BGP and QOS Beta exams [7:73599]
Folks I have seen a few mentions of the BGP and QOS beta exams recently (also mentioning the results). My question is, am I the only person still waiting for results for these exams? My Vue exam history shows Tue February 18, 2003 02:30 PM 641-661: BGP Corefacts, Cambridge, GBR taken Thu March 27, 2003 02:00 PM 643-641: Quality of Service Corefacts, Cambridge, GBR taken and certmanager doesnt mention either. Is it time to start chasing vue/cisco? As an aside, I took the CCNP support beta last year and never actually received results at all, although it did show up in certmanager as a pass about 3 months after I had given up waiting and passed the non beta version. Thanks Peter Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73599t=73599 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Cisco Secure VPN 642-511 [7:73919]
Assorted comments in line. --On 12 August 2003 13:45 + Reimer, Fred wrote: You should have six weeks to go through it. I'd suggest taking a day off or spending a Saturday to go through the whole course, but that's just me. I can't do the one hour here and there thing. Hmmm, you should try running through the knowledgenet course after work in the evening, then heading back into the office at midnight and configuring your first concentrator before 8:30am when people start arriving for their days work. That wasnt fun :-) They also include labs or simulations of setting up the hardware. However, they don't have an actual lab. I think they are working on that, but I found it very useful to have a real 3000 available to go through the menus. Yep. I have a side question myself. Cisco changed their specialist program, so that now apparently there isn't a Firewall Specialist, VPN Specialist, and IDS Specialist, but rather just one Security Specialist. So does that mean that I can't use the VPN Specialist designation anymore and have to wait until I pass all of the tests? What about that INFOSEC designation, is that still valid? I think you have things in reverse. The Security specialist cert is being / has been retired. The three new specialist exams and CCSP replaced it. If you are interested, I expressed my opinion on that change in some detail (either on this list or security ie dot com) a while back. (I wasnt very complementary about the new specialist certs) Regards Peter Walker CC[NID]P, CISSP, CSS1, etc (yeah, my current employer is a reseller) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73937t=73919 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: BGP and QOS Beta exams [7:73599]
--On 07 August 2003 02:50 + Mwalie W wrote: Yes, you will have to begin chasing VUE and Cisco. Thanks, that is what I thought Good Luck! You must be a very patient person:-) And this is also the reason I do not like Beta exams now. Actually, I am very impatient. Which is why I try to make a point of only doing Beta's when I dont need the exam, and then trying to ensure I forget about the exam. I really had put the exams out of my mind until I saw a couple of groupstudy messages in which people mentioned the results. I dont think there is a problem with my address as I have received results for CCIE Beta qualification exams I took before and after the QOS and BGP exams. Peter Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73759t=73599 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Router question [7:71191]
Hunt The 4500 uses a boot helper image when it starts up. The boot helper is a cut down IOS that (hopefully) recognises most of your devices (useful if you need to use tftp) and then tries to load the main IOS. You shouldnt need to upgrade the bootflash, although I would make sure you have a fairly up to date boot helper image as the boot helper is actually quite helpfull if there are problems loading your main ios image. Regards Peter --On 23 June 2003 23:30 + Lee wrote: Hello Group, I want to beef up my 4500M+ to 16MB Flash so I can run 12.2 code on it... Under the show version (as below), I see 2 different flash: 4096K bytes of processor board System flash (Read/Write) 4096K bytes of processor board Boot flash (Read/Write) How does the 4500M+ works? Does it mean that I will need to have both the System Flash Boot Flash up to 16MB? If so, does anyone where I can find some? And if I need to find them, are they just called? 4500M System Flash AND 4500M Boot Flash Thanks so much for the help in advance, Regards, Hunt Router#sh ver Cisco Internetwork Operating System Software IOS (tm) 4500 Software (C4500-I-M), Version 11.1(5), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1996 by cisco Systems, Inc. Compiled Mon 05-Aug-96 13:40 by mkamson Image text-base: 0x600088A0, data-base: 0x6042A000 ROM: System Bootstrap, Version 5.3(16) [richardd 16], RELEASE SOFTWARE (fc1) ROM: 4500 Software (C4500-BOOT-M), Version 11.1(7), RELEASE SOFTWARE (fc2) Router uptime is 1 minute System restarted by reload System image file is flash:c4500-i-mz.111-5, booted via flash cisco 4500 (R4K) processor (revision D) with 16384K/4096K bytes of memory. Processor board ID 05795949 R4700 processor, Implementation 33, Revision 1.0 G.703/E1 software, Version 1.0. Bridging software. X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. 128K bytes of non-volatile configuration memory. 4096K bytes of processor board System flash (Read/Write) 4096K bytes of processor board Boot flash (Read/Write) Configuration register is 0x2102 Router# Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71226t=71191 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP recertification question [7:69943]
Kevin Actually you have to attempt the lab within 18 months of completing the qualification exam. If you fail you mustnt leave a a gap of more than twelve months between lab attempts and must pass the lab within three years of the qualification exam pass. Peter --On 01 June 2003 02:35 + Kevin Wigle wrote: no, the CCIE written does one thing and one thing only, allows you to attempt the lab - and then you have to do so within one year. The recert extends your CCNP another 3 years. Kevin Wigle Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69960t=69943 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PAT AFTER NAT (confused) [7:66734]
According to my experience you have got it the wrong way round. Cisco IOS will do NAT until the pool runs out, then do PAT on the last IP. This was a major issue when then documentation suggested the opposite. Not sure if this is still the case though. Peter --On 03 April 2003 07:50 + ciscoGo2002 wrote: Hello friends, Thankyou for your answeres, but I have more doubts: Config: ip nat inside source list 1 pool POOL overload If have understood your answers, the router start doing PAT with the first IP address and doesn't takes the next avalaible public IP address until PAT is exhausted with the first IP address, right?? But if this is the way it works I think we never use the rest of the public IP's in the pool because there are not enough clients to exhaust PAT with the first IP... I think it will be much better if the router starts doing PAT and after the pool is exhausted. I cannot do NAT 1:1 and reserve one public IP to do PAT, because I don't want to give the same IP to a set of clients and not to another... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66743t=66734 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2 different CCNP certifications [7:66547]
Charles There are 3 basic differences. The foundation exam really is like three exams in one sitting. You get questions from all three of the topic areas and get scores for each subject area. If you pass in ALL subject areas then you have passed. If you fail in any area then you have failed the whole exam. The 2nd difference is cost. If you pass first time then you will spend less on the foundations exam. If you fail once or twice then it would probably have been cheaper to take the exams individually. The final difference is that the foundations exam does not count in any way towards CCIP certification. You will still need to pass BSCI to attain CCIP certification. So if you are very confident of your knowledge of Routing, Switching and Remote Access, and arent planning on going for CCIP then the Foundation exam could be a quicker, cheaper route to CCNP (with Support exam). Peter Walker CCNP, CCIP, CCDP, etc --On 31 March 2003 13:00 + DeVoe, Charles (PKI) wrote: Since I just recently passed my CCNA I thought I would continue on up the ladder. In looking at the CCNP I see there are 2 ways to get it. 1. Take the BSCI 640-901, Switching 640-604, Remote Access 640-605 and Support 640-606 exams. OR 2. Take the Foundation exam 640-841 (combination of the BSCI, Switching and Remote Access exams) and the Support 640-606 exam. What is the difference and what is proffered? Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66555t=66547 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IPSec and nated ISDN router [7:65782]
Chris The Cisco TAC website has a number of examples. From www.cisco.com Technical Support - Technology Support - Security VPN - IPSEC - Samples and Tips Or just go to http://www.cisco.com/cgi-bin/Support/browse/psp_view.pl?p=Internetworking: IPSecs=Implementation_and_Configuration#Samples_and_Tips (watch the wrap). You may need a cco login to get that far though. Then scroll down to IPSec on Router to ... By looking through a few of the router to router and router to pix examples you should be able to work it out. If I am reading your question right it basically comes down to putting in some deny statements into your NAT access-list that match your crypto map. Regards Peter --On 19 March 2003 22:18 + Chris Penrose wrote: Hi all, Can anyone help me with a problem I am having trying to create a VPN on an 801 to a PIX firewall. I have other devices working fine but the isdn router does not seem to want to encrypt the traffic I specified in the access list. I have applied the cypto map to both the dialer and the bri interface and I have read somewhere that the problem is to do with the ios natting the traffic before it gets to the crypto statement. Does anyone that has done this have any examples they could send me, as I can't seem to find a relevant one on the cisco site :-/ Many thanks Chris This email and any attachments are confidential and intended solely for the individual or organisation to which it is addressed. If you have received this email or any attachments in error please notify us by email or telephone +44 (0) 1872 279727 immediately. Please ensure no further copies of this email or attachments are distributed in any form and that all copies are permanently deleted from your systems. The contents of this email and any attachments shall be of no contractual effect unless otherwise agreed between AC Systems (Danemove Ltd) and the legitimate recipient. AC Systems Danemove House Newham Road Truro Cornwall TR1 2DP www.ac-systems.co.uk Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65792t=65782 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: pix 501 limitations [7:65785]
bk The answers you are looking for are in the PIX 501 datasheet at http://www.cisco.com/warp/public/cc/pd/fw/sqfw500/prodlit/px501_ds.pdf (watch out for line wrap), in the section Performance Summary Peter --On 19 March 2003 22:24 + bk wrote: Good day, I thought I read somewhere that the vpn tunnel on a 501 is limited to 3mb/sec throughput?? But I can't find that anywhere. Has anyone actually got the inside of a 501 to use 100mbs?? thanks, bk Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65793t=65785 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: New Voice CCIE [7:64620]
Just as an FYI I received the following in an answer to a question I sent to cisco. It goes a bit off topic from the original question but it didnt really make sense to just paste in the mention of QOS. = I will try to explain the rational for CS IP Telephony and how it relates to CCIE Voice. CS is a Service Provider oriented exam. The commonality between Service Providers is their IP core and the technologies involved with an IP core such as unicast IP routing (OSPF, ISIS, BGP), QoS, Multicast, MPLS, MPLS VPNs, traffic engineering, Multiprotocol BGP, etc. These are the main elements of the CS lab exam and we expect a CS CCIE to be expert in these areas. Service Providers also supply a number of access services such as optical, cable, DSL, wireless, dial, and IP Telephony. When the CS track was designed we decided that it is not feasible to require a candidate to be expert in all of these service areas but they should be familiar with a least one of these areas. So the structure of the CS exam evolved into 1 lab that tests the core IP technologies and a series of written exams that cover the core IP technologies and 1 of the service technologies. Therefore a CS CCIE is considered to be a core IP expert but is also literate in at least one service area. CCIE Voice will test competencies regarding a total voice solution, but not the inherent infrastructure over which a VoIP solution is implemented. That is why the CCIE Voice written exam is %100 percent voice. Therefore a CCIE in Voice will be considered a VoIP expert while a CS CCIE who passed the IP telephony exam is considered a core IP expert with a high level of VoIP literacy. I agree that there is a %50 overlap between the CCIE Voice written exam and the CCIE CS IP telephony exam, but there is very little overlap between the CCIE Voice lab and the CCIE CS lab. The one topic that is common is QoS. === --On 06 March 2003 18:19 + The Long and Winding Road wrote: Skarphedinsson Arni V. wrote in message news:[EMAIL PROTECTED] I would say it sound very intresting, sepcialy for those that have call manager / voice experince. I wonder how much routing it has, for example, I doubt you have to configure BGP on this one, or what do you think ? OTOH, bet you'd have QoS up the wazoo! Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64650t=64620 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Memory purchase [7:64605]
You should be able to get 2500 flash from ebay and many cisco / memory resellers. The company I used to use was http://www.memoryx.net (mainly bacuase they were just down the road from where I worked and I could place same day collection orders. Peter --On 06 March 2003 14:29 + [EMAIL PROTECTED] wrote: Where can I find flash memory for 2500 series routers? Thanks in advance. MF Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64613t=64605 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: can one someone pls recommend [7:64380]
Timur You may want to look at Heinz Ulm's boot camps ( http://www.heinzulm.com ). I dont have any experience of the classes myself but I have heard good things on the net. Peter --On 04 March 2003 19:09 + Mirza, Timur wrote: a hands-on lab training course for the ccie lab exam...i want to prepare myself for my 6th attempt...i believe there was ecp course but i don't have the details...thx in advance Timur Mirza Principal Network Engineer Enterprise Core Network Verizon Wireless 15505-B Sand Canyon Avenue Irvine, California 92618 949.286.6623 (o) 949.697.7964 (c) Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64452t=64380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Off Topic - for those looking for cheap lab routers [7:64323]
Thats a lot better than the $900 USD I paid last year a month before Cisco announced that token ring wasnt going to be in the lab any more. Gr :-( --On 04 March 2003 03:50 + Steve wrote: i got a 3920 for 120 usd. i know its cheap..yes it works steve The Long and Winding Road wrote in message news:[EMAIL PROTECTED] token ring stuff is going for very reasonable prices over on that auction site we all know and love. might be a good way to add serial ports / complexity to an existing rack. or start building a CCNA / CCNP study rack just a thought Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64323t=64323 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VOIP [7:64080]
Tunde For a VOIP basic lab you need At least two analog telephony devices/connections (eg telephone, pstn phone line) At least two routing devices (ie routers) with network connectivity and appropriate interfaces for the above devices. (eg 2600, MC3810) connectivity/routes between the routers. == eg1 Two telephones Two 2600 routers Two NM-1V Voice network modules Two VIC-2FXS eg2 Two telephones Two MC3810 Two AVM3 or AVM6 (Analog voice modules) Two FXS APMs (Analog Personality Modules) == If you are using a PSTN line instead of a telephone then replace FXS with FXO If you are buying used from auction sites such as Ebay then eg2 will work probably out to be a lot cheaper option and just as capable as the 2600 router (in terms of voice, basic routing). Regards Peter Walker CC[NID]P, CIPTSS, etc --On 03 March 2003 12:36 + Tunde Kalejaiye wrote: what do you need at a minimum to configure voip in a lab enviroment.. i need a basic setup between 2 points thanks in advance Tunde - Original Message - From: Angel Leiva To: Sent: Friday, February 28, 2003 10:11 PM Subject: RE: VOIP [7:64080] Hi Kris, Try Configuring Cisco Voice Over IP, Second Edition by Callisma (Various Authors). Below is the URL to view the book's info. I am currently reading it. It has lots of great information on VoIP matters. In fact, Chapter 4 explains what exactly FXS, FXO or EM interface ports do. http://www.syngress.com/catalog/sg_main.cfm?pid=2282 Hth, Angel -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Waters, Kristina Sent: Friday, February 28, 2003 8:48 AM To: [EMAIL PROTECTED] Subject: VOIP [7:64080] Everyone, I am seeking a recommendation on a voip book, preferably something that explains the different types of technologies and how they can be applied 'in the real world'. Right now, we are doing some very rudimentary voip stuff with a variety of routers, 1760, 2600, and a 3600 seriers which is connected to a pri. We have no call manager (yet), so we have a bunch of dial-peer groups set up on all our routers to interconnect the remote offices. All offices have their own pbx's of different types, and most of the routers at the remote locations have the vic fxs cards. I feel like this is a good opportunity for me to learn a great deal, but I want to make sure that I REALLY understand what I am learning. And right now, for example, I have no idea what the difference is between an FXS card and an EM card. I'm starting to feel a bit like the village voip idiot, and the tons of docs I've read on the cisco web site do not seem to be helping. Any recommendations will be highly appreciated. Thanks, Kris ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender by email, delete and destroy this message and its attachments. ** Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64264t=64080 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: pcmcia flash memory card for 2501 [7:63741]
Don You may want to take the cover off of the 2500s and have a look at the front right hand side of the motherboard. There is definitely something there that looks like a pcmcia slot. I dont know anything more than that, if it works, how it is used, but it is definitely there :-) Regards Peter Walker --On 25 February 2003 17:13 + Don Kanicki wrote: I have 4 2500 series routers and not a one of them has a pcmcia slot on it.I know the 16xx routers use pcmcia falsh cards but I have yet to see a 2500 with a pcmcia slot. HTH Don K. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63760t=63741 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCDP / Top Down Network Design [7:63773]
I would say that it is sufficient from a technology and principles viewpoint. When supplemented by an old out of date cisco press cert guide and the exam blueprints it was sufficient for me to pass DCN and CID late last year. I am not really disagreeing with John, just trying to add to what he said. In any case, your individual milage may vary. Peter Walker CISSP, CC[DNI]P, CSS1, etc --On 25 February 2003 21:37 + John Neiberger wrote: I am curious why ciscopress.com lists Priscilla's book under the CCDA certification when I see so many comments that it is one of, if not the best book to prepare for CCDP. Even in the CCDA section it is listed last. Now that I successfully recertified my CCNP I was planning on buying this book to finish my CCDP before my CCDA expires. Do you think this book would be sufficient to study for the CID 640-025 exam? I would say that it's not sufficient because it's not intended to be a CCDP study guide. TDND is intented to teach solid design principles using an iterative, top-down process. It's a great book and I'd highly suggest you read it before you take the exam, but you should supplement your studies with other materials. This book deals largely with procedures and principles and touches on a large number of technical details. However, since the test is constantly being updated I'd suggest reading additional technical materials. John Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63806t=63773 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Monitoring [7:63532]
You could try looking for a tool called Just For Fun Network monitoring (or something like that). I came accross it a week or two back and thought it looked quite good. I think it may have been on sourceforge. Regards Peter --On 21 February 2003 22:32 + Kevin Banifaz wrote: Does anyone know of any free or really cheap network monitoring tools, I work for a real cheap company and I can't get them to shell out for HP OV. I appreciate a response. Thanks in advance Kaveh _ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63554t=63532 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE SECURITY [7:63425]
18 months to sit the exam, up to 3 years total to pass Peter Walker --On 20 February 2003 16:30 + Troy Leliard wrote: You get one year from passing your written till sitting the exam. Suranjith Ariyapperuma wrote: Dear members Once you have completed the written , how long do you get to prepare for the LAB ? Suranjith Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63434t=63425 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP config question. [7:62860]
Folks A quick question on external BGP connection configuration. Given an organisation (ORG) with 2 EBGP routers (up1, up2) and two upstream providers (pr1, and pr2) where provider pr1 is currently linked to the router up1 via a serial link and provider pr2 is currently linked to router up2 via a traffic shaped and limited ethernet link. ORG is does not allow transit between the providers. Is there any reason why ORG should not a) connect pr1 to the same ethernet segment b) form bgp neighbor relationship with BGP peer at provider pr2 c) advertise appropriate MED values requesting that pr2 prefer up2 d) set local preference to prefer link via up2 to pr2 over up1 to pr2 What I am looking for is technical (or business/political) reasons why this is a good or bad idea. I understand that all this would give is redundancy at the router level (up1, up2), the ethernet link and pr2's router are all still potential single points of failure. I also understand that pr2 may not wish to allow such a configuration. Also, what would need to be done to ensure that any changes made would not have any impact on decisions regarding the routing choice between pr1 and pr2? Regards Peter Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62860t=62860 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP config question. [7:62860]
Yep you are right. Lets try that again ... a) connect up1 to the same ethernet segment b) form bgp neighbor relationship with BGP peer at provider pr2 c) advertise appropriate MED values requesting that pr2 prefer up2 d) set local preference to prefer link via up2 to pr2 over up1 to pr2 In terms of what I am asking is, are there any issues with having two 'redundant' bgp links from two different routers in one AS over a single multi-access link to a single router in another AS. It seems to me that this would be a simple no-brainer type of change to make, but I just have a nagging suspicion that there is some gotcha waiting to jump out when you least expect it. None of the sample configurations I have seen seem to mention this sort of config and I was wondering if there was some reason why it shouldnt be done, or if it was just one of those obscure variations of common configurations that did not warrant it's own explicit mention. Peter --On 12 February 2003 14:27 + Peter van Oene wrote: At 01:36 PM 2/12/2003 +, Peter Walker wrote: Folks A quick question on external BGP connection configuration. Given an organisation (ORG) with 2 EBGP routers (up1, up2) and two upstream providers (pr1, and pr2) where provider pr1 is currently linked to the router up1 via a serial link and provider pr2 is currently linked to router up2 via a traffic shaped and limited ethernet link. ORG is does not allow transit between the providers. Is there any reason why ORG should not a) connect pr1 to the same ethernet segment b) form bgp neighbor relationship with BGP peer at provider pr2 c) advertise appropriate MED values requesting that pr2 prefer up2 d) set local preference to prefer link via up2 to pr2 over up1 to pr2 I'm not sure if you are messing up your prs and ups here, but I'm not following you entirely. Why would you not just peer both routers and use prepend/med and pref to control load like most folks do? Maybe explaining what is better or different about this approach would help explain what the approach is :) Pete What I am looking for is technical (or business/political) reasons why this is a good or bad idea. I understand that all this would give is redundancy at the router level (up1, up2), the ethernet link and pr2's router are all still potential single points of failure. I also understand that pr2 may not wish to allow such a configuration. Also, what would need to be done to ensure that any changes made would not have any impact on decisions regarding the routing choice between pr1 and pr2? Regards Peter Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62875t=62860 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP config question. [7:62860]
Pete Thanks for your help. I know it doesnt buy much redundancy, however it is something that could be done to an existing system without much capital outlay, and the organisation that I was thinking of has seemed to have had a run of bad luck with single routers falling over during the last few months. I know the org would prefer to rely on the dual providers for uplink redundancy rather than adding additional redundant links to any single provider. I dont even know if the upstream provider would allow it, but it was just something that occured to me while reading up for the BGP exam I am taking this week and I couldnt really find any answers in my study materials. Yet again, thanks Peter --On 12 February 2003 16:28 + Peter van Oene wrote: At 03:59 PM 2/12/2003 +, Peter Walker wrote: Yep you are right. Lets try that again ... a) connect up1 to the same ethernet segment b) form bgp neighbor relationship with BGP peer at provider pr2 c) advertise appropriate MED values requesting that pr2 prefer up2 d) set local preference to prefer link via up2 to pr2 over up1 to pr2 In terms of what I am asking is, are there any issues with having two 'redundant' bgp links from two different routers in one AS over a single multi-access link to a single router in another AS. So basically you have two routers and both r1 and r2 connect to the same router on the provider side while r1 also maintains a connection to another router on the provider side. In this case, you don't really buy yourself much other than router redundancy on your side. The cost is purely in control traffic that will transit the ethernet link. BGP isn't that chatty unless peering sessions are flapping (which would be abnormal) so this shouldn't be a big problem. Only other cost would be additional config complexity which might impede troubleshooting. Beyond that, things should work fine as long as the provider agrees to set it up. Pete It seems to me that this would be a simple no-brainer type of change to make, but I just have a nagging suspicion that there is some gotcha waiting to jump out when you least expect it. None of the sample configurations I have seen seem to mention this sort of config and I was wondering if there was some reason why it shouldnt be done, or if it was just one of those obscure variations of common configurations that did not warrant it's own explicit mention. Peter --On 12 February 2003 14:27 + Peter van Oene wrote: At 01:36 PM 2/12/2003 +, Peter Walker wrote: Folks A quick question on external BGP connection configuration. Given an organisation (ORG) with 2 EBGP routers (up1, up2) and two upstream providers (pr1, and pr2) where provider pr1 is currently linked to the router up1 via a serial link and provider pr2 is currently linked to router up2 via a traffic shaped and limited ethernet link. ORG is does not allow transit between the providers. Is there any reason why ORG should not a) connect pr1 to the same ethernet segment b) form bgp neighbor relationship with BGP peer at provider pr2 c) advertise appropriate MED values requesting that pr2 prefer up2 d) set local preference to prefer link via up2 to pr2 over up1 to pr2 I'm not sure if you are messing up your prs and ups here, but I'm not following you entirely. Why would you not just peer both routers and use prepend/med and pref to control load like most folks do? Maybe explaining what is better or different about this approach would help explain what the approach is :) Pete What I am looking for is technical (or business/political) reasons why this is a good or bad idea. I understand that all this would give is redundancy at the router level (up1, up2), the ethernet link and pr2's router are all still potential single points of failure. I also understand that pr2 may not wish to allow such a configuration. Also, what would need to be done to ensure that any changes made would not have any impact on decisions regarding the routing choice between pr1 and pr2? Regards Peter Nondisclosure violations to [EMAIL PROTECTED] Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62885t=62860 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP exam study recommendations [7:62784]
Folks I am wondering if anyone has any recommendations for BGP study. I am booked in for the BGP beta exam on Friday and still dont feel comfortable with my level of BGP knowledge. I have read the following over the last few months Halabi - Internet Routing Architectures. Doyle Vol 2 (BGP sections) John Stewart III (BGP4 book) William Parkhurst (The RFC stuff at the back and some of the command reference) I am going to go back and reread some of Halabi, all of the Parkhurst command reference chapters and probably some of the RFCs. Does anyone have any additional 'must-read' references that I should look at before Friday? I realise that I have all the basic info that I need and, to be honest, feel that I could pass the test already. However I am one of those people that want to understand things at the gut/instinct level and I really dont feel that I am at that point yet. Any other suggestions? Peter Walker CISSP, CSS1, CC[NID]P, etc Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62784t=62784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
fixup http [7:62596]
Folks Is there anyone out there tell me exactly what the http fixup functionality on a Pix (6.1) fixes up. I cant find anything on CCO that describes what exactly it is in http that the PIX believes needs to be fixed up. I am experiencing an issue where certain web sites (particularly certain b2b type sites that require authentication of the client using certificates)cannot be accessed from behind a pix but can from in front of the PIX. I do know that the users have had problems in the past with using proxy servers. The only thing that is occuring to me right now is that perhaps the fixup protocol is doing something wierd. Does anybody know if the fixup is likely to be causing the problem and if I am likely to mess anything up by turning it off. Regards Peter CISSP, CSS1, CC[NID]P, etc Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62596t=62596 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX and Trunk [7:62383]
Paulo Current releases of the PIX OS do not support vlan trunking. I believe I saw something on this list a short while back regarding the 6.3 Beta version which does support trunking, but you will have to verify that. Regards Peter --On 03 February 2003 21:27 + Paulo Roque wrote: Hi all, Does PIX support VLAN trunk? Paulo -- Eng. Paulo Roque Network Engineer Cisco Certified Network Associate [EMAIL PROTECTED] Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62427t=62383 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: vlan on a 3548 catalyst [7:61398]
Bob I think the command you want is int range first -last in global config mode. eg switch# config term switch(config)# interface range fastethernet0/1 -fastethernet0/12 (or something similar as I dont have an IOS switch to hand right now) Then just configure the appropriate interface commands. Regards Peter On Mon, 20 Jan 2003 20:09:51 GMT, Robert Perez wrote: Bob Perez wrote in message news:... Can I assign multiple ports to a vlan in one swoop rather than each one individually? IOS on a 3548XL -- Peter Walker Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61410t=61398 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE program [7:61405]
John I looked at them some time back (early last year). I wasnt that impressed. My impression was that they had a very expensive program that you could get a discount on if you committed yourself to working for them for practically nothing for a year or two. However the thing that really convinced me to stay well away from them was their claim (snipped from their current website). The ictp staff members hold a substantial number of IT related credentials, certificates, and degrees, including: Cisco Certified Internetworking Engineer (CCIE) Lab 3 Cisco Certified Internetworking Engineer (CCIE) Written 12 Any company that would make such a claim are not worth dealing with. I also take that to mean that most of their lab instructors are people who are unable to pass the lab. Draw your own conclusions. Maybe one of these days I will get around to reporting them to Cisco for clear and explicit misuse of Cisco trademarks. Peter On Mon, 20 Jan 2003 21:07:08 GMT, John McCartney wrote: Hi all, Has anyone heard of the company listed in the URL below, I got an email offering a chance to help out with obtaining the CCIE through their program. I just wanted to know if its worth the time to look into it or is it a scam? Their website is: http://www.ictp.com Thanks. John CCNP -- Peter Walker Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61414t=61405 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Security Certification after CCNP [7:61088]
Charles I am not sure if I can really make any recommendations as to which is better for you. I personally have a low opinion of the Checkpoint certs as they seemed to be purely about memorizing menus rather than understanding the technology and how to use it on the Checkpoint products. On the other hand experience with a firewall product such as Checkpoint or PIX certainly isnt going to hurt your resume. You may want to also consider looking at the CISSP cert (very high level, management oriented) if you have verifiable security work experience, or if you are looking for something more technical you cant go far wrong by working on some of the GIAC certs (you can probably find info somewhere off of www.sans.org). In fact, even if you dont go for the cert, I would recommend studying the GIAC Security Essentials curriculum to anyone trying to get into the security field. Regards Peter Walker CISSP, CSS1, CCSE, CC[NID]P, etc --On 15 January 2003 09:05 + Charles McKnight wrote: Does anyone have ideas as to what security certification to try to purse I completed the CCNP track Checkpoint or Cisco new security track? Also any recommend study guides and pratice exams that could be used? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61090t=61088 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Load balancing NAT [7:60663]
This does NOT match my previous experience. My experience has been that IOS seems to use NAT (not overloaded) until all pool addresses are used then start overloading the last one. I dont know what happens once all when this address gets maxed out. The only reason we noticed this was due to the fact that we were running port sentry on a number of unix hosts and noticed that periodically random machines were being port scanned from outside our net (something that should not be able to occur if PAT is being used). We finally tracked it down to NAT (single outside IP to single inside IP) entries appearing in our NAT translations tables on the router. The only solution that we (or TAC) could come up with was to reduce the NAT pool to a single IP. Peter Walker CISSP, CCN[NID]P, CSS1, CIPPTS, etc --On 09 January 2003 20:15 + Doug S wrote: The way PAT works when overloading multiple addresses is to overload the first address in the pool until ALL port numbers are used up. I can't point you to any publicly available documentation on this, but cut and pasted from Network Academy curriculum: However, on a Cisco IOS router, NAT will overload the first address in the pool until it's maxed out, and then move on to the second address, and so on. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60800t=60663 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX 501 VPN Peers limit [7:60430]
I think the answer is 10. I am not sure if this corresponds to a 10 user license (in which case a 50 user license may allow 50 tunnels, but I doubt it). Peter --On 06 January 2003 15:33 + Sam Sneed wrote: Does anyone know the limit of VPN peers a PIX 501 with 3des is? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60436t=60430 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco career advice needed [7:60013]
Irfan --On 31 December 2002 09:23 + irfan siddiqui wrote: Hi, Does the CCIE qualification exam itself have any worth. I know that your not a CCIE without giving the actual Lab part of the exam, but how does the CCIE written exam scale on its own, career wise. Does it help improve job prospects. The CCIE qualification exam on its own has very limited jobseeking value. However it can, if used wisely be used to demonstrate a continuing dedication to personal development. ie If you list try to list CCIE (Written) on your resume/CV then you will most likely be filed in the discard pile by many hiring managers. If instead you seperately state that you are actively working towards CCIE and give a realistic expected completion date it may get your foot in the door for more active consideration with some hirers. What are the benefits of this exam on its own, or is it totally useless without the LAB part. It qualifies you to take the lab exam, that is its purpose. It is almost pointless to take it if that isnt what you intended. Say if i never appear for the LAB, for any reason, would the written exam be any worth of mention, like say on my resume or as a credential. Only if you want to show yourself as someone who doesnt follow things through. If there is a good reason for not completing the lab then you could bring up the qualification exam in an interview, but I certainly wouldnt recommend putting it on your resume. Thanks for all your advice in advance. Irfan Regards Peter Walker CISSP, CCNP, CCIP, CCDP, CSS1, CIPTSS, etc Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60016t=60013 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Leaky bucket concept. [7:59841]
Hmm that last message didnt seem to get through undamaged through the groupstudy mailing list filters/message-manglers. 2nd try = As an aside - if you wrap the URL in when you post then many mail and news readers will take the whole URL correctly. Just as a test/demonstration try clicking on or . HTH Peter Chuck / Folks As an aside - if you wrap the URL in when you post then many mail and news readers will take the whole URL correctly. Just as a test/demonstration try clicking on or Regards Peter Walker Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59919t=59841 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Support Passed [7:56995]
Symon Thurlow wrote: That's it for CCNP yay! Congratulations I am going to begin CCDA and CCDP now, I remember reading somehwere that Priscilla's book- Top Down Network Design was a good read for the CCDP exam, is this correct? Yep, an excellent book! as an fyi I took and passed the DCN CID exams a couple of weeks ago. My study sequence was Two weeks before tests Top down network design. - My main study materials. Week before tests CXX productions CCDA materials - quite good CXX productions CCDP materials - hopelessly out of date in terms of content - but accurate in terms of letting you know that material wasnt in current exam. weekend before DCN exam Cisco Press CCDA cert guide - Serves it's purpose well! then Breeze through DCN exam next day Cisco press CCDP cert guide - Serves it's purpose well! panic after scoring 20% in CCDP cert guide practice test on the day before the test. ... Focussed reread of Priscilla's book Focussed read of an old version CID coursebook. Focussed reread of Cisco press CCDP cert guide ... Download and run Boson test #1 Relax a bit Final day Take CID test and pass Feel cheated because the test didnt seem difficult at all. Hope that helps. Peter Walker CISSP, CSS1, CIPTSS, CCNP, CCIP, CCDP, etc PS. I do NOT recommend doing things the way I did. It's just that I am terrible at motivating myself to actually study unless the exam is really imminent. If I had set myself a proper study plan and stuck to it I would probably have a much more relaxed 24 hours prior to the CID test :-) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57018t=56995 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2500 Series vs 2600 Series [7:55703]
Just thought I would add a little bit more. You may want to consider looking at 4500 (or 4000,4700) series routers. They are modular and have pretty much equivalent processing power to 2600/3600 series routers (but not the architecture). They have a fairly good range of modules available to them at a lower cost than 2600/3600 modules. The main downsides (in my opinion) are their size, and the lack of voice support. Other than voice they still have good IOS feature support (better than 2500s, including some MPLS edge features). You may also want to consider MC3810 routers. These can be pretty much considered as 2600s with only a limited selection of modules / options but with good voice hw/sw support. MC3810s and 4000/4500/4700 routers can all be obtained fairly cheaply on ebay. Regards Peter Craig Columbus wrote: I think it depends on your budget. You can get several 2500 series routers for the cost of a single 2600 with modules. With smart shopping, you should be able to pick up most 2500 models for under $275. I've bought 2501s, with 16/16, for under $200. The cheapest you're likely to get a 2610 is around $500. A WIC-1T will cost you another $120 or so. If money is not a problem, load up on 2600 or 3600 routers. However, if you want to watch your budget, build a lab with mainly cheap routers and maybe only a couple 2600 series for the stuff that the 2500s won't handle. At 01:36 PM 10/16/2002 +, you wrote: I'm thinking about putting together a home lab and am trying to figure out the right routers to get. Is the main difference between a 2500 series and 2600 series that the 2600 is modular and a 2500 is fixed? I know 2500's are end of life cycle and are probably slower and all that, but that doesn't matter so much for a home lab, does it? Since the 2600 appears to be modular and the 2500 is not, I'm thinking I could just get a couple 2600's and then buy various components - T1 WIC, ISDN, Async 16A, etc and put them in and configure, take them out, replace and configure, etc Then maybe I could just end up having to buy a couple routers and be able to test and configure a bunch of stuff, rather than having to buy a different 2500 for each thing. Any insight or personal experiences would help. Thanks a lot. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55711t=55703 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Voice Certification [7:52734]
Ahmad In the first chapter of the CIPT course book there are a number of URLs of documents including Cisco IP telephony Solution Guide Cisco IP telephony Network Design Guides If you have reasonable internet access and a printer (preferably fast and full duplex) it would be worth printing them out and reading them. They contain a wealth of information. It would also be worth taking a look at the avvid product pages to get the current specs of the avvid hardware. If you want to round out your study you could also look at Syngress's Cisco AVVID and IP telephony design and implementation. It doesnt go into the detail needed for the exam but does give a great high level view of the avvid architecture that (at least in my case) really helped put a perspective on all my other study. Regards Peter Walker CISSP, CSS1, CIPTSS, CCIP, CCNP, etc a. ahmad wrote: Dear all, I am going to take CIPT exam with in few days. I can't buy Boson. Right now I only have official CIPT course book and as well Cisco CallManager System Guide. CIPT book covers exam topics or I need to read extra stuff as well. No ne has taken this exam around so no idea at all about this exam. I would higly appreciate some suggestions. Thanks in advance! Ahmad Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52889t=52734 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIP-BSCI vs. BSCN [7:48861]
IS-IS Apart from IS-IS BCSN and BCSI have identical blueprints. If you take BCSI then you dont need to make the decision to change tracks yet. BCSI counts towards both tracks. If you are working towards a long term goal of CCIE then a good working knowledge (and experience) of the subject areas in the CCNP plus multicast, QOS, MPLS, Voice etc isnt exactly going to hurt. Regards Peter Walker CISSP, CSS1, CCNP, CCIP, TISCA --On Monday, July 15, 2002 9:41 PM + Brad wrote: Can anyone on the list tell me the specific differences between the Building Scalable Cisco Internetworks vs. Building Scalable Cisco Networks. I am almost through studying the BSCN for the first CCNP exam and am thinking about possibly changing certification tracks. Any input would be appreciated. Brad Dodds WAN Engineer Network Consulting Services Missouri Research Educational Network (MOREnet) Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48879t=48861 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE written on resume? [7:48868]
George I would strongly advise against list CCIE Written as a certification on your resume. I would recommend either mentioning it in a descriptive paragraph about yourself, or under education in some kind of in progress section. In both cases it may be worthwhile to give a REALISTIC estimate of when you think you will complete the whole certification (ie pass the lab). Your mileage may vary with that last point however. I guess it really depends on what kind of message you are giving on your resume. In any case, if I ever see a resume claiming CCIE written as a certification it likely will be thrown straight into the discard pile. I wouldnt want someone who would put that on a resume in my team. Peter Walker CISSP, CSS1, CCNP, CCIP, TISCA PS. Yeah I have passed the CCIE written exam (security) and I dont claim that as a certification --On Monday, July 15, 2002 11:28 PM + G Z wrote: I am persuing the written portion of the CCIE. I want to put this on my resume when the test is passed but it is not a certification in itself. There is no logical reason not to put it there as it shows additional knowledge and that is what the resume is for. But awhile back I think this topic was discussed but don't remember the particulars (I was not a CCNA at the time even). It seems to be like saying that you don't have a degree but have completed some college. Also where would this go on a resume? Any input would be appreciated. Thanks, George Zutaut Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48878t=48868 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Voice-IP [7:48008]
Juan I think you will also need 2 NM-1V or NM-2V to give you voice slots that you can plug the VICs into. Regards Peter Walker --On Wednesday, July 03, 2002 3:12 PM + Juan Blanco wrote: Team, I want to simulate an small voice-ip network on my lab. I have 2 2600 router that I will used for this task. My question is what are the components that I will need in order for me to accomplished my goal. What do I need? 2 routers 2 VIC-2FXS (TWO-PORT FXS VOICE/FAX INTERFACE CARD) - Interface that connects directly to a standard telephone, fax machine. (foreign exchange station) 2 Telephones IOS PLUS FEATURE Please correct me if I am wrong. Thanks, J Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48028t=48008 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Strange 6500/IPX Issue!! HELP!! [7:47951]
Mike Just a thought, but have you tried setting a gns-response-delay on your router. From what I remember reading in my support exam study (I have NO ipx experience), this can be used to compensate for the slow CPU or network adapter card of the client, which would otherwise miss a quicker response. It just seems from your other emails that this may match your symptoms and perhaps the difference between connecting to switch a vs switch b is just a tiny bit of latency that is enough to allow the old machines / cards to get the response. Like I said, I have no IPX experience and this is just a shot in the dark based on something I remember reading. Regards Peter Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48030t=47951 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CSS1 exams [7:47308]
Any chance of a hint? None of the search phrases I can think of are turning up any hits on google. Having just passed the CCIE security written exam this morning I may be interested in how to do this for my home lab. Thanks Peter --On Tuesday, June 25, 2002 3:37 PM -0400 John Kaberna wrote: you should consider finding out how to build an IDS Sensor out of a Solaris box. It can be done. :) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47423t=47308 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CSS1 exams [7:47308]
Obviously the corresponding books for each of the classes/exams from cisco press. Managing Cisco Network Security Cisco Secure Pix Firewalls Cisco Secure Virtual Private Networks Cisco Secure Intrusion Detection System Some other publishers have books that cover these subjects too, but I have no real experience of these. Some other books that might also be useful are Enhanced IP services for Cisco networks Cisco Secure Internet Security Solutions Cisco IOS Network Security (there may be a release specific version of this) There are also a bunch of really good technical documents on the CCO site. You should look into the product docs and data sheets for IOS, PIX, VPN Concentrator and IDS system, then read through some of the TAC technical documents and sample configurations. They cover the information you need to know but you will have to do more work to find the information you need. Hope these help. Peter Walker CISSP, CCSE, CSS1, CCNP, CCIP, etc --On Monday, June 24, 2002 3:20 PM -0400 [EMAIL PROTECTED] wrote: Since I can't get my cheap company to send me to classes, I have to do self-study go get my Cisco Security Specialist Certification. Does anyone have any suggestion which books would help for each of the exams? Thank you in advance, Joy Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47315t=47308 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Qualified specialist [7:47263]
They send out a certificate with your specialist certification on it. eg for security: Cisco Security Specialist 1 Peter Walker CISSP, CSS1, CCIP, CCNP --On Sunday, June 23, 2002 8:31 PM -0400 Dwayne Saunders wrote: Hi all Was Just wondering after completing your Cisco Qualified specialist exam what does Cisco send out if anything Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47268t=47263 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IDS Questions [7:46639]
I hope I dont get flamed for this ... but I would like to ask a similar but different question. What reason is there to choose Cisco IDS over Snort. I just dont see Cisco IDS as having much in the way of advantages over Snort other than a Cisco label and a high price tag (and yes both of those can be percieved as advantages) Of all of the Cisco kit I have worked with the IDS system is the only one I cant see myself recommending to someone. Peter Walker --On Friday, June 14, 2002 7:13 PM -0400 Ken Diliberto wrote: Brian, We can both justify and afford a commercial IDS but choose Snort. What do see as drawbacks to Snort? Brian Zeitz 06/14/02 03:02PM So the most people who want IDS who cannot afford / justify (just yet) and IDS box are using Snort? I have a pix 515UR, and if I read correctly, it has the capabilities to interface to an IDS box, but it is not an IDS box itself. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=46657t=46639 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Beta - anyone FAILED ? [7:46556]
Dont bet on it. I have been checking for my support exam results on an almost daily basis for the last two months and still no luck. Peter --On Friday, June 14, 2002 7:38 PM -0400 Jason Viera wrote: You should be able to see if you passed on the cisco certmanag Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=46661t=46556 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Foundations 640-509 [7:45548]
I totally disagree with this statement. In the foundation exam you get three scores, one for each of the sections. You have to pass in all sections to pass the foundation exam. So if you are strong in two areas but not the third you are likely to fail the whole exam because of this one area. If you are weak in any area then Foundation is not the exam to take. Peter Walker --On Friday, May 31, 2002 5:58 PM -0400 Ole Drews Jensen wrote: On the other hand, if you are perfect in routing and switching, but not so good in remote access, Foundation might be better, as the percentage you answer wrong on remote access questions, will be a third the percentage compared to if you took it by it self. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45572t=45548 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Support Beta exam results [7:44853]
Folks Just a quick question, I took the CCNP Beta on March 18 and am still awaiting the results. Does anyone have any experience of just how long I have to wait for the results. I am checking the cert tracker every day and am starting to realize that I dont have the patience to wait for Beta exam results :-). Its frustrating to know that a friend who took the standard exam two months after me has his results :-) Should I be concerned that I havent received my results yet? Peter Walker Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44853t=44853 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2900 series swithc [7:44092]
Going from memory here, but I think you are wrong. From what I remember the ASICs and such on the old 10mb routers cant handle the larger frame sizes that could be generated with dot1q trunking. Peter --On Tuesday, May 14, 2002 3:19 AM -0400 John Golovich wrote: I believe a 2500 series can act as a router for dot1q trunking. While 10mb isnt recommended because of overhead, it should work in a lab environment to gain experience with trunking. - Original Message - From: Marco Gaona To: Sent: Monday, May 13, 2002 8:48 PM Subject: RE: 2900 series swithc [7:44092] which 2900 series. If you are trying to trunk with a router , you will need a fast ethernet on the router. If it's IOS based the command is : switchport access vlan 100 switchport mode access You can enter the vlan info in the vlan database by typing vlan database vlan 100 name Engineering If it's set-based CLI the command is : Set trunk 1/1 and if you are using a router (must have fast ethernet) in the Fast ethernet interface type encapsulation isl Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44236t=44092 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What to do........ 2 parts [7:43843]
Jason Being as I am in a similar position to you in that I have completed all of the exams for CCNP (still awaiting results from support beta exam) I can tell you what I am have been doing and am planning. I will let you decide if this is relevent or useful to you. 1) First of all as I have been using VPN concentrator and pix systems for a while now and using IPSEC for a lot longer (hand crafting and debugging IPSEC tunnels between OpenBSD systems) I figured that it shouldnt be too big a step to pass the CSS1 exams and took the four exams last month. The only difficult bit was trying to learn about the IDS system without access to any cisco IDS kit (too expensive to buy for home use, and it would be unprofessional to recommend it for work). So now I am a CSS1 (and it is only a 1/4 paper cert :-). 2) Figuring that my experience is more appropriate to a Security CCIE rather than a routing and switching CCIE (in particular as far as the non ip desktop protocols are concerned) I am going to go for the CCIE Security written exam next month. 3) Based on the blueprints for the CCIE exams I also figure that there are certain areas in which my knowledge and experience is weak - particularly Packet Telephony, IS-IS (and to a lesser extent BGP), QOS, and MPLS I am planning some extra study in those areas. As these all are components of the various CCIP exams I have planned on taking the matching CCIP exams to validate my study at each step in the study plan (PKTEL, MCAST+QOS, BCSI (includes IS-IS and gives me a chance to revalidate my BGP knowledge), and MPLS. If I fail any of these exams (or even pass with too low a pass mark) I will postpone my CCIE written until I can be confident I am close to having an adequate level of knowledge and skill in the relevant area (and have validated my knowledge with a corresponding exam). 4) Even after all of the above I am sure I will have some weak areas and may fail the written exam. In which case I will revisit my weak areas and spend more time on them. 5) Assuming I get through the the written exam I plan to spend more time on study and 'practice' with a view to taking the lab exam towards the end of the year. As to lab kit I have worked with cisco kit for about 4 years (2500, 2600, 3600, cat 2900/3500, cat4k, PIX, VPN 3000 series) with about 25% of my responsibilities involving this network kit. In addition to this I have two 2500s, a Cat 2820 and a PIX 501 (I love these things) at home. As part of my cert plans I am adding a few 2500s, some 4500s a Cat 3900 and an Etherswitch 2200 (runs cat5k OS) with appropriate interfaces for my lab practice. With these I will be able to 'play' with a number of features that I currently cant. With my budget there is no real way I can get hold of equipment for some stuff (ATM, MPLS label switch routers etc), for these I will have to rely on online virtual labs and when nearer to the practical exam to real hands on lab rental. I am sure there will be some on this list who may have some comments on whether I will classify as a lab rat or not, and perhaps on the short time I am cramming a lot of this into (and I havent even mentioned the CISSP exam in I am taking two weeks time), but I have a number of time constraints that are applicable (not least of which is the likely ending of my current employment on June 28th - sometimes it sucks when your employer is acquired by a bigger company). Hope this helps Peter --On Friday, May 10, 2002 12:39 PM -0400 Kleberg, Jason wrote: this is a 2 part question that I hope to hear everyone's opinion on. 1. What to do next? Im done with ccnp, is it worth it to move to ccda\dp, what about css1, or just shoot for the ccie. i know that ccie will cost the most by far, and the others could give me more of a foundation to build on for ccie, but is it worth the wait or would you reccomend i just start buckleing down for the IE? SO MANY QUESTIONS 2. If I do start to study for CCIE, what kind of a lab should I build I probably wont take the lab for 12-18 months and the equipment list could change(token,atm,4500,2500,cat5k) What are the safest bets, or if someone could give me a link to a diagram of a very current lab i could plan from that. I think 2600,3600 are safe,, what else is a sure bet to be around? Is the set based switch going to make it? What is the best or least expensive ios based switch that you can train from?(cat x9xx layer 3?) I could really use some help here and i look forward to hearing from you all. Thanks Jason Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43905t=43843 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Where to buy RAM/flash for cisco router? [7:42939]
You could try www.memoryx.net. I have had good experiences buying cisco memory from them (they seem to understand what memory is needed for the different cisco systems). I only occasionally have them ship to me though as I can swing past their office with only a 5-10 mile diversion in my commute and I am usually too impatient to wait for delivery :-) I dont know if they ship internationally though. Regards Peter --On Tuesday, April 30, 2002 10:15 PM -0400 hktco wrote: Where can I get the best price RAM and flash for cisco router (2610)? Transportation is another consideration, as I want these memory to be shipped to Hong Kong. (not all shops accept international customers - Kingston is a good example!) Anyone has experience with shopping for memory online? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42940t=42939 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
