7:48 AM To: [EMAIL PROTECTED] Subject: DSU/CSU Connections Is it possible to connect two DSU/CSUs together. For example I have two 1720 Routers with DSU/DSU WICs. Can I cable these together through the DSU/CSUs for study purposes? Thanks, Mike _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: O/T stupid robot dog jokes
Last night at the DC user group, a Senior Executive VP told us that they are going to sue the robot dog because it is based on an operating system with a command prompt of '' He said that the dogs were also no good because all they really do was PPP with CHAP. or was it PPTP? Oh yeah it was PPTP, but you can control it with the pptp flow-control static-rtt. I love distractions! Thanks Priscilla -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 19, 2000 12:04 PM To: [EMAIL PROTECTED] Subject: O/T stupid robot dog jokes Have any of you bought one of those new robot dogs for Christmas? I hear that they support TCP/IP! I wonder if they do ARP, ARP, ARP!? Maybe they even support rrRARP. I hope they don't SNAP at people! If they do a good job emulating real dogs, I'm sure they say "IP" a lot. And if you see them doing it, you can say, "ICMP!" Sorry! ;-) I thought we could use a little more levity in addition to the messages about Howard being sued. Happy Holidays! Priscilla Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Numbers . . . What numbers?
It saves address space. Instead of using separate networks/Ip address between the serial interface. You can use the IP unnumbered to use the Ethernet ip. Example 1: Without IP unnumbered --172.16.3.1/24 E0 [Router1)S0 192.168.1.2/252 --- 192.168.1.1/252 S0 [Router2]E0 172.16.4.1 --- Example 2: With IP unnumbered --172.16.3.1/24 E0 [Router1)S0 ip unnumbered --- ip unnumbered S0 [Router2]E0 172.16.4.1 --- In example 2 you have saved address space. Also in a large network you could reduce the size of the routing table because it doesn't have to keep track to the networks between the router. Hope that helps Drew -Original Message- From: Dyland Desmarais [mailto:[EMAIL PROTECTED]] Sent: Saturday, December 16, 2000 12:27 PM To: '[EMAIL PROTECTED]' Subject: Re: Numbers . . . What numbers? Which brings me back to my first question, what would be the benefit of doing this. Dyland == It means you want use the ip of another (specified) interface, e.g. ip unnumbered ethernet 0, as the ip of your serial interface. -- When I disagree with a rational man, I let reality be our final arbiter; If I am right, he will learn, If I am wrong, I will; one of us will win, but both of us will profit. - John Galt "Dyland Desmarais" [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Greetings all Could someone please shed some light on IP Unnumbered Serial Interfaces. From my BSCN book, I understand this is getting ip routing to work on a serial interface without specifying a specific ip to the serial interface (using the ip unnumbered command) My question is why would anyone want to do this? thanx Dyland _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RTR-to-RTR
Actually you can connect two routers with a rollover cable (console cable) using the AUX ports. I have done it in the lab but can't find my configs. But it can be done. You don't need modems -Original Message- From: A. Geoffrey Cauchi [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 22, 2000 8:42 AM To: Montgomery, Robert WARCOM Contractor; [EMAIL PROTECTED] Subject: Re: RTR-to-RTR Yes But you have to used async leased line modems, or else two dial ups, one calling the other. Geoff - Original Message - From: "Montgomery, Robert WARCOM Contractor" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, November 22, 2000 5:05 PM Subject: RTR-to-RTR Can two routers (through Async) be connected back-to-back via modems for a lab? Rob _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Mostly OT thought as I wake up
Howard, I always look forward to your posts... You sure your not a comedian? Tenlet I'm going to see if I can convince everyone here at work that it is actually is tenlet ;) -Original Message- From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 06, 2000 6:00 AM To: [EMAIL PROTECTED] Subject: Mostly OT thought as I wake up There are so many posts about reverse telnet. If it's truly reversed, shouldn't it be tenlet? ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: console 5500
Have you tried Stop Bits of 2 -Original Message-From: jahaughom [mailto:[EMAIL PROTECTED]]Sent: Thursday, August 31, 2000 5:21 PMTo: [EMAIL PROTECTED]Subject: console 5500 I am trying to get a console on a 5500 switch. When I bring up hyper term I am not getting anything. Occasionally I will get unintelligble items appear in the window. I have tried com1 com2 com3 bps 9600 flowcontrol hardware,none,xonxoff as well as different cables all the lights on the switch are green Any help would be greatly appreciated
Archives Problem
Anyone else having problems searching the archives? ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: GroupStudy.com archives
Paul, Thank you again for all your hard work -Original Message- From: Paul Borghese [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 30, 2000 1:41 PM To: [EMAIL PROTECTED] Subject: GroupStudy.com archives The Archives are back online. If this happens again, please send me e-mail. Thanks, Paul ""Paul Borghese"" [EMAIL PROTECTED] wrote in message 005b01c012ac$a1ee5580$c81710ac@laptop">news:005b01c012ac$a1ee5580$c81710ac@laptop... Ok, it must be down again. I will fix tonight. Paul - Original Message - From: "Dale Holmes" [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Wednesday, August 30, 2000 1:20 PM Subject: Re: Trouble searching www.groupstudy.com archives Hmmm, I just had the same problem. A search of the [EMAIL PROTECTED] list found 0 matches for the word CCNA... must be that the index of that list is fubar. It could be a punch item from the move to the new server... Dale [=`) From: George Zhang [EMAIL PROTECTED] Reply-To: George Zhang [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Trouble searching www.groupstudy.com archives Date: Wed, 30 Aug 2000 11:46:10 -0500 I tried to search the archives of this group at www.groupstudy.com. However, I always get zero(0) match regardless the word I try to search. In the mean time, I was able to search the CCIE lab group. Is the search engine at www.groupstudy.com for the archives of this group down? Any info is appreciated. Thanks. George Zhang, CCNP ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE Preparation
Raymond, It is a very good source for the CCIE written but must be supplemented. For example: the book talks about the RIF and RII but does not go as much in-depth as you will need. It is a very good place to start or review. You can also use it in studying for the CID test. -Original Message-From: Raymond Smith [mailto:[EMAIL PROTECTED]]Sent: Tuesday, August 29, 2000 8:39 AMTo: GroupstudySubject: CCIE Preparation Hey guys do you know how good of a read is the following book in preparation for the CCIE written:- TITLE: CCIE Fundamentals: Network Design and Case Studies Need the 411 on this Peace!
RE: Router for play @ home
"...And I used to get up every morn'n about an 'our before I went to bed and lick the road clean with my tongue..." -Original Message- From: Cohen, Michael [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 23, 2000 3:12 PM To: Group Study Subject: RE: Router for play @ home OC12? I'm waiting on the OC192VSR interfaces to stick in my GSR's! Till then I'll have to settle with my OC48's:) -Mike -Original Message- From: ZAPP, JULIAN F (PB) [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 23, 2000 2:08 PM To: 'Ledwidge, Feargal'; 'Mike Sholar'; Group Study Subject: RE: Router for play @ home 7513 are nice, but I have more fun with my 12000 GSR's. I would rather have OC12, but the OC3 connections are fast enough. -Original Message- From: Ledwidge, Feargal [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 23, 2000 12:23 PM To: 'Mike Sholar'; Group Study Subject: RE: Router for play @ home I think you 'll find that a couple of 7513's will make for a pretty good home lab ... ;-) Feargal -Original Message- From: Mike Sholar [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 23, 2000 5:29 AM To: Group Study Subject: Router for play @ home Hello people! Not exactly a cert question, but it applies. I will soon be getting cable intenet access at the house, and would like to purchase a cisco router to play with behind the cable modem. What series router should I be looking at, just to learn the ios and play around with. I am working on my CCNA, and realize a physical router is not necessary, but I will be progressing upwards and would like the experience. I looked at the 924 cable modem/router cisco sells, and the $899 price tag was a little much for play-time! Thanks for the input. Mike MCSE, MCP+I ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: canonical and non-canonical addresses
Neil, I'm not sure what your question is. The bits on the wire are transmitted the same 0100. Token-ring reads them one way (non-canonical) 0100, and Ethernet reads them another way (canonical)0010. It is how the network interface cards (NIC)/device drivers read the 0s and 1s that is different. I would be happy to help(since I have struggled with this myself) if you can clarify your question Regards, Drew R. Maness, CCNP, CCDA, CCSI, MCSE -Original Message- From: Neil Desai [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 15, 2000 12:47 PM To: [EMAIL PROTECTED] Subject: Re: canonical and non-canonical addresses Does any body know the answer to this one? Now I am getting a bit frustrated. I have posted to this group only a couple of times and I never get an answer. All I get is people asking me to look at the archives. I did as much homework as possible before asking the group. ""Neil Desai"" [EMAIL PROTECTED] wrote in message 8n9llp$83c$[EMAIL PROTECTED]">news:8n9llp$83c$[EMAIL PROTECTED]... I am having a problem understanding the issues between canonical and non-canonical addressing. I understand that the bits are flipped within the byte. On page 32-33 of Interconnections Second Edition she gives the example of the address a2-41-42-59-31-51. Canonical: 10100010 0101 0110 01011001 00110001 01010001 Non-Canonical: 01000101 1010 0110 10011010 10001100 10001010 If you look at this you can clearly see that the address in canonical format is not a group address (last bit of first byte is zero) but in non-canonical format it is a group address. At this point I can see a big problem because she also states: ".the group bit in addresses was defined not as "the most significant bit" or the "least significant bit" but rather as "the first bit on the wire." Thus, an address that was a group address on 802.3 would not necessarily look like a group address when transmitted on 802.5 because a different bit would be transmitted first." Here is the confusion: In canonical format the least significant bit is transmitted first and in non-canonical format the most significant bit is transmitted first. So on the wire the 1's and 0's would be in the same order. Here is an excerpt from RFC 2469: The figure below illustrates the difference between canonical and non-canonical form using the canonical form address 12-34-56-78-9A-BC as an example: In memory, 12 34 56 78 9A BC canonical: 00010010 00110100 01010110 0000 10011010 1000 1st bit appearing on LAN (group address indicator) | On LAN: 01001000 00101100 01101010 0000 01011001 0001 In memory, MSB format: 01001000 00101100 01101010 0000 01011001 0001 48 2C 6A 1E 59 3D This shows that no matter how the information is stored in memory it looks the same on the wire. So if it looks the same on the wire wouldn't an adapter pickup the packet and flip the bits in the byte if it needed to. Since it on the wire it looks like the bits are in non-canonical format a canonical format media would automatically take the first byte and flip the bits and so on, or so I would think. If anyone can figure out where I am going wrong please let me know. If it would be best to talk, email me directly with a daytime phone number and I will call you. Thanks. Neil ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]