Teminal server problems [7:64746]
I cant seem to access any of my routers from the term server . Here is the config and what errors i am getting ! ! ip subnet-zero no ip domain-lookup ip host r1 2097 1.1.1.1 ip host r2 2098 1.1.1.1 ip host r3 2099 1.1.1.1 ip host r4 2100 1.1.1.1 ip host r5 2101 1.1.1.1 ip host fr 2102 1.1.1.1 ip host cat 2103 1.1.1.1 ! TS# TS#clear line tty 97 [confirm] [OK] TS#clear line tty 98 [confirm] [OK] TS#clear line tty 99 [confirm] [OK] TS#clear line tty 00 ^ % Invalid input detected at '^' marker. TS#clear line tty 100 [confirm] [OK] TS#clear line tty 101 [confirm] [OK] TS#clear line tty 102 [confirm] [OK] TS#clear line tty 103 [confirm] [OK] TS#r1 Translating r1 Trying r1 (1.1.1.1, 2097)... % Destination unreachable; gateway or host down TS# Any one have any suggestions? I am working remotly. Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64746t=64746 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF ISDN Demand Circuit [7:64221]
Can anyone spot a problem with this configuration as to why it may not be working - R1 is connected to R2 with an isdn switch. r1 interface BRI0 ip address 150.100.7.1 255.255.255.0 encapsulation ppp ip ospf demand-circuit dialer idle-timeout 60 dialer map ip 150.100.7.2 broadcast 2002 dialer-group 1 isdn switch-type basic-5ess ppp authentication pap callin ppp pap sent-username james password 7 070C285F4D06 isdn switch-type basic-5ess ! router ospf 1 router-id 1.1.1.1 log-adjacency-changes area 0 authentication message-digest area 11 nssa no-redistribution default-information-originate redistribute eigrp 1 metric 20 subnets redistribute rip metric 20 subnets network 150.100.7.1 0.0.0.0 area 0 r1#sh isdn status Global ISDN Switchtype = basic-5ess ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-5ess Layer 1 Status: ACTIVE Layer 2 Status: TEI = 64, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x8003 Number of L2 Discards = 0, L2 Session ID = 2 Total Allocated ISDN CCBs = 0 R2 interface BRI0 ip address 150.100.7.2 255.255.255.0 encapsulation ppp dialer idle-timeout 60 dialer map ip 150.100.7.1 name james broadcast 2001 dialer-group 1 isdn switch-type basic-5ess ppp authentication pap ! router ospf 1 router-id 2.2.2.2 log-adjacency-changes area 0 authentication message-digest network 150.100.7.2 0.0.0.0 area 0 network 150.100.7.0 0.0.0.255 area 0 network 150.100.32.0 0.0.0.255 area 1 network 150.100.250.34 0.0.0.0 area 0 isdn switch-type basic-5ess ! r2#sh isdn status Global ISDN Switchtype = basic-5ess ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-5ess Layer 1 Status: ACTIVE Layer 2 Status: TEI = 64, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x8003 Number of L2 Discards = 0, L2 Session ID = 4 Total Allocated ISDN CCBs = 0 Do I need authentication on that Bri 0 interfaces for OSPF for area 0? I might need ip ospf demand circut on both sides or my authentication could be faulty. Any suggestions much appreciated Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64221t=64221 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Mutual Redistribution - OSPF routes in Eigrp [7:63923]
Is there a defualt orginate command that I need to use to do mutual redistrubtion? I want to redistribute OSPF into EIGRP and EIGRP into OSPF . r1(config-router)#redistribute eigrp 1 metric 20 sub r1(config-router)#redistribute eigrp 1 metric 20 subnets ? metric Metric for redistributed routes metric-type OSPF/IS-IS exterior metric type for redistributed routes route-mapRoute map reference subnets Consider subnets for redistribution into OSPF tag Set tag for routes redistributed into OSPF I need my OSPF routes to show up on my frame switch wich is only running EIGRP, but R1 is connected to OSPF area 0 and has a back to back serial to the frame switch. fr#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 150.100.0.0/24 is subnetted, 4 subnets C 150.100.70.0 is directly connected, Loopback2 C 150.100.68.0 is directly connected, Loopback0 C 150.100.69.0 is directly connected, Loopback1 C 150.100.2.0 is directly connected, Serial0 Thanks, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63923t=63923 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cant establish reverse telnet [7:63660]
It appears that I cannot establish a telnet session to my routers from the term server. How can I clear the line TS#sh ses % No connections open TS#r1 Translating r1 Trying r1 (1.1.1.1, 2097)... % Connection refused by remote host TS#r2 Translating r2 Trying r2 (1.1.1.1, 2098)... % Connection refused by remote host TS#clear line ? Line number aux Auxiliary line console Primary terminal line tty Terminal controller vty Virtual terminal TS#clear line thanks Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63660t=63660 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cant establish reverse telnet [7:63660]
I figured it out but dont really understand it. This is what I did line con 0 exec-timeout 0 0 logging synchronous line 97 112 no exec transport input all line aux 0 line vty 0 4 exec-timeout 0 0 password 7 060506324F41 login ! end TS#clear line 97 [confirm] [OK] Was it just the line 97 that was stuck? thx Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63661t=63660 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN Switch and BRi config [7:63313]
What command can i use to tell if my ISDN switch is turned on and operating properly between two bri0 int on routers? here is what I have configured r1 interface BRI0 ip address 150.100.7.1 255.255.255.0 encapsulation ppp ip ospf demand-circuit dialer map ip 150.100.7.2 broadcast 2002 dialer-group 1 isdn switch-type basic-5ess dialer-list 1 protocol ip permit 1#sh isdn status Global ISDN Switchtype = basic-5ess ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-5ess Layer 1 Status: ACTIVE Layer 2 Status: TEI = 64, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x8003 Number of L2 Discards = 0, L2 Session ID = 1 Total Allocated ISDN CCBs r2#sh run int bri0 Building configuration... Current configuration : 166 bytes ! interface BRI0 ip address 150.100.7.2 255.255.255.0 encapsulation ppp dialer map ip 150.100.7.1 broadcast 2001 dialer-group 1 isdn switch-type basic-5ess end r2#sh isdn stat Global ISDN Switchtype = basic-5ess ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-5ess Layer 1 Status: ACTIVE Layer 2 Status: TEI = 64, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x8003 Number of L2 Discards = 0, L2 Session ID = 0 Total Allocated ISDN CCBs = 0 r2# I have it configured by cant ping from r1 to r2 and not sure why thx Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63313t=63313 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Deleted PVC [7:63123]
Does anyone know how to correct this deleted PVC perhaps by completly deleting it and recreating it? r1# r1#sh frame map Serial0.1 (up): ip 150.100.250.34 dlci 102(0x66,0x1860), dynamic, broadcast,, status defined, active Serial0.1 (up): ip 150.100.250.35 dlci 103(0x67,0x1870), dynamic, broadcast,, status defined, active Serial0 (up): ip 150.100.251.1 dlci 401(0x191,0x6410), static, broadcast, CISCO, status deleted Serial0 (up): ip 150.100.251.2 dlci 401(0x191,0x6410), static, broadcast, CISCO, status deleted Serial0.2 (up): point-to-point dlci, dlci 104(0x68,0x1880), broadcast status defined, active thx Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63123t=63123 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Deleted PVC still works [7:63055]
Happy Valentines everyone I have a deleted PVC that still works to connect through a frame switch to another router. Anyone else seen this? Here is the config r1#sh frame pvc 401 PVC Statistics for interface Serial0 (Frame Relay DTE) DLCI = 401, DLCI USAGE = LOCAL, PVC STATUS = DELETED, INTERFACE = Serial0 input pkts 0 output pkts 0in bytes 0 out bytes 0 dropped pkts 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 0 out bcast bytes 0 pvc create time 16:43:18, last time pvc status changed 16:43:07 r1#ping 150.100.251.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 150.100.251.2, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 68/68/68 ms r1# r4#sh frame pvc 401 PVC Statistics for interface Serial0 (Frame Relay DTE) DLCI = 401, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0 input pkts 1020 output pkts 24 in bytes 288926 out bytes 2884 dropped pkts 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 14 out bcast bytes 1844 pvc create time 16:46:36, last time pvc status changed 16:45:46 r4#ping 150.100.251.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 150.100.251.1, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 68/68/68 ms r4# It shows 401 is active on one side and deleted on the other but I can ping accross to and from both sides accrose the switch. How can i get rid of that deleted pvc and make it active? Thanks Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63055t=63055 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Forwarding traffic on port 80 [7:62723]
I am looking for the command to forward traffic to port 80 from the outside public address to an inside private address on a 2514. This should do the trick but does not seem to be working ip nat inside source static tcp 192.168.1.4 80 68.85.x.x 80 extendable Any one have any other suggestions? thx Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62723t=62723 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Forward list for port 21 and 80 traffic [7:57171]
All, I am trying to forward traffic coming into ethernet 0 with a public address and bound for a server going out ethernet 1 to a web - port 80 and ftp port 21 server with a private address on a 2514 router. What type of forward list or access list can I create and apply on the interfaces to accomplish that? Thank you, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57171t=57171 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Looback as apposed to a secondary [7:54242]
Can a loopback address serve the same purpose as secondary address in terms of assigning a different subnet to it and have connectivety to the same segment as the primary interface? For instance interface FastEthernet0/0 ip address 205.109.29.33 255.255.255.224 secondary ip address 205.109.29.129 255.255.255.128 and then have int lo 0 ip add 205.109.29.25 255.255.255.248 Then set up routing so that that subnet was reachable to the other networks. thx Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54242t=54242 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Routine Powercycles or reloads [7:54098]
Can anyone tell me if they have come accross documentation or guidance from Cisco on how often a 7200 router or any router should be reloaded if ever for a maintanance purposes ? Thx Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54098t=54098 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Same subnets on each side of an ATM WAN [7:53973]
I have an OC3 ATM WAN link that connect two LANs, but there are two identical subnets /30 on either side of the WAN link. Has any one ever had that type of setup and how is that possible with two identical public IP /30 subnets on either side of WAN connection? Here are the interfaces on either side of the wan AAAV7204#sh int fastEthernet 1/0 FastEthernet1/0 is up, line protocol is up Hardware is DEC21140A, address is 0003.6cce.f01c (bia 0003.6cce.f01c) Description: FE from PM to WDGB Internet address is 205.109.29.10/30 MTU 1500 bytes, BW 10 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 2/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:21, output 00:00:00, output hang never Last clearing of show interface counters never Input queue: 0/75/4/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 814000 bits/sec, 113 packets/sec 5 minute output rate 81000 bits/sec, 79 packets/sec 441800484 packets input, 1055724299 bytes Received 713 broadcasts, 0 runts, 0 giants, 2 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 349363988 packets output, 1452170449 bytes, 0 underruns AAAV7206#sh ip int fastEthernet 1/0 FastEthernet1/0 is up, line protocol is up Internet address is 205.109.29.9/30 Broadcast address is 255.255.255.255 Address determined by non-volatile memory MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent ICMP mask replies are never sent IP fast switching is enabled IP fast switching on the same interface is disabled IP Flow switching is disabled IP CEF switching is enabled IP Fast switching turbo vecto Thank you, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53973t=53973 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: NAT sample configs [7:53042]
John Here is a basic example of NAT with overload using just two interfaces and one public IP address. This is home set up for cable on a 2514 interface Ethernet0 description Cable Modem ip address dhcp ip access-group 199 in no ip redirects no ip unreachables no ip proxy-arp ip nat outside no ip route-cache no ip mroute-cache no cdp enable ! interface Ethernet1 description private inside network ip address 192.168.1.1 255.255.255.0 ip broadcast-address 68.48.210.x ip nat inside no ip route-cache no ip mroute-cache no cdp enable ip access-list 1 permit ip 192.168.1.0 0.0.0.255 ip nat inside source list 1 interface ethernet 0 overload A good start for an access list for perimeter protection would be to prevent spoofing which is to prevent any access through your public interface by spoofed private address range Example is access-list 1 permit 192.168.1.0 0.0.0.255 access-list 199 deny ip host 0.0.0.0 any log access-list 199 deny ip any host 0.0.0.0 log access-list 199 deny ip host 10.1.1.1 any log access-list 199 deny ip 127.0.0.0 0.255.255.255 any log access-list 199 deny ip 169.254.0.0 0.0.255.255 any log access-list 199 deny ip 172.16.0.0 0.15.255.255 any log access-list 199 deny ip 192.168.0.0 0.0.255.255 any log access-list 199 deny ip 224.0.0.0 31.255.255.255 224.0.0.0 31.255.255.255 log access-list 199 deny ip any 255.255.255.0 0.0.0.255 log access-list 199 permit ip any any Also to forward ftp or web traffic to certain private address you would use a forward list something like this ip nat inside source static tcp 192.168.1.4 80 interface Ethernet0 80 There is bunch of other stuff you can do with access lists to permit or deny certain types of traffic. If you want more examples please let me know. HTH Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53130t=53042 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NAT - destination address translation [7:53100]
The private address range comes first so the first one is correct. 2514(config)#ip nat inside source static 10.69.1.81 192.1.7.5 ? extendable Extend this translation when used no-aliasDo not create an alias for the global address So teh 192.1.7.5 is your outside nat address and teh 10.69.1.81 should be your inside address. HTH Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53156t=53100 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Upgrading 4500m router [7:53022]
All I want to perform and upgrade on a 4500m and the proceedure: http://www.cisco.com/warp/customer/130/sw_upgrade_proc_ram.shtml listed on the CCO says that you dont need to go into boot rom mode to perform the upgrade. It just shows that you do it in regular exec priveledg mode. And also its an example of a 2600. Does anyone have any experience with this upgrade on a 4500m ? Can you please give me any more tips and tell me if this proceedure on the CCO is valid? I am upgrade from 11.3 to 12.1. I have plenty of flash and dram for the ugrade. thx Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53022t=53022 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Ref: SPOOFING [7:52585]
Just put the keyword log behind your access list and check your log. deny ip host 10.1.1.1 any log deny ip 127.0.0.0 0.255.255.255 any log deny ip 169.254.0.0 0.0.255.255 any log deny ip 172.16.0.0 0.15.255.255 any log deny ip 192.168.0.0 0.0.255.255 any log deny ip 224.0.0.0 31.255.255.255 224.0.0.0 31.255.255.255 log deny ip any 255.255.255.0 0.0.0.255 log As for how to go out and find the real source address of the entity that is trying to spoof you I havent figured that one out yet, but I am sure there is a way. I am getting hit by someone on the 10 network 1w4d: %SYS-5-CONFIG_I: Configured from console by console 1w4d: %SEC-6-IPACCESSLOGP: list 199 denied udp 10.78.0.1(67) - 255.255.255.255(68), 2 packets but its just a boot p broadcast on port 67 not a real spoofing attack. HTH Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52601t=52585 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: where to go next? [7:52537]
You might want to think about a more Generic Security background and not limit yourself to Cisco. I have my CCNP, MCSE, and MCNS certs and am am doing some Network Security courses at the local Community college and to get a broader background. With Network Security there is a so much to know and to limit yourself to Cisco can be self defeating. Just my 2 cents, Good luck Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52543t=52537 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Log files - spoofing from private 10 adddress [7:52552]
My log files show that 10.78.0.1 address is attempting to get through my permimeter router . Would anyone know if this is someone really trying to spoof me or what? And is there any way or tool I can use to determine the real public source address this entity is coming from ? Does any one know if that is a port number (67) beside the IP address and (68) besides that 32 bit host mask? thx Randy 1w3d: %SYS-5-CONFIG_I: Configured from console by console 1w3d: %SEC-6-IPACCESSLOGP: list 199 denied udp 10.78.0.1(67) - 255.255.255.255(68), 1 packet 1w3d: %SEC-6-IPACCESSLOGP: list 199 denied udp 10.78.0.1(67) - 255.255.255.255(68), 7 packets 1w4d: %SEC-6-IPACCESSLOGP: list 199 denied udp 10.78.0.1(67) - 255.255.255.255(68), 4 packets 1w4d: %SEC-6-IPACCESSLOGP: list 199 denied udp 10.78.0.1(67) - 255.255.255.255(68), 6 packets Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52552t=52552 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Secondary addresses on fast ethernet interfaces [7:52295]
All, Does anyone know if using a seconday interface on fast ethernet 0/0 on a 7204 will degrade perfomance on the network for the primary interface? I have to route a a different subnet on a LAN and cannot do it without creating a secondary interace? for instance interface FastEthernet0/0 ip address 205.109.29.x 255.255.255.128 no ip route-cache no ip mroute-cache full-duplex no cdp enable interface FastEthernet0/0.1 ip add 205.109.29.33 255.255.255.224 to add a second subnet to this router for that LAN Will this degrade performance or cause a problem. There is probably a beter way to do it but I the router will not let me create a static route for this subnet becuase the gateway is the router itself. for instance Enter configuration commands, one per line. End with CNTL/Z. AAAV7204(config)#ip route 205.109.29.32 255.255.255.224 205.109.29.129 %Invalid next hop address (it's this router) AAAV7204(config)# Thanks, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52295t=52295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
flash copy failed checksum error [7:51834]
I got a checksum error - invalid (expected 0x3e75,computed 0x194) when upgrading an IOS on 2524 from 11.2 to 12.2. I have tried it several times before with the same results. Anyone know a fix for that? I have 15.x file with 16mg flash and 16mg dram so that should be enough dram and flash to hold the image. thx Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51834t=51834 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Stuck in rxboot mode on 2524 [7:51780]
I just attempted an upgrade on a 2524 from 11.0 to 12.2 and am now stuck rxboot mode. I followed the instruction to the letter and rebooted from 0x2101 to 0x2102 and the config register is showing that is is now 0x2102 but it is still in rxboot mode. My upgrade of the IOS failed also. At the end I got a checksum error. Right now I just want to get back in regular boot mode. Any suggestions appreciated. thx Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51780t=51780 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
T1 interface type compatibility [7:51137]
All, I am trying to configure a T1 accross these 2 routers and interface types. One is a multichannel T1 on a 7206 and the other is a serial 0 Hardware is HD64570 on a 2524 router. Does anyone know if these two interface types are compatable to configure a T1 accross. I set all my framing, clock source, channel groups and timeslots to match on both sides but still can't get the line protocol to come up. Listed below is a show interfaces on both routers. #sh int serial 6/0:0 Serial6/0:0 is down, line protocol is down Hardware is Multichannel T1 Internet address is 205.109.x.x/30 MTU 1500 bytes, BW 1536 Kbit, DLY 2 usec, reliability 251/255, txload 1/255, rxload 1/255 Encapsulation PPP, crc 16, Data non-inverted Keepalive set (10 sec) LCP Closed Last input never, output 22:07:09, output hang never Last clearing of show interface counters 2w1d Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/16 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 6 runts, 45 giants, 0 throttles 63 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 4 abort 280 packets output, 3920 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped out 6 carrier transitions alarm present Timeslot(s) Used:1-24, subrate: 56Kb/s, transmit delay is 0 flags #sh int serial 0 Serial0 is up, line protocol is up Hardware is HD64570 Internet address is 205.109.x.x 255.255.255.252 MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, rely 255/255, load 1/255 Encapsulation PPP, loopback not set, keepalive set (10 sec) LCP Open Open: ipcp, cdp Last input 0:00:00, output 0:00:00, output hang never Last clearing of show interface counters never Input queue: 0/75/0 (size/max/drops); Total output drops: 15 Output queue: 0/64/0 (size/threshold/drops) Conversations 0/18 (active/max active) Reserved Conversations 0/0 (allocated/max allocated) 5 minute input rate 1000 bits/sec, 3 packets/sec 5 minute output rate 1000 bits/sec, 2 packets/sec 261883712 packets input, 2231977259 bytes, 0 no buffer Received 2 broadcasts, 0 runts, 0 giants 3808 input errors, 3808 CRC, 170 frame, 0 overrun, 0 ignored, 666 abort 228622732 packets output, 2604399815 bytes, 0 underruns 0 output errors, 0 collisions, 1318 interface resets, 0 restarts 0 output buffer failures, 0 output buffers swapped out 35 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up Any suggestions appreciated. Thanks Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51137t=51137 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
User name and passwords for routers [7:51107]
Can someone please tell me why if you only set an enable password on a router like enable password password and then set the line vty 0 4 line vty 0 4 exec-timeout 0 0 password 7 00131C140F0F09030A330D logging synchronous login local You get prompted for a username coming in from a telnet session when no username is set ? So then I would have to do username user privledge 15 password password to allow access through telnet? I dont understand that behavior. Thanks, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51107t=51107 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE WORTH IT? [7:50941]
I am not so sure it is worth it. I had a CCNP, CCDP, and experience as a network engineer and was out of work for almost an entire year. I think it is only worth it for the challenge and if you really love it , becuase your going to have to put so much time and effort into passing the lab unless your willing to make a huge sacrifice and really enjoy it then just not going to be fun. Just my 2 cents. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51011t=50941 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Installing a PA-2FE card in a 7206 [7:50540]
Does anyone know if this Fast Ethernet card is plug and play to when installed in a 7206 router? Also can you installing it without powering the router down and taking it offline? thx Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50540t=50540 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can't console 4000 router [7:49692]
I dont have an aux port on this router and I am using windows 2000. Any one have any other suggestions? thx Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49850t=49692 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Can't console 4000 router [7:49692]
I did a write erase and reload on a 4000 router and now cant access it via the console. Just get a blinking prompt. Any suggestions? All the terminal settings are correct. thx Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49692t=49692 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Removing a stament from vty 0 4 [7:48234]
line vty 0 4 exec-timeout 0 0 password 7 120B04191612 login local transport preferred telnet transport input lat pad v120 mop telnet rlogin udptn nasi Also can anyone tell me how to remove that last statement for the line vty 0 4 ? I tried doing a no on it and get an error. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48234t=48234 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cable Modem DHCP problem [7:47175]
Does anyone know how to release a DHCP lease on a 2514 eth interface? I would like to release the lease recieved from the cable modem (comcast) . I have tried powercycling the modem, router, reload, shuting the interface ect and nothing works. I get the same lease all the time and cant get out to the internet. thanks Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47175t=47175 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
interpeting show int command [7:44459]
Does someone know of a link where I can learn how to interpet all the details of a show interface command? I know its kinda simple , but need to know what it all means. Like here's an example. The top part is self explanatory but the lower part is where I do not uderstand. sh int fastEthernet 0/1 FastEthernet0/1 is up, line protocol is up Hardware is Fast Ethernet, address is 00d0.ba51.0401 (bia 00d0.ba51.0401) MTU 1500 bytes, BW 10 Kbit, DLY 100 usec, rely 255/255, load 1/255 Encapsulation ARPA, loopback not set, keepalive not set Half-duplex, 100Mb/s, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:45, output 00:00:01, output hang never Last clearing of show interface counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 17000 bits/sec, 2 packets/sec 5 minute output rate 2000 bits/sec, 3 packets/sec 11696790 packets input, 588816475 bytes, 0 no buffer Received 27194 broadcasts, 1560 runts, 0 giants, 0 throttles 1 input errors, 1 CRC, 0 frame, 0 overrun, 30 ignored, 0 abort 0 watchdog, 15688 multicast 0 input packets with dribble condition detected 10445904 packets output, 1959387521 bytes, 0 underruns 0 output errors, 1320 collisions, 1 interface resets 0 babbles, 0 late collision, 9674 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44459t=44459 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
full dulex and 100mg hard coded [7:43340]
I have a 2620 fast ethernet dirrectly connected to 2912xl fast ethernet switch and right now it is set for : interface FastEthernet0/0 ip address 208.35.x.x 255.255.255.128 no ip directed-broadcast speed auto half-duplex Is there any reason why I could not or should not hard code the router's fast ethernet interface to speed 100 and duplex full ? Thanks, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43340t=43340 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Security for router connected to Cable Service pro [7:43322]
I am using NAT with overload with a 2514 for my cable connection and it works ok except I need to figure out how to be more granular with the ACL's and the translation if I want to let certain types of traffic IN to my network like to a web server. Here is long laundry list of access list someone gave me . I have experimented with some of them. But be carefull you can you lose your connection. hope this helps access-list 1 permit 10.x.x.0 0.0.0.255 access-list 1300 permit 192.5.41.209 access-list 1300 permit 192.5.41.41 access-list 1300 permit 10.0.0.0 0.255.255.255 access-list 1300 deny any log access-list 199 permit udp host x.x.x.x any eq bootps x.x.x.x = ISP Public DHCP server address access-list 199 permit udp host x.x.x.x any eq bootps x.x.x.x = ISP Private DHCP server address access-list 199 permit udp host x.x.x.x any eq domain x.x.x.x = ISP Secondary DNS server address access-list 199 permit udp host 192.5.41.41 any eq ntp access-list 199 permit udp host 192.5.41.209 any eq ntp access-list 199 deny udp any any eq ntp log access-list 199 deny ip 10.0.0.0 0.255.255.255 any log access-list 199 permit tcp any any eq echo established access-list 199 permit tcp any any eq ftp established access-list 199 permit tcp any any eq ftp-data established access-list 199 permit tcp any any eq nntp established access-list 199 permit tcp any any eq pop3 established access-list 199 permit tcp any any eq smtp established access-list 199 permit tcp any any eq www established access-list 199 permit tcp any any eq 443 established access-list 199 deny udp any any eq netbios-dgm log access-list 199 deny udp any any eq netbios-ns log access-list 199 deny udp any any eq netbios-ss log access-list 199 deny udp any any eq bootpc log access-list 199 deny udp any any eq bootps log access-list 199 deny udp any any eq snmp log access-list 199 deny udp any any eq snmptrap log access-list 199 deny udp any any eq sunrpc log access-list 199 deny udp any any eq syslog log access-list 199 deny udp any any eq tacacs log access-list 199 deny udp any any eq talk log access-list 199 deny udp any any eq tftp log access-list 199 deny udp any any eq time log access-list 199 deny udp any any eq who log access-list 199 deny udp any any eq xdmcp log access-list 199 deny ip host 0.0.0.0 any log access-list 199 deny ip any host 0.0.0.0 log access-list 199 deny ip host 10.1.1.1 any log access-list 199 deny ip 127.0.0.0 0.255.255.255 any log access-list 199 deny ip 169.254.0.0 0.0.255.255 any log access-list 199 deny ip 172.16.0.0 0.15.255.255 any log access-list 199 deny ip 192.168.0.0 0.0.255.255 any log access-list 199 deny ip 224.0.0.0 31.255.255.255 224.0.0.0 31.255.255.255 log access-list 199 deny ip any 255.255.255.0 0.0.0.255 log access-list 199 deny tcp any any eq telnet access-list 199 deny tcp any any eq 1661 log access-list 199 deny tcp any any eq 1662 log access-list 199 deny tcp any any eq 1663 log access-list 199 deny tcp any any eq 1664 log access-list 199 deny tcp any any eq 1665 log access-list 199 deny tcp any any eq 1666 log access-list 199 deny tcp any any eq 1667 log access-list 199 deny tcp any any eq 1668 log access-list 199 deny tcp any any eq 1669 log access-list 199 deny tcp any any eq 1670 log access-list 199 deny tcp any any eq 1671 log access-list 199 deny tcp any any eq 1672 log access-list 199 deny udp any any eq 1661 log access-list 199 deny udp any any eq 1662 log access-list 199 deny udp any any eq 1663 log access-list 199 deny udp any any eq 1664 log access-list 199 deny udp any any eq 1665 log access-list 199 deny udp any any eq 1666 log access-list 199 deny udp any any eq 1667 log access-list 199 deny udp any any eq 1668 log access-list 199 deny udp any any eq 1669 log access-list 199 deny udp any any eq 1670 log access-list 199 deny udp any any eq 1671 log access-list 199 deny udp any any eq 1672 log access-list 199 permit ip any any ! ntp source Ethernet0 ntp access-group peer 1300 ntp master 15 ntp server 192.5.41.41 source Ethernet0 prefer ntp peer x.x.x.x source Ethernet1 x.x.x.x is an internal box on my network ntp server 192.5.41.209 source Ethernet0 end Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43341t=43322 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CID exam has changed [7:37074]
Its about time they revised and updated that terrible exam!! Thanks for letting us know! Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37095t=37074 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Current CD Rom Documentation [7:35930]
Does anyone know where or how to obtain a current Cisco CD Rom documentation CD with the latest IOS of like 12.2 on it without like taking an official Cisco course from a Training partner? I have a bunch of them are outdated with only up to IOS 12.1. They certainley seem to be difficult to navigate and do a search on . Any suggestions welcome. Thank you, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=35930t=35930 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Dening telnet access [7:35628]
Access list problem: Why does this extended access list not work to deny telnet access applied to the internet interface on a 2514? Extended IP access list 199 deny tcp any any eq telnet interface Ethernet0 ip access-group 199 in I have alot more statments than this and of course the statement access-list 199 permit ip any any to take care of the implicit deny all , but I can still access the router from the internet through telnet. Anyone have any ideas what else might be needed to prevent of selectivly allow telnet access to my router. Thanks, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=35628t=35628 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DRAM and FLASH question [7:35600]
I bought some regular 72 pin simms to upgrade my memory on a 2514 from a local computer store for $16 for 15mg of dram and it worked fine. I bought an additional 8mg of flash for 40 on ebay but you might be able to get it cheaper. Good luck! Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=35629t=35600 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Increasing or decreasing log buffer size [7:35631]
Does anyone know how to increase or decrease the log buffer size on the router? Is the buffer just written over once it fills up? Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes, 0 overruns) Console logging: level debugging, 98303 messages logged Monitor logging: level debugging, 0 messages logged Buffer logging: level debugging, 98303 messages logged Logging Exception size (4096 bytes) Trap logging: level informational, 98307 message lines logged Log Buffer (4096 bytes): Thank you, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=35631t=35631 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Access list for private FTP site [7:35032]
Hey Guys, I have a 2514 doing NAT with overload on my internet connection getting public dhcp address from my provider on eth 0 . I have a win 2k server getting a private address from eth 1 like 192.168.0.1 and have an ftp site set up with IIS that I want people to be able to access from the internet. What type of access list would allow (if it is possible) people to access my ftp site on the server with a private address like 192.168.0.6 ? Also in the future want to put a web server on a private address also so the same scenario would apply to that. Right now to do the NAT with overload I have ip nat inside source list 1 interface Ethernet0 overload access-list 1 permit 192.168.0.0 0.0.0.255 And also a more granular extended list that specifies a whole bunch of filters . The main ones being access-list 199 permit ip any 192.168.0.0 0.0.0.255 access-list 199 permit ip any any All suggestions welcome and appreciated. Thanks, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=35032t=35032 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Trunking multiple subnets on the same vlan /port [7:34975]
I have 15 different subnets on a eth 0/0 on a 2621 router with 15 secondary addresses . I want to know if it is possible to change them to subinterfaces and trunk more than one subnet accross a 2924 switch and pust more than one subnet in the same vlan/port. That means putting more than one subnet on one port in the same vlan. The subnets could be contiguous. For instance: ip address 64.41.x.241 255.255.255.248 secondary ip address 64.41.x.249 255.255.255.248 secondary Or most are discontiguous. I did not think it could be done but just wanted to throw it out there to see if anyone had a solution. Thanks, randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34975t=34975 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Error message on Com port [7:34772]
When trying to establish a console connection through my PC's console port to the router I get the error unable to set port state for com1 and com2. Everything is set right at Baud rate = 9600 Data bits = 8Parity = none Stop bits = 1 and the Flow Control box has RTS/CTS checked. First the serial com 1 did this and I switched to serial com 2 and it started doing the same thing. Has anyone seen this error before Unable to set port state and does some one know how to fix it? Neither Secure CRT nor hyperterminal work for my conection to the router. Thanks Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34772t=34772 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DHCP address with Cable on a Cisco router [7:34274]
Can anyone please tell me if they have been able to make a Cisco 2514 Router hold a DHCP address to an ethernet interface so I can do NAT with overload for me cable internet connection? Once I get my dhcp address from my provider I hard code that on to eth 0 which is pluged into the cable modem. on the router along with static default route with the dns info but still cant ping out to the internet from the router. DSL works fine but cable does not. thanks Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34274t=34274 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Easier way to upgrade the IOS on a 2500 [7:33455]
Can anyone please tell me if there is an eisier less disruptive way to upgrade the IOS on Cisco 2500 than this URL explains without changing the config register and going into RX boot mode. Here is the procedure I found on the TAC: http://www.cisco.com/warp/customer/130/sw_upgrade_proc_flash.shtml#first This is a 2524 running only 11.1 and I am going to upgrade the flash from 8mg to 16mg and try to upgrade to some version or revision of 12.x . Thank you, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=33455t=33455 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Deleting a VTP domain [7:32633]
All, Can someone please tell me how to delete or disable a VTP domain name on a cat 5500 after you have set it? I can of course, change the VTP domain name. If that is in fact possible with out erasing the config and reloading the switch. The switch is in transparent mode now and I can change the VTP mode to server or client. Thank you, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32633t=32633 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Command to tell if traffic is passing [7:31743]
All, Is there any show or debug command on a Cisco router to tell if traffic is a passing through a router or interface on the router that is not to instrusive or disruptive? Thanks Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31743t=31743 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Command to save config to mem on 5500 cat [7:30985]
What is the command to save your configuration to memory or NVRAM on CAT 5500 runing sh ver WS-C5505 Software, Version McpSW: 6.2(2) NmpSW: 6.2(2) ? Thank you, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30985t=30985 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNA tutorial in beta for Cisco 2900 configura [7:30562]
That was a nice tutorial. Thank you very much. Good job! Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30588t=30562 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Minumum Config for ISDN BRI [7:30589]
In the BRS book it says there are only 5 minumum commands to get ISDN up and running and that is 2 global isdn switch-type basic-5ess and dialer-list 1 protocol ip permit and 3 interface dialer-group 1 dialer string 2001 ip add 172.16.1.1 255.255.255.0 I am having a hard time getting 2 routers with a bri's to talk accross an isdn switch with just those commands. Do I NEED to set the encapsulation to be ppp instead of the default hdlc? Do I NEED to set authentication either pap or chap with username password pairs for each routers? Do I NEED to make a map statment mapping het maping the ip of the local routers IP to the remote routers ISDN # to call? Thanks in advance ! Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30589t=30589 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Minumum Config for ISDN BRI [7:30589]
This is router 1 r1#sh run int bri 0 Building configuration... Current configuration : 124 bytes ! interface BRI0 ip address 172.16.2.1 255.255.255.0 dialer string 2002 dialer-group 1 isdn switch-type basic-5ess end dialer-list 1 protocol ip permit r1#sh dialer BRI0 - dialer type = ISDN Dial String Successes FailuresLast DNIS Last status 2002 0 1000:10:08 failed Default 0 incoming call(s) have been screened. 0 incoming call(s) rejected for callback. BRI0:1 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is idle BRI0:2 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is idle r1# 01:30:17: BR0 DDR: cdp, 275 bytes, outgoing uninteresting (no list matched) 01:30:17: BR0 DDR: sending broadcast to default destination -- failed, not connected This is router 2 r2#sh run int bri 0 Building configuration... Current configuration : 124 bytes ! interface BRI0 ip address 172.16.2.2 255.255.255.0 dialer string 2001 dialer-group 1 isdn switch-type basic-5ess end dialer-list 1 protocol ip permit r2#sh dialer BRI0 - dialer type = ISDN Dial String Successes FailuresLast DNIS Last status 2001 0 200:16:14 failed Default 0 incoming call(s) have been screened. 0 incoming call(s) rejected for callback. BRI0:1 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is idle BRI0:2 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is idle I tried reversing the numbers for the dialer string like 2001 and 2002 on each router just in case I had the numbers for the dialer strings reversed but that did not help. Any suggestions appreciated. Thanks Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30593t=30589 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Minumum Config for ISDN BRI [7:30589]
Can you guys give me some insight into what this might be telling me? r2#sh isdn stat Global ISDN Switchtype = basic-5ess ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-5ess Layer 1 Status: DEACTIVATED Layer 2 Status: Layer 2 NOT Activated Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x8003 Number of L2 Discards = 0, L2 Session ID = 4 Total Allocated ISDN CCBs = 0 r1#sh isdn stat Global ISDN Switchtype = basic-5ess ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-5ess Layer 1 Status: ACTIVE Layer 2 Status: TEI = 64, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x8003 Number of L2 Discards = 0, L2 Session ID = 0 Total Allocated ISDN CCBs = 0 Still trying to make this work with the minumum 5 configuration commands:) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30596t=30589 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Half Successfull ping [7:30449]
Here is the routing table on R2 and R4. I have a hub and spoke config with frame relay between R1 - R2,R3, and the frame connection between R1 and R4 is not coming up so hence the need for a direct serial back to back from R2 to R4. R2#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set C223.2.2.0/24 is directly connected, Loopback0 172.16.0.0/24 is subnetted, 3 subnets O IA172.16.5.0 [110/128] via 172.16.1.3, 16:37:46, Serial0 O 172.16.6.0 [110/74] via 172.16.1.1, 18:17:57, Serial0 C 172.16.1.0 is directly connected, Serial0 is directly connected, Serial1 10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks O IA10.1.11.1/32 [110/65] via 172.16.1.1, 18:17:57, Serial0 O IA10.1.12.1/32 [110/65] via 172.16.1.1, 18:17:57, Serial0 O IA10.1.31.1/32 [110/65] via 172.16.1.3, 18:17:58, Serial0 C 10.1.22.0/24 is directly connected, Loopback2 C 10.1.21.0/24 is directly connected, Loopback1 O IA10.1.32.1/32 [110/65] via 172.16.1.3, 18:17:58, Serial0 R4#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set C223.4.4.0/24 is directly connected, Loopback0 172.16.0.0/24 is subnetted, 2 subnets C 172.16.6.0 is directly connected, Ethernet0 C 172.16.1.0 is directly connected, Serial1 10.0.0.0/24 is subnetted, 2 subnets C 10.1.42.0 is directly connected, Loopback2 C 10.1.41.0 is directly connected, Loopback1 As you can see there is no direct connection shown between serial 1 on R4 which is 172.16.1.4 which is directly connected to serial 1 on R2 172.16.1.5 . It may have something to do with the load balance or another path to the same source. Any suggestions welcome and appreciated. Thank you, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30484t=30449 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Half Successfull ping [7:30449]
The problem is fixed. Must have been some type of routing issue with those addresses. I changed the addresses and getting 100% success on the pings. Thanks to all for there suggestions. 22:06:13: %SYS-5-CONFIG_I: Configured from console by console R2#ping 192.168.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 40/41/44 ms R2# 22:06:21: IP: s=192.168.1.2 (local), d=192.168.1.1 (Serial1), len 100, sending 22:06:21: IP: s=192.168.1.1 (Serial1), d=192.168.1.2 (Serial1), len 100, rcvd 3 22:06:21: IP: s=192.168.1.2 (local), d=192.168.1.1 (Serial1), len 100, sending 22:06:21: IP: s=192.168.1.1 (Serial1), d=192.168.1.2 (Serial1), len 100, rcvd 3 22:06:21: IP: s=192.168.1.2 (local), d=192.168.1.1 (Serial1), len 100, sending 22:06:21: IP: s=192.168.1.1 (Serial1), d=192.168.1.2 (Serial1), len 100, rcvd 3 22:06:21: IP: s=192.168.1.2 (local), d=192.168.1.1 (Serial1), len 100, sending 22:06:21: IP: s=192.168.1.1 (Serial1), d=192.168.1.2 (Serial1), len 100, rcvd 3 R2# 22:06:21: IP: s=192.168.1.2 (local), d=192.168.1.1 (Serial1), len 100, sending 22:06:21: IP: s=192.168.1.1 (Serial1), d=192.168.1.2 (Serial1), len 100, rcvd 3 R2# pod1-termserv#4 [Resuming connection 4 to r4 ... ] R4#ping 192.168.1.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds: ! Success rate is 100 percent Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30486t=30449 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Half Successfull ping [7:30449]
Anyone have an ideas on this half successfull ping across two directly connect serial interfaces? Clock rate, encapsulation, controllers and cables look OK. Address on R4 is 172.16.1.4/24 and R2 is 172.16.1.5/24 . Here is the ping from R4 R4#ping 172.16.1.5 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.1.5, timeout is 2 seconds: .!.!. Success rate is 40 percent (2/5), round-trip min/avg/max = 32/32/32 ms Same thing from R2 to R4 R2#ping 172.16.1.4 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.1.4, timeout is 2 seconds: !.!.! Success rate is 60 percent (3/5), round-trip min/avg/max = 28/30/32 ms Thanks Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30449t=30449 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: certification salary posting [7:30237]
As usual these average salaries are totally inflated and unrealistic!! Microsoft and Cisco ! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30274t=30237 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF/Frame -Network Type [7:28550]
I have 4 routers with a frame switch inbetween them and configured r1 is the hub router with 2 dlci with one sub int to r2 and r3 and then 1 dlci with another sub int going to r4. r3 is the only router with physical interface and r1,r2,r3 all have sub interfaces and the dlci statements. R3 requires map statments to reach r2 and r4 . My questions is about the network type used in OSPF . If I change all frame ospf int network type to point to mulit point all my routes show up and OSPF works fine, but if I use all non broadcast OSPF net type then OSPF routes and are not there and OSPF does not work right. This lab calls for me to use the non broadcast OSPF network type. Does anyone know how I can make this config work using the non broadcast OSPF network type instead of point to multipoint? Thanks in advance. Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=28550t=28550 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
clearing a terminal server session [7:28560]
I am getting this error when I try to access a router from the term server ts#r1 Trying r1 (1.1.1.1, 2097)... % Connection refused by remote host I think I have a session stuck and I cannot get into the router. I know about the dissconect comand but does any one know how i can clear this session from the term server to access R1 again. Thanks, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=28560t=28560 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Frame relay problems [7:28569]
Does anyone know why I am seeing active pvc's on this hub and spoke frame relay config and only getting half succesfull pings. I had to delete the dlci and interfaces and then reload the router because I changed the interface type from point to multi. Or really just create a new sub interface. See below what I am getting: Thanks This is a spoke router: r4#sh frame map Serial0 (up): ip 0.0.0.0 dlci 401(0x191,0x6410) broadcast, CISCO, status defined, active Serial0.1 (up): point-to-point dlci, dlci 401(0x191,0x6410), broadcast status defined, active r4#ping 172.16.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds: !.!.! Success rate is 60 percent (3/5), round-trip min/avg/max = 68/68/68 ms r4# This is a hub: r1#sh frame map Serial0.3 (up): ip 172.16.1.3 dlci 103(0x67,0x1870), dynamic, broadcast,, status defined, active Serial0.3 (up): ip 172.16.1.2 dlci 102(0x66,0x1860), dynamic, broadcast,, status defined, active Serial0.2 (up): point-to-point dlci, dlci 104(0x68,0x1880), broadcast status defined, active r1#ping 172.16.1.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds: !.!.! Success rate is 60 percent (3/5), round-trip min/avg/max = 68/68/68 ms r1# And then from r3 which is a spoke router using a physical interface with map statments I cannot connect to the other spoke routers at all. r3#sh frame map Serial0 (up): ip 172.16.1.5 dlci 301(0x12D,0x48D0), static, CISCO, status defined, active Serial0 (up): ip 172.16.1.1 dlci 301(0x12D,0x48D0), dynamic, broadcast,, status defined, active Serial0 (up): ip 172.16.1.2 dlci 301(0x12D,0x48D0), static, CISCO, status defined, active r3#ping 172.16.1.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds: . Success rate is 0 percent (0/5) r3# Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=28569t=28569 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
HSRP Timers [7:26967]
I noticed when I was configuring and HSRP standby goup of two routers that when I changed the hello timers on the standby router that they did not change when i did a show standby they remained the same, but when I changed the timers on the active router with the highest priority it changed both the active and the stanby routers . Has anyone else noticed that behavior or have any comments about changing the timers on HSRP routers? I just thought it was strange that when changing the timers on the active router it changed the timers on the stanby router without even touching it. Thanks Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26967t=26967 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE WRITTEN [7:26164]
Exaclty 70%. There are different sections just like all the rest of Cisco exams and your score is tallied on how well you did on each section. From the way I understand it , different quiestions are wieghted differently. Like some may be worth more than others. My favorite book was the CCIE prep Kit . Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26173t=26164 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Two default routes on the same router [7:25750]
Does anyone know if you can have two completley different default routes and on the same router in totally two different subnets pointing to two totally different gateways? For instance ip route 0.0.0.0 0.0.0.0 25.13.240.1 ip route 0.0.0.0 0.0.0.0 65.11.213.1 Will the router parse each one separatley or will neither one of them work? This is on a 2514 . Thanks Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25762t=25750 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Two default routes on the same router [7:25750]
Does anyone know if you can have two completley different default routes and on the same router in totally two different subnets pointing to two totally different gateways? For instance ip route 0.0.0.0 0.0.0.0 25.13.240.1 ip route 0.0.0.0 0.0.0.0 65.11.213.1 Will the router parse each one separatley or will neither one of them work? This is on a 2514 . Thanks Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25750t=25750 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Mentor Technologies [7:24550]
I feel bad for the instructors and employees but what about the students and customers like me who have paid for classes and may not get there classes or refund? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24710t=24550 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCDP [7:24433]
Thats a tough exam. I used Robert Padjens and Todd Lamles Sybex CID study guide. That was certainley adequate. I also took a Boson exam or two. the worst part is all the old technologies and the old Stratacom switch stuff and LANE. Cisco badly needs to revise this old and outdated exam. Its from at least back in 1997! Good luck! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24489t=24433 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Fate of Mentor Technologies [7:24491]
Does anyone have any up to date news on wether Mentor is going out of bussiness or not? They still owe me some classes that have been paid for. Last week, as of Friday, the employess and instructors still had not got paid for there last checks. Based on that it does not look good. Thanks, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24491t=24491 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco 4000 Router as Frame-Relay Switch [7:24450]
I dont think you can ping a serial interface on the same router your on. Serial interfaces are not able to be pinged from the same device. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24493t=24450 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Reload to completely remove a DLCI/PVC [7:23476]
Apparently after some experimentation, if you save your config after you creat the dlci's before: ! interface Serial0.1 multipoint ip address 2.1.1.1 255.0.0.0 no ip route-cache frame-relay interface-dlci 101 frame-relay interface-dlci 102 and the save your config after you remove your dlci's then they are gove from the config file after: interface Serial0.1 multipoint ip address 2.1.1.1 255.0.0.0 no ip route-cache But this is only one scenario, like a multipoint subint with associated with 2 dlci's /pvc and I did not try to delete the sub interface so I am not sure how the router will behave if I try other senarios Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23512t=23476 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FW: 12.2 New features. [7:23396]
This is what i am running on my 2514. Seems to have a complete feature set of all the latest and greatest. Are they really going to upgrade for the lab exam to 12.2 in Nov? flash:c2500-jos56i-l.121-10.bin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23406t=23396 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Reload to completely remove a DLCI/PVC [7:23476]
Anyone, Is there any way to remove a frame dlci or pvc without reloading the router? Just doing a no form of the frame int dlci command does not seem to work? Thanks Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23476t=23476 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]