RE: VPN 3000 Token Server [7:66810]
Hi Ed Sure I answered 04-01: Hi We implemented with ActivCard's AvtivPack Server. http://www.activcard.com We have Novell NDS for User Database. Activcard is best integrated in NDS. We also had a pilot with SecureID, but Integration in NDS (via LDAP) did not fit. Regards Martin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66822t=66810 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: icmp [7:66827]
Once i heard, that a ping from a Cisco Box is not the same like a ping from a Windows PC. One is icmp the other is udp. Can anyone confirm? and, where is udp , where is icmp. One solution to make it all clear is to take a sniffer - or i could search my CIT Course stuff this weekend ;-) Martin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66838t=66827 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN Question [7:66610]
maybe with debug isdn q921 or debug isdn events regards martin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66671t=66610 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN 3000 Token Server [7:66577]
Hi We implemented with ActivCard's AvtivPack Server. http://www.activcard.com We have Novell NDS for User Database. Activcard is best integrated in NDS. We also had a pilot with SecureID, but Integration in NDS (via LDAP) did not fit. Regards Martin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66593t=66577 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 2 different CCNP certifications [7:66547]
Hi With the 2nd option you can save some money. But the foundation exam will take much more time than one single exam. I think it is more difficult to take the foundation exam. With single exams you can take step by step an then forget the non-relating themes ;-) For example it can be confusing to think about OSPF Priorities, Spanning tree Prios, different timers of switching an routing, OSPF- and SPT- states and so on in the same exam. It will be soon enough that to do, when at date for recertification ;-) Regards Martin CCNP / CCDP Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66548t=66547 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Software Compression [7:66312]
Compression Ratio 1.0 is negative, thats correct. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66314t=66312 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: reload 3500XL switch [7:66222]
Hi The command is: switch#reload ? LINEReason for reload at Reload at a specific time/date cancel Cancel pending reload in Reload after a time interval Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66315t=66222 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN remote access via analog modem?? [7:65991]
to 1): PIX 515 can terminate 1000 tunnels (SW) or 2000 (HW)at max 10Mps VPN Performance. to 2): analog is no problem (same as ISDN). ISP gives you the physical address. If connecting to your VPN site you will be given a tunnel address from your central site. Both physical and tunnel IP's are activ. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66161t=65991 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Setting up dial-in [7:66058]
Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66059t=66058 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN remote access via analog modem?? [7:65991]
to 1): PIX 515 can terminate 1000 tunnels (SW) or 2000 (HW)at max 10Mps VPN Performance. to 2): analog is no problem (same as ISDN). ISP gives you the physical address. If connecting to your VPN site you will be given a tunnel address from your central site. Both physical and tunnel IP's are activ. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66061t=65991 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Off-topic: VPN possible? [7:65239]
in an NAT environement you need to encapsulete the VPN traffic into UDP or TCP (because ESP has no port#, has protocolnumber 50).Otherwise VPN traffic after IKE will be dropped. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65276t=65239 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN Concentrator Setup Question [7:65299]
I am not sure to understand your problem. Fact is that VPN 3002 is the HW Client. VPN3005/15/30/60/80 are Concentrators. - SW Clients can connect to Concentrator. - HW Clients can connect to Conce3ntrator. - Conentrator can connect to Concentrator. - SW Client can not connect to HW Client. - SW client can not connect to SW Client. Was this your question? Regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65303t=65299 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISP OSPF Design [7:65316]
normally ISP networks are with BGP. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65317t=65316 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN: difference between hash / group/encryp ? [7:65131]
Hash is needed for Data Integrity. Two possibilities: HMAC-MD5 or HMAC-SHA-1 A sent the message and the shared secret key trough the Hash-Algorithm. Hash is appended at the message. B recomputes the Hash with the message and the shared secret key. Hashs are compared. If matching, integrity of message is guaranteed. Group Password within VPN ist the preshared key. used for authentication. Encryption guarantees the confidentiality of the message. hope this helps you Martin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65134t=65131 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Switch Monitoring via Trunk on Cat [7:65045]
Hi All Is there a way to set up a span (monitoring) port via a link or a trunk? The meaning is, that the port I like to monitor is on a catalyst in an other building. Thanks for your help Martin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65045t=65045 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCSP track [7:64735]
i think order of taking tests isn't importent (maybe safe test should be last). i started last week with csvpn, next will do mcns so i get the vpn specialist . problem of ids is, who does isd and when doing, who does it with cisco ;-) tell if you hear other opinions. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64888t=64735 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Compression on 2610 routers [7:64702]
We have typical office-envirement: some word, excel, some host, web. HW-compression brings up to 9:1 (average, i thing 4-5:1). Take attention with SW, even a 72xx can't handle many of SW compressed links. Lupi is right. Before implementing you have to test. Ask your Cisco Provider for AIM Boards to test (and the rigt IOS) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64889t=64702 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Compression on 2610 routers [7:64702]
For SW you don't need an AIM. HW requires an AIM example of HW compression: frame-relay payload-compression FRF9 stac caim 0 for SW replace stac caim 0 with software. Be sure, that 12.1 work well wiht your central Router. We had som troubles with a 7206 on central site. we are now on 12.2.12 hope this is what you need Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64703t=64702 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN Client behind PIX [7:64358]
i am not sure about that. i have a checkpoint FW (let's say it is stateful). behind the FW sits the VPN 3000. i connect with VPN SW Client. works fine with IPSec over UDP. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64579t=64358 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN Client behind PIX [7:64358]
try do encapsulate IPSec in UDP, otherwise IPSec will be dropped. IKE is already UDP500, bit EPS and AH are Protocol 50 and 51. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64479t=64358 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cat4006 - Prompt [7:63984]
create new prompt with no string: set promt nothing Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63991t=63984 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN client conflict [7:63951]
no fix available. Cisco allows no other client installed. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63992t=63951 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
