RE: VPN between Checkpoint and Pix [7:27787]
Ramesh, Here is what you are looking for: http://www.cisco.com/warp/public/110/cp-p.html many other at: http://www.cisco.com/warp/public/707/index.shtml#pix Hope this helps Paul -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ramesh c Sent: Friday, November 30, 2001 4:04 AM To: [EMAIL PROTECTED] Subject: VPN between Checkpoint and Pix [7:27787] Hi guys, Is there any site which give details(Configuration,specs)abt VPN between Pix firewall and checkpt firewall using IPSec. TIA Cheers Ramesh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27899t=27787 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: a better view [7:23383]
Copy of letter by: Joe Vela Shriners Hospital for Children-Houston Here is an interesting perspective on what happened September 11. Some good news from all of this: By now everyone has been hearing the death toll rise and reports of the destruction from the terrorist attacks on the US. These were deplorable acts that we will never forget. But now is a time to look at the other side of the numbers coming out of New York, Washington and Pennsylvania. The sad but somewhat uplifting side that the mainstream media has not reported yet the SURVIVAL rates and some positive news about the attacks. *** The Buildings *** The World Trade Center - The twin towers of the World Trade Center were places of employment for some 50,000 people. With the missing list of just over 5,000 people, that means 90% of the people targeted survived the attack. A 90% on a test is an 'A'. The Pentagon - Some 23,000 people were the target of a third plane aimed at the Pentagon. The latest count shows that only 123 lost their lives. That is an amazing 99.5% survival rate. in addition, the plane seems to have come too low, too early to affect a large portion of the building. On top of that, the section that was hit was the first of five sections to undergo renovations that would help protect the Pentagon from terrorist attacks. It had recently completed straightening and blast proofing, saving untold lives. This attack was sad, but a statistical failure. *** The Planes *** American Airlines Flight 77 This Boeing 757 that was flown into the outside of the Pentagon could have carried up to 289 people, yet only 64 were aboard. Luckily 78% of the seats were empty. American Airlines Flight 11 This Boeing 767 could have had up to 351 people aboard, but only carried 92. Thankfully 74% of the seats were unfilled. United Airlines Flight 175 Another Boeing 767 that could have sat 351 people only had 65 people on board. Fortunately it was 81% empty. United Airlines Flight 93 This Boeing 757 was one of the most uplifting stories yet. The smallest flight to be hijacked with only 45 people aboard out of a possible 289 had 84% of its capacity unused. Yet these people stood up to the attackers and thwarted a fourth attempted destruction of a national landmark, saving untold numbers of lives in the process. *** In Summary *** Out of potentially 74,280 Americans directly targeted by these inept cowards, 93% survived or avoided the attacks. That's a higher survival rate than heart attacks, breast cancer, kidney transplants and liver transplants - all common, survivable illnesses. The Hijacked planes were mostly empty, the Pentagon was hit at it's strongest point, the overwhelming majority of people in the World Trade Center buildings escaped, and a handful of passengers gave the ultimate sacrifice to save even more lives. Pass this information on to those in fear and the media. Don't fear these terrorists. The odds are against them. Joe Vela Shriners Hospital for Children-Houston Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23383t=23383 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: Let there be peace on earth [7:21740]
Let there be peace on earth The President has asked that we unite for a common cause. Since the hard line Islamic Terrorists can not stand nudity, and consider it a sin to see a naked woman that is not their wife: Tomorrow night at 6:00 PM EDT, all women should run out of their house naked to help weed out the terrorists. The United States appreciates your efforts, and applauds you. Be sure to spread the word, and?. God bless America! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21740t=21740 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
connectivity issue [7:21600]
Guys (and gals), I was wondering if anyone had ran into this problem. I have a private, pt-pt network terminating on my side with a 2524 running 11.1. This is connected into a 2900 switch. My ISP comes in on a 2610 through a PIX running 6.1.(Whose inside IP is the gateway for all PCs) It is also hitting the 2900. My machines behind the firewall can get to the internet and also ping the 2524 Ethernet interface on my side, but that is as far as they will go. I have put a static route into the PIX pointing any traffic for the 10.4.0.0 network (the far side of the pt-pt) directed to the inside IP of the 2524. from the PIX, I can ping the 2524, and any address on the far network. But the PCs cannot go past the Ethernet of the 2524. They can ping the inside interface of the 2524, but not even the WAN interface of this router. I have also added a static for the Network of the WAN link, a /30. I don't understand how the PIX can ping through the 2524 to the remote network and the PCs cannot, when all the routes are in the PIX to direct these packets to the correct destination(2524). Could it have to do with the fact the times I'm getting on those pings( around 600ms) are above the TTL on the PCs or could I be missing something else? This is probably going to turn out to be a stupid question, and I will regret sending it. Be gentle Paul Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21600t=21600 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Long response RE: A TRIBUTE TO THE UNITED STATES [7:3336]
Also Raymond, your friend, Masood, has just recently gained a pretty good ally. He just went from having to fight a losing battle with the Taliban by himself, to having the entire power of the United States military, NATO, and other countries, fighting by his side. Lets hope they wipe your former country clean of this scourge, and give it back to good people such as yourself and your family. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of James Haynes Sent: Friday, September 14, 2001 7:03 AM To: [EMAIL PROTECTED] Subject: Re: Long response RE: A TRIBUTE TO THE UNITED STATES [3:3336] Eloquently stated Raymond. God Bless you and your family. As posted here, so many people have tragic tales to tell. Mine is brighter picture. My sister who was at ground-zero made it out alive and is now at home with me. It was such a frantic time of uncertainty for my family it pains me to know others have gone through the same thing and are still living with the same uncertainty. Kind souls such as yourself are a welcome relief to hear at a time like this. My heart goes out to all people living through this nightmare. -- James Haynes Network Architect Cendant IT A+,MCSE,CCNA,CCDA,CCNP,CCDP, CQS-SNA/IPSS Raymond Thomas wrote in message news:[EMAIL PROTECTED]... I was asked where I was born since I am citizen not born in the US so here it goes. This will be a long email... and if there are many ignorant people on this board, then I don't mind not seeing their resumes anymore. Please read the whole thing and read between the lines if you can, and there shouldn't be a reason for flames if you do so. I was born in Afghanistan in 1977, making me 24 yrs. old (recruiting for 4 1/2 yrs). In 1978, Russia invaded our country and we had to flee to Pakistan as refugees, leaving many loved ones and all my family had built for themselves all the years they lived. My family was part of the top 5% wealthiest families in the country and very loved by all because we gave 30% of our earnings to the poor and employed 60% of the population in one of the major cities. We traded everything we owned... mansions, businesses, jewelry, farm animals, money and in return, we were allowed to flee to Pakistan. We gave them all up to Ahmad Shah Masood who has been fighting the Talibans for these past few years. Family members grew up with him and funded his armies to keep the peace. Masood has been fighting the Talibans for the past few years now, with very little funding and very little support and failing. He only has 5% of the country and the other 95% by the Talibans who are killing our men and children and raping our women. Masood asked the US for help years ago against the Taliban and warned them that they are an extremist group that will not be just a threat to Afghans in Afghanistan, but a threat to the world. Guess who has been hiding under the Taliban govt... Bin Ladin who is suspected for this tragic event. We then lived in Pakistan for 2 1/2 years till we got our visas to come to the US (NYC). My father was a very well known doctor in Afghanistan and when we came here, he wasn't allowed to practice medicine till he passed the American exams. In order for him to do so, he would have to learn English as a second language first, then try to pass the American exams... not easy to do with all the trauma sustained as refugees watching missiles flown over your head and watching loved ones blown apart. It took him another 8 years to do so. In the 8 years, he drove a cab for the first 5 years, just to make ends meet and then landed a job as an X-Ray Technician. Finally he passed and became a doctor, working for a prestigious hospital and now at the scene of the WTC helping others. We also have our own practice in Astoria, Queens in our home. He accepts Medicaid, knowing they don't pay doctors anything, but wanted to give low income families the same privileges of seeing a doctor without waiting 4 hours in ER. My older sister is in her 4th year Med school and every night after her shifts in Long Island, she commutes to St. Vincents and volunteers there from 8:00 - 1:00 am. Then back to Long Island at 6:00 am in the morning. I try to go there every night to NJ and try to give out water and food to the bravest people in our country, the firemen and police. I am Afghan by blood, but an American at heart for I have lived here for over 20 years of my life. I am also a Muslim, practicing peace and harmony amongst my friends. My boss and very close friend is Jewish. So is my colleague and second father on this group, you know who you are my friend. There are many Muslims that are peaceful people by the teachings of our religion. I ask all of you not to be fooled my extremists blanketing themselves with religion as true followers of that religion. God DID NOT say to kill yourself for me and take innocent lives with you. We don't live in a time where that should
RE: Long response RE: A TRIBUTE TO THE UNITED STATES [7:3336]
BRAVO!! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Raymond Thomas Sent: Friday, September 14, 2001 2:37 PM To: [EMAIL PROTECTED] Subject: RE: Long response RE: A TRIBUTE TO THE UNITED STATES [3:3336] I don't know what is going on with Taliban and if Afghans support them? I have family there, and family that used to be alive before they came to power. I know exactly what is going on because we get messages relayed to us from family that seek refuge in Pakistan, regarding others that live in Afghanistan. Let me put it in the simplest way, make believe Hitler took over France... the French are now ruled by the Nazi's and need to abide by their rules or they will die. The Talibans are the Nazi's in this case, and the French are the Afghans. Simple and clear now? Many Afghans will cheer the bombing of the Afghan government, the only downside is that there is always innocent people that will be in the line of fire and will die as well. GO USA! From Rahmeen! Raymond Thomas Vice President Lewis Consultants International, Inc. 516-498-2300 ext. 104 (NY office) 646-526-6171 cell -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, September 14, 2001 3:14 PM To: [EMAIL PROTECTED] Subject: RE: Long response RE: A TRIBUTE TO THE UNITED STATES [3:3336] I don't find it very surprising that someone named Osama Bin Zia can't have an understanding of what Raymond is trying to say. The point is that the evidence will come to light and we will make anyone or country associated with this pay a big price. I would suggest to you that you keep your head down and your mouth shut. USA -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Osama Bin Zia Sent: Friday, September 14, 2001 1:48 PM To: [EMAIL PROTECTED] Subject: Re: Long response RE: A TRIBUTE TO THE UNITED STATES [3:3336] Well, Now I disagree with you Raymond. As a human I feel sorry for the people who have died in the incident. But what I believe is that assumptions should not be the base to bomb somebody or country. This is terrorsim itself. Who knows people in Afghanistan like Taliban or not, certainly not you and not the people in CNN and BBC etc. Who knows if they are responsible for all this act or not. Killing those people is exactly similar to killing people in WTC. Then what's the difference. It has to be found out who is responsible for this act? If you have time to see this link I think this may help. http://www.dawn.com/weekly/ayaz/ayaz.htm - Original Message - From: Raymond Thomas To: Sent: Friday, September 14, 2001 10:35 PM Subject: RE: Long response RE: A TRIBUTE TO THE UNITED STATES [3:3336] Thank you James and everyone else that wrote me all the personal emails since this thread. I want to thank everyone for understanding and having and open heart and mind to understand that there are good and evil in all of society. Most of us need to be educated on the history of the countries being mentioned in the news since this catastrophic event before judging the people as a whole. Most people didn't even know where Afghanistan was located geographically on the globe and didn't know that Afghans are being RULED by the Talibans and NOT supporting them. I lost many family members in our country due to them and there is nothing more that I would like to see than the US and NATO forces to bomb the hell out of them. Sincerely, Raymond Thomas Vice President Lewis Consultants International, Inc. 516-498-2300 ext. 104 (NY office) 646-526-6171 cell -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of James Haynes Sent: Friday, September 14, 2001 8:03 AM To: [EMAIL PROTECTED] Subject: Re: Long response RE: A TRIBUTE TO THE UNITED STATES [3:3336] Eloquently stated Raymond. God Bless you and your family. As posted here, so many people have tragic tales to tell. Mine is brighter picture. My sister who was at ground-zero made it out alive and is now at home with me. It was such a frantic time of uncertainty for my family it pains me to know others have gone through the same thing and are still living with the same uncertainty. Kind souls such as yourself are a welcome relief to hear at a time like this. My heart goes out to all people living through this nightmare. -- James Haynes Network Architect Cendant IT A+,MCSE,CCNA,CCDA,CCNP,CCDP, CQS-SNA/IPSS Raymond Thomas wrote in message news:[EMAIL PROTECTED]... I was asked where I was born since I am citizen not born in the US so here it goes. This will be a long email... and if there are many ignorant people on this board, then I don't mind not seeing their resumes anymore. Please read the whole thing and read between the lines if you can, and there shouldn't be a reason for flames if you do so. I was born in Afghanistan in 1977, making me 24 yrs. old (recruiting for 4 1/2
RE: Memory [7:19758]
We get all our memory for Cisco Flash and DRAM upgrades from www.memoryx.com. Very cheap!! And no problems so far. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jon Krabbenschmidt Sent: Thursday, September 13, 2001 12:04 PM To: [EMAIL PROTECTED] Subject: RE: Memory [7:19758] I buy my memory for all needs from Crucial. www.crucial.com This same memory there is $18.89. They are a great company to deal with when there is a shipping mix-up or part problem (which is VERY rare over the last 4 years or so). Jon -Original Message- From: Daniel Cotts [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 13, 2001 9:12 AM To: [EMAIL PROTECTED] Subject: RE: Memory [7:19758] Someone recently posted a message about www.rockymountainram.com 800-543-0932 I just purchased a 32MB stick of RAM for a 1750 for $29 plus shipping. The Cisco list price was $1900 for the same item. They build to order using the same specs that Cisco uses. I'll certainly use them again. -Original Message- From: Tom Richs [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 13, 2001 9:04 AM To: [EMAIL PROTECTED] Subject: Memory [7:19758] I need to get some feedback on the type of memory to put into a Cisco equipment. Two of the most popular are Cisco memory and Kingston. Of course Cisco is a lot more expensive than Kingston. Which memory do you recommended getting and are there any issues with getting Kingston. By issues I mean are there any known bugs, compatibility, etc. Thanks. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=19807t=19758 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please look [7:19408]
God Bless all those people! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Wright, Jeremy Sent: Tuesday, September 11, 2001 9:09 AM To: [EMAIL PROTECTED] Subject: Please look [7:19408] This is off of the subject..but very important news: http://dailynews.yahoo.com/h/p/nm/20010911/ts/mdf50402.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=19416t=19408 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: US Stock [7:19433]
May He bless you and yours also B.J. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of B.J. Wilson Sent: Tuesday, September 11, 2001 1:27 PM To: [EMAIL PROTECTED] Subject: Re: US Stock [7:19433] Well, since we're off-topic anyway...maybe if God existed, this incredible loss of life wouldn't have occurred in the first place. Part of rebuilding our society involves rebuilding our economy, so it's worth discussing. As far as life is concerned, I'm donating blood later today, and I've made sure my two friends who live in NYC are okay. What are you doing besides praying? - Original Message - From: Juan Blanco To: Sent: Tuesday, September 11, 2001 1:05 PM Subject: RE: US Stock [7:19433] Thanks Priscilla, you are %100 correct, these people here are thinking about the economic...when they shoulb be thinking about rebuilding families.they should be thinking about a prayer to God in order to save as many peoples as posible My prayer to those that did not make it in the terror atack God bless america.. -Original Message- From: Priscilla Oppenheimer To: [EMAIL PROTECTED] Sent: 9/11/2001 12:45 PM Subject: RE: US Stock [7:19433] We're talking about rebuilding the economy? How about rebuilding families (if that can even be done??) Priscilla At 01:25 PM 9/11/01, Chuck Larrieu wrote: since you asked - this is real bad news for the economy. there are a number of major financial firms located in the twin towers, all of whom have probably lost key people. These are firms that drive the economy in terms of investment and investment capital. how long will it take to get things straight? you will see spillovers into the stock market, into planning, into corporate spending. that translates into jobs. yes there will be rebuilding that must take place, and this will eventually mean an economic boost. but maybe not for New York City. If I were a survivor of one of these firms, and had the chance to build from scratch, I would seriously consider relocating to Kansas. And I do not say that sarcastically. this tragedy spills way beyond what one might think. In an economy as weak as ours is now, this is real bad news indeed. hoping any number of friends and personal acquaintances who work in that area are ok. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of sparkest pig Sent: Tuesday, September 11, 2001 9:56 AM To: [EMAIL PROTECTED] Subject: US Stock [7:19433] Would the technology or other industry go down and the Department of Defense funding go up? would this be good to us, the Cisco geeks? --- - Get your FREE download of MSN Explorer at http://explorer.msn.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=19464t=19433 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: windows 2k VPN on 1700 Router [7:16104]
Here remote windows clients over the internet gain access to the private w2k LAN. My sample uses a 1720, pre-shared key, IPsec/3des, installed the IOS firewall and IDS. Building configuration... Current configuration : 2825 bytes ! version 12.1 no service single-slot-reload-enable service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname sample_1720 ! logging rate-limit console 10 except errors no logging console enable secret 5 xx. enable password 7 ! memory-size iomem 25 clock timezone ET -5 clock summer-time edt recurring ip subnet-zero no ip source-route no ip finger ip tcp synwait-time 5 no ip domain-lookup ! no ip bootp server ip inspect name fw tcp ip inspect name fw udp ip inspect name fw ftp ip inspect name fw tftp ip audit notify log ip audit po max-events 100 ! ! crypto isakmp policy 1 encr 3des hash md5 authentication pre-share crypto isakmp key r0cknr011 address 0.0.0.0 0.0.0.0 crypto isakmp client configuration address-pool local VPN-POOL ! ! crypto ipsec transform-set trans1 esp-3des esp-md5-hmac ! crypto dynamic-map dynmap 10 set transform-set trans1 ! ! crypto map intmap client configuration address initiate crypto map intmap client configuration address respond crypto map intmap 10 ipsec-isakmp dynamic dynmap ! cns event-service server ! ! ! interface FastEthernet0 description Internal LAN w/NAT ip address 192.168.1.1 255.255.255.0 ip nat inside no ip route-cache no ip mroute-cache speed auto full-duplex no cdp enable ! interface Serial0 ip address 199.x.x.x 255.255.255.252 ip access-group 105 in no ip redirects no ip unreachables ip nat outside ip inspect fw out encapsulation ppp no ip route-cache no ip mroute-cache no fair-queue service-module t1 timeslots 1-24 no cdp enable crypto map intmap ! ip local pool VPN-POOL 172.16.1.1 172.16.1.255 ip nat inside source route-map nonat interface Serial0 overload ip kerberos source-interface any ip classless ip route 0.0.0.0 0.0.0.0 64.30.27.197 no ip http server ! access-list 105 deny ip 192.168.1.0 0.0.0.255 any access-list 105 permit tcp any host 199.x.x.x eq telnet access-list 105 permit esp any any access-list 105 permit udp any any eq isakmp access-list 105 permit tcp any 192.168.1.0 0.0.0.255 eq smtp access-list 105 permit tcp any 192.168.1.0 0.0.0.255 eq pop3 access-list 105 permit ip 172.16.1.0 0.0.0.255 192.168.1.0 0.0.0.255 access-list 110 deny ip 192.168.1.0 0.0.0.255 172.16.1.0 0.0.0.255 access-list 110 permit ip 192.168.1.0 0.0.0.255 any no cdp advertise-v2 no cdp run route-map nonat permit 10 match ip address 110 ! banner exec ^C You are accessing a private system. You are not authorized to use this system. Please go away !^C banner incoming ^C This is a private system. Unauthorized use or tampering is prohibited. ^C ! line con 0 exec-timeout 0 0 transport input none line aux 0 line vty 0 1 password 7 153258582C237C1B632431024131222752 login line vty 2 4 login ! no scheduler allocate end -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jim Jones Sent: Tuesday, August 14, 2001 7:59 PM To: [EMAIL PROTECTED] Subject: windows 2k VPN on 1700 Router [7:16104] Can anybody give me a heads up on how to config a 1720 router 12.2T to accept a VPN tunnel across the internet from a win 2k box? Thanks, xw _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=16176t=16104 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
backup question [7:15373]
When using a BRI for backup on a Frame-Relay circuit, the backup load 70 30 command goes on the primary serial interface(S1) while the backup int BRI1 command and the backup delay 30 60 command are on the sub-interface(S1.1). My question is this: when you have more than one Frame sub-interface going to different locations, and the second sub-interface(S1.2) does not utilize a backup BRI, but this second sub-int(S1.2) connection loads the circuit(S1) to over 70% utilization, does BRI1(which is only backing up S1.1) come up due to the 70% utilization of serial 1? If so, is there some command to work around this problem that I'm missing, or is it just not possible to use the 'backup load command when the backup interface is only on one subinterface? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=15373t=15373 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: not cisco but interesting... [7:14547]
ditto Jenn -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Friday, August 03, 2001 5:45 PM To: [EMAIL PROTECTED] Subject: Re: not cisco but interesting... [7:14547] Greg, hellva lot better use of bandwidth than your oldest fart alive contest with Ray :0) thanks again Jennifer Rick Jennifer -- Being a Nam Vet myself -- I have strong personal feelings about many an issue related to that War. I therefore express no opinion pro or con on what you have distributed to list members here. However, time marches on, and many of us have moved on from that situation. Moreover, this list IS NOT the place to be dealing with these issues. Bandwidth is precious -- as we all know from our studies! Also, while I cannot definitely speak for others -- I am sure that most of us are here to learn configurations, theory, troubleshooting etc. as it relates to our studies. So, for me at least, respectfully, please take your discussions of these non-cisco issues to a more relevant forum where they will get proper time and attention and a full airing of both sides of the argument. Thanks, Greg Macaulay Almost the Oldest CCNP/CCDP on Earth Lifetime Member of AARP Retired Attorney/Law Professor Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=14859t=14547 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Certification Statistics [7:13477]
Again, please give the source of this info. Thanks -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Fred Danson Sent: Tuesday, July 24, 2001 8:57 AM To: [EMAIL PROTECTED] Subject: RE: Certification Statistics [7:13477] I find it very hard to believe that, in the United States, there are only 1.4826 CCDPs for every CCIE. I would imagine that there would be atleast 10 CCDPs per CCIE. From: Christopher Supino Reply-To: Christopher Supino To: [EMAIL PROTECTED] Subject: RE: Certification Statistics [7:13477] Date: Tue, 24 Jul 2001 07:16:28 -0400 Interesting. What is the source of this info? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of cheekin Sent: Tuesday, July 24, 2001 5:33 AM To: [EMAIL PROTECTED] Subject: Certification Statistics [7:13477] FYI. Breakdown by certification through May 2001 US/CAN EMEA Asia/Pac Americas Japan CCIE 2,876 1,940 755 135 267 CCNA87,72426,69434,231 1,972 23,689 CCNP20,7789,633 9,244 40723,689 CCDA14,8256,580 3,705 6521,038 CCDP4,264 3,911 1,449 94 245 cheekin _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=13500t=13477 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
upgrade and cleanup [7:12310]
Any suggestions on how I can make this config more streamline and more efficient and still accomplish the same function? I am upgrading to 12.1(5)T which should allow me more options. It is from one of the internal spoke routers running frame back to a hub router, with a BRI for backup. PS: still can't figure out what the dialer-list 1 protocol ipx list 800 is doing since I don't see a access-list 800. Am I missing something? version 11.2 service timestamps debug uptime service timestamps log uptime no service password-encryption no service udp-small-servers no service tcp-small-servers ! hostname CL18 ! enable password x ! username no ip domain-lookup ip host hq 172.16.18.2 ipx routing 0010.7bcf.3a82 isdn switch-type basic-ni1 clock timezone cst -6 source-bridge ring-group 2723 dlsw local-peer peer-id 192.99.18.1 dlsw remote-peer 0 tcp 172.20.87.9 dlsw remote-peer 0 tcp 172.20.87.12 backup-peer 172.20.87.9 dlsw bridge-group 1 ! interface Ethernet0/0 ip address 192.99.18.1 255.255.255.0 ipx encapsulation SAP ipx network 18B no mop enabled bridge-group 1 ! interface Serial0/0 no ip address shutdown no fair-queue ! interface BRI1/0 ip address 172.31.2.18 255.255.255.0 encapsulation ppp ipx network B123 isdn spid1 2287890101 isdn spid2 22835553630101 dialer map ip 172.31.2.254 name x broadcast 5559359 dialer map ipx 1F.0090.6f36.8000 name x broadcast 5559359 dialer load-threshold 1 outbound dialer-group 1 no fair-queue ppp authentication chap ppp multilink hold-queue 75 in ! interface BRI1/1 no ip address shutdown ! interface BRI1/2 no ip address shutdown ! interface BRI1/3 no ip address shutdown ! interface Serial2/0 no ip address encapsulation frame-relay no ip mroute-cache bandwidth 56 custom-queue-list 1 frame-relay lmi-type ansi ! interface Serial2/0.119 point-to-point backup delay 0 300 backup interface BRI1/0 ip address 172.16.18.1 255.255.255.0 no ip mroute-cache bandwidth 56 ipx network 119 frame-relay interface-dlci 115 frame-relay payload-compression packet-by-packet ! interface Serial2/0.219 point-to-point ip address 172.17.18.1 255.255.255.0 bandwidth 56 ipx network A119 frame-relay interface-dlci 100 frame-relay payload-compression packet-by-packet ! interface Serial2/1 no ip address shutdown ! interface Serial2/2 no ip address encapsulation sdlc no keepalive half-duplex clockrate 64000 sdlc role prim-xid-poll sdlc vmac 5494.4222.1200 sdlc address 12 sdlc partner 4222.. 12 sdlc dlsw 12 ! interface Serial2/3 no ip address shutdown ! router eigrp 2723 passive-interface Ethernet0/0 network 172.16.0.0 network 172.31.0.0 network 172.17.0.0 network 192.99.18.0 no auto-summary ! ip http server ip classless ip route 172.20.87.0 255.255.255.0 BRI1/0 200 logging buffered 4096 debugging no logging console access-list 101 deny eigrp any any access-list 101 permit ip any any access-list 899 deny 119... access-list 899 deny A119... access-list 899 permit access-list 899 deny A103... access-list 899 deny A104... access-list 899 deny A105... access-list 899 deny A106... access-list 899 deny A107... access-list 899 deny A108... access-list 899 deny A109... access-list 899 deny A110... access-list 899 deny A111... access-list 899 deny A113... access-list 899 deny A114... access-list 899 deny A116... access-list 899 deny A117... access-list 899 deny 102... access-list 899 deny 103... access-list 899 deny 104... access-list 899 deny 105... access-list 899 deny 106... access-list 899 deny 107... access-list 899 deny 108... access-list 899 deny 109... access-list 899 deny 110... access-list 899 deny 111... access-list 899 deny 112... access-list 899 deny 113... access-list 899 deny 114... access-list 899 deny 115... access-list 899 deny 116... access-list 899 deny 117... queue-list 1 protocol dlsw 1 queue-list 1 protocol ip 2 queue-list 1 default 3 ! ! ipx router eigrp 123 network 119 network A119 network B123 ! ! ipx router rip distribute-list 899 out Ethernet0/0 no network B123 no network 119 no network A119 ! ! ! snmp-server community Public RO snmp-server community public RO snmp-server trap-authentication snmp-server enable traps isdn call-information snmp-server enable traps config snmp-server enable traps envmon snmp-server enable traps syslog snmp-server enable traps bgp snmp-server enable traps frame-relay snmp-server enable traps rtr snmp-server host 172.20.87.11 Public dialer-list 1 protocol ip list 101 dialer-list 1 protocol ipx list 800 bridge 1 protocol ieee ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 password
FW: 2008 Olympics Goes to Beijing [7:12286]
Perhaps it will do the communist state of China good to expose its persecutions and even executions, i.e. against Catholics or any unsanctioned religion, etc. etc., to the whole world. Remember how the 1936 Olympics in Berlin put Germany into the spotlight, and gave the world a glimpse of Hitler and his Nazi regime. IMHO the communist government of China is no better than the 3rd Reich. Could be a real eye-opener for a lot of people. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Fenech, William J Sent: Friday, July 13, 2001 3:16 PM To: [EMAIL PROTECTED] Subject: RE: 2008 Olympics Goes to Beijing [7:12286] The Olympics are more political than you think. The US stayed out of the 1980 Olympics in Moscow to protest the (then) Soviet Union's invasion of Afghanistan, which was followed by the tit-for-tat Soviet boycotting of the 1984 Olympics in Los Angeles. China (PRC) itself was absent from the Olympics for 32 years because of political reasons. In spirit, the Olympics should be free from this kind of thing, but thats not the reality of the situation. Of course, none of this has anything to do with Networking or Cisco whatsoever, so I apologize for contributing to it. Bill -Original Message- From: Ole Drews Jensen [mailto:[EMAIL PROTECTED]] Sent: Friday, July 13, 2001 12:35 PM To: [EMAIL PROTECTED] Subject: RE: 2008 Olympics Goes to Beijing [7:12286] Did you guys ever think that there might be someone from China on this list??? I'm sure they don't feel too good reading your comments... Besides, the Olympics has nothing to do with politics. The last time (as far as I know) that politics were introduces at an event, was back when some guy who had just won a medal raised his arm with his hand formed as a fist. Have a great weekend, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.OleDrews.com/CCNP ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: William Gragido [mailto:[EMAIL PROTECTED]] Sent: Friday, July 13, 2001 2:17 PM To: [EMAIL PROTECTED] Subject: RE: 2008 Olympics Goes to Beijing [7:12286] Now, now, thats not a positive thing to say. I think that it will be an interesting games thats for sure. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dennis H Sent: Friday, July 13, 2001 1:50 PM To: [EMAIL PROTECTED] Subject: Re: 2008 Olympics Goes to Beijing [7:12286] Great... now they can beat, torture, and execute some athletes... Bosco wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... 2008 Olympics Goes to Beijing !@!@Beijing has won the host of the 2008 Summer Olympic Games -- 3Comp.Broadband - $@-S1M,01zS3]o,J 3Comp.Broadband - Your own Broadband Newsgroup news://news.3home.net/3comp.broadband 3talk.ITPeople - IT$Ho,J%@,I 3talk.ITPeople - IT People's World news://news.3home.net/3talk.ITpeople $@-S$Q%D1P.{)M+D$Q%D1P.{o,J+H%u60$$a!C news://news.3home.net/3talk.catholic $T+N9q0T( news://news.3home.net/3talk.telecom 3home DIY/overclocking/problem*)$w8gX(V,0hardware*) 3home hardware*)Cover Team(-{$'$@ news://news.3home.net/3Comp.hardware %?! news://news.3home.net/3Comp.tweak $G$b9q8#3n5wEi6R=f news://news.3home.net/3Comp.forsale Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=12330t=12286 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPN 3015 concentrator question [7:11509]
Has anyone had this problem: I have a 3015 concentrator for VPNs. The problem is when a IPSec client connects accross the DSL circuit everything works fine, but when a second IPSec client connects, it kicks the first client off. The maximun # of concurrent connections is set to 100. Authentication is being handled by the NT domain database. Any ideas?? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=11509t=11509 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: DELIVERY FAILURE: User r wilewski (r wilewski@ibmpl) not [7:11522]
whats the deal, -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, July 09, 2001 12:21 PM To: Paul Holloway Subject: DELIVERY FAILURE: User r wilewski (r wilewski@ibmpl) not listed in public Name Address Book Your message Subject: VPN 3015 concentrator question [7:11509] was not delivered to: [EMAIL PROTECTED] because: User r wilewski (r wilewski@ibmpl) not listed in public Name Address Book [GroupStudy.com removed an attachment of type message/delivery-status which had a name of ATT00032.dat] Reply-To: Paul Holloway From: Paul Holloway To: Subject: VPN 3015 concentrator question [7:11509] Date: Mon, 9 Jul 2001 12:20:37 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) X-MIMETrack: Serialize by Router on D12ML001/12/M/IBM(Release 5.0.6 |December 14, 2000) at 09/07/2001 19:09:08 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Has anyone had this problem: I have a 3015 concentrator for VPNs. The problem is when a IPSec client connects accross the DSL circuit everything works fine, but when a second IPSec client connects, it kicks the first client off. The maximun # of concurrent connections is set to 100. Authentication is being handled by the NT domain database. Any ideas?? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=11522t=11522 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX and token-ring [7:9188]
Has anyone here run into the problem of a PIX not passing token-ring(wrapped in IP). Is there a specific permission or trick I'm missing here? Installed it last night and everything, web, mail, worked fine. All static routes and mappings are correct. Today when the customer opened for business, a bank, everything worked fine except for the token-ring traffic, which could not be tested for last night. Any suggestions would be appreciated. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9188t=9188 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX and token-ring [7:9188]
Running PIX515R with ver 6.0.1 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Paul Holloway Sent: Wednesday, June 20, 2001 10:23 AM To: [EMAIL PROTECTED] Subject: PIX and token-ring [7:9188] Has anyone here run into the problem of a PIX not passing token-ring(wrapped in IP). Is there a specific permission or trick I'm missing here? Installed it last night and everything, web, mail, worked fine. All static routes and mappings are correct. Today when the customer opened for business, a bank, everything worked fine except for the token-ring traffic, which could not be tested for last night. Any suggestions would be appreciated. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9196t=9188 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: tftp PIX [7:5919]
I am stumped... I'm trying to tftp a newer ios into a PIX515 and keep getting the message TFTP failed (return:-10 arg:0x1). I have went through all the correct steps, I believe, but must be missing something simple. Is there a certain way the file should be located on the TFTP server? Is there a port that should be opened on the PIX that the documentation doesn't mention? Here's what I've done so far. (Copied from Hyperterminal ROM mode on PIX) Use BREAK or ESC to interrupt flash boot. Use SPACE to begin flash boot immediately. Flash boot interrupted. 0: i8255X @ PCI(bus:0 dev:13 irq:10) 1: i8255X @ PCI(bus:0 dev:14 irq:7 ) Using 1: i82559 @ PCI(bus:0 dev:14 irq:7 ), MAC: 0005.328f.85c1 Use ? for help. monitor address 192.168.1.134 address 192.168.1.134 monitor server 192.168.1.132 server 192.168.1.132 monitor file bh60 file bh60 monitor ping 192.168.1.132 Sending 5, 100-byte 0x358e ICMP Echoes to 192.168.1.132, timeout is 4 seconds: ! Success rate is 100 percent (5/5) monitor tftp tftp [EMAIL PROTECTED] TFTP failed (return:-10 arg:0x1) Any help would be appreciated!! Paul Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5919t=5919 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: FW: tftp PIX [7:5919]
Taht was it...thanks Spencer -Original Message- From: Spencer Plantier [mailto:[EMAIL PROTECTED]] Sent: Friday, May 25, 2001 11:35 AM To: Paul Holloway Subject: Re: FW: tftp PIX [7:5919] Your file needs the bin ext added --- Paul Holloway wrote: I am stumped... I'm trying to tftp a newer ios into a PIX515 and keep getting the message TFTP failed (return:-10 arg:0x1). I have went through all the correct steps, I believe, but must be missing something simple. Is there a certain way the file should be located on the TFTP server? Is there a port that should be opened on the PIX that the documentation doesn't mention? Here's what I've done so far. (Copied from Hyperterminal ROM mode on PIX) Use BREAK or ESC to interrupt flash boot. Use SPACE to begin flash boot immediately. Flash boot interrupted. 0: i8255X @ PCI(bus:0 dev:13 irq:10) 1: i8255X @ PCI(bus:0 dev:14 irq:7 ) Using 1: i82559 @ PCI(bus:0 dev:14 irq:7 ), MAC: 0005.328f.85c1 Use ? for help. monitor address 192.168.1.134 address 192.168.1.134 monitor server 192.168.1.132 server 192.168.1.132 monitor file bh60 file bh60 monitor ping 192.168.1.132 Sending 5, 100-byte 0x358e ICMP Echoes to 192.168.1.132, timeout is 4 seconds: ! Success rate is 100 percent (5/5) monitor tftp tftp [EMAIL PROTECTED] TFTP failed (return:-10 arg:0x1) Any help would be appreciated!! Paul FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = Spencer Plantier Lan Engineer Voice 919-474-1300 ext 0873 Cell 919-696-8848 __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5928t=5919 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]