RE: CCSP [7:57713]
I disagree. CCSP fits in the Cisco Professional Certification scheme much better than CSS1. Also for your additional SAFE exam you geta 3 year cert instead of a 2 year. Looks to me like CSS1 was a proving ground for Cisco before going ahead with a mainline cert like CCSP. I have one more test to complete to get my CSS1. I plan to get it and then go for the SAFE exam to get the CCSP cert. I think the CCSP cert will be much more accepted than the CSS1 has been. Cisco's new redisign of it's testing base is a welcome change. Technology is always changing and the Certification Exams should reflect this. Thank You, Leslie McIntosh Sr. Network Engineer Deloitte Touche Outsourcing -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tue 11/26/2002 2:40 AM To: [EMAIL PROTECTED] Cc: Subject: RE: CCSP [7:57713] Hi, I can't agree more. I won't bother taking another cisco exam that doesn't provide any clear value. CSS-1 has not been widely recognized, and yet it is slated to be retired. I won't expect much coming from CCSP and the three other security cert. I am beginning to have a negative bias on Cisco exams that shortlived or frequently changed as a mean to revenue-earning .. Regards, Leonard Ong, CISSP, CSS-1, CCSE+, CCMSE CCNP, CCDP, MCSE, MCDBA, LCP Network Security Specialist, APAC NOKIA Email. [EMAIL PROTECTED] Mobile. +65 9431 6184 Phone. +65 6723 1724 Fax.+65 6723 1596 -Original Message- From: ext Godswill HO [mailto:[EMAIL PROTECTED] ] Sent: Wednesday, November 20, 2002 7:56 PM To: [EMAIL PROTECTED] Subject: RE: CCSP [7:57713] If you take one of the 3 specialized courses plus MCNS exam, you become a Specialist in that area eg 1. CSPFA+MCNS = Firewall Specialist 2. CSVPN+MCNS = VPN specialist 3. IDSPM+MCNS = IDS Specialsit For a Limited time more: CSPFA+CSVPN+IDSPM+MCNS = CSS1 Also CSPFA+CSVPN+IDSPM+MCNS+SAFE= CCSP From now till 09/03 People like my humble self who already have the CSS1 designation would need take only the SAFE exam to become CCSP. I did not see any true meaning to all these. Cisco should know better. my 0.02 Regards Godswill CCNP,CCDP,CSS1 (CSPFA for Firewall, CSVPN for VPN, and CSIDS for IDS) --- Creighton Bill-BCREIGH1 wrote: Nevermind - sometime earlier they enabled the links... -Original Message- From: Creighton Bill-BCREIGH1 [mailto:[EMAIL PROTECTED] ] Sent: Tuesday, November 19, 2002 3:07 PM To: [EMAIL PROTECTED] Subject: RE: CCSP [7:57713] Good Info! I tried following the link for those new Specialist certs on Cisco's site, but the link is broken - are Specialists defined now by completing only the individual exams? (CSPFA for Firewall, CSVPN for VPN, and CSIDS for IDS) -Original Message- From: Peter.Walker:[EMAIL PROTECTED] [mailto:Peter.Walker:[EMAIL PROTECTED]] Sent: Tuesday, November 19, 2002 2:53 PM To: [EMAIL PROTECTED] Subject: Re: CCSP [7:57713] Joshua The CCSP is basically just a realignment of the current Cisco Security Specialist 1 certification into the Cisco Professional track. It does add one more exam to the requirements but other than that no real change. Cisco has even 'generously' allowed current CSS1s to take the remaining exam to get the cert. :-) As for the new specialist level certs, they are just dumbed down ^H^H^H^H^H^H^H^H^H^H^H more focussed variations of the CSS1. I really dont think Cisco have thought this one through as anyone who attains CCSP (with the current versions of the exams), will also automatically get three specialist level certs. In my opinion this totally devalues the specialist level certs. They should be something that takes specific specialised skill and knowledge to attain, not something you get for free as part of the process of attaining an intermediate level professional qualification. Peter Walker CISSP, CSS1, CITPSS, CCNP, CCIP, CCDP, etc (Putting flame proof clothing on) Joshua Green wrote: Anyone else hear about the new CCSP cert that Cisco is offering?! It's about time! Although I wish some of the other Professional level certs would count towards it in some way... I also like the three new Specialist level certs! Thank you, Joshua Green; MCSE, CCNA [EMAIL PROTECTED] CityScape Communications 2040 Timberbrooke Drive Springfield, IL 62702 (217) 793.6238 x18 (217) 793.6275 fax (217) 306.6201 cell [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Web Hosting - Let the expert host your site http://webhosting.yahoo.com i=58094t=57713 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure
RE: Show running-config all at once [7:54367]
I just use show tech-support when I want my running-config without page breaks. I need the Page breaks due to the nifty feature of HyperTerminal with XP scambling the buffer once it gets full... Les -Original Message- From: Tim Metz [mailto:[EMAIL PROTECTED]] Sent: Fri 9/27/2002 4:12 PM To: [EMAIL PROTECTED] Cc: Subject: Re: Show running-config all at once [7:54367] so that's what that does, and that explains why cisco works is always using it. Tim John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED] ... Use terminal length 0 from priveleged mode to turn off the more prompt. HTH, John Don Claybrook 9/27/02 2:29:31 PM Hello. A customer asked me if I knew of a way to show the running configuration all at once, not page-at-a-time (-more-). I have no idea, but any hints, clues, or outright answers would be appreciated. Thanks. i=54372t=54367 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] - This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. - If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54423t=54367 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Question [7:53832]
Tom, Sweet. Let me know if that does not Solve your issue. You peaked my curiosity on this one. Thank You, Leslie McIntosh Sr. Network Engineer Deloitte Touche Outsourcing -Original Message- From: Tom Nielsen [mailto:[EMAIL PROTECTED]] Sent: Sun 9/22/2002 8:52 PM To: [EMAIL PROTECTED] Cc: Subject: RE: PIX Question [7:53832] Well... Close. I was using conduit statements more so than access lists. After seeing what you had put down, I think my error was in the global statement. I had... global (outside) 1 interface Tom i=53875t=53832 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] - This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. - If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53893t=53832 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Question [7:53832]
Tom, I am seeing the following: configure terminal access-list 101 permit tcp any host x.x.17.34 eq ftp access-list 101 permit tcp any host x.x.17.34 eq www access-list 101 permit tcp any host x.x.17.34 eq smtp !PAT for extenal web access global (outside) 1 x.x.17.34 nat (inside) 1 192.168.0.0 255.255.0.0 0 0 !Port redirection for email, ftp, web server static (inside,outside) tcp x.x.17.34 ftp 192.168.x.x ftp netmask 255.255.255.255 0 0 static (inside,outside) tcp x.x.17.34 www 192.168.x.x www netmask 255.255.255.255 0 0 static (inside,outside) tcp x.x.17.34 smtp 192.168.x.x smtp netmask 255.255.255.255 0 0 !allow external access to email, ftp, web server access-group 101 in interface outside exit Is this similar to what you have? Are you seeing anything in the Xlate table indicating that the internal users are at least getting a xlate on the PIX? I am more familiar with conduit statements, but the ACL's are the same. I think I would take this back to PAT if there are still issues. Prove PAT then add statements to see what is killing the connections. Les -Original Message- From: Tom Nielsen [mailto:[EMAIL PROTECTED]] Sent: Sun 9/22/2002 12:11 AM To: [EMAIL PROTECTED] Cc: Subject: RE: PIX Question [7:53832] I saw that in my search for the answer. When I try to implement it, the only device that is able to get on the internet is the device hosting the website/email. All other workstation could resolve the internet websites but could not browse. Tom i=53841t=53832 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] - This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. - If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53843t=53832 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Question [7:53832]
Tom, Having just passed my CSPFA and MCNS exams in the last month, I thought I was pretty on top or the PIX thing Then you ask about Port Redirection, so my curiosity is peaked and I had to do some Cisco.com surfing. I found a Link that deals specifically with NAT and port redirection: http://www.cisco.com/warp/public/707/28.html I do not think I covered a single chapter/question about port Redirection on my exams/study guide (Cisco Press). Check out the link, it looks pretty cool! Now I am going to have to get a 501 and try that at the house! Thank You, Leslie McIntosh Sr. Network Engineer Deloitte Touche Outsourcing CCNA, CNE5, Network+, A+ - Working on CSS1 (3 of 4) -Original Message- From: Tom Nielsen [mailto:[EMAIL PROTECTED]] Sent: Sat 9/21/2002 8:01 PM To: [EMAIL PROTECTED] Cc: Subject: PIX Question [7:53832] Basic configuration issue. I have a very simple configuration. I have a PIX Firewall with 2 Interfaces (Inside,outside). I have an internal network, 192.168.0.0/16. The outside interface is x.x.17.35 - I have one additional IP Address x.x.17.34 that everyone has to nat out. The address (.34) also will handle all incoming mail, web and FTP requests and redirect it to a server in the 192.168.0.0/16 network. I am confused on the the Static, global and NAT commands for this configuration... any help would be appreciated. tom i=53832t=53832 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] - This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. - If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53837t=53832 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Remote Sites and Disaster Recovery Site [7:36704]
Victor, I am planning a VPN for a local non-profit my self as a volunteer project. I have been reading the Cisco Press CSVPN book. Part of the configuration that you can do as a backup is to specify multiple peers at your remote site for redundancy. The top of Page 92 Chapter 3 indicates that the remote router (in your case) will contact the first peer, and if that peer cannot be contacted then it will contact the next peer. The book also indicates that there is no limit to the number of peers you can specify. With that in mind, I would plan on pointing the remotes to the master VPN site as peer one and the backup VPN site for peer two. This should (in theory) kick the remote peers over to backup site once the remote peer tries to reconnect to the master peer. This has been a very good book in planning the VPN project that I am working on. Also note that I have only been reading the theory, I will be doing an actual implementation in March, so please correct me if I am wrong. I would like to hear from you after this is in place and see how the consistent the VPN connectivity is and what kind of throughput you achieve. Anyone else have any input on how their VPN's are doing? Do they compare with Frame Relay? Is the Internet too unstable to fully support a business VPN to a small branch office? Thank You, Leslie McIntosh Network Engineer Deloitte Touche (918)461-4894 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Victor Alegun Sent: Wednesday, February 27, 2002 3:01 PM To: [EMAIL PROTECTED] Subject: Remote Sites and Disaster Recovery Site [7:36704] We have a bunch (say 25) of remote sites connected to our primary data center through point-to-point circuits ranging from 56k to T1s. We are planning to replace these circuits with VPN connection and use ISDN as a backup. My question is what is the best solution that will fit in this scenario and be able to reconnect these sites to a DR (Disaster recovery site) in the event of disaster. DR site is to be built with links to the primary data center. Bear in mind that this is a health organisation (non-profit) Money is tight, we are barely making the operational budget. Need a solution that is cheap and will meet our needs. Hints-- we are considering 1.) point-to-point for both primary and backup 2.) VPN and 3.) Frame-relay. Any help will be appreciated. Thanks. - This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. - If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36822t=36704 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Token Ring MAU connections [7:36746]
Not sure about the UK, but eBay is practically giving Token Ring equipment away. I picked up a RJ45 16 port MAU for @ $10 shipped. Thank You, Leslie McIntosh Network Engineer Deloitte Touche (918)461-4894 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Danny Sent: Wednesday, February 27, 2002 6:16 PM To: [EMAIL PROTECTED] Subject: Token Ring MAU connections [7:36746] I have a pair of 8228s with type1 connections but only a couple of converters between the hybrid IBM connections and DB9s - anyone know of a nice cheap source (in the UK) for such things? BlackBox sell them at around 35 pounds sterling (um .. $50 or so) which makes it kinda expensive. Or does anyone here have any going ? cheers Danny - This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. - If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36818t=36746 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Simulator [7:36654]
Kevin, I am not sure how it works (I would love to know!), but I have see PC's claiming to run PIX IOS software for this very purpose on eBay for @ $1000. Only if I were going to spend that much I would just buy a PIX 506 baby firewall then have some resale value. I would love to know if anyone knows how to setup a PIX on a PC for testing purposes (I have spare PC's at the house). I am currently studying for my CSVPN, but I am having to do some configuration on our PIX 520, so I am reading my CS PIX advanced Cisco Press book as well. Thank You, Leslie McIntosh Network Engineer Deloitte Touche (918)461-4894 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of kevhed Sent: Wednesday, February 27, 2002 9:48 AM To: [EMAIL PROTECTED] Subject: PIX Simulator [7:36654] Does anyone know of or can recommend a PIX IOS simulator? I'm gearing up for the CSS1 cert and need some experience on a newer version of pix ios. We have a pix but it's running some ancient ios (2.7.11) and there's no upgrade in for it in the near future. So I'm hoping to find a simulator (if one exists) to practice on a newer ver of ios. Thx in advance. -- Kevin Keay (N+,CNE,CCSE,CCDP,CCNP) Sr. Network Specialist Ondeo-Nalco - This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. - If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36659t=36654 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How does repeater work? [7:36323]
Good question, I always think of a repeater as a 2port hub (what comes down one wire is repeated down the other). I took a moment to look it up and a repeater can also act as a transceiver, but only in the idea of changing media types - i.e. CAT5 to Fiber for linking buildings. A repeater cannot join dissimilar networks i.e. token ring and Ethernet (learned something new). That is the short version. FYI - I found this information in my Microsoft Press - Encyclopedia of Networking. Thank You, Leslie McIntosh Network Engineer Deloitte Touche (918)461-4894 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of mlh Sent: Saturday, February 23, 2002 2:19 PM To: [EMAIL PROTECTED] Subject: How does repeater work? [7:36323] Could anybody tell me how repeaters work ? I don't understand how repeater can regenerate the two-way signals from both segment connected to the repeater. Isn't it forming a loop? Pls forgive me asking the stupid question. Thanks in advance. mlh - This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. - If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36339t=36323 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Trunk Modes Perspective [7:36016]
Try Amazon. COM, Barnes and Noble is out there and there are a bunch more book sales on the net, then you do not have to fight the traffic to find that book you want. Thank You, Leslie McIntosh Network Engineer Deloitte Touche (918)461-4894 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Pierre-Alex GUANEL Sent: Thursday, February 21, 2002 10:34 AM To: [EMAIL PROTECTED] Subject: RE: Trunk Modes Perspective [7:36016] Thanks again ... I wished we add a major bookstore in Fairfield Do you have a real world practical example of when you used one versus the other I would like to share something concrete with my class tonight... Pierre-Alex -Original Message- From: Daniel Cotts [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 10:28 AM To: 'Pierre-Alex GUANEL'; [EMAIL PROTECTED] Subject: RE: Trunk Modes Perspective [7:36016] ... And the answer comes from ... you guessed it ... Cisco LAN Switching by Clark and Hamilton. page 320 The 'desirable' mode causes a Catalyst interface to inform the remote end of its 'intent' to enable ISL, but does not actually enable ISL unless the remote end agrees to enable it. The remote end must be set in the 'on', 'auto', or 'desirable' mode for the link to establish an ISL trunk. Do not use the 'desirable' mode if the remote end does not support DISL. Configuring a Catalyst in 'auto' mode enables the Catalyst to recieve a request to enable ISL trunking and to automatically enter that mode. The Catalyst configured in 'auto' never initiates a request to create a trunk and never becomes a trunk unless the remote end is configured as 'on' or 'desirable'. The 'auto' mode is the Catalyst default configuration. In when enabling a trunk you do not specify a mode, 'auto' is assumed. A Catalyst never enables trunk mode when left to the default value at both ends. When one end is set as 'auto', you must set the other end to either 'on' or 'desirable' to activate a trunk. -Original Message- From: Pierre-Alex GUANEL [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 20, 2002 6:36 PM To: [EMAIL PROTECTED] Subject: Trunk Modes Perspective [7:36016] In the real world when would you set a trunk type in auto rather than desirable? Both will be triggered when the connected device is set to on, desirable (or auto when setup with desirable). Thank you, Pierre-Alex - This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. - If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36109t=36016 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]