help [7:75225]

[Paul Borghese]

help




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75225t=75225
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: help [7:75225]

[Paul Borghese]

Oops!  I am moving the mailing list users to a new server and was testing
the new server.  I inadvertently sent one of the test messages to the active
list.  At 3:00 AM when stuff is not working, yelling help does not seem
like a bad idea :-).

By the way, the move should be done by this afternoon.  Unless I get tied up
with something else, you will receive a welcome message (those that read via
e-mail) describing the new server.

Take care,

Paul 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
annlee
Sent: Thursday, September 11, 2003 8:07 AM
To: [EMAIL PROTECTED]
Subject: Re: help [7:75225]

problem?

Paul Borghese wrote:
 help
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75249t=75225
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Mailing list conversion we are moving .... [7:75275]

[Paul Borghese]

If you are subscribed to this list via e-mail, we will be transitioning to a
new server with new software.  Within the next few hours you will receive a
welcome message from the new server.Please save this e-mail as it
contains your password and subscription instructions.

If you never receive the welcome message, and you are receiving this list
via e-mail, please send me an e-mail.  If you are not receiving messages
from the new server once the transition is complete, again please report it.
In both cases, before you report it, please make sure it is not a problem on
your end (i.e. your anti-spam filters etc.).

The upgrade should take care of a number of problems including the time
required to distribute mail and various digest options.

Also, do not forget about our online meeting -- 8:00 PM at
Chat.GroupStudy.com!

Take care,

Paul Borghese




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75275t=75275
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: help [7:75225]

[Paul Borghese]

Oops!  I am moving the mailing list users to a new server and was testing
the new server.  I inadvertently sent one of the test messages to the active
list.  At 3:00 AM when stuff is not working, yelling help does not seem
like a bad idea :-).

By the way, the move should be done by this afternoon.  Unless I get tied up
with something else, you will receive a welcome message (those that read via
e-mail) describing the new server.

Take care,

Paul 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
annlee
Sent: Thursday, September 11, 2003 8:07 AM
To: [EMAIL PROTECTED]
Subject: Re: help [7:75225]

problem?

Paul Borghese wrote:
 help
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75274t=75225
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

New Voice chat system for GroupStudy.com [7:75175]

[Paul Borghese]

We have installed a new voice chat system on GroupStudy.  Go to
chat.groupstudy.com for more information.  You will be able to make private
and moderated rooms for informal lectures or discussions.

 

Take care,

 

Paul Borghese




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75175t=75175
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Cisco Professional Online Meeting tomorrow (Sept. 11) evening [7:75214]

[Paul Borghese]

Our first Cisco Professional online discussion will be held tomorrow evening
from 8:00 PM EST to whenever.  Our current plans are to meet in the
GroupStudy voice chat room (room CCNP) every week to discuss topics of
interest for people studying for CCNP level certifications.  This first
meeting we will decide on the schedule and topics of future meetings.  We
will also need volunteers to act as administrators of the room.

 

Please try and test your setup before the meeting.

 

Go to chat.groupstudy.com for instructions on how to participate.

 

Take care,

 

Paul Borghese




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75214t=75214
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Exam #642-891 BSCI/BCMSN Composite Exam [7:74915]

[Paul Murphy]

Scott,

I just took the composite exam this morning and passed.

First of all, the information given on the cisco site, 

(http://www.cisco.com/warp/public/10/wwtraining/certprog/testing/current_exams/642-891.html)

is incorrect. There are 88 questions, not 55-65 and the test is not 60
minutes, its' 120 minutes.

To study for the exam, I used Sybex-BSCI and
Sybex-Switching(copyright2003)and Sybex-CCIE study guide (copyright 2003).

I highly recommend you read the CCIE study guide, also.

Difficulty level on a 1-10 scale... 8 (in my opinion).




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74917t=74915
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Slow Browsing via 500 Pix firewall [7:74583]

[Paul]

Hi, I have had similar problems in the past when one person was downloading
several Linux ISO's from there PC all at once !!! They had come in early to
do so. After doing a clear xlate the problem was resolved and everyone could
browse at the normal speed. The person started their ISO donwloads again but
at a slower speed and one at a time. If you know of a user similiar to this
you can clear only their xlate and leave everyone elses alone. Hope this
helps.

Regards

Paul ...

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
Jurkouich, Brett, CNTR, DCAA
Sent: 02 September 2003 19:20
To: [EMAIL PROTECTED]
Subject: RE: Slow Browsing via 500 Pix firewall [7:74583]


Try turning off the port 80 inspecting with the no fixup protocol http
80 command

-Original Message-
From: Faisal [mailto:[EMAIL PROTECTED]
Sent: Monday, September 01, 2003 1:38 AM
To: [EMAIL PROTECTED]
Subject: Slow Browsing via 500 Pix firewall [7:74583]


Hi All,
I am having problem of slow or interminnent browsing through pix
firewall. If I bypass the traffic speeds are fine. But if all that
traffic is going via firewall then it becomes extremely slow. Please
anybody can help me how to sort this out.

Regards
Faisal
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74688t=74583
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Cisco ICS 7750 experiences [7:74481]

[Paul Ingram]

Hello,
I will be rolling out IPCC express and the 7750 in early Nov. at our call
center (65 agents) and HQ 27 VP exec types.  These two sites will be
contacted by a PtP T1 just for voice.  I am a little worried about call
quality; did you get the echo taken care of?  Any other tips you can pass on
would be great.  We have very simple call flow so the IPCC I am not to
worried about but the whole project could effect 70% of our revenue (the
call center) which equals about 80 million so I am stressed. :(
I have decide to have 1 7940 on each desk and media termination points
installed on the PCs for the CC agents to use.  I feel this gives them the
opportunity to use basically the soft phone but not relying on the PC for
the sound card.  Also not all desk our on the generator so if we lose power
everyone will still have a phone.  All network equipment will be on the
generator.  I am hoping by not using the PC sound card some of the voice
quality problems will not be an issue.

Let me know how it goes.

~Paul~

 -Original Message Snip-

 got it configured pretty quick and, once it was up and I was making calls
 across my PSTN, the only issues I had were a little echo.  Other than
 that,
 it is
 a good system.  VERY SCALABLE, yet compact.  I like it.
 
 Rob Hugo
 Senior Network Engineer
 STL Technology Partners

---
{This E-mail scanned for viruses by Declude Virus/McAfee}




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74574t=74481
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

GroupStudy Server [7:74437]

[Paul Borghese]

The server circuit breakers fired do to the continuous internet worm
outbreaks.  Please resend if you sent a message that did not appear on the
list.

Also, any recommendations for a LOW COST 1u server we may use to replace the
current GroupStudy server?

Thanks!

Paul


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74437t=74437
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Linux [7:74168]

[Paul Ingram]

Hello,
Try http://linux.org  or  http://www.linuxcentral.com/_v3/
http://www.isu.edu/departments/comcom/unix/workshop/unixindex.html 

Also a good book that is not focused on one vendor is the LPIC Bible.  And
of course always O'Reilly has many on *nix.
Also Using Linux ISBM: 078716232

Last year I went hard at learning *nix I feel it was the best move I could
do.  It really opens up a lot of tools and a different way of looking at
computing which I found helps in every area.
~Paul~


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 Sent: Tuesday, August 19, 2003 7:54 AM
 To: [EMAIL PROTECTED]
 Subject: Linux [7:74168]
 
 Which website(s) is the best to get the know how with Linux - beginner
 level

---
{This E-mail scanned for viruses by Declude Virus/McAfee}




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74185t=74168
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Trunking ISl and 802.1q [7:74059]

[Paul Ingram]

They are very expensive!  I was able to get one through our purchase of an
AVVID solution at work.  I got it for training and I can run home and get it
for a hot spare if needed.  I was told if I get my CCNP and Voice Specialist
I could have it so...
We did get these at a very good price.  CISCO was really pushing to install
the IPCC over the AVAYA  3Com solutions we where looking at.  I just hope
we did not jump in over our heads.  But anything has to be better then the
old ROLM we had.

~Paul~

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 Sent: Sunday, August 17, 2003 1:42 AM
 To: [EMAIL PROTECTED]
 Subject: RE: Trunking ISl and 802.1q [7:74059]
 
 How much or how did you pick up a 3550?  I thought they were so expensive?
 Please do tell...
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
 http://www.groupstudy.com/list/cisco.html

---
{This E-mail scanned for viruses by Declude Virus/McAfee}




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74088t=74059
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Trunking ISl and 802.1q [7:74059]

[Paul Ingram]

Hello,
Kind of confused on switch types and trunking.
Do I understand correctly that WS-c2950X can not do ISL?
And that WS-C2912-XL-EN can?
Can 19xx do ISL or 802.1q?
I am going of this link
http://www.cisco.com/en/US/tech/tk389/tk390/technologies_configuration_examp
le09186a00800949fd.shtml

Can some point me to a 1900 link?  I can seem to fine a good one.  Or
anything else that might help.  I like to try and figure this stuff out
instead of being hand feed but I am stumped.  Maybe I need to walk away I
have been at it all day. :)

I am trying to finish putting my lab together and need to know to finish
purchasing the switches.  

Also how many makes a good lab? Or do I need any more?  How many are good to
have for practicing SPT and trunking.  


I currently have 
1-3550 (this the new PoE type)
1-1912 (enterprise edition)
1- 1201 (not sure if this good for much)

I have the chance to get 2 WS-C2912-XL-EN and am not sure if I need both or
just one.

---
{This E-mail scanned for viruses by Declude Virus/McAfee}




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74059t=74059
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Sub topic off ILS and 802.1q post [7:74060]

[Paul Ingram]

Thought I should move this section.

Also I really am trying to learn QoS and voice stuff in the long run.  The
Co I work for will be installing a 7750, 67 phones and IPCC express at one
site and at our HQ 27 phones with (RSVT ..i think that's right) connected
over a PTP line back to the 7750 in late Nov.  And guess who is supposed to
handle the whole thing.  Yours truly!!  

I am also interested in building a SIP server and MG at home in my lab.  I
would rather mess with CM, anyone know of a way to get Callmanger to install
on anything other then the appoved cisco systems?

I have a lot of studying to do in the next couple months (year) I figure I
might go ahead for the CCIE since I have all this nice green equipment at
home and work to use and play with.

This what I have for a lab anything I should add?
2-2610 with FXS ports 2 serial
1-2511
1-2507
1-2503
2-4500  4 serial, 2 ethernet, and 1-OC3 ATM SM card each
2 -AGS+ with a lot of ports 2 FDDI, 2 token ring, 6 Ethernet, 6 serial
1-vconsole 4 port ISDN sim (all ports active 2 U and 2 ST)
1-3550
1-1912
1-1201

I have seen several post on what should be in a lab maybe someone could put
a FAQ together on lab configs for different types of studies.  Or is there
one some where?



Thanks,
~Paul~

---
{This E-mail scanned for viruses by Declude Virus/McAfee}




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74060t=74060
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

How to study..Self or Classes [7:73624]

[Paul Ingram]

Hello,
I have a simple question.  Has anyone used Knowledgenet for thee CCNP cert?

I have put together the following lab and I am not sure I should go for the
classes or just do the self pace thing.  Also if I self pace I am not sure I
will be able to get the new exam materal.  Does anyone know if CISCo Press
is going to put it out?  I heard they where not.  I guess there is SYBEX. 
Are they good?

Lab and thing i have missed please let me know:
2 - Cisco 2610 Router, 64/16
2 - Cisco NM-1V 1-Slot Voice Network Module
2 - VIC-2FXS 2-Port Voice Interface Card
1 - WIC-1B-S/T 1-Port ISDN/BRI WAN Interface Card (for the 2610)
1 - WIC-1B-U 1-Port ISDN/BRI WAN Interface Card (for the 2610)
1 - Vconsole 4 port 2S/T-2U ISDN Simulator (all 4 can be used at once)
1 - 2511 16/16
1 - 2503 16/16
1 - 2507 16/16
2 - Cisco 4500M Router
2 - Cisco NP-1A One-Port OC3 ATM Module
2 - Cisco NP-4T Four-Port Serial Module
2 - Cisco NP-2E One-Port Ethernet Module
2 - AGS+ with 6 Ethernet, 4 serial, 2 token ring, 2 FDDI ports each (still
trying to fiuge out the type of DCE DTE cables to use on the AGS+..Any Help?)
1 - Cisco WS-C1912 Switch
1 - 3550
1 - 2950
1 - 1201
7 - PII 400 256mb ram 10gb HDD systems.  OS anything from Windows 2003 Adv
Server to Linux.
1 - System config with Smoothwall as a firewall (3 Nics)

Thanks,
~Paul~


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73624t=73624
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: How to study..Self or Classes [7:73624]

[Paul Ingram]

Thanks!  You have said the exact reason I am going with Knowledgenet.  After
work it can be hard to stay focused in a book but if I have interaction
along with the book I feel I can keep my mind on it.  Also I am getting some
help from work also with the funds sowhy not.

~Paul~

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
 Mwalie W
 Sent: Wednesday, August 06, 2003 11:28 PM
 To: [EMAIL PROTECTED]
 Subject: RE: How to study..Self or Classes [7:73624]
 
 Hello,
 
 Knowledgenet courses are okay, but I feel they are by far expensive. You
 can
 use the money to get equipment.
 
 The material at knowledgenet (for the Cisco courses like BSCI) is exactly
 what is in the Cisco course book that costs $60.00. The reason I like
 knowledgenet is that being interactive, I can study even when tired at
 night, just when reading a book is nearly impossible.
 
 I think I have come to like knowledgenet; fortunately, I have not been
 paying for the courses.
 
 Good Luck!
 
 Mwalie
 CCDP
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
 http://www.groupstudy.com/list/cisco.html

---
{This E-mail scanned for viruses by Declude Virus/McAfee}




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73658t=73624
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Back to Back Routers [7:73897]

[Paul Carter]

I have a 1601 router and a 2509 to practice with. I've connected them
with a DCE/DTE cable off the s0 ports on each router and set a clock
rate on the DCE end, the 1601. On Sundays I can use a fiber connection
with this setup. I have this coming in the e0 on the 1601. The E0 on the
2509 is crossover cabled to a PC.



10Mbps in at switch(10.140.240.1/30) --- (10.140.240.2/30) e0-1601 /
s0-1601(172.16.96.1/30) --- (172.16.96.2/30)s0-2509 /
e0-2509(10.140.240.161/27)  (10.140.240.162/27)PC

10.140.240.160 is my inside network

My problem seems to be a lack of bandwidth to the PC end. At speed test
sites on the net I'm only getting about 1.6 Mbps.
I think I may be bottlenecked somewhere in the router back to back
setup. The configs are close to what they were originally set up as to
keep my boss happy in case he needs one in a hurry. I've changed the
addresses to similar types of networks but private numbers. The ethernet
ports are ARPA and the serial ports HDLC. I've set bandwidth to
1Kbps at each port. I originally had the clock rate at 64000 but
didn't know if that was a bottleneck.


--
Router1601#sh run
Current configuration:
!
version 11.2(not enough memory to upgrade)
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname 1601
!
boot system flash
enable secret 5 
enable password 7 
!
ip subnet-zero
clock timezone PST -8
clock summer-time pdt recurring
!
interface Ethernet0
 description E0 10Mbps connection to Fiber
 ip address 10.140.240.2 255.255.255.252
 media-type 10BaseT
 no cdp enable
!
interface Serial0
 description S0 to 2509 S0
 ip address 172.16.96.1 255.255.255.252
 bandwidth 1
 clockrate 400
!
no ip classless
ip route 0.0.0.0 0.0.0.0 64.240.140.1
ip route 10.140.240.160 255.255.255.224 172.16.96.2
logging buffered 4096 debugging
snmp-server community  RO
!
snip Banner stuff
!
end


Router2509#sh run
Current configuration : 2227 bytes
!
version 12.1
no service single-slot-reload-enable
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname Router2509
!
boot system flash
enable password 7 
!
!
clock timezone PST -8
clock summer-time pdt recurring
ip subnet-zero
!
interface Ethernet0
 description to LAN
 ip address 10.140.240.161 255.255.255.224
!
interface Serial0
 bandwidth 1
 ip address 172.16.96.2 255.255.255.252
 no fair-queue
!
interface Serial1
 no ip address
 shutdown
!
no ip classless
ip route 0.0.0.0 0.0.0.0 172.16.96.1
ip route 10.140.240.160 255.255.255.224 10.140.240.162
no ip http server
!
end

Any ideas?
...
...
PC




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73897t=73897
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Access server 2511 Reverse Telnet [7:73656]

[Paul Ingram]

Hello,
No ideas but I am getting the same problem!!  I usually have to CTRL+SHIFt+6
out back to my TermServer.  I try clearing the line 2 or 3 times and
sometimes I can connect other wise I have to recycle the 2511 and usually I
can get in but as soon as I leave line 7 or 8 (usually only happens on those
lines)  I can never reconnect.  I to would like some help?
Could it be a bad cable?

~Paul~

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 Sent: Thursday, August 07, 2003 6:33 AM
 To: [EMAIL PROTECTED]
 Subject: Access server 2511 Reverse Telnet [7:73656]

 Basically I have 8 devices connected and when I reverse telnet to them all
 is OK, but on when I try and connect to a 2900 XL switch I get this :
 Termserver#telnet 192.168.1.1 2006
 Trying 192.168.1.1, 2006 ..Open
 
 And thats it, nothing else. No command prompt or anything comes up on the
 screen
 
 I have configured telnet connections as exactly the same as all my other
 devices, I have IOS 12.0(5.2).

---
{This E-mail scanned for viruses by Declude Virus/McAfee}




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73659t=73656
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Grand Opening . the GroupStudy.com Store! [7:73353]

[Paul Borghese]

In order to help pay for the services of GroupStudy.com we are opening a
GroupStudy.com store, selling some of the industries best certification
products!  If you are in the market for some Cisco Certification materials,
please check us out at:

 

http://shop.groupstudy.com  

 

We have a number of products from Certification Zone including written test
practice questions and a CCNA, CCNP lab workbook.

 

IP Expert has offered us an exclusive discount off their CCIE workbooks.
Purchase from the store and receive a 5% discount!

 

Besides certification materials, we also have partnered with a company to
sell GroupStudy t-shirts, mugs, bags, etc.

 

So please keep us in mind for your next purchase!

 

Paul Borghese




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73353t=73353
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco Routers and Switches [7:72852]

[Paul H]

Survey says Ebay. We built our home lab for way under any of the other
packages (includes VOIP). 10 routers and 2 switches with remote access to do
labs from anywhere.

Good luck and happy shopping,
NT2

 wrote in message
news:[EMAIL PROTECTED]
 Hi there,

 Can you please advise any good resource to buy used/refurbished/cheap
Cisco
 gear?

 Thanks.
 Bharat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73179t=72852
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: SHould I buy this CCNP lab? [7:73175]

[Paul H]

Looks pretty good. On Ebay most of those routers go around 200 or more
(unless they have gone down again). Not sure on the switch, I think the 1924
I have went for 250 with free shipping. The DTE/DCE cables are about 9 a
piece. Biggest thing on the 25xx routers is the 16Mb of flash, which those
have. Otherwise you have to mess with the rom chips etc. Good luck with your
lab those pieces make up a good portion of my lab as well.


i d  wrote in message
news:[EMAIL PROTECTED]
 2501x2 2503x2 2514 2912

 For a little over 1 grand?  Does this sound like a good lab and fair
price?

 thanks!  heres the break down

 Each router has 16MB of DRAM and 16MB of Flash Memory

 Each router loaded with IOS Software version 12.2(17a) Enterprise Plus
 version.

 CISCO Catalyst WS-C2912-XL-EN switch, which offers 12 10BaseT/100BaseTX
 ethernet ports, loaded with latest enterprise version IOS,


 This Kit Includes the following items:


 ### Two Cisco 2501 Routers, each unit offers one Ethernet port, two serial
 ports

 ### Two Cisco 2503 Routers, each unit offers one Ethernet port, two serial
 ports and 1 ISDN BRI port

 ### One Cisco 2514 Router, offers two Ethernet port, two serial ports

 ### One Catalyst WS-C2912-XL-EN switch,

 *** Six CAT5 Ethernet Cables

 *** Six Ethernet Transceivers

 *** Five DCE/DTE Serial Crossover Cables

 *** One Console cable kit




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73192t=73175
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Studying for CCNP switching Need a LAB??? [7:73174]

[Paul H]

If you want to save money, do the research and do it in pieces. If you want
it all there for you, buy the bundle. It just depends on how far you want to
go with your investment dollars. It also depends on if you are planning on
going further then just your ccnp. I learned a ton in setting up our lab and
pieceing it together router by router. Good luck with your lab building =)


i d  wrote in message
news:[EMAIL PROTECTED]
 Hi I am beginning my studies for my CCNP.  I work with routers and
switches
 at work, and Before that I also took the courses.  But I want to have a
full
 CCNP lab now while I read on my own to fiddle around with, and incorporate
 into my Solaris/Win2000/2003/Linux network.  I was wondering what
equipment
 is necessary?

 Ok if someone would be so kind as to break it down by certification ex..
 what i need for swithing, routing etc
 Then what would I need overall?

 Also has anyone put their CCNP lab equipment into a full network?  If so
 what does your network look like?  Did you simulate separate
LAN's/Countries
 etc...

 P.S.  Do you think it's better to buy it all at once or as needed for each
 individual test?  I know I could probably get it done by just reading and
 through my job and previous schooling.  But i really want a lab so i could
 turn that lab upside down.  I want to be able to handle any situation, i
 cant very well bring down my work routers or switches, but it can be
 simulated in a lab without fear of knocking out an entire county.

 Thanks for the help.

 I usually see on EBAY that they sell complete CCNP labs, what do you think
 of going this route?  Are they good?

 thanks sorry for the long winded post.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73191t=73174
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Emails from Nobody [7:73017]

[Paul Borghese]

Our spool directory on GroupStudy filled causing messages to be sent out as
nobody with no subject and no body. 

 

If you have received e-mails from Nobody please ignore.  The complete
message may be found on the message boards at www.groupstudy.com
 .

 

Take care,

 

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73017t=73017
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Emails from Nobody [7:73018]

[Paul Borghese]

Our spool directory on GroupStudy filled causing messages to be sent out as
nobody with no subject and no body. 

 

If you have received e-mails from Nobody please ignore.  The complete
message may be found on the message boards at www.groupstudy.com
 .

 

Take care,

 

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73018t=73018
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Free Cisco IPv4 vulnerability seminar today 7/18 [7:72569]

[Paul Borghese]

Hi Everyone,



Global Knowledge is offering a free seminar on the new IPv4 DoS
vulnerability.  I have been allowed to invite the GroupStudy members to the
seminar as I think some of you will find it interesting.  Here is the
complete invite.  Sorry for the late invite . I just found out about it
myself:



Foundstone Security Briefings:

Cisco IPv4 Remote Denial of Service Vulnerability



You're invited to a Special Web Seminar today covering this critical
vulnerability.



Earlier this week Cisco announced a serious vulnerability for all Cisco
devices that implement and are configured to process Internet Protocol
version 4 (IPv4) packets. Foundstone Labs, first to respond to this serious
risk, is offering this Security Briefing as part of a coordinated effort
designed to protect current customers and other organizations.



This vulnerability should be considered extremely critical due to the impact
and ease-of-exploitation. Devices are vulnerable to a Denial of Service

(DoS) attack and although no known exploit has been yet identified, a
complex purposely malicious sequence of IPv4 packets targeted to a
vulnerable Cisco switch or router can cause the processing interface to stop
processing traffic. This vulnerability can be executed by remote
unauthenticated users with mere knowledge of at least one interface IP
address.



Web Seminar Outline

Introduction

Overview of Cisco IOS Issues

Analysis of the Cisco IOS Vulnerability

Understanding the Impact

Protection Mechanisms

Questions and Answers



Date:  July 18, 2003

Time:  11:00 am EST



To register: http://www.globalknowledge.com/training/course.asp?pageid=10
 courseid=8157c

atid=248methodid=scountry=United+Statestranslation=English

 courseid=8157

catid=248methodid=scountry=United+Statestranslation=English




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72569t=72569
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

SPAN problem [7:72507]

[Paul]

Hi all,

Quick question, I have enabled SPAN to mirror from one port to another.
However, when doing so the transmitting port appears detached form the
network. i.e.. I cannot ping from the PC attached to that port and nothing on
the network can ping it too. When I remove the port from the session I get
connectivity again. Could anyone give me any ideas on why this is occurring
please.

I used the 'monitor session' command and left it blank at the end implying
'both' rather than explicitly specifying 'TX or 'RX. None of the ports are
involved in trunking, they are in the same VLAN and they are on the same
physical switch, and even on the same blade (4006).

Any help would be greatly appreciated.

Kind regards

Paul 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72507t=72507
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Network Analyzers [7:72346]

[Paul McLaren]

Dave,

Ethereal also comes in a Windows flavour as well which is a little more
versatile for installation options.  I have used it quite a lot and its
always done the job for me (and that has been some pretty obscure problems
solved).  I generally work on the basis of a potential theory to where the
problem is and prove it, in the required scenarios a combination of Ethereal
and Languard (from gfi.com - also free) do the trick 99% of the time.

Justify it against potential revenue saved.  How much are you losing through
suspected network problems?

Alternatively to get a feel of what you will be seeing Ethereal is good for
a start.

Also bear in mind the amount of time needed to learn how to properly use a
network analyser, so the real cost is actually alot more than $2500 or
$1.

If its your LAN or WAN then get someone else to do it, it will work out
cheaper than $10k (I hope!)

Regards

Paul


Dave C.  wrote in message
news:[EMAIL PROTECTED]
 I work for a small growing business and am currently evaluating two types
of
 network analyzer software.  EtherPeek NX and Sniffer Portable (Sniffer
Pro).

 Since the versions that I have are not the full production versions (only
 for evalutation purposes), I am limited to the functionality I can do with
 each.

 I know there is an extensive difference in price (Etherpeek NX is
somewhere
 around $2000-2500 range, and Sniffer Portable (Pro) is somewhere greater
 than $10,000.  For a small growing company, it is hard to justify over
 $10,000 for a piece of software, when I can get something comparable for
 much less, especially when we are in a time where we have to justify our
jobs.

 What I would like to know, if anyone has experience with both of these
 applications, and what capabilities that Sniffer Pro offers, that
Etherpeek
 NX does not.

 I would also like to know if anyone has experience with Ethereal (for
 Linux).  I know it is free and it has much less functionality than
Etherpeek
 NX or Sniffer, but I would like an opinion on that to.

 Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72351t=72346
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: We (Cisco mailing list) are moving ... [7:72060]

[Paul Borghese]

Thanks everyone for your offer ... but as of now I am trying to avoid
donations.  Frankly I do not think donations will cover the cost of running
GroupStudy.  Plus it will make my job 10x more difficult.

Every day I help people with subscription issues associated with GroupStudy.
Most people are pleasant, gracious, and understanding that I do this as a
hobby.  

But two or three times a week I receive an e-mail from someone or some
organization demanding I drop everything I am doing and fix whatever problem
they are having with GroupStudy.  They act as if they are paying a fortune
for the service and somehow they have a given right to participate in
GroupStudy.  In the end it is almost always an internal problem within their
organization (i.e. anti-spam filters, firewalling issues, etc.).  I can not
imagine what it would be like if those people had actually give some token
donation to GroupStudy.

So what can we do?  First we do sell banner advertising on GroupStudy.
Please remember to try and support our sponsors or maybe just send a note
saying you will keep them in mind in the future.

I also like the amazon.com model where when people purchase via GroupStudy
they get the same price but we get a kickback.  Frankly the bookstore needs
to be updated.  Anyone want to help out in that regard?

Finally I am working on a new project where I plan to take the amazon.com
model and expand it to Cisco certification products.  The idea is we will
resell Cisco certification products on GroupStudy with a percentage of the
sales going towards GroupStudy.  I am hoping to be up later this week
(assuming I can get the merchant account finalized).  If you are in the
market for certification products (workbooks, practice tests, etc.) please
keep us in mind.  

If there is a particular vendor or product you think we should resell, give
me a shout!

Take care,

Paul Borghese





-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Eagles Fan
Sent: Saturday, July 12, 2003 11:50 PM
To: [EMAIL PROTECTED]
Subject: Re: We (Cisco mailing list) are moving ... [7:72060]

Right on that one!!  don't want this list to go by the wayside.  how can I 
help?

From: Dennis Laganiere 
Reply-To: Dennis Laganiere 
To: [EMAIL PROTECTED]
Subject: Re: We (Cisco mailing list) are moving ... [7:72060]
Date: Sat, 12 Jul 2003 18:02:02 GMT

Paul...

Many of us feel the same way.  If you setup a paypal account, I think 
you'll
find a lot of us will help to defray some of your expenses...

Thanks for all your efforts...

--- Dennis

- Original Message -
From: Walker, James, IS
To:
Sent: Friday, July 11, 2003 11:32 AM
Subject: RE: We (Cisco mailing list) are moving ... [7:72060]


  Paul,
 
  Can we help you out with this great service you are providing to us by
  making a
  small donation?
  I know I'm not alone when I say that your service has been invaluable to
us
  in
  the Ciscos of the world.
 
  Thanks,
  Jim
 
  -Original Message-
  From: Paul Borghese [mailto:[EMAIL PROTECTED]
  Sent: Wednesday, July 09, 2003 12:29 PM
  To: [EMAIL PROTECTED]
  Subject: We (Cisco mailing list) are moving ... [7:72060]
 
 
  Hey Everyone,
 
 
 
  We will be moving the mailing list function to a new server.  If you are
  currently receiving this list via e-mail, you will be affected.  This
  has been planned for some time now but we need to move faster then I
  would like.  I just received a bill from our co-location facility for
  the GroupStudy service and let's just put it this way, in most locations
  rent on a two bedroom apartment is less expensive.  So we need to try
  and reduce our bandwidth usage (an eventually find another co-location
  facility).
 
 
 
  It has been quite clear for some time now that the GroupStudy server
  needs help.  We are dropping an unacceptable number of messages (I
  personally have had five in a row discarded) and the messages that make
  it take a random amount of time to propagate.  To fix this, I have
  purchased a new server and bandwidth (at a lower cost facility).  We
  will be migrating to the new server in the next few days.  Once the move
  is complete we will cut over to the new server.
 
 
 
  But wait it gets better .. We are dumping majordomo as our list
  software!  Our new software will allow you to change a number of
  options.  For example you will be able to suspend distribution of the
  e-mails, receive e-mails in digest format, change your e-mail address,
  etc.
 
 
 
  You will receive a welcome message with your account information.   The
 
  message will contain your username/password, instructions on how to
  login to the server, and instructions on how to unsubscribe.  Please
  save this e-mail for future reference.  It is also a good idea to login
  to the server and set your password to something more memorable then the
  random password given.
 
 
 
  If you stop receiving e-mails from the list after the change, please
  send me an e-mail (after

RE: We (Cisco mailing list) are moving ... [7:72060]

[Paul Borghese]

Hi Elijah,

We actually have two of the GroupStudy servers at RackShack.  Great product
if you do not have any problems and do not mind the occasional down time ...
but watch out if you have a problem.  Pretty much you are unable to actually
talk with someone in the network operations center.  Their support consists
of simply rebooting the box or reinstalling the OS.  They are unwilling to
hook a monitor to the box and actually take a look at why the box is down.
One of the GroupStudy servers would randomly go down not responding to any
requests outside of a ping.  It turned out one of the memory chips that they
provided was bad.  But because I could not get someone to actually hook a
monitor to the box when it was in this down state, it took months to
troubleshoot.

Having said all of that, I am moving the mailing list function to RackShack
(hence the reason for this thread).  The CCIE Lab list has been on a server
for a few weeks now without incident.  I simply can not afford to pay the
rates at the other co-location facilities.  

I hope we are not there too long.  Prices are coming down at co-location
facilities.  I can get 1/2 a cabinet and 1 Mb of bandwidth for about
$750~$800/month plus the cost of the servers.  My dream is to have all
GroupStudy servers in one location which is in driving distant to my house
.. and maybe even have a load-balancer in case a server goes down.

Take care,

Paul


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Elijah Savage
Sent: Monday, July 14, 2003 6:25 AM
To: [EMAIL PROTECTED]
Subject: RE: We (Cisco mailing list) are moving ... [7:72060]

Paul,

I do not know if you have found a collocation place already but here is
a very nice and reputable one at a price I think is very affordable. I
know a few people using this facility and the bandwidth is amazing. I
know someone using the 99$ package for a ftp server and you get 700gig a
month in this package.

Hopefully this helps and yes a paypal account is a good idea to accept
donations.

http://www.rackshack.net

Not affiliated in any way with this place.




-Original Message-
From: Eagles Fan [mailto:[EMAIL PROTECTED] 
Sent: Saturday, July 12, 2003 11:50 PM
To: [EMAIL PROTECTED]
Subject: Re: We (Cisco mailing list) are moving ... [7:72060]

Right on that one!!  don't want this list to go by the wayside.  how can
I 
help?

From: Dennis Laganiere 
Reply-To: Dennis Laganiere 
To: [EMAIL PROTECTED]
Subject: Re: We (Cisco mailing list) are moving ... [7:72060]
Date: Sat, 12 Jul 2003 18:02:02 GMT

Paul...

Many of us feel the same way.  If you setup a paypal account, I think 
you'll
find a lot of us will help to defray some of your expenses...

Thanks for all your efforts...

--- Dennis

- Original Message -
From: Walker, James, IS
To:
Sent: Friday, July 11, 2003 11:32 AM
Subject: RE: We (Cisco mailing list) are moving ... [7:72060]


  Paul,
 
  Can we help you out with this great service you are providing to us
by
  making a
  small donation?
  I know I'm not alone when I say that your service has been
invaluable to
us
  in
  the Ciscos of the world.
 
  Thanks,
  Jim
 
  -Original Message-
  From: Paul Borghese [mailto:[EMAIL PROTECTED]
  Sent: Wednesday, July 09, 2003 12:29 PM
  To: [EMAIL PROTECTED]
  Subject: We (Cisco mailing list) are moving ... [7:72060]
 
 
  Hey Everyone,
 
 
 
  We will be moving the mailing list function to a new server.  If you
are
  currently receiving this list via e-mail, you will be affected.
This
  has been planned for some time now but we need to move faster then I
  would like.  I just received a bill from our co-location facility
for
  the GroupStudy service and let's just put it this way, in most
locations
  rent on a two bedroom apartment is less expensive.  So we need to
try
  and reduce our bandwidth usage (an eventually find another
co-location
  facility).
 
 
 
  It has been quite clear for some time now that the GroupStudy server
  needs help.  We are dropping an unacceptable number of messages (I
  personally have had five in a row discarded) and the messages that
make
  it take a random amount of time to propagate.  To fix this, I have
  purchased a new server and bandwidth (at a lower cost facility).  We
  will be migrating to the new server in the next few days.  Once the
move
  is complete we will cut over to the new server.
 
 
 
  But wait it gets better .. We are dumping majordomo as our list
  software!  Our new software will allow you to change a number of
  options.  For example you will be able to suspend distribution of
the
  e-mails, receive e-mails in digest format, change your e-mail
address,
  etc.
 
 
 
  You will receive a welcome message with your account information.
The
 
  message will contain your username/password, instructions on how to
  login to the server, and instructions on how to unsubscribe.  Please
  save this e-mail for future reference.  It is also a good idea to
login

Re: CCIE Lab Kit [7:72241]

[Paul H]

I recommend ebay as well. I created a a lab for well under their cost (that
included VOIP).


Vijay Ramcharan  wrote in message
news:[EMAIL PROTECTED]
 I'm shopping around for a CCIE lab kit.  I've put down 3 sites as likely
 candidates where I'll be buying from;
 www.chipsettech.com
 www.optsys.com
 www.layer7labs.com

 Any advice on which one I should choose to get the best bang for the
 buck?  Any sort of feedback would be welcome.
 Thanks.


 Vijay Ramcharan




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72267t=72241
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: SPAM Filtering [7:72265]

[Paul Borghese]

Joe,

Look at SpamAssassin (http://www.spamassassin.org).  I was a little
skeptical but it really does work ... especially if you use the blacklist
checks and Bayesian classifier.  If the product believes a message is spam
it will create a report explaining why it is spam and place the original
message as an attachment.

It will also change the subject and add some simple X-headers so you can
sort your mail based upon the subject or header.  I have Outlook dump all
spam messages in a separate folder.  Then about once a day I go in and
quickly delete the spam.  I went from so much spam that legitimate e-mails
were being lost to spam is not a problem.  

It has had such a high level of accuracy that I am considering have the
messages delete at the server instead of downloading then deleting.  I have
not done so maybe because deep down I get some sort of weird satisfaction
watching all of the spam mail I receive being dumped harmlessly into it's
own directory then in one quick flick of the wrist deleting it all.

I am assuming you are using a Unix/Linux based mail server.  I have no idea
if it will work on a Windows 2000 server platform.

Oh, and I forgot the best point ... it is FREE!

Good luck,

Paul Borghese


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Joseph R. Taylor
Sent: Monday, July 14, 2003 4:48 PM
To: [EMAIL PROTECTED]
Subject: OT: SPAM Filtering [7:72265]

Team,
   Our company is being bothered by SPAM. We only have about fifty
employees. I need to look into SPAM filtering. I don't know if we'd benefit
from an hardware appliance along with a content filter. Perhaps, WebSense
and applications of this nature would be good. I'd appreciate hearing from
anyone that has working knowledge of these applications.
 Thank you,
   JoeT CCNP




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72280t=72265
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

We (Cisco mailing list) are moving ... [7:72060]

[Paul Borghese]

Hey Everyone,

 

We will be moving the mailing list function to a new server.  If you are
currently receiving this list via e-mail, you will be affected.  This
has been planned for some time now but we need to move faster then I
would like.  I just received a bill from our co-location facility for
the GroupStudy service and let's just put it this way, in most locations
rent on a two bedroom apartment is less expensive.  So we need to try
and reduce our bandwidth usage (an eventually find another co-location
facility).

 

It has been quite clear for some time now that the GroupStudy server
needs help.  We are dropping an unacceptable number of messages (I
personally have had five in a row discarded) and the messages that make
it take a random amount of time to propagate.  To fix this, I have
purchased a new server and bandwidth (at a lower cost facility).  We
will be migrating to the new server in the next few days.  Once the move
is complete we will cut over to the new server.

 

But wait it gets better .. We are dumping majordomo as our list
software!  Our new software will allow you to change a number of
options.  For example you will be able to suspend distribution of the
e-mails, receive e-mails in digest format, change your e-mail address,
etc.

 

You will receive a welcome message with your account information.   The

message will contain your username/password, instructions on how to
login to the server, and instructions on how to unsubscribe.  Please
save this e-mail for future reference.  It is also a good idea to login
to the server and set your password to something more memorable then the
random password given.

 

If you stop receiving e-mails from the list after the change, please
send me an e-mail (after verifying it is not a problem at your end such
as misconfigured anti-spam software etc.).

 

Take care,

 

Paul Borghese




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72060t=72060
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VRF lite multi VRF [7:71691]

[Paul Jin]

VRF Lite and Multi VRF is the same thing.  VRF Lite is a way of extending
the some of the functionality of the PE to the customer (CE) without turning
the router at a customer site into a PE or
running MPLS on it and joining the rest of the provider network.

So you can create multiple VRF tables on the CE.

A simple example might be 3 companies that are in the same office space, and
they want a MPLS VPN service, yet each single company might not be willing
to purchase a CE on their own... by implementing
VRF Lite, the single CE would allow to build separate virtual router/routing
table for each customer, yet share the same access circuit/PE.

hope that helps
- Paul


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=71762t=71691
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: redistribute bgp to rip (please help!!!) [7:70970]

[paul dong so]

Thanks Zsombor,

I think the problem was bgp reditribute-internal did not work properly 
for me. Then i used network command to include those routes i want to 
redistribute, then it worked for me. So i jumped into an assumption that 
only igp originated route is redistributed.

anyway, after fiddling around, redistribute internal works for me and 
there is no more problem.

Thanks for your help

Paul


Zsombor Papp wrote:

 At 11:32 AM 6/20/2003 +, paul dong so wrote:
 
More information to this.

r4 - eigrp - r10 - bgp-

now i have tried replace eigrp with rip v2, the same problem. I want to
redistribute bgp to egrip on r10. those routes learned via redistribute
connected on bgp, marked with origin code ? , can not be redistribute to
eigrp,

 
 Specifically which ones? It appears to me that 4 routes get redistributed 
 into EIGRP and all of them had incomplete origin. Here is a mix of your
own
 'show ip bgp' and 'show ip eigrp topo' outputs:
 
 * 192.168.3.0  200.200.200.50 0 2 ?
 P 192.168.3.0/24, 1 successors, FD is 45970176, tag is 50
via Redistributed (45970176/0)
 
 * 192.168.5.0  200.200.200.5  0 2 ?
 P 192.168.5.0/24, 1 successors, FD is 45970176, tag is 50
via Redistributed (45970176/0)
 
 * 192.168.38.0 200.200.200.50 0 2 ?
 P 192.168.38.0/24, 1 successors, FD is 45970176, tag is 50
via Redistributed (45970176/0)
 
 * 192.168.55.0 200.200.200.50 0 2 ?
 P 192.168.55.0/24, 1 successors, FD is 45970176, tag is 50
via Redistributed (45970176/0)
 
 I assume you are aware that redistributing BGP into EIGRP is not a 
 particularly good idea, so I take this is some kind of exercise. If so, 
 perhaps you could try to simplify the scenario a bit, like have only 1 BGP 
 peer on R10, don't redistribute connected routes into EIGRP, etc, and see 
 if you have only 2 BGP routes, one incomplete and one IGP origin, then 
 those make it into EIGRP (I don't see any reason why they wouldn't). When 
 you are there, then you can start adding back the complexity to see what 
 caused the breakage.
 
 Thanks,
 
 Zsombor
 
 
 only those routes marked with origin code i are passed to eigrp,
why? I don't see any reason incomplete routes can not be redistribute to
other protocols.

configuration is like this:

R10:
router eigrp 1
  redistribute connected
  redistribute bgp 1 route-map bgp2eigrp
  network 200.200.200.8 0.0.0.3
  default-metric 56 1000 255 1 1500
  no auto-summary
  no eigrp log-neighbor-changes
!
router bgp 1
  no synchronization
  bgp redistribute-internal
  bgp router-id 192.168.10.10
  bgp log-neighbor-changes
  redistribute connected route-map connect2bgp
  neighbor 192.168.0.2 remote-as 1
  neighbor 192.168.0.2 route-reflector-client
  neighbor 192.168.0.2 send-community
  neighbor 192.168.16.2 remote-as 1
  neighbor 192.168.16.2 route-reflector-client
  neighbor 200.200.200.5 remote-as 2
  neighbor 200.200.200.5 password test
  neighbor 200.200.200.5 remove-private-AS
  no auto-summary

route-map bgp2eigrp, permit, sequence 10
   Match clauses:
   Set clauses:
 tag 50
   Policy routing matches: 0 packets, 0 bytes

r10#sh ip bgp
BGP table version is 38, local router ID is 192.168.10.10
Status codes: s suppressed, d damped, h history, * valid,  best, i -
internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network  Next HopMetric LocPrf Weight Path
* 192.168.0.0  0.0.0.0  0 32768 ?
* i 192.168.0.2  0100  0 i
*i192.168.1.0  200.200.200.11100  0 ?
* 192.168.3.0  200.200.200.50 0 2 ?
* 192.168.5.0  200.200.200.5  0 2 ?
*i192.168.6.0  192.168.16.2 0100  0 i
*i192.168.7.0  192.168.0.2  0100  0 ?
* 192.168.10.0 0.0.0.0  0 32768 ?
*i192.168.11.0 200.200.200.11100  0 ?
* 192.168.16.0 0.0.0.0  0 32768 ?
* i 192.168.16.2 0100  0 i
*i192.168.22.0 200.200.200.11100  0 ?
*i192.168.33.0 200.200.200.11100  0 ?
* 192.168.38.0 200.200.200.50 0 2 ?
* 192.168.55.0 200.200.200.50 0 2 ?
*i192.168.70.0 192.168.0.2  0100  0 ?
*i200.200.27.0 192.168.0.2  0100  0 ?
*i200.200.27.2/32  192.168.0.2  0100  0 ?
Network  Next HopMetric LocPrf Weight Path
*i200.200.200.0192.168.16.2 0100  0 ?
* 200.200.200.4/30 0.0.0.0  0 32768 ?
*   200.200.200.50 0 2 ?
* 200.200.200.8/30 0.0.0.0  0 32768 ?
*  200.200.200.12/30

redistribute bgp to rip [7:70928]

[paul dong so]

Hi,
Can some one pls explain to me, when redistribute bgp to rip, if the 
route originated as incomplete (as via redistribute only) will it be 
redistribute to rip?

My test shows me the bgp route learned via redistribute won't be 
advertised to rip, only when i include it in networks statement. The 
route appears in show ip bgp ok.

thanks

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70928t=70928
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Problem with cut and paste [7:70724]

[Paul Johnson]

Because of formatting issues, Cisco does not recommend that you cut and
paste from Word.  Notepad (or wordpad) is what I tell my networkers to use
in all cases.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70765t=70724
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: remote management of routers? [7:70349]

[Paul Forbes]

Depending on your routing protocol, another way is to have the router
dial out under a dialer watch scenario, but advertise only its loopback
address out the dialer interface (e.g. distribute-list out 
), so that the device is reachable but doesn't route
traffic for the network to which it is attached. This also makes the
device more secure (i.e. it never takes an incoming call).

Good luck.

Paul Forbes
Network Engineer
Trimble

-Original Message-
From: Ryan Finnesey [mailto:[EMAIL PROTECTED] 
Sent: Sunday, June 08, 2003 1:53 PM
To: [EMAIL PROTECTED]
Subject: RE: remote management of routers? [7:70349]


I am looking to manage routers when the DS1 or DS3 goes down so the only
away I can get to the router is a POTTS line.

-Original Message- 
From: Andrew Dorsett [mailto:[EMAIL PROTECTED] 
Sent: Sun 6/8/2003 1:38 PM 
To: Ryan Finnesey 
Cc: 
Subject: Re: remote management of routers? [7:70349]



On Sun, 8 Jun 2003, Ryan Finnesey wrote: 

 Can anyone recommend a unit that I can rack mount and that
would let me 
 dial into a router via the AUX port? 

Are you looking for just one or more ports?  Perle makes a
greatone that 
has SSH support for remote access. If you are looking for modem
access 
just plug up an external modem to the port using the cisco
adapters and 
console cable. Then configure the router to init the modem and
answer it. 

Andrew 
--- 
 
http://www.andrewsworld.net/ 
ICQ: 2895251 
Cisco Certified Network Associate 

Learn from the mistakes of others. You won't live long enough
to make all
of them yourself.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70367t=70349
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Quick Pix Question. [7:70145]

[Paul]

Hi all ...

One of my 515's has all its access-list counters set to 0, when I ping for
instance, the counter for the relevant ICMP access-list does not increment
???

How do I turn it on ??? I have searched the Cisco website and my Pix book
without any luck ??

Kind regards

Paul ...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70145t=70145
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: DLSW Icanreach [7:70154]

[Peter Paul]

You should do bit-swapping because the routers will speak in non-canonical
addressing.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70164t=70154
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Redistribute OSPF to RIPv1 [7:69969]

[Peter Paul]

you could try to configure area 1 range  command at the abr, R2.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70041t=69969
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: permit only even subnets [7:70039]

[Peter Paul]

To match the even subnets, use 

access-list 1 permit 192.168.0.0 0.0.254.255

To match the odd subnets, use

access-list 1 permit 192.168.1.0 0.0.254.255


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70040t=70039
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PDM for PIX [7:69852]

[Paul McLaren]

Hi,

Do you have http server enable in your config?

Regards

Paul

Kenan Ahmed Siddiqi  wrote in message
news:[EMAIL PROTECTED]
 Hi there,
 I have a PIX 515E. I am trying to use PDM on it. The configuration is IOS
 version 6.0 and PDM version 1.0. The client is Windows 2000 with IE 6.0
and
 all the service packs intalled. When I try connecting to the PIX via the
 browser, somehow it just doesn't work. Everything else seems to be okay.
PIX
 is configured to accept PDM connections from the client. Any suggestions
how
 to fix it? Is there some encryption or something that needs to be
 enabled/disabled?

 TIA,

 Kenan




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=69947t=69852
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: HELP!! PIX-PIX VPN config problem [7:69684]

[Paul McLaren]

Mary,

Ok I see your configs.
Can I ask how you have this set up?
PIX's, routers etc and how they are connected.
My initial concern is that some of your external ip's are private
(192.168.1.2) on PIX506.

Try this test first of all to ensure basic connectivity from the command
line of each PIX

From the PIX515:

ping outside 192.168.1.2

And from the PIX506:

ping outside 151.99.241.102

Does it work both ways?  If not then you are going to have difficulty
getting a working tunnel.

Regards

Paul


Mary Kvitashvili  wrote in message
news:[EMAIL PROTECTED]

 PIX 515

 PIX Version 6.3(1)
 interface ethernet0 10full
 interface ethernet1 10full
 nameif ethernet0 outside security0
 nameif ethernet1 inside security100
 enable password 8Ry2YjIyt7RRXU24 encrypted
 passwd 2KFQnbNIdI.2KYOU encrypted
 hostname HQ-PIX
 domain-name xxx.org
 fixup protocol ftp 21
 fixup protocol h323 h225 1720
 fixup protocol h323 ras 1718-1719
 fixup protocol http 80
 fixup protocol ils 389
 fixup protocol rsh 514
 fixup protocol rtsp 554
 fixup protocol sip 5060
 fixup protocol sip udp 5060
 fixup protocol skinny 2000
 fixup protocol smtp 25
 fixup protocol sqlnet 1521
 names
 access-list 101 permit ip 10.11.41.0 255.255.255.0 10.11.34.0
255.255.255.0
 access-list 101 permit ip host 151.99.241.102 host 192.168.1.2
 access-list acl_outbound permit ip any any
 access-list 100 permit icmp any any echo-reply
 access-list 100 permit icmp any any time-exceeded
 access-list 100 permit icmp any any unreachable
 pager lines 24
 mtu outside 1500
 mtu inside 1500
 ip address outside 151.99.241.102 255.255.255.0
 ip address inside 10.11.41.1 255.255.255.0
 ip audit info action alarm
 ip audit attack action alarm
 no failover
 failover timeout 0:00:00
 failover poll 15
 no failover ip address outside
 no failover ip address inside
 pdm history enable
 arp timeout 14400
 nat (inside) 0 access-list 101
 nat (inside) 1 10.11.41.0 255.255.255.0 0 0
 nat (inside) 1 0.0.0.0 0.0.0.0 0 0
 access-group 100 in interface outside
 access-group acl_outbound in interface inside
 conduit permit icmp any any
 route outside 0.0.0.0 0.0.0.0 151.99.241.1 1
 timeout xlate 3:00:00
 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225
1:00:00
 timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
 timeout uauth 0:05:00 absolute
 aaa-server TACACS+ protocol tacacs+
 aaa-server RADIUS protocol radius
 aaa-server LOCAL protocol local
 no snmp-server location
 no snmp-server contact
 snmp-server community public
 no snmp-server enable traps
 floodguard enable
 sysopt connection permit-ipsec
 crypto ipsec transform-set hq-tset esp-des esp-md5-hmac
 crypto map hq-map 1 ipsec-isakmp
 crypto map hq-map 1 match address 101
 crypto map hq-map 1 set peer 192.168.1.2
 crypto map hq-map 1 set transform-set hq-tset
 crypto map hq-map interface outside
 isakmp enable outside
 isakmp key cisco123 address 192.168.1.2 netmask 255.255.255.255
 isakmp identity address
 isakmp policy 1 authentication pre-share
 isakmp policy 1 encryption des
 isakmp policy 1 hash sha
 isakmp policy 1 group 2
 isakmp policy 1 lifetime 1000
 telnet timeout 5
 ssh timeout 5
 console timeout 0
 terminal width 80
 Cryptochecksum:9f629d1ea9f9b89090de1e7d3ec467db


 PIX 506

 PIX Version 6.3(1)
 interface ethernet0 10full
 interface ethernet1 10full
 nameif ethernet0 outside security0
 nameif ethernet1 inside security100
 enable password 8Ry2YjIyt7RRXU24 encrypted
 passwd 2KFQnbNIdI.2KYOU encrypted
 hostname Other-PIX
 fixup protocol ftp 21
 fixup protocol h323 h225 1720
 fixup protocol h323 ras 1718-1719
 fixup protocol http 80
 fixup protocol ils 389
 fixup protocol rsh 514
 fixup protocol rtsp 554
 fixup protocol sip 5060
 fixup protocol sip udp 5060
 fixup protocol skinny 2000
 fixup protocol smtp 25
 fixup protocol sqlnet 1521
 names
 access-list 101 permit ip 10.11.34.0 255.255.255.0 10.11.41.0
255.255.255.0
 access-list 101 permit ip host 192.168.1.2 host 151.99.241.102
 access-list acl_outbound permit ip any any
 access-list 100 permit icmp any any echo-reply
 access-list 100 permit icmp any any time-exceeded
 access-list 100 permit icmp any any unreachable
 pager lines 24
 mtu outside 1500
 mtu inside 1500
 ip address outside 192.168.1.2 255.255.255.0
 ip address inside 10.11.34.1 255.255.255.0
 ip audit info action alarm
 ip audit attack action alarm
 pdm logging informational 100
 pdm history enable
 arp timeout 14400
 nat (inside) 0 access-list 101
 nat (inside) 1 10.11.34.0 255.255.255.0 0 0
 nat (inside) 1 0.0.0.0 0.0.0.0 0 0
 access-group 100 in interface outside
 access-group acl_outbound in interface inside
 conduit permit icmp any any
 route outside 0.0.0.0 0.0.0.0 192.168.1.1 1
 timeout xlate 0:05:00
 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225
1:00:00
 timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
 timeout uauth 0:05:00 absolute
 aaa-server TACACS+ protocol tacacs+
 aaa-server RADIUS protocol radius
 aaa-server LOCAL

Re: HELP!! PIX-PIX VPN config problem [7:69684]

[Paul McLaren]

Hi,

Can you post your two configs (remove private info if required)?

Regards

Paul



Mary Kvitashvili  wrote in message
news:[EMAIL PROTECTED]
 Trying to config PIX 506 to PIX 515 for basic VPN/IPSEC/LAN/LAN
 connectivity.  Took the configs straight off the Cisco site but I cannot
 establish my tunnel at the ISAKMP level.  Trying to ping from LAN to LAN.
 Getting the following error message from debug crypto isakmp:

 HQ-PIX#
 ISAKMP (0): beginning Main Mode exchange
 ISAKMP (0): retransmitting phase 1...
 ISAKMP (0): retransmitting phase 1...
 ISAKMP (0): deleting SA: src 151.99.241.102, dst 192.168.1.2
 ISADB: reaper checking SA 0xfb053c, conn_id = 0  DELETE IT!

 VPN Peer:ISAKMP: Peer Info for 192.168.1.2/500 not found - peers:0

 Doing all of the various show commands indicates all peer info is there.

 Any ideas?

 thanks,
 Pixnewbie




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=69722t=69684
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Access-list's! [7:66546]

[Paul Borghese]

Your access-list will deny ALL traffic arriving on E0.  Add the following
line to the end of the access-list:

access-list 101 permit ip any any

Remember all traffic that is not explicitly permitted will be denied.

Take care,

Paul Borghese



Orlando Palomar Jr  CCIE#11206 wrote:
 
 I'd apply it on R3's E0...
 
 access-list 101 deny tcp host 172.16.1.1 host 192.168.1.1 eq ftp
 
 int e0
 ip access-group 101 in
 
 Assuming:
 
 HostA IP address: 172.16.1.1
 Server IP address: 192.168.1.1




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=66575t=66546
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Columbus, OH CCNP Study Partners / Group [7:66333]

[Paul Elston]

Hi,

I'm studying for the CCNP and am currently focussing on BCRAN.  Anyone
interested in forming a study group or partners?  I can be reached at
[EMAIL PROTECTED]

Thanks


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=66333t=66333
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Basic QOS Frame MPLS question [7:66210]

[Paul Jin]

Paul wrote:
 
 
 I would like to implement QOS. Am I correct in assuming that I
 can only
 prioritise voice/video over the frame circuit, and that if I
 want to implement
 QOS I would have to 'swap' Frame for MPLS/Layer 4 Switching ???
 
 Kind regards
 
 Paul 
 
 

In a traditional FR type network, the FR switches cannot prioritize your
traffic because it cannot tell the difference between a high priority
packet.. So the QoS you would apply only gets applied to
your router's WAN interface.

There might be 10 FR switches in between your 2 routers, and none of them
can prioritize because it cannot distinguish traffic.

With MPLS, you can do QoS even within the cloud because for example, if you
set your VOIP to be prec 5 and require high priority, your MPLS cloud
(routers) can tell the difference and will treat your prec 5 traffic better
(if the provider has it congiured this way).

That is the key difference.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=66271t=66210
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Wireless AP Chaining [7:66270]

[Williamson, Paul]

Anyone know the maximum number of Wireless AP's you can chain of a single
wireless bridge
ie

Switch ---copper--- AP ~~~air~~~ AP ~~~air~~~ AP

Does cisco make an AP that supports this
Thanks
-Paul


PLEASE READ: The information contained in this email is confidential
and intended for the named recipient(s) only. If you are not an intended
recipient of this email you must not copy, distribute or take any 
further action in reliance on it and you should delete it and notify the
sender immediately. Email is not a secure method of communication and 
Nomura International plc cannot accept responsibility for the accuracy
or completeness of this message or any attachment(s). Please examine this
email for virus infection, for which Nomura International plc accepts
no responsibility. If verification of this email is sought then please
request a hard copy. Unless otherwise stated any views or opinions
presented are solely those of the author and do not represent those of
Nomura International plc. This email is intended for informational
purposes only and is not a solicitation or offer to buy or sell
securities or related financial instruments. Nomura International plc is
regulated by the Financial Services Authority and is a member of the
London Stock Exchange.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=66270t=66270
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Message for Paul Borghese [7:66279]

[Paul Jin]

I have had similar problems with yahoo before too.

On my CCIE list, I originally had it coming into my yahoo
account and it would be fine for a while, then for a long 
period, I would only get about 3-5 emails a day for a few weeks,
then back to normal.

After normal, then I would have problems where I am only getting a few
groupstudy emails again..




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=66283t=66279
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Message for Paul Borghese [7:66279]

[Paul Borghese]

This is a problem with Yahoo.com.  I have sent them log files showing
their servers rejecting GroupStudy e-mails.  Last week they told me it
would be corrected in 24 hours, and it is not.

If you are using yahoo.com as your e-mail address, please complain to
them.

Thanks!

Paul Borghese

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Phil Barker
Sent: Wednesday, March 26, 2003 3:44 PM
To: [EMAIL PROTECTED]
Subject: Message for Paul Borghese [7:66279]

Paul,
Please see attached message.

Sorry, I don't have your personal email.

Regards,

Phil.

__
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts
http://uk.my.yahoo.com
X-Apparently-To: [EMAIL PROTECTED] via 216.136.175.14; 26 Mar
  2003 12:42:03 -0800 (PST)
Return-Path: 
Received: from 216.136.175.16  (HELO web13806.mail.yahoo.com)
  (216.136.175.16) by mta153.mail.scd.yahoo.com with SMTP; 26 Mar 2003
  12:42:02 -0800 (PST)
Date: 26 Mar 2003 20:42:02 -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: failure delivery
Content-Length: 720

Message from  yahoo.com.
Unable to deliver message to the following address(es).

:
66.220.63.9 does not like recipient.
Remote host said: 550 5.1.1 ... User unknown
Giving up on 66.220.63.9.

--- Original message follows.

Return-Path: 
Message-ID: 
Received: from [62.31.224.1] by web13806.mail.yahoo.com via HTTP; Wed,
26
Mar 2003 20:42:02 GMT
Date: Wed, 26 Mar 2003 20:42:02 + (GMT)
From: =?iso-8859-1?q?Phil=20Barker?= 
Subject: List Problems
To: [EMAIL PROTECTED]
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit

Paul,
I appear to be having a problem receiving regular
messages from the group. I seem to recall this
happening once before and you managed to tweak
something on the Server side. I believe it had
something to do with my account being yahoo based.

Could you take a look when you get the chance.

Kind Regards,

Phil.

__
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=66281t=66279
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Basic QOS Frame MPLS question [7:66210]

[Paul]

Hi, Quick question to everyone 

At work I have a Frame Cloud that links all our sites together in a hub and
spoke manner.

At some of the sites I would like to extend our IP Telephony and perhaps
introduce Video Conferencing.

Assume I have adequate bandwidth throughout for video and IP telephony.

I would like to implement QOS. Am I correct in assuming that I can only
prioritise voice/video over the frame circuit, and that if I want to
implement
QOS I would have to 'swap' Frame for MPLS/Layer 4 Switching ???

Kind regards

Paul 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=66210t=66210
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Looped messages [7:66027]

[Paul Borghese]

You may see some duplicate messages from the Cisco list.  This is
because a mailer at xinhuanet.com is looping messages back on the list.
This happens quite frequently and we have had for years loop prevention
software to prevent these loops.  The offending mailer (along with about
100 others) are blacklisted from GroupStudy.

 

But unfortunately I had to rewrite the mail delivery system on
GroupStudy.  The loop prevention software has not been ported yet, so we
may still receive from time to time loops.

 

Thanks!

 

Paul Borghese




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=66027t=66027
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PPP mru option [7:66007]

[paul dong so]

Hi All,

I have a question but can't find an answer from RFC 1661

During ppp negotiation, if A advertises MRU 1440, B advertises MRU 1460, 
do they have to re-negotiate to agree with a MRU? If so, should it be 
the lower MRU? If they don't need to re-negotiate, what MRU is actually 
being used? Is there any guideline for this?

I observed a ppp nego debug between cisco 7200 and an adsl modem, the 
result appears to be if one end advertises 1500, it becomes the one 
regardless what MRU the other end advertises.

Mar  7 03:25:28.768: ppp1152 PPP: Authorization required
Mar  7 03:25:28.768: ppp1152 PPP: Phase is ESTABLISHING
Mar  7 03:25:28.768: ppp1152 PPP: Authorization required
Mar  7 03:25:28.768: ppp1152 LCP: O CONFREQ [Closed] id 1 len 14
Mar  7 03:25:28.768: ppp1152 LCP:AuthProto PAP (0x0304C023)
Mar  7 03:25:28.768: ppp1152 LCP:MagicNumber 0x8261E624 (0x05068261E624)
Mar  7 03:25:28.796: ppp1152 LCP: I CONFREQ [REQsent] id 2 len 14
Mar  7 03:25:28.796: ppp1152 LCP:MRU 1454 (0x010405AE)
Mar  7 03:25:28.796: ppp1152 LCP:MagicNumber 0x6DB9FEC2 (0x05066DB9FEC2)
Mar  7 03:25:28.796: ppp1152 LCP: O CONFNAK [REQsent] id 2 len 8
Mar  7 03:25:28.796: ppp1152 LCP:MRU 1500 (0x010405DC)
Mar  7 03:25:28.800: ppp1152 LCP: I CONFACK [REQsent] id 1 len 14
Mar  7 03:25:28.800: ppp1152 LCP:AuthProto PAP (0x0304C023)
Mar  7 03:25:28.800: ppp1152 LCP:MagicNumber 0x8261E624 (0x05068261E624)
Mar  7 03:25:28.816: ppp1152 LCP: I CONFREQ [ACKrcvd] id 3 len 10
Mar  7 03:25:28.816: ppp1152 LCP:MagicNumber 0x6DB9FEC2 (0x05066DB9FEC2)
Mar  7 03:25:28.816: ppp1152 LCP: O CONFACK [ACKrcvd] id 3 len 10
Mar  7 03:25:28.816: ppp1152 LCP:MagicNumber 0x6DB9FEC2 (0x05066DB9FEC2)
Mar  7 03:25:28.816: ppp1152 LCP: State is Open
Mar  7 03:25:28.816: ppp1152 PPP: Phase is AUTHENTICATING, by this end

Thanks

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=66007t=66007
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

redistribution loop? [7:65962]

[paul dong so]

Hi All,

Practicing redistribution.

(route) - r8 - (eigrp) - r7 - ospf- r6
|   |
--- eigrp 

150.50.3.0/24 is redistributed by r8 eigrp, r8 advertises it to r7 via 
eigrp. R7 redistributes eigrp to ospf, also redistribute ospf to eigrp. 
On r7, ospf database has type 5 LSA for 150.50.3.0/24, AD 110. eigrp 
topology has EX route, AD 170. But r7 routing table use eigrp learned 
path for forwarding. Why? I was expecting a loop. When will a loop created?

r6 learns the route from ospf and eigrp, it use ospf as the forwarding 
path, which is expected.

Partial router config:

r8:
interface Ethernet0
  ip address 150.50.3.8 255.255.255.0
router eigrp 1
  redistribute connected
  no auto-summary

r8#sh ip route | i 150.50.3.0
C   150.50.3.0/24 is directly connected, Ethernet0

r7:
router eigrp 1
  redistribute ospf 1 metric 56 100 255 1 1500
router ospf 1
  redistribute eigrp 1 metric-type 1 subnets

r7#sh ip route | i 150.50.3
D EX150.50.3.0/24 [170/46251776] via 150.50.5.69, 01:40:13, Serial4/1
r7#sh ip ospf database | i 150.50.3
Type-5 AS External Link States
150.50.3.0  200.0.0.7   796 0x8003 0x00186A 1

r7#sh ip route 150.50.3.0
Routing entry for 150.50.3.0/24
   Known via eigrp 1, distance 170, metric 46251776, type external
   Redistributing via ospf 1, eigrp 1
   Advertised by ospf 1 metric-type 1 subnets tag 1
   Last update from 150.50.5.69 on Serial4/1, 01:44:46 ago
   Routing Descriptor Blocks:
   * 150.50.5.69, from 150.50.5.69, 01:44:46 ago, via Serial4/1
   Route metric is 46251776, traffic share count is 1
   Total delay is 21000 microseconds, minimum bandwidth is 56 Kbit
   Reliability 255/255, minimum MTU 1500 bytes
   Loading 1/255, Hops 1

r6
r6#sh ip route | i 150.50.3.0
O E1150.50.3.0/24 [110/30] via 150.50.7.7, 01:19:53, Ethernet0
r6#sh ip ospf database
Type-5 AS External Link States
150.50.3.0  200.0.0.7   927 0x8003 0x186A   1


Thanks

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=65962t=65962
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: redistribution loop? [7:65962]

[paul dong so]

Unfortunately the browser did not get the diagram character right. 
Diagram should be:
(route)- r8 - (eigrp 1) - r7 - (ospf) - r6

r7 - eigrp 1 - r6


r7 runs ospf and eigrp 1 with r6.
r7 runs eigrp 1 with r8
r8 redistributes connected interface.

The question is with r7.
r7 is redistributing ospf to eigrp and vice versa.
So route, here is 150.50.3.0/24, should appears in r7 ospf with AD 110, 
also in r7 eigrp topology with AD 170, thus, in theory, r7 should 
install the ospf path into forwarding table. Because the next hop of 
ospf path is r7 itself, so loop starts.

That is how i undertand.

But in fact, r7 choose eigrp path for its forwarding, which is something 
confused me.

Paul

The Long and Winding Road wrote:

 Sorry if I am misunderstanding your diagram. Where do you think the loop
 should appear?
 
 Routes originating on R8 would appear as connected, and therefore not be
 overwritten by redistribution, Same on R7.
 
 I guess I am just not seeing what the topology is or where you think the
 break should be.
 
 
 paul dong so  wrote in message
 news:[EMAIL PROTECTED]
 
Hi All,

Practicing redistribution.

(route) - r8 - (eigrp) - r7 - ospf- r6
| |
--- eigrp 

150.50.3.0/24 is redistributed by r8 eigrp, r8 advertises it to r7 via
eigrp. R7 redistributes eigrp to ospf, also redistribute ospf to eigrp.
On r7, ospf database has type 5 LSA for 150.50.3.0/24, AD 110. eigrp
topology has EX route, AD 170. But r7 routing table use eigrp learned
path for forwarding. Why? I was expecting a loop. When will a loop

 created?
 
r6 learns the route from ospf and eigrp, it use ospf as the forwarding
path, which is expected.

Partial router config:

r8:
interface Ethernet0
  ip address 150.50.3.8 255.255.255.0
router eigrp 1
  redistribute connected
  no auto-summary

r8#sh ip route | i 150.50.3.0
C   150.50.3.0/24 is directly connected, Ethernet0

r7:
router eigrp 1
  redistribute ospf 1 metric 56 100 255 1 1500
router ospf 1
  redistribute eigrp 1 metric-type 1 subnets

r7#sh ip route | i 150.50.3
D EX150.50.3.0/24 [170/46251776] via 150.50.5.69, 01:40:13, Serial4/1
r7#sh ip ospf database | i 150.50.3
Type-5 AS External Link States
150.50.3.0  200.0.0.7   796 0x8003 0x00186A 1

r7#sh ip route 150.50.3.0
Routing entry for 150.50.3.0/24
   Known via eigrp 1, distance 170, metric 46251776, type external
   Redistributing via ospf 1, eigrp 1
   Advertised by ospf 1 metric-type 1 subnets tag 1
   Last update from 150.50.5.69 on Serial4/1, 01:44:46 ago
   Routing Descriptor Blocks:
   * 150.50.5.69, from 150.50.5.69, 01:44:46 ago, via Serial4/1
   Route metric is 46251776, traffic share count is 1
   Total delay is 21000 microseconds, minimum bandwidth is 56 Kbit
   Reliability 255/255, minimum MTU 1500 bytes
   Loading 1/255, Hops 1

r6
r6#sh ip route | i 150.50.3.0
O E1150.50.3.0/24 [110/30] via 150.50.7.7, 01:19:53, Ethernet0
r6#sh ip ospf database
Type-5 AS External Link States
150.50.3.0  200.0.0.7   927 0x8003 0x186A   1


Thanks

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=65974t=65962
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: What does this config mean? [7:65137]

[Paul Elston]

Hi,

Can't answer as to why the ip nat outside... statement is used but I can say
what will be occurring with translation.

The ip nat outside will translate the source address of packets travelling
from the outside to the inside.  Here is a link to Cisco's website
documenting the process
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080093f2f.shtml

The ip nat inside will translate the destination address of packets
travelling from the outside to the inside.

The question then appears to be do you have an application running that
would require the translation of the source address of packets travelling
from the outside to the inside or did the previous person not entirely
understand the Cisco NAT commands?

Hope this helps,
Paul


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=65145t=65137
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: help to find where it from? [7:65001]

[Paul Elston]

Exchange 2000 allows you to block spam from Domains and individual
accounts.  Follow this link for details: 
http://support.microsoft.com/default.aspx?scid=kb;en-us;276321

Paul


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=65032t=65001
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Slighlty Off Topic .... IP Phone Ring Tones [7:64461]

[Paul]

I have converted some mp3 sounds to RAW. I copy these to the call manager,
and
my 7940 can select the new ring tone. However, the quality is really poor !!!

I was wondering if anyone has done this, how they resolved it, and if anyone
knows where I can download RAW sound files from.

Kind regards

Paul ...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64461t=64461
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Best Book/DOCs on MPLS [7:64257]

[Paul Jin]

Paul Jin wrote:
 
 What are you trying to accomplish?
 
 - Paul


What I meant was what is the reason why you want to learn MPLS and what
exactly are you trying to accomplish or your job function, that way I can
maybe point out something specific?  You want to do MPLS in your IP Core, do
MPLS VPN, MPLS TE, etc... or just something in general??

Cisco has MPLS VPN architecture if you want to learn more about MPLS VPN
service.  They also have a separate book for Traffic Engineering.

Many links at Cisco and Juniper on MPLS, but also on other web sites too,
such as MPLSforum.org

- Paul


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64385t=64257
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Best Book/DOCs on MPLS [7:64257]

[Paul Jin]

What are you trying to accomplish?

- Paul


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64316t=64257
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MBGP/MPLS VPN question [7:64036]

[Paul Jin]

Whether you use Private or Public really does not matter.

The provider will create a specific VPN just for you and this will not have
any effect on the global routing table of your provider.
And even if it did, the whole idea of public networks are address  unique to
you on the public network so no one besides you should be using it.

Originally before the MPLS VPN came about, you had to use a public
address/networks to peer with your provider at layer 3(for example the
internet or similar), but by using rfc 2547 VPN, you are allowed to use
private networks (like your Frame Relay network) if you want to...

So kind of combining the positive features of both layer 2 and layer 3 VPN
technology.

- Paul


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64317t=64036
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Urgent Help !! How to check who's always attac [7:64088]

[Paul Borghese]

Go to www.arin.net and find out who owns the subnet.  Then contact the owner
of the network.

Why did you put your e-mail as [EMAIL PROTECTED]  Please correct your
signature.

Thanks!

Paul Borghese


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64090t=64088
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

rsvp question [7:63965]

[Casey, Paul (6822)]

Hello, 
 
If I configure rsvp reservations across a frame-relay network, and I am
using point-point / multipoint sub-interfaces, when I configure the
reservation, on the sub-interfaces, do I need to configure the reservation
on the physical interfaces as well. Or is it ok to do it just on the
sub-interface...??
 
Kind regards.
Paul.
 
 




This E-mail is from O2. The E-mail and any files
transmitted with it are confidential and may also be privileged and intended
solely for the use of the individual or entity to whom they are addressed.
Any unauthorised direct or indirect dissemination, distribution or copying
of this message and any attachments is strictly prohibited. If you have
received the E-mail in error please notify [EMAIL PROTECTED] or 
  telephone ++ 353 1 6095000.

*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63965t=63965
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CiscoSecure Question [7:63941]

[Paul Borghese]

You only need one entry in Cisco Secure if you use wildcards are are willing
to accept the fact that all devices will be using the same shared secret key.

So for example, to configure all routers on the 172.16.x.x network you
simply click on Network Configuration and select Add AAA Client.  Give
your clients a name (i.e. 172-16-routers) and a shared secret password.  For
the IP address use 172.16.*.*.

Any client using an ip address from the range 172.16.0.0/16 will be accpeted
assuming the shared secret password is known.

Take care,

Paul Borghese


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63996t=63941
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ospf - rip redistribution issue, [7:63647]

[Casey, Paul (6822)]

Hello, 
 
 
I have ospf in to rip redistribution on a /24 classfull boundary, I
Summarized/ area range(d) all the networks in ospf domain to /24 to get them
to show up in rip.domain.
 
No real problems here, though I haved one network in ospf 200.200.0.0/16
which is not showing up in  rip router. 
What can I do to make this /16 route cross the classfull boundary, as its
prefix is shorter that the /24 network it need to cross  thus cant be
summarised.
Or should this route be capable of traversing the /24 classful boundary,
automatically,.
Any help  greatly appreciated.
 
Kind regard.
Paul.




This E-mail is from O2. The E-mail and any files
transmitted with it are confidential and may also be privileged and intended
solely for the use of the individual or entity to whom they are addressed.
Any unauthorised direct or indirect dissemination, distribution or copying
of this message and any attachments is strictly prohibited. If you have
received the E-mail in error please notify [EMAIL PROTECTED] or 
  telephone ++ 353 1 6095000.

*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63647t=63647
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ospf p2p network type vs frame relay inarp [7:63579]

[Paul Dong So]

Hi all,
I did some tests and found this problem.
Ra is the hub of fr connection, rc is the spoke

When only inarp used, all ospf network types passed the test except p2p
network type. No adjacency was able to be established. OSPF states kept
looping between init, exstart and exchange. Note, same configuration, only
ip ospf network statement was changed.

I could not find any document about ospf p2p type vs frame relay inarp.
Does anyone else come across the same problem in the lab?

Thanks

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63579t=63579
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ospf md5 authentication [7:63580]

[Paul Dong So]

Hi all,
Here is the another question i came across in the lab
When plain text passwd (type 1) is used as ospf authentication, it checks
the actual passwd.
when md5 (type 2) is used, a wrong passwd was set on purpose, surprisingly
the adjacency was still able to be established.

Read Doyle book, it mentioned the actual message digest is appended in the
end of the packet, instead of the authentication field as type 1 does, and
it is not considered as part of the packet itself. Is it why the routers do
not check the md field?

thanks in advanced

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63580t=63580
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ICMP restriction [7:63225]

[paul dong so]

Hamed,

You can try this command no ip unreachable under your serial interface

Paul

Hamed Sedighi wrote:

 Dear Sirs/Madams,
 
 I restricted ICMP protocol on my input serial port as following:
 
 access-list 102 deny   icmp any 192.168.1.0 0.0.0.255 echo
 
 At now, when a person do PING my network from outside, the following
message
 is appeared:
 
 
 Reply from My_Router_IP_Address Destination host unreachable.
 
 I don't like to appear My_Router_IP_Address. Is there any way to make a
 restriction on Ping command without appearing my router IP address?
 I like to receive Request timed out when I ping my network form outside.
 
 I will be happy if you give me any suggestion.
 
 Regards,
 H.Sedighi




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63231t=63225
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: frame relay lmi-n39x functions [7:63120]

[paul dong so]

Hi Jens,

Thanks for the information. What confused me is this url:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/wan_c/wcdfrely.htm#46235

It states The only visible indication to the user that LMI autosense is 
underway is when debug frame lmi is turned on. Every N391 interval, the 
user will now see three rapid status enquiries coming out of the serial 
interface. One in ANSI, one in ITU and one in cisco LMI-type. 

It behaves differently from what i saw. when interface just becomes 
up/up, three status requests are sent, but after that, only one status 
request is sent, which doesn't match what is described above.

Regards,

Paul

Jens Neelsen wrote:

 Hi,
 
 the commands work different than you describe. The status
 request ist sent every 10 sec (keepalive 10). Every 10 sec an
 answer is received. By default every 6th status request is a
 full status request. The answer then contains the DLCIs and the
 status of each DLCI. 
 The command lmi-n391dte 3 changes the full status request from
 every 6th to every 3rd. 
 The command lmi-n392dte 2 changes the number of status errors
 from 3 to 2. This is only relevant when no status answers are
 received.
 Try the following link: 
 

http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1835/products_command_reference_chapter09186a00800ca7eb.html
 
 Jens Neelsen
 
 --- paul dong so  wrote:
 
Hi all,

while practicing frame-relay lmi-n39x commonds, i can not make
the  commonds work as they are supposed to be.

Scenario:

frame-relay switch  RA

on RA, use lmi autosense. basic FR function works fine,
following config 
is abstract only

serial 0
  encapsulation frame-relay
  frame-relay interface-dlci 401
  ip address 150.50.24.2 255.255.255.0
  frame-relay lmi-n391dte 3
  frame-relay lmi-n392dte 2
  frame-relay lmi-n393dte 2
  keepalive 10

If debu frame lmi is turned on, i would expect every 30
seconds,
3 status requests will be sent out serial0 as a result of
frame-relay 
lmi-n391dte 3 and lmi autosense. But i can only see one
status 
request is sent. Tried shut/no shut interface, etc to no vail.

Any idea how these commands affect frame relay behaviors?

Thanks

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63129t=63120
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

frame relay lmi-n39x functions [7:63120]

[paul dong so]

Hi all,

while practicing frame-relay lmi-n39x commonds, i can not make the 
commonds work as they are supposed to be.

Scenario:

frame-relay switch  RA

on RA, use lmi autosense. basic FR function works fine, following config 
is abstract only

serial 0
  encapsulation frame-relay
  frame-relay interface-dlci 401
  ip address 150.50.24.2 255.255.255.0
  frame-relay lmi-n391dte 3
  frame-relay lmi-n392dte 2
  frame-relay lmi-n393dte 2
  keepalive 10

If debu frame lmi is turned on, i would expect every 30 seconds,
3 status requests will be sent out serial0 as a result of frame-relay 
lmi-n391dte 3 and lmi autosense. But i can only see one status 
request is sent. Tried shut/no shut interface, etc to no vail.

Any idea how these commands affect frame relay behaviors?

Thanks

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63120t=63120
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE and Packet (the cut'n'paste from hell!) [7:62998]

[Paul Borghese]

In this case the issue is the URL spans more the 72 characters which is
the size most e-mail clients use as a width of a message.  When you
cut/paste you do not capture the entire URL.  But this is not
GroupStudy's faults, it is the fault of the client software.

But there is a case where GroupStudy mangles URL's.  Remember GroupStudy
will always attempt to translate your HTML posting into Plain-Text.  So
if you have an HTML posting with the  Scott,
 I think the problem is that they're trying really hard on the list
 to avoid becoming commercial (see the thread CCIE Study Materials -
 Anti-Rant [7:62930]), so they've blocked promotions for specific
vendors
 like that Cisco place (lol!!!)
 Geoff Mossburg


Heh heh.  :-)  No, the actual issue is that a URL can't be in the first
line
of post, as I recall.  If you want to post a URL you must add filler to
it.
This particular issue has been a thorn in the side of Priscilla for a
while
now.  

John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63027t=62998
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Update of Anti-Mime Software [7:63043]

[Paul Borghese]

Ok, I updated our anti-mime software.  Let's see if that fixes the
problem of having a URL on the first line.  I personally have not been
able to duplicate the problem.

Please send me any bug reports!

Paul

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Paul Borghese
Sent: Friday, February 14, 2003 9:28 AM
To: [EMAIL PROTECTED]
Subject: RE: CCIE and Packet (the cut'n'paste from hell!) [7:62998]

In this case the issue is the URL spans more the 72 characters which is
the size most e-mail clients use as a width of a message.  When you
cut/paste you do not capture the entire URL.  But this is not
GroupStudy's faults, it is the fault of the client software.

But there is a case where GroupStudy mangles URL's.  Remember GroupStudy
will always attempt to translate your HTML posting into Plain-Text.  So
if you have an HTML posting with the  Scott,
 I think the problem is that they're trying really hard on the list
 to avoid becoming commercial (see the thread CCIE Study Materials -
 Anti-Rant [7:62930]), so they've blocked promotions for specific
vendors
 like that Cisco place (lol!!!)
 Geoff Mossburg


Heh heh.  :-)  No, the actual issue is that a URL can't be in the first
line
of post, as I recall.  If you want to post a URL you must add filler to
it.
This particular issue has been a thorn in the side of Priscilla for a
while
now.  

John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63043t=63043
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Easy question [7:63002]

[Paul Borghese]

Type show version to view your configuration register.  If the
configuration register is 2142 perform the following command (from
privilege mode):

config t
config-register 0x2102
end
copy run start


Take care,

Paul Borghese

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Johnson, Richard (NY Int)
Sent: Thursday, February 13, 2003 11:22 PM
To: [EMAIL PROTECTED]
Subject: Easy question [7:63002]

Hi all,


Every time I boot my router, it asks if I want to configure my router. I
know I have to type some sort of confreg line in. Can someone tell me
which
one so I can boot my router correctly, without having to reconfigure it
each
time. 


Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63008t=63002
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Snort versus Cisco IDS [7:62939]

[Paul Borghese]

Do not forget about the open source scanner Nessus (www.nessus.org) for
penetration testing.  One of the best around!

Paul

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Vicky Mair
Sent: Thursday, February 13, 2003 10:55 AM
To: [EMAIL PROTECTED]
Subject: RE: Snort versus Cisco IDS [7:62939]

comments in-line:


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 12, 2003 9:06 PM
To: [EMAIL PROTECTED]
Subject: Snort versus Cisco IDS [7:62939]


Someone told me in an authoritative voice today that Cisco doesn't
recommend
their IDS. They recommend Snort. Is this really true? Isn't Cisco's IDS
a
big part of SAFE?

i'm not at all surprised (mean no dis-respect to anyone).the same
reason
cisco don't use ciscoworks for managing their internal production
devicesthe same reason m$ doesn't use their own source control
software
for coding.in my opinion open source rules. linux, mrtg and snort
are
perfect examples.



Of course, the person who said this doesn't understand that Cisco is a
huge,
chaotic organism, and that saying Cisco does something based on what one
person does, doesn't make sense.

it depends whose talking ;-)



But I'm just curious, what do you all recommend for intrusion detection?
How
do Snort and Cisco IDS compare? I guess Cisco's solution is a bit more
complicated, requiring appliances or IDS cards in a switch and a
console:

oh boy, this is a loaded question.but since you asked, in my opinion
i'm
simply impressed by the rule sets that are being generated for snort as
compared to cisco ids...perfect example was slammer worm virus. snort
community had the rule set out in matter of couple hours. if need be you
can
even get commercial support for snort similar to linux and mrtg. one
could
argue between hardware and software ids solutions similar to hardware
and
software ipsec encryption solutions. we can talk about this all day ;-)

ultimately its upto you to  make that decision, weighing pros and cons
of a
product before making the investment (time/money/support/roi...etc). as
you
know, there's 10 different ways to skin a catthere's no silver
bullet
;-)


rule #1: perfection is a myth, there's no perfect network.


regards,
/vicky



Cisco Secure IDS DirectorHP OpenView Network Node Manager plug-in
that
runs on UNIX (Solaris and HP-UX)

Cisco Secure Policy Manager (v2.2+)Windows NT-based package

Thanks.

Priscilla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63010t=62939
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Snort versus Cisco IDS [7:62939]

[Paul Borghese]

The thing that makes SNORT so powerful is the attack rules which are
updated almost daily.  Also, you can not beat the price.  Simply find an
unused PC, install Linux and install Snort.  The software and OS is
free! 

You will need some sort of parsing software to read the snort logs.
Check out ACID (http://acidlab.sourceforge.net/) or SnortSnarf.


Paul Borghese
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Will Gragido
Sent: Friday, February 14, 2003 12:02 AM
To: [EMAIL PROTECTED]
Subject: RE: Snort versus Cisco IDS [7:62939]

Not to mention the fact that Cisco Systems bought Okena Software
www.okena.com, last month specifically for their Intrusion Prevention
software.  

SNORT is a great tool, I don't think that anyone would or can argue
that.  I
think that being that it's driven by the open source community it comes
(and
has come since it became the 'SHADOW'), under a great deal of scrutiny;
however, I have yet to see instances where it fails. 

I agree with Kent in regards to Cisco System's proudly recommending
their
solution (which when you look under the hood is really an OEM licensed
version of Entercept's product, hence the purchase of OKENA).
Furthermore,
I can't see ANY Cisco Systems SE staying employed for any amount of time
if
they openly discouraged existing as well as potential clients from
purchasing their solutions.  

Cheers, 

Will Gragido CISSP CCNP CIPTSS CCDA MCP
9450 W. Bryn Mawr Ave.
Suite 325
Rosemont, Il 60018
www.ins.com
[EMAIL PROTECTED]


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Kent
Hundley
Sent: Thursday, February 13, 2003 3:39 PM
To: [EMAIL PROTECTED]
Subject: Re: Snort versus Cisco IDS [7:62939]

On Thu, 2003-02-13 at 00:06, Priscilla Oppenheimer wrote:
 Someone told me in an authoritative voice today that Cisco doesn't
recommend
 their IDS. They recommend Snort. Is this really true? Isn't Cisco's
IDS a
 big part of SAFE?
 

Whomever told you this:

1) Is extremely naiive (one Cisco engineer told them something and they
took it as gospel)

2) Has never talked to any of the Cisco teams that manage large global
accounts

I can tell you for a 100% fact that Cisco recommends their IDS very
actively to their large global customers, I'm working on a Fortune 5
account right now and the Cisco team is heavily pushing a Cisco IDS
deployment.  If one of their engineers recommended snort, the AM would
have them bound and gagged and thrown in a very dark basement. ;-)


 Of course, the person who said this doesn't understand that Cisco is a
huge,
 chaotic organism, and that saying Cisco does something based on what
one
 person does, doesn't make sense.
 
 But I'm just curious, what do you all recommend for intrusion
detection?
How
 do Snort and Cisco IDS compare? I guess Cisco's solution is a bit more
 complicated, requiring appliances or IDS cards in a switch and a
console:
 

Cisco IDS is a commercial, fully baked product in the sense that it has
a lot of bells and whistles for the end-user market.  Cisco is also
developing custom hardware such as blades that slide into a Cat 6500,
making for easy deployment and the ability to capture and process
traffic at Gigabit speeds.

Snort is much more of a tech geeks solution, although there are a lot of
talented people writing code to increase its ease of use such. (things
like ACID and Demarc)

The bottom line is that snort will do the job in a lot of environments,
but your going to need to have some very technical people to handle the
care and feeding of the system.  It is an open source solution and
doesn't come with built-in support other than what you get through
mailing lists.  The Cisco IDS comes with TAC behind it.  You pay more
for more support baked into the process and a large amount of dedicated
resources working on your issues. (it's the same old open source vs
commercial product argument)

For small environments where funds are very limited or for environments
with highly technical but cheap labor (such as universities), snort is
probably the better solution.  For large enterprises, Cisco would
probably be the better choice.  

Of course, YMMV, a lot depends on the environment, , that's my opinion,
take it with a grain of salt, yada, yada, yada, etc. etc. disclaimer,
disclaimer...

Regards,
Kent




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63011t=62939
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Passed CCIE written exam [7:62854]

[Paul Dong So]

Hi all,

Just passed the written and feel like i need to say something. Really want
to say thanks for all the helps I gained from this study
group.

Test is 3 hours, 150 questions, single or multiple choices. If mulitple,
will give indication how many answers. Can go backward
and forward to check the questions. Passing score 58.

Highly recommend
1. Boson #1 and #3. You should make sure you either remember or understand
every answer. Don't even give up hard ones.
Only give up something you really think it is going to be nonesense if you
have to waste your brain resource  memorizing the
answers.
2. Need to understand these topics in depth: VoIP, MPLS(mpls-vpn, mpls-te),
QoS. Those are my failing points where i only
read superficially, but not in depth.
3. Try to read the online CCO website as much as you can, here is my another
failing point.
4. The rest are the usual stuffs that every one talks a lot: books to read:
Doyle's routing, lan switching, cisco press QoS, cisco
press mpls, Caslow.

Now it is time to crack the most difficult part: Lab.

Cheers,

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62854t=62854
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ccie per hour rate [7:62894]

[Paul Beckman]

I want just general networking.  Not really designing any really big
projects or anything.
How much per hour would be reasonable?



Paul Beckman
CIS Department
Delta Health Group
850-470-0155
[EMAIL PROTECTED]


The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential, proprietary, and/or
privileged material.  Any review, retransmission, dissemination or other
use of, or taking of any action in reliance upon, this information by
persons or entities other than the intended recipient is prohibited.
If you received this in error, please contact the sender and delete
the material from all computers.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62894t=62894
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: newbie: removing an ip route to loopback [7:62811]

[Casey, Paul (6822)]

Type no interface loopback0 

The network is a virtual interface on the router, 
If you scroll through the running config you will see 

Int loopback0
Ip address 10.x.x.x x.x.x.x

MAKE SURE no one needs this before delete it, 
Otherwise fire ahead, this will reemove it,

Matbe go and research its usage before you delete it to be sure.

Its showing up because its directly attached to the router, , 
Look at the C beside it, that means directly connected.

Kind regards.


-Original Message-
From: J. Johnson [mailto:[EMAIL PROTECTED]] 
Sent: 11 February 2003 17:23
To: [EMAIL PROTECTED]
Subject: newbie: removing an ip route to loopback [7:62811]


Please pardon my newbieness ...

I have a router with this in the routing table:

Router#show ip route
 
 10.0.0.0/24 is subnetted, 1 subnets
 C   10.0.0.0 is directly connected, Loopback0
 
Router#

I would like to remove it.  However, the following (and several variations) 
doesn't do the trick:

Router(config)#no ip route 10.0.0.0 255.255.255.0 Loopback 0 %No matching
route to delete Router(config)# 

This command with other addresses works the way I would expect it to work. 
E.g. I can do ip route 10.0.0.3 255.255.255.255 Loopback 0 and the route 
appears, and then no ip route 10.0.0.3 255.255.255.255 Loopback 0 and the 
route is gone.  Presumably the difference is that the 10.0.0.0 address is a 
network address.  Is there a way to remove it?

This router is a 3620 shared by several people in a lab environment.  I 
don't know how this route got into the table.

James


This E-mail is from O2. The E-mail and any files
transmitted with it are confidential and may also be privileged and intended
solely for the use of the individual or entity to whom they are addressed.
Any unauthorised direct or indirect dissemination, distribution or copying
of this message and any attachments is strictly prohibited. If you have
received the E-mail in error please notify [EMAIL PROTECTED] or 
  telephone ++ 353 1 6095000.

*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62812t=62811
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

logging question. [7:62735]

[Casey, Paul (6822)]

Hello Group,

On a router you have the following logging available,
 
alerts Immediate action needed (severity=1)
critical Critical conditions (severity=2)
debugging Debugging messages (severity=7)
emergencies System is unusable (severity=0)
errors Error conditions (severity=3)
informational Informational messages (severity=6)
notifications Normal but significant conditions (severity=5)
warnings Warning conditions (severity=4)
 

If you type :
logging buffered debug 
 
You log severity 7 and all lower levels on ie, 6,5,4,3...0 Is it possible to
logging particular severity levels, say you wanted to log severity 7,4,1
only can this be achived on a router,
 
Any help appreciated,
 
Kind regards.
 
Paul.




This E-mail is from O2. The E-mail and any files
transmitted with it are confidential and may also be privileged and intended
solely for the use of the individual or entity to whom they are addressed.
Any unauthorised direct or indirect dissemination, distribution or copying
of this message and any attachments is strictly prohibited. If you have
received the E-mail in error please notify [EMAIL PROTECTED] or 
  telephone ++ 353 1 6095000.

*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62735t=62735
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: BGP help needed., [7:62736]

[Casey, Paul (6822)]

Hello, 

I have the practise lab I am working on.
3 routers in lab,

AS100 --AS200-AS300

I have a loopback 1.1.1.1 in AS100 and I want to advertise it to AS200 who
in turn will advertise it to AS300. When it arrives in AS300 it has to look
like it originated in AS200 and NOT for AS300.
This needs be achieved with 1 command on AS200. 

Anyone any idea how to do get this to work,
Can this be done,..??

Kind regards,
Paul.




This E-mail is from O2. The E-mail and any files
transmitted with it are confidential and may also be privileged and intended
solely for the use of the individual or entity to whom they are addressed.
Any unauthorised direct or indirect dissemination, distribution or copying
of this message and any attachments is strictly prohibited. If you have
received the E-mail in error please notify [EMAIL PROTECTED] or 
  telephone ++ 353 1 6095000.

*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62736t=62736
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Telnet to 2501 through a linksys router [7:62654]

[Paul Jin]

Jason,
I am kind of confused, how can you allow telnet to both
your sun box and router at the same time from the outside?

Do you have multiple addresses on your WAN side?

If you are saying you are already inside your lan, and from the
sun box, telnet into your router and it works ok.. then I would
assume that somehow, your router cannot/or dont know how to fwd packets
outside your
internal lan.

Can you post the config?  I have a linksys and 2511 behind it also.

Do you have a default gateway on your cisco router, and is it
pointing to the linksys router?

- Paul


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62671t=62654
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

preparation tips for ccie lab [7:62434]

[Paul Dong So]

Hi all,

Passed the written and am prepraring to crack the hardest part. I
appreciate any tips and recommendation on where to start(equipment is
not my concern at this point) and what is the best study strategy in
terms of time allocation, focusing areas, good study materials, etc.

Thanks in advance

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62434t=62434
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

passed ccie written [7:62395]

[paul dong so]

Hi all,

Just passed the written and feel like i need to say something. Really
want to say thanks for all the helps I gained from this study group.

Test is 3 hours, 150 questions, single or multiple choices. If mulitple,
will give indication how many answers. Can go backward and forward to
check the questions. Passing score 58.

Highly recommend
1. Boson #1 and #3. You should make sure you either remember or
understand every answer. Don't even give up hard ones. Only give up
something you really think it is going to be nonesense if you have to
waste your brain resource  memorizing the answers.
2. Need to understand these topics in depth: VoIP, MPLS(mpls-vpn,
mpls-te), QoS. Those are my failing points where i only read
superficially, but not in depth.
3. Try to read the online CCO website as much as you can, here is my
another failing point.
4. The rest are the usual stuffs that every one talks a lot: books to
read: Doyle's routing, lan switching, cisco press QoS, cisco press mpls,
Caslow.

Now it is time to crack the most difficult part: Lab.

Cheers,

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62395t=62395
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: passed ccie written [7:62395]

[paul dong so]

Token Ring, IPX are listed in Blueprint, I will not skip those topics. 
As for questions, they are really the questions you should know the 
answers.

cheers,

Paul

Leon Zhao wrote:

 Congrats. I've been seeing complaints about too much questions on old 
 tech such as Token Ring, IPX. Did you have the same feeling?
 
 Thanks,
 Leon
 
 paul dong so wrote:
 
 
Hi all,

Just passed the written and feel like i need to say something. Really
want to say thanks for all the helps I gained from this study group.

Test is 3 hours, 150 questions, single or multiple choices. If mulitple,
will give indication how many answers. Can go backward and forward to
check the questions. Passing score 58.

Highly recommend
1. Boson #1 and #3. You should make sure you either remember or
understand every answer. Don't even give up hard ones. Only give up
something you really think it is going to be nonesense if you have to
waste your brain resource  memorizing the answers.
2. Need to understand these topics in depth: VoIP, MPLS(mpls-vpn,
mpls-te), QoS. Those are my failing points where i only read
superficially, but not in depth.
3. Try to read the online CCO website as much as you can, here is my
another failing point.
4. The rest are the usual stuffs that every one talks a lot: books to
read: Doyle's routing, lan switching, cisco press QoS, cisco press mpls,
Caslow.

Now it is time to crack the most difficult part: Lab.

Cheers,

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62476t=62395
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: passed ccie written [7:62484]

[paul dong so]

Hi,

I think my PC has problem, my emails don't seem to be shown, but they 
are actully there. If I have sent a few of them, please forgive me. :)

I was asked a few questions, here are the answers:

1. token ring and ipx are the topics you need to know as they are listed 
in the blueprint

2. there are exhibition questions, quite a few, you can prepare yourself 
via boson exam

3. reading CCO website to expand the topics on the books. Normally they 
are more uptodate. But it is up to your time allocation scheme as online 
materials are vast. If you don't have time, you can choose the topics 
you are not that good at or you find the books can't answer your questions.

HTH

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62484t=62484
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

bgp community [7:62326]

[Peter Paul]

can someone help me? i am currently doing bgp in my test lab. i did a
community no-advertise in one of the routes to be advertise by the local as
to another as, but i can't see it in that other as. i also did a
redistribution from bgp to igp (ospf) in the other as so that both bgp and
igp would sync because one of the problems stated that i should not disable
sync. did i missed something? here's my config in my test lab:

router bgp 2
 bgp log-neighbor-changes
 redistribute connected route-map loops
 neighbor 153.153.3.3 remote-as 3
 neighbor 153.153.3.3 ebgp-multihop 255
 neighbor 153.153.3.3 update-source Loopback10
 neighbor 153.153.3.3 send-community

route-map loops permit 10
 match interface Loopback33 Loopback55
 set origin igp
!
route-map loops permit 20
 match interface Loopback22 - loopback 22 is 22.22.22.22/24
 set origin igp
 set community no-export

when i did show ip bgp on the 153.153.3.3 router, 

  Network  Next HopMetric LocPrf Weight Path
*i11.0.0.0 153.153.1.1   100  0 23 111 i
* 33.0.0.0 153.153.6.6  1 0 2 i
*i44.0.0.0 153.153.1.1   100  0 23 111 i
* 55.0.0.0 153.153.6.6  1 0 2 i
*i66.0.0.0 153.153.1.1   100  0 23 111 777 i
*i77.0.0.0 153.153.1.1   100  0 23 111 444 555 i
*i103.103.103.0/24 153.153.1.1  0100  0 23 i
*i183.0.0.0/8  153.153.4.4   100  0 65003 i

i can't see the 22.0.0.0 network. thanks in advance.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62326t=62326
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco 831 routers [7:61707]

[Paul Forbes]

Glad to help Thomas.

My experience with lower-end 2600's (2611/2621) is that they can reach
approximately 500-750Kbps of 3DES IPsec performance (depending upon
traffic type; purely 1440-byte packets might get you north of 800Kbps).
The 831 is rated, as per Cisco
(http://tools.cisco.com/cmn/jsp/index.jsp?id=20753), at around 2Mbps
with standard traffic, so real world performance should be better
(64-byte packets induce the greatest amount of stress).

This, plus the punting of LLQ into the crypto engine, Websense/N2H2
content filtering and virtual AUX makes this little router quite
acceptable for small offices, though there isn't any modularity of
course (e.g. no WICs, no NMs).

Cheers.

Paul Forbes
Network Engineer
Trimble

 -Original Message-
 From: Thomas N. [mailto:[EMAIL PROTECTED]] 
 Sent: Monday, January 27, 2003 11:15 PM
 To: [EMAIL PROTECTED]
 Subject: Re: Cisco 831 routers [7:61707]
 
 
 Thanks Paul.  Do you have any chance to test out for performance of
 GRE+IPSec?  Is it better than that of software-based 
 encryption on the 2600
 routers?
 
 
 Paul Forbes  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  They're available (we have four in house ready for deployment). I
  haven't tested them with all knobs on (GRE+IPsec, CBAC, IDS, QoS,
  EIGRP/OSPF, etc.), but VPN+CBAC has worked beautifully.
 
  Check with your VAR or Cisco account team for leadtimes.
 
  Cheers.
 
  Paul
 
   -Original Message-
   From: Thomas N. [mailto:[EMAIL PROTECTED]]
   Sent: Thursday, January 23, 2003 12:32 PM
   To: [EMAIL PROTECTED]
   Subject: Cisco 831 routers [7:61707]
  
  
   Hi All,
  
   I wonder if anyone here could get a hold of the new Cisco 831
   VPN router?  I
   am trying to get couple of these routers but being told they
   are onhold by
   Cisco.  I am just curious why? and when they are available
   again?  Thanks!
  
   Thomas.
   Report misconduct
   and Nondisclosure violations to [EMAIL PROTECTED]
 Report misconduct 
 and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62051t=61707
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: UDP port 1434 [7:61891]

[Paul Forbes]

One interesting assumption (underline assumption) is that BofA's service
providers were partially sharing facilities between their private
(ATM/FR) and public (Internet) networks. If that's the case, once the
CPU on some of those shared routers/switches went to 100%, BofA's
automatic teller machines are going to disappear.

Paul Forbes
Network Engineer
Trimble


 -Original Message-
 From: John Neiberger [mailto:[EMAIL PROTECTED]] 
 Sent: Monday, January 27, 2003 10:51 AM
 To: [EMAIL PROTECTED]
 Subject: Re: UDP port 1434 [7:61891]
 
 
 Maybe this is a silly question considering where I work, but is it
 common for huge banks to connect their ATMs to their data centers over
 the Internet?  We certainly don't do that, and wouldn't even consider
 doing it, so I was surprised that BofA appears to be doing just that.
 
 Then again, they probably have twenty times more ATMs than we do, so
 perhaps they have different issues to be considered.
 
 John
 
  Priscilla Oppenheimer  1/27/03 11:24:42 AM
 
 Good points. How much bandwidth goes to some of the remote ATMs?
 Probably
 very little. They probably got crunched by the huge number of UDP
 packets.
 
 Of course, better filtering would have prevented that.
 
 But there's no need to assume that BoA runs MS-SQL or to worry that
 private
 info was compromised, etc. DoS attacks usually have very little to do
 with
 privacy compromises.
 
 Not claiming to be a security expert, so just correct me if I'm way
 off
 base! :-)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61979t=61891
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: A special new game [7:61850]

[Paul Borghese]

Hmmm, someone has a worm as this did not come from me.  Here is the
complete header of the original e-mail (which contained an attachment I
assume is a worm):

Return-Path: 
Received: from Elltjj
(CPE000795e203c5-CM013519900555.cpe.net.cable.rogers.com
[24.43.170.194])
by groupstudy.com (8.9.3/8.9.3) with SMTP id RAA24384
GroupStudy Mailer; Sat, 25 Jan 2003 17:04:48 GMT
Date: Sat, 25 Jan 2003 17:04:48 GMT
Message-Id: 
From: pborghese 
To: [EMAIL PROTECTED]
Subject: A special  new game

If you are using rogers.com, please clean your system.

Thanks!

Paul Borghese



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
pborghese
Sent: Saturday, January 25, 2003 12:05 PM
To: [EMAIL PROTECTED]
Subject: A special new game [7:61850]

This is a very new game
This game is my first work.
You're the first player.
I wish you would enjoy it.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61874t=61850
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: HELP..........FTP Problem [7:61549]

[Paul Elston]

Hi,

We had a similar issue just a few weeks back.  Our customer outsource thier
firewall to thier ISP and we use NAT for our server.  Switching to passive
mode solved our problem as the server hands control over to the client
meaning the client initiates the data session on a not well known port #
returned by the server.  Stateful firewalls then sees the session as being
initiated by an internal client.

Another item we had to overcome at a different client's network is NAV
Internet Gateway software.  We switched to binary mode to overcome this
one.  NAV did not like the padding that occurs with other ftp modes.

Hope this helps,
Paul


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61690t=61549
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco 831 routers [7:61707]

[Paul Forbes]

They're available (we have four in house ready for deployment). I
haven't tested them with all knobs on (GRE+IPsec, CBAC, IDS, QoS,
EIGRP/OSPF, etc.), but VPN+CBAC has worked beautifully.

Check with your VAR or Cisco account team for leadtimes.

Cheers.

Paul

 -Original Message-
 From: Thomas N. [mailto:[EMAIL PROTECTED]] 
 Sent: Thursday, January 23, 2003 12:32 PM
 To: [EMAIL PROTECTED]
 Subject: Cisco 831 routers [7:61707]
 
 
 Hi All,
 
 I wonder if anyone here could get a hold of the new Cisco 831 
 VPN router?  I
 am trying to get couple of these routers but being told they 
 are onhold by
 Cisco.  I am just curious why? and when they are available 
 again?  Thanks!
 
 Thomas.
 Report misconduct 
 and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61726t=61707
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

upgrade flash question [7:61447]

[Casey, Paul (6822)]

The flash on my 2621xm router is write protected and I cant delete it, 
how do I remove this and upgrade the flash:

and help appreciated.
Kind regards.
Paul.



Paul Casey
O2 Ireland
 Core Network Eng'g Team 
76 Lower Baggot Street, Dublin 2. 
 * Mob : +353 86 8143310
E-mail: [EMAIL PROTECTED]

PLEASE NOTE THAT THE ABOVE IS CONFIDENTIAL INFORMATION I

 See what you can do www.o2.ie
 




This E-mail is from O2. The E-mail and any files
transmitted with it are confidential and may also be privileged and intended
solely for the use of the individual or entity to whom they are addressed.
Any unauthorised direct or indirect dissemination, distribution or copying
of this message and any attachments is strictly prohibited. If you have
received the E-mail in error please notify [EMAIL PROTECTED] or 
  telephone ++ 353 1 6095000.

*




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61447t=61447
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

GroupStudy DB Crash [7:61288]

[Paul Borghese]

I would like to apologize as the GroupStudy database crashed thus preventing
any postings for the past 20 hours or so.

Tonight I performed an upgrade to the database in the hopes it will increase
reliability.  Please resend any messages that do not appear on the site.

Sorry!

Paul Borghese


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61288t=61288
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

TACACS password encryption [7:60886]

[Paul Dong So]

Hi all,

Am reading cramsession notes and there are statement like this:

1. The entire body of Tacacs+ packet is encrypted is ther is a shared key on
the router and server.
2. Tacacs transmits passwords in clear text

Dont' they conflict? Is the user password encrypted or not?

Thanks

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60886t=60886
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Flaw found in vendors ethernet cards [7:60698]

[Paul Borghese]

From Cert.org.  The complete text may be found at
http://www.kb.cert.org/vuls/id/412115


The Ethernet standard (IEEE 802.3) specifies a minimum data field size
of 46 bytes. If a higher layer protocol such as IP provides packet data
that is smaller than 46 bytes, the device driver must fill the remainder
of the data field with a pad. For IP datagrams, RFC1042 specifies that
the data field should be padded (with octets of zero) to meet the IEEE
802 minimum frame size requirements. 

Researchers from @Stake have discovered that, contrary to the
recommendations of RFC1042, many Ethernet device drivers fail to pad
frames with null bytes. Instead, these device drivers reuse previously
transmitted frame data to pad frames smaller than 46 bytes. This
constitutes an information leakage vulnerability that may allow remote
attackers to harvest potentially sensitive information. Depending upon
the implementation of an affected device driver, the leaked information
may originate from dynamic kernel memory, from static system memory
allocated to the device driver, or from a hardware buffer located on the
network interface card. 


Paul Borghese




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60698t=60698
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

fragmentation question [7:60643]

[Paul Dong So]

Hi All,

Please shed a light on this as I am confused.

Fragmentation for UDP/TCP:
 * Only the first fragment contains the UDP or TCP header, not the
sequencial fragments?

Fragementation for IP packets
 * every fragmented packet will contains ip header?

MTU 1500 bytes, doesn't it mean the data payload can not exceed 1500
bytes or the whole packet size(payload+header) can not exceed 1500
bytes?

Thanks in advance

Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60643t=60643
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

AVVID billing system? [7:60492]

[Paul Forbes]

Hello all,

Does anyone have any strong recommendations for a billing system for an
enterprise-level AVVID deployment (1000+ users, distributed, multiple
cluster, etc.)?

I'd prefer suggestions based upon personal experience - the AVVID
partner page
(http://www.cisco.com/pcgi-bin/ecoa/Search?choose_category=EVBUthe_exam
ples=Select%20Allthe_examples1=Select%20All) has innumerable options
and I was hoping to weed some, if not most of them out. Some of the
solutions we've seen have been more service provider class and hence,
out of our price range.

Thanks for the help.

Paul Forbes
Network Engineer
Trimble




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60492t=60492
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MPLS images for 7200? 2500? [7:60284]

[Paul Jin]

Chuck,

It definitely is an unsupported image.  It is an image that Cisco created
internally for some testing only.  Most of people at Cisco
don't even know the image exists.. I know, I even opened a TAC ticket
to locate this image and they told me that it did not exist even though I
specifically mentioned I heard it was a testing version only.

And the author of the image was nice enough to post the  ftp site address a
little while back when everyone started asking for it.

- Paul


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60360t=60284
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

XSS Vulnerability found on Cisco Website [7:59744]

[Paul Borghese]

According to http://www.securiteam.com/securitynews/6T00D206AC.html
there is a Cross Site Scripting vulnerability on the Cisco website.
Make sure you log off of your CCO account (which last time I checked
Cisco does not give us that option!) before surfing the web.  The only
way I have been able to log off is turn off the browser which expires
the cookie.  

Paul Borghese




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59744t=59744
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX and the Activation Key [7:59610]

[Paul Van Neiberman]

Hi,
Thanks to everyone who provided some 'intel',
however after doing a #show version I do get the serial number
and a Activation-Key displaying 4 sets of hexadecimal numbers, what is this 
key used for?( its version 6.1(4))

Also the registration site at CCO
https://www.cisco.com/pcgi-bin/Software/FormManager/formgenerator.pl?pid=221fid=301
says New PIX owners do not need to use this page, urmm, now I am confused 
;))


_
Add photos to your e-mail with MSN 8. Get 3 months FREE*. 
http://join.msn.com/?page=features/featuredemailxAPID=42PS=47575PI=7324DI=7474SU= 
http://www.hotmail.msn.com/cgi-bin/getmsgHL=1216hotmailtaglines_addphotos_3mf




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59610t=59610
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]