from:"Richard Deal"

Re: methods for summarizing routes in FATKID ospf401

2001-04-08 Thread Richard Deal


What about a static route?

"Clue Less" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi,
>
> Just trying out ospf401 on fatkid, and was reading the hints about
> summarizing.  Here's the hint
>
> "There are two built in OSPF methods to summarize OSPF routes. One way
> summaries between areas. The other summarizes between Autonomous
> Systems.  Do you know a third way to summarize routes, which works for
> any router, running any routing protocol?  How about a fourth?"
>
> http://www.fatkid.com/html/401_advanced_opsf_-_hints.html
>
> Does anyone know the 3rd or other ways and could kindly let me know?
>
> Clue Less.
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How to become a CCSI [7:1362]

2001-04-20 Thread Richard Deal


To everyone thinking about becoming a CCSI:

Yes, this is acceptable (I'm a CCSI--96045); however, there are some points
that should be made in addition to this:

* You need a training partner to sponsor you--this means, in all likelyhood,
that you will have to become an employee and you won't be making much money

* You will have to put your dues in...probably for a couple of years, before
you can go out on your own as a contract instructor.

* There are a ton of contract instructors (and employee instructors) for
classes like the ICND and BSCN. To really set yourself apart, you need to
specialize in something, like BCMSN, CATM, MCNS (or any of the new security
classes), etc.

Too many times students get these big puppy dog eyes when I tell them what
contractors can make in this business--most don't realize that to make that
kind of money, you will have to put in your dues for a couple of years AND
YOU WILL HAVE TO TRAVEL In this business, there are no easy roads to
networking heaven.

And even if you get your CCSI, you must be able to teach. All too often I
see a revolving door at various trainging partners. They bring someone in,
get them certified (maybe), and then the person fails miserably when it
comes to actually teaching the course content. I can remember one training
partner that I worked for that, over a period of two years, only had ONE
employee become a successful instructor, after going through more than 15
candidates. This is definitely a tough business and not for the faint of
heart. :-)  You have to know the material cold. Cisco and the training
partner will closely monitor your evaluations after each class. Cisco
requires at least an average of 4.2 (out of 5) while many training parters
are much more strict (4.5 out ot 5). If students ask you questions and you
must continually tell them you'll have to look it up (and I've seen many
cases like this), then as an instructor, you won't survive in this business
very long.

Hope this helps...and good luck to those that are really serious about
trying this!!!

Enjoy!

Richard Deal
[EMAIL PROTECTED]

""Gregory Macaulay""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> A further inquiry into this -- if you folks don't mind.  I know that one
of
> the requirment's to become a CCSI is to pass the CCNA exam with a score of
> 919.  Also, at the beginning of the exam, one of the screens inquires
> whether you are taking this as an instructor or some such language.
>
> My question is whether you can take the CCNA exam for instructor -- as one
> of the CCSI prerequisites PRIOR TO actually being interviewed by a Cisco
> Training Partner.
>
> It would seem that if one could -- it would be a selling point to
obtaining
> an interview and possibly being selected for the job.
>
> Alternatively, I would think that you could take the exam in a normal
> manner -- achieve a 919 or better but still have to come back one more
time
> to sit as a (prospective) instructor.  Perhaps the pool of questions is
> different (and possibly more difficult) for CCSIs!!!
>
> ANy comments -- OR even better -- informed opinions??
>
>
> Greg Macaulay
> oldest CCNP on earth
> Lifetime member of AARP
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Circusnuts
> Sent: Friday, April 20, 2001 10:05 AM
> To: [EMAIL PROTECTED]
> Subject: Re: How to become a CCSI [7:1353]
>
>
> You need to interview with a Cisco training partner.  This not something
you
> can do on your own.  We had the topic on the list last week & found most
> trainers are not CCSI certified.
>
> Phil
> - Original Message -
> From: SURANJITH ARIYAPPRUMA
> To:
> Sent: Friday, April 20, 2001 9:34 AM
> Subject: How to become a CCSI [7:1353]
>
>
> > Dear Friends
> > I am a CCNA , how could I become a CCSI(or CCAI) ?, I have heard that
> there
> > is a fast track program to convert to CCSI(or CCAI) , Please inform me
if
> > anybody has any info.
> > Thanks in advance
> > Suranjith CCNA
> >
_
> > Get Your Private, Free E-mail from MSN Hotmail at
http://www.hotmail.com.
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=1367&t=1362
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Typo [7:2011]

2001-04-25 Thread Richard Deal


Jennifer,

Either one will do. However, I have experienced a minor annoyance depending
on the software release: when you change the SC0's interface VLAN, it does
not automatically start using it until you either a) reboot the switch or b)
execute the "set int sc0 up" command--the latter is the more preferrable. I
haven't experienced this
problem lately (version 5.x code), but have experienced it in 2.x and 3.x
code--I don't remember with 4.x

Hope this helps.

Enjoy!

Richard Deal

""Jennifer Cribbs""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> It is actually:
>
> set int sc0 2 xxx.xxx.xxx.xxx xxx.xxx.xxx.0
>
> [will this work??]
>
> or
>
> set int sc0 xxx.xxx.xxx.xxx xxx.xxx.xxx.0
>
> [and then .set int sc0 2]
>
>
> Confused,
> Jennifer Cribbs
>
> Have a great day!
> Jenn
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=2026&t=2011
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCNP test order [7:2122]

2001-04-26 Thread Richard Deal


Having taught all of these classes (and still teaching), I agree with the
below order.

Enjoy!

Richard Deal

""mtxpert""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I took the routing test first and found it's information was repeated
> through the other tests.
> My order of tests
> CCNA
>
> CCDA
>
> Routing
> Remote Access
> Switching
> Support
>
> CID
>
> CCIE Written
>
> Mike Bambic




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=2196&t=2122
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Switch command questions [7:2477]

2001-04-30 Thread Richard Deal


The test covers the IOS of the 1900 series and the set-based interface of
the 5000 series--the IOS interface of the XL and 5000 is NOT covered.

And yes, there are some significant differences between the IOS of the 1900
and XL series, as you have found out.

Enjoy!

Richard

""Hunt Lee""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I tried to practice some switching commands on the BCMSN book with my
> switch (2924XL), but I found I lot of commands is completely different
> from the BCMSN book.
>
>
> BCMSN   My switch
>
> e.g.1.  To assign ports to a VLAN:   interface ethernet
> 0/1  interface ethernet 0/3
>
> vlan-membership static 3switchport access vlan 3
>
> e.g.2   To enable PortFastspantree
> start-forwardingspantree portfast
>
>
> Is this because of the different IOS version?  Or what do I have to do
> so that I can make my switch to use the same commands as the BCMSN
> book.  Can anyone please shed some light on this?
>
> Regards,
> Hunt Lee
> IP Solution Analyst
> Cable and Wireless




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=2597&t=2477
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ATM question [7:4452]

2001-05-14 Thread Richard Deal

Actually, this is a very common practice with carriers--they sell you a pipe
of so many Kbps and it's up to you how you want to carve it up. They set up
one VC in side their network and they switch all cells with the same VPI
value to the appropriate destination. This gives you a lot of flexibility.
If you want to set up two VCs with two distinct traffic contracts to ensure
that two protocols, say, for instance IP and IPX, do not step on each
others' toes, you can do this. If the carrier would have set up a channel
instead of a path, they would have to set up a separate VC--more management
on their part.

In your case, however, I would take one precaution--don't use VCI values
less than 32 (0-31). These are reserved for management purposes. I've seen
some issues with the old Cascade switches where sometimes this would cause
problems with your VC--the Cascade switch, instead of passing them
transparently through the network, tried to process them, causing the
customer all kinds of problems.

Hope this helps!

Enjoy!

Richard Deal
[EMAIL PROTECTED]

*  Author of the following Coriolis books: CCNP Switching Exam Cram, CCNP
Remote Access Exam Prep, and CCNP Cisco Lan Switch Configuration; as well as
a CCNP test author for www.equizware.com

""David Chandler""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Sounds like they are giving you a PVP. (permanent virtual path)  If that
> is true then they are correct whatever VCI you choose at the source will
> be the same VCI at the destination.  In other words the Sprint ATM
> switches will not switch based on the VCI info in the cell header; it
> will only look at the VPI info.
>
> I am suprised that the carriers would be giving out PVPs.  That sounds
> like the same mentality which was used when they were giving out IP
> address ranges. (If you have more than 100 users, you can have a Class A
> address)
>
> DaveC
>
>
> Kim Seng wrote:
> >
> > To the ATM guru,
> >
> > I have a ATM WAN via SPRINT from the HQ (Chicago) to 4
> > regional branch office (LA, FL, NY and CO).
> > The PVC infomations that SPRINT provides to me after
> > the circuit installation completed has only the
> > Originating VPI and Terminating VPI. There are no
> > information about the VCI. They said I can pick
> > any number for the VCI. This is new to me. Can someone
> > tell me that is true? I thought to configure
> > PVC you need both the VPI/VCI that must match with the
> > ingress ATM switch.
> >
> > Many thanks in advance.
> >
> > Kim.
> >
> > __
> > Do You Yahoo!?
> > Yahoo! Auctions - buy the things you want at great prices
> > http://auctions.yahoo.com/
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=4474&t=4452
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Configure ATM point to point subinterface [7:4539]

2001-05-15 Thread Richard Deal


This is correct...assuming that the other end IS point-to-point. the
encapuslation will have to match on the two ends, like "aal5snap".

Enjoy!


--
--------
Richard Deal
[EMAIL PROTECTED]

*  Author of the following Coriolis books: CCNP Switching Exam Cram, CCNP
Remote Access Exam Prep, and CCNP Cisco Lan Switch Configuration; as well as
a CCNP test author for www.equizware.com


""Kim Seng""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi everyone,
>
> Simple ATM configuration question.
> I need to use Map-list and Map-group to configure ATM
> Multipoint
> I DO NOT need to use them to configure ATM Point to
> Point?
>
> Am I correct?
>
> Kim.
>
> __
> Do You Yahoo!?
> Yahoo! Auctions - buy the things you want at great prices
> http://auctions.yahoo.com/
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=4543&t=4539
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Case Sensitive Passwords on Cisco IOS CLI [7:4718]

2001-05-17 Thread Richard Deal


It's the 1900 switch that uses case-insensitive passwords. The routers, ATM
switches, set-based switches, and XL switches have case-senstive
passwords...basically everything else.

--

Richard Deal
[EMAIL PROTECTED]

*  Author of the following Coriolis books: CCNP Switching Exam Cram, CCNP
Remote Access Exam Prep, and CCNP Cisco Lan Switch Configuration; as well as
a CCNP test author for www.equizware.com

""Marco P Rodrigues""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> According to the book written by Karen Webb on page 65 it states
> that passwords on Cisco Swtiches using the Cisco IOS CLI AREN'T case
> sensitive, while passwords on the Cisco Switches using the set/clear CLI
> don't. I've tried this out myself and it seems to be both case sensitive.
> I've tried it on a 5505 and 2924. Is this a typo? I've looked for an
> errata on www.ciscopress.com and couldn't find anything..
>
> And clarification would be appreciated.
>
> Thanks.
>
> "Virtually All Internet Porno flows through the systems of one
> company. Cisco Systems. Emporning the Internet Generation."
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=4943&t=4718
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ISDN [7:5081]

2001-05-19 Thread Richard Deal


Gerri,

Unfortunately, you'd either have to buy real ISDN circuits; or buy a
simulator. The unfortunate part is that simulators are a bit expensive. For
a brand-new two-port U BRI simulator, you're talking about $1,800. Your best
bet is to buy them used, for instance, at www.ebay.com. Sometimes you get
get a good deal, but expect to fork over about $1,000. Everyone in the
CCNP/CCIE hunt is looking for one. :-) Teltone makes a very nice one. I
really like their 4-port model where you have 2-U and 2-S/T interfaces.

Good luck!!!

--
--------
Richard Deal
[EMAIL PROTECTED]

*  Author of the following Coriolis books: CCNP Switching Exam Cram, CCNP
Remote Access Exam Prep, and CCNP Cisco Lan Switch Configuration; as well as
a CCNP test author for www.equizware.com

""Gerri Costa""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi folks,
>
> Is anyone familiar with a method of piggy backing two ISDN interfaces
> together without going through an ISDN switch?
>
> Gerri
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=5117&t=5081
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: why isn't PNNI more popular, esp. for telcos? [7:5098]

2001-05-19 Thread Richard Deal


Most telcos use the proprietary protocol of their WAN ATM switches. Cisco's
WAN switches, BPX, MGX, and IGX, use autorouting--proprietary. However, you
can buy PNNI for them for a few bucks more. My guess is that most carriers
that sell ATM services, for the most part, sell PVC-based solutions. I don't
see that many companies buying SVCs (for ATM) from carriers; and therefore,
PNNI and routing interoperability is not a big deal. I teach the CATM class
and one thing I really like is the PNNI protocol on the LS1010's--it makes
my life very easy in an SVC environment--a no brainer.

Enjoy!

--
--------
Richard Deal
[EMAIL PROTECTED]

*  Author of the following Coriolis books: CCNP Switching Exam Cram, CCNP
Remote Access Exam Prep, and CCNP Cisco Lan Switch Configuration; as well as
a CCNP test author for www.equizware.com

""NRF""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am struck by just how few ATM networks actually use PNNI.  The few that
I
> have found are small campus networks that have a one-level hierarchy, and
> seemingly only run PNNI because they want to run LANE.
>
> It would seem that PNNI would be extremely beneficial for the large ATM
> clouds run by the telcos.  Well-defined hierarchy, integrated QoS, etc.,
> it's all in there.  Yet I have yet to encounter a telco that actually uses
> it.
>
> So why is that?  Does running PNNI incur too much of a processing load on
> the ATM switches that the telcos don't want to burden them with it?  Or
are
> there backwards-compabitility issues?   Just why don't more telcos
implement
> PNNI?
>
> Thanx




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=5118&t=5098
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Terminal Server for the first time !!! [7:5119]

2001-05-19 Thread Richard Deal


Try this:

line 1-8
 absolute-timeout 480
 transport input telnet
 transport output telnet
 telnet transparent
 stopbits 1

Enjoy
--

Richard Deal
[EMAIL PROTECTED]

*  Author of the following Coriolis books: CCNP Switching Exam Cram, CCNP
Remote Access Exam Prep, and CCNP Cisco Lan Switch Configuration; as well as
a CCNP test author for www.equizware.com

""Jeongwoo Park""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi all
> How can I get my 2509 terminal server to work?
> Here is my config
>
> TermServer#sh r
> 05:47:29: %SYS-5-CONFIG_I: Configured from console by consoleun
> Building configuration...
>
> Current configuration:
> !
> version 12.0
> service timestamps debug uptime
> service timestamps log uptime
> no service password-encryption
> !
> hostname TermServer
> !
> enable password wams
> !
> ip subnet-zero
> no ip domain-lookup
> ip host r1 2001 1.1.1.1
> ip host r2 2002 1.1.1.1
> ip host r3 2003 1.1.1.1
> !
> !
> !
> interface Loopback0
>  ip address 1.1.1.1 255.255.255.255
>  no ip directed-broadcast
> !
> interface Ethernet0
>  no ip address
>  no ip directed-broadcast
>  shutdown
> !
> interface Serial0
>  ip address 2.2.50.2 255.255.255.252
>  no ip directed-broadcast
>  no ip mroute-cache
>  no fair-queue
>  clockrate 64000
>  shutdown
>
> !
> interface Serial1
>  ip address 3.3.50.1 255.255.255.252
>  no ip directed-broadcast
>  clockrate 130
>  shutdown
> !
> ip classless
> !
> !
> line con 0
> line 1 8
>  no exec
>  transport input all
> line aux 0
> line vty 0 4
>  login
> !
> end
>
> I have three other router that are r1, r2, and r3 respectively.
> How can I get to r1, r2, or r3?
> Isn't it this one? for example,
> TermServer#r1
> TermServer#r2
> TermServer#r3
> It did not work
> I am using termserver for the first time.
> Can someone guide me through how to use it?
>
> In addition, here is output of "sh line"
>
> TermServer#sh line
>  Tty Typ Tx/RxA Modem  Roty AccO AccI   Uses   Noise  Overruns
Int
> *  0 CTY  --  ---  6   1
0   -
> *  1 TTY   9600/9600  --  ---  3   2
0   -
> *  2 TTY   9600/9600  --  ---  2   0
0   -
>3 TTY   9600/9600  --  ---  1   0
0   -
>4 TTY   9600/9600  --  ---  0   0
0   -
>5 TTY   9600/9600  --  ---  0 104
0   -
>6 TTY   9600/9600  --  ---  0   0
0   -
>7 TTY   9600/9600  --  ---  1   0
1/243 -
>8 TTY   9600/9600  --  ---  0   6
8/622 -
>9 AUX   9600/9600  --  ---  0   0
0   -
>   10 VTY  --  ---  1   0
0   -
>   11 VTY  --  ---  0   0
0   -
>   12 VTY  --  ---  0   0
0   -
>   13 VTY  --  ---  0   0
0   -
>   14 VTY  --  ---  0   0
0   -
> Thanks
>
> jp
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=5130&t=5119
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Terminal Server in detail !!! [7:5177]

2001-05-20 Thread Richard Deal


You need "transport output telnet"--this is the default, but you've
overrridden it with the "none" parameter.

Enjoy!

--
----
Richard Deal
[EMAIL PROTECTED]

*  Author of the following Coriolis books: CCNP Switching Exam Cram, CCNP
Remote Access Exam Prep, and CCNP Cisco Lan Switch Configuration; as well as
a CCNP test author for www.equizware.com

""Jeongwoo Park""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi all
>
> I made some changes on config.
>
> Still didn't work.
>
> Here is new config:
>
>
>
> TermServer#sh run
>
> Building configuration...
>
> Current configuration:
>
> !
>
> version 12.0
>
> service timestamps debug uptime
>
> service timestamps log uptime
>
> no service password-encryption
>
> !
>
> hostname TermServer
>
> !
>
> enable password wams
>
> !
>
> ip subnet-zero
>
> no ip domain-lookup
>
> ip host r1 2001 1.1.1.1
>
> ip host r2 2002 1.1.1.1
>
> ip host r3 2003 1.1.1.1
>
> !
>
> !
>
> !
>
> interface Loopback0
>
> ip address 1.1.1.1 255.255.255.255
>
> no ip directed-broadcast
>
> !
>
> interface Ethernet0
>
> no ip address
>
> no ip directed-broadcast
>
> shutdown
>
> !
>
> interface Serial0
>
> ip address 5.5.5.5 255.255.255.0
>
> no ip directed-broadcast
>
> no ip mroute-cache
>
> no fair-queue
>
> clockrate 64000
>
> !
>
> interface Serial1
>
> ip address 5.5.6.5 255.255.255.0
>
> no ip directed-broadcast
>
> !
>
> ip classless
>
> !
>
> !
>
> line con 0
>
> no exec
>
> transport input none
>
> line 1 8
>
> transport input all
>
> transport output none
>
> stopbits 1
>
> line aux 0
>
> line vty 0 4
>
> login
>
> !
>
> end
>
> Now I did "sh line"
>
> TermServer#sh line
>
> Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
>
> * 0 CTY - - - - - 15 0 0/0 -
>
> * 1 TTY 9600/9600 - - - - - 7 20 4/17 -
>
> * 2 TTY 9600/9600 - - - - - 7 0 0/0 -
>
> 3 TTY 9600/9600 - - - - - 1 0 0/0 -
>
> 4 TTY 9600/9600 - - - - - 0 0 0/0 -
>
> 5 TTY 9600/9600 - - - - - 0 323 179/539 -
>
> 6 TTY 9600/9600 - - - - - 0 0 0/0 -
>
> 7 TTY 9600/9600 - - - - - 0 15 119/356 -
>
> * 8 TTY 9600/9600 - - - - - 0 22 21/63 -
>
> 9 AUX 9600/9600 - - - - - 0 0 0/0 -
>
> 10 VTY - - - - - 0 0 0/0 -
>
> 11 VTY - - - - - 0 0 0/0 -
>
> 12 VTY - - - - - 0 0 0/0 -
>
> 13 VTY - - - - - 0 0 0/0 -
>
> 14 VTY - - - - - 0 0 0/0 -
>
> Then I did this
>
> TermServer#clear line 1
>
> [confirm]
>
> [OK]
>
> TermServer#clear line 2
>
> [confirm]
>
> [OK]
>
> TermServer#clear line 8
>
> [confirm]
>
> [OK]
>
> TermServer#sh line
>
> Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
>
> * 0 CTY - - - - - 15 0 0/0 -
>
> 1 TTY 9600/9600 - - - - - 7 90 7/26 -
>
> 2 TTY 9600/9600 - - - - - 7 0 0/0 -
>
> 3 TTY 9600/9600 - - - - - 1 0 0/0 -
>
> 4 TTY 9600/9600 - - - - - 0 0 0/0 -
>
> 5 TTY 9600/9600 - - - - - 0 323 179/539 -
>
> 6 TTY 9600/9600 - - - - - 0 0 0/0 -
>
> 7 TTY 9600/9600 - - - - - 0 15 119/356 -
>
> * 8 TTY 9600/9600 - - - - - 0 22 21/63 -
>
> 9 AUX 9600/9600 - - - - - 0 0 0/0 -
>
> 10 VTY - - - - - 0 0 0/0 -
>
> 11 VTY - - - - - 0 0 0/0 -
>
> 12 VTY - - - - - 0 0 0/0 -
>
> 13 VTY - - - - - 0 0 0/0 -
>
> 14 VTY - - - - - 0 0 0/0 -
>
> Now it shows this:
>
> TermServer#sh line
>
> Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
>
> * 0 CTY - - - - - 15 0 0/0 -
>
> 1 TTY 9600/9600 - - - - - 7 90 7/26 -
>
> 2 TTY 9600/9600 - - - - - 7 0 0/0 -
>
> 3 TTY 9600/9600 - - - - - 1 0 0/0 -
>
> 4 TTY 9600/9600 - - - - - 0 0 0/0 -
>
> 5 TTY 9600/9600 - - - - - 0 323 179/539 -
>
> 6 TTY 9600/9600 - - - - - 0 0 0/0 -
>
> 7 TTY 9600/9600 - - - - - 0 15 119/356 -
>
> * 8 TTY 9600/9600 - - - - - 0 22 21/63 -
>
> 9 AUX 9600/9600 - - - - - 0 0 0/0 -
>
> 10 VTY - - - - - 0 0 0/0 -
>
> 11 VTY - - - - - 0 0 0/0 -
>
> 12 VTY - - - - - 0 0 0/0 -
>
> 13 VTY - - - - - 0 0 0/0 -
>
> 14 VTY - - - - - 0 0 0/0 -
>
> At this point, I am confused because line 8 was not cleared.
>
> Now I typed "r1" This is what it looks like:
>
> TermServer#r1
>
> Trying r1 (1.1.1.1, 2001)... Open
>
> And I get stuck forever.
>
> I had to go (ctrl+shift+6)+X to go back to TermServer prompt.
>

Re: ATM in Lab [7:5319]

2001-05-21 Thread Richard Deal


If all you're interested in is PVCs, then this is fine. If you want to do
SVCs, you'll need an ATM switch. The LS1010 is probably out of your price
range--they go for $3k-5k on ebay. A LS100 is a better bet--you should be
able to get this for $500. It's not the same CLI as the LS1010, but you can
build PVCs, it will support SVCs, and it will do SoftPVCs.

Enjoy!

--
--------
Richard Deal
[EMAIL PROTECTED]

*  Author of the following Coriolis books: CCNP Switching Exam Cram, CCNP
Remote Access Exam Prep, and CCNP Cisco Lan Switch Configuration; as well as
a CCNP test author for www.equizware.com

""Darren Crawford""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Back to Back doesn't provide you with the same feedback you need to fully
> prepare for the lab.
>
> Darren
>
> At 04:24 PM 05/21/2001 -0400, Daniel Cotts wrote:
> >You can run two routers with ATM cards back-to-back. You need a switch
for
> >three or more.
> >
> >> -Original Message-
> >> From: No Data [mailto:[EMAIL PROTECTED]]
> >> Sent: Monday, May 21, 2001 2:53 PM
> >> To: [EMAIL PROTECTED]
> >> Subject: ATM in Lab [7:5319]
> >>
> >>
> >> Ive never worked with ATM before and would like to
> >> start playing with it in my home lab.  Do I need to
> >> buy an LS1010 (or LS100) or can I do all the
> >> configuration stuff that is necessary with an MC3810?
> >> I havent really been able to differentiate between the
> >> two products all that much yet (of course I dont have
> >> any ATM xp either).
> >>
> >> Ben
> >>
> >> __
> >> Do You Yahoo!?
> >> Yahoo! Auctions - buy the things you want at great prices
> >> http://auctions.yahoo.com/
> >> FAQ, list archives, and subscription info:
> >> http://www.groupstudy.com/list/cisco.html
> >> Report misconduct
> >> and Nondisclosure violations to [EMAIL PROTECTED]
> >FAQ, list archives, and subscription info:
> >http://www.groupstudy.com/list/cisco.html
> >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>
>

> ***
> Darren S. Crawford
> Lucent Technologies Worldwide Services
> 2377 Gold Meadow WayPhone: (916) 859-5200 x310
> Suite 230   Fax: (916) 859-5201
> Sacramento, CA 95670Pager: (800) 467-1467
> Email: [EMAIL PROTECTED] Epager: [EMAIL PROTECTED]
> http://www.lucent.com   Network Systems
> Consultant - CCNA, CCIE Written
>
> "Providing the Power Operable Networks."
>
>

> ***
> "Ham and Eggs - A day's work for a chicken; A lifetime commitment
> for a
> pig."
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=5355&t=5319
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP commands [7:6871]

2001-06-02 Thread Richard Deal


Dear Hunt,

1 & 3 apply to all VLANs on the respective ports--all VLANs are treated the
same. Commands 2 and 4 allow you to change the values on a per-VLAN basis,
treating each VLAN differently.

Hope this helps!

Enjoy!

Richard Deal
[EMAIL PROTECTED]
* CCNP test author for www.equizware.com 500 questions each for the Routing,
Switching, Remote Access, and Support tests
* Author of the following Coriolis books: CCNP Switching Exam Cram, CCNP
Remote Access Exam Prep, and CCNP Cisco Lan Switch Configuration

___
""Hunt Lee""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Can someone please shed some light on this? I have read many times (on
> p153-158) on Cisco BCMSN book but still very confused between on the
> following 4 commands:  And I don't understand when do you have to use
> them, since I thought root port is determined by the lowest path cost.
> If equal, it goes for the lowest Bridge ID.  And if it still equals, it
> goes for the lowest port ID.
>
> 1) set spantree portpri 2/3  [vlans]
> VS
> 2) set spantree portvlanpri 2/3  [vlans]
>
> And
>
> 3) set spantree portcost 2/3
> VS
> 4) set spantree portvlancost 2/3 cost  [vlan]
>
> Thanks!
>
> Regards,
> Hunt Lee
> IP Solution Analyst
> Cable and Wireless




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=6879&t=6871
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Vlans - maximum no of devices [7:8128]

2001-06-12 Thread Richard Deal


To all,

In Cisco's BCMSN class, they make the comment of "254". I think that Cisco
chose this number is because that most people use a "/24" mask for
subnetting. In BOTH of Cisco's design classes, this is the recommendation:
* IP= 500
* IPX = 300
* AT  = 200
* Mixed = 200

I think that the design classes make a more accurate guestimate, at least
I've seen this true from my consulting experience. However, EVERY network is
DIFFERENT--what works for one network won't work for another. I had one
customer that had 1,800 devices in the SAME broadcast domain--everything was
bridged, not routers. When I first heard this, I didn't believe it.
Actually, their network "kind of" worked. For 30 seconds traffic would go
through, and the next 30 seconds they'd have a broadcast storm. It was
pretty funny. Of course, they realized one day that when they added another
machine to the network, it broke the cycle, and then they decided to
redesign their network with routers (which was why I was there).

Enjoy!

Richard Deal [EMAIL PROTECTED]
* CCNA/CCNP test author for www.equizware.com--500 questions each for the
CCNA Routing and Switching, CCNP Routing, CCNP Switching, CCNP Remote
Access, and CCNP Support tests
* Author of the following Coriolis books: CCNP Switching Exam Cram, CCNP
Remote Access Exam Prep, and CCNP Cisco Lan Switch Configuration
___

""John Kale""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> hi all,
>
> I read somewhere that there can only be a maximum of 254 devices in a
vlan.
> I'm currently redesigning a network that would have a vlan containing
about
> 300 devices. Is the 254 restriction a design one? Please can someone
> enlighting me on this issue.
>
>
> regards,
>
>
> Tunde




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=8161&t=8128
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Vlans - maximum no of devices [7:8128]

2001-06-12 Thread Richard Deal


""Chris Haller""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> If I remember correctly, each VLAN is it's own subnet.
>  And therefore, if each vlan is it's own subnet, you
> can only have 254 devices attached to each subnet.
>
Wrong!

What about this? 172.16.2.0 255.255.254.0--this has 510 hosts in it.

Enjoy!

> You may wanna check that on CCO.
>
>
> --- John Kale  wrote:
> > hi all,
> >
> > I read somewhere that there can only be a maximum of
> > 254 devices in a vlan.
> > I'm currently redesigning a network that would have
> > a vlan containing about
> > 300 devices. Is the 254 restriction a design one?
> > Please can someone
> > enlighting me on this issue.

Richard Deal [EMAIL PROTECTED]
* CCNP test author for www.equizware.com--500 questions each for the
Routing, Switching, Remote Access, and Support tests
* Author of the following Coriolis books: CCNP Switching Exam Cram, CCNP
Remote Access Exam Prep, and CCNP Cisco Lan Switch Configuration
___




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=8269&t=8128
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CSPM 2.3i and NT versus 2000 [7:35980]

2002-02-20 Thread Richard Deal


I'm about to run a trial of CSPM 2.3i for some IDS sensors that I have. I
noticed in the release notes that this version of the product only runs on
Windows NT 4.0; however, I  --REALLY-- would like to run this on Windows 200
server.

Has anyone had any success on running this on Windows 2000 server? If so,
what SP were you using for W2000 server? and what other things did you have
to do to get it up and running? Any of the functionality of 2.3i that you
couldn't get to function?

Thanks for the info!!!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35980&t=35980
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Embryonic connections [7:38451]

2002-03-15 Thread Richard Deal


Steve,

An embryonic connection is a half-open connection. Take TCP, for example.
With TCP, it goes through a three-way handshake (3 exchanges): SYN, SYN/ACK,
ACK. An example of an embryonic connection for TCP would be to see a SYN
without the other two parts of a handshake. This is a very popular form of a
Denial of Service (DoS) attack where a hacker floods a service with TCP
SYNs. Many firewall solutions, including the PIX and the IOS Firewall
feature set have mechanisms to deal with this kind of attack.

Hope this helps.

Cheers!


--
Richard Deal

* Author of the ebook "CCNA Secrets Revealed!" and Exam Cram and Exam Prep
books from the Coriolis Group
* Test author for QuizWare (www.quizware.com)

""Steve Smith""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Can anyone explain the term embryonic connections? I have a box that has
> increasing dropped embryonic connections which if I knew exactly what
> the term meant maybe I could help this Telco figure out what is wrong
> with their box that they say has no problems must be my router thing
> going on.
>
> Thanks!
>
> Steve Smith MCSE, CCNA, CCDA
> Data Networks Technical Manager
> Freeliant Inc.
> [EMAIL PROTECTED]
>
> The brave may not live forever, but the cautious never live.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=38474&t=38451
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Advanced BGP Class [7:26838]

2001-11-20 Thread Richard Deal


""Ouellette, Tim""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I'm taking the Computer Data Advanced BGP class next week taught by Larry
> Mobley. I was wondering if anyone has taken this class and if so what they
> thought of it. A couple of guys here at EDS have taken it and just loved
it
> and was wondering if that's the global consensus.  Anything I should
review
> prior to the class. I'm planning on reviewing the IRA book by Halabi.
>
> Tim
>
>
>

Tim,

I have worked with Larry in the past before--he was the first person that I
knew of that had developed a 5-day BGP class. At this time Global Knowledge
had a 3-day one and Cisco didn't even have one. Having taught for many
years, when I saw Larry teach, I knew, hands-down, that he was the best
instructor that I had ever seen. You'll really like him and you'll really
enjoy the BGP class he developed. If I recall correctly, each BGP router pod
has 5 routers which you and a classmate will share. If you are planning for
the CCIE, this is a must-have class!

One thing that surprised me about your post was that Computer Data was
sponsoring the class--Larry used to do his teaching through IMS in Atlanta.
I've had problems with IMS in the past (ie, them not paying me money they
owed me) and Larry probably ran into the same thing. If you take the class,
please tell Larry I said "hi!" and I'd be curious to find out what he's up
to.

Best of luck Time!
--
__

Richard Deal

email: [EMAIL PROTECTED]
web:   http://pages.prodigy.net/richard.deal

* Just finished a CCNA ebook available at Boson (www.boson.com):
 + "CCNA Secrets Revealed!"

* CCNP test author for QuizWare (www.quizware.com)
 + CCNA #1 and #2 -- 550 questions each!
 + CCNP Routing #1 -- 500 questions
 + CCNP Switching #1 -- 500 questions
 + CCNP Remote Access #1 -- 500 questions
 + CCNP Support #1 -- 500 questions

*  Author of the following Coriolis books:
 + "CCNP Switching Exam Cram"
 + "CCNP Remote Access Exam Prep"
 + "CCNP Cisco Lan Switch Configuration Exam Cram"
__




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=26842&t=26838
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: diffie-hellman clarification [7:28438]

2001-12-07 Thread Richard Deal


You're both right--there are two types of man-in-the-middle attacks that can
occur--one is with the initial connection. DH does not provide identity
validation--therefore, you might think your setting up a connection to your
remote site when it is really a man-in-the-middle that you're setting it up
with. To solve this, you can use a Certificate Authority to validate the
remote's identity.

The second problem is when the connection is set up to the "real"
destination, but there is still a "man-in-the-middle" peeking at all of your
traffic. Through the DH key exchange, even though the man-in-the-middle sees
the public keys that are shared, it doesn't see the private keys, nor the
new "secret" key derived from the remote's public and your private.

Hope this helps

Happy holidays!

--
______

Richard Deal

email: [EMAIL PROTECTED]
web:   http://pages.prodigy.net/richard.deal

* Just finished a CCNA ebook available at Boson (www.boson.com):
 + "CCNA Secrets Revealed!"

* CCNP test author for QuizWare (www.quizware.com)
 + CCNA #1 and #2 -- 550 questions each!
 + CCNP Routing #1 -- 500 questions
 + CCNP Switching #1 -- 500 questions
 + CCNP Remote Access #1 -- 500 questions
 + CCNP Support #1 -- 500 questions
 + CSS1 MCNS #1 and #2 -- 500+ questions each!

*  Author of the following Coriolis books:
 + "CCNP Switching Exam Cram"
 + "CCNP Remote Access Exam Prep"
 + "CCNP Cisco Lan Switch Configuration Exam Cram"
__
 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Ray,
>
> I have worked with diffie-hellman quite a bit.  You have the correct gist
of
> it.  The key to the answer is the word anonymous in the cisco excerpt.
The
> initial diffie-hellman public key exchange is subject to man-in-the-middle
> attacts, if you run this key exchange anonymously.  On the other hand if
you
> do a manual verification of the intitial key exchange, by having the
> recieving end visually check the public key against what the sender is
> sending, then its secure and subsequent key exchanges will be secure.
>
>
>
> -Original Message-
> From: Ray Brehm [mailto:[EMAIL PROTECTED]]
> Sent: Friday, December 07, 2001 1:50 PM
> To: [EMAIL PROTECTED]
> Subject: diffie-hellman clarification [7:28438]
>
>
> I need a security wizard here...
>
> This question is from certification zone:
>
> Diffie-Hellman exchange prevents what type of attack on secure
> communications?
>
> A.
>
> Denial of service
>
> B.
>
> Session key cryptanalysis
>
> C.
>
> Replay
>
> D.
>
> Man-in-the-middle
>
> Your Answer: D
>
> Correct Choice: d
>
> Answer Explanation
>
> Diffie-Hellman is used in the secure exchange of information from which
> session keys are generated for communications between legitimate users A
> and B. It prevents man-in-the-middle attacks, in which an intruder M
> lies to B, saying it is A, and lies to A, saying it is B. If A and B
> accept M's statement, A and B will both send to M, and M can read or
> change the information flow.
>
>
> This excerpt is from Cisco's website and the Internet Protocol Journal
> 6/98:
>
> * Anonymous Diffie-Hellman: The base Diffie-Hellman algorithm is
>   used, with no authentication. That is, each side sends its public
>   Diffie-Hellman parameters to the other, with no authentication.
>   This approach is vulnerable to man-in-the-middle attacks, in which
>   the attacker conducts anonymous Diffie-Hellman exchanges with both
>   parties.
>
>
> I understand the way Diffie-Hellman works and exchanges public keys
> using a mathematical formula and is vulnerable to man-in-the-middle
> during the original D-H exchange. I also understand how further key
> exchange for data encryption works after D-H is computed. What I'm
> getting at here is what's the Cisco answer? D-H is vulnerable to
> man-in-the-middle during the original exchange but protects the exchange
> of the real key used for data encryption if it is executed successfully.
> The answer to this question could quite possibly be B since once D-H is
> completed successfully it protects the session key. Again, can someone
> clarify what the Cisco answer would be?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=28475&t=28438
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco PIX firewall book [7:33216]

2002-01-25 Thread Richard Deal


Sam,

The book is pretty much a direct port from the CSPFA 2.0 class. The new
class, 2.1, is now out and it does have some minor changes. One that I
remember is that 2.0 talks a lot about WebSense but 2.1 doesn't.

I was somewhat disappointed with this book, considering that the MCNS book
was a pretty good book. I expected the book to be about 500 pages but it
comes in at about 350 pages.

Hope this helps!

Enjoy!

--
Richard Deal

* Author of the ebook "CCNA Secrets Revealed!" and Exam Cram and Exam Prep
books from the Coriolis Group
* Test author for QuizWare (www.quizware.com)

""sam sneed""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Has anyone read the Cisco Secure PIX Firewalls by  David W. Chapman Jr.? I
> have no experience with PIX yet and need a good book to give me a
> foundation. I don't trust the reviews on Amazon and feel I could get
better
> input from y'all.
>
> Thanks alot
>
> sam




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33227&t=33216
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

History of the PIX Firewall [7:62512]

2003-02-05 Thread Richard Deal

To all,

I have received an email from Brantley Coile, on of the two co-developers of
the PIX firewall, congratulating me on my book. He kindly sent me
information about the development of the PIX and its subsequent sale to
Cisco. If you would like to see the entire story, please visit this link
(watch the wrap):

http://home.cfl.rr.com/dealgroup/pix/pix_page_history.htm

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62512&t=62512
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX Console, Telnet password [7:64184]

2003-03-03 Thread Richard Deal

You can restrict console access with a username and password, but it
requires you to configure AAA.

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.



""Brian Whyte""  wrote in message
news:[EMAIL PROTECTED]
> ON a PIX you need to use the command "enable" to modify the enable
password
>
> usage: enable password  [encrypted]
>
> There is no console password, remember if you can get physical access to
the
> box then you win.
>
> To change to TELNET password use the command "passwd"
>
> usage: passwd  encrypted
>
> For both of these commands the encrypted implies that you are entering a
> encrypted version of the password and not the plaintext version.
>
> Hope this helps out for the PIX.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64252&t=64184
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSPFA 3.0 Study Material [7:64214]

2003-03-04 Thread Richard Deal

John,

Thanks for the kudos. I wrote the book with the PIX exam in the back of my
mind, but my foremost concern was having a reader going away with real
working knowledge on how to set up the PIX. There are two minor objectives
for the exam that I don't cover--multicasting and shunning on the PIX. You
might want to read up on these for your test preparation. I'm hoping that
I'll have time in the next couple of weeks to add this info to my web site.

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.

""John Faulk""  wrote in message
news:[EMAIL PROTECTED]
> Jason, I haven't taken the test yet but will be at the end of the month.
> The book I am using is Cisco Pix firewall by Richard Deal. Alot of people
> consider it the best one out. Or you can wait till March 31st and get the
> cisco press book.
>
>
> John
>
>
> On Mon, Mar 03, 2003 at 01:33:32AM +, Shearer Jason wrote:
> > Anyone have any study material for this exam?  I have the Cisco press
for
> > the old exam, but need material for grouping, PIX ACL's and new software
> > versions (6+).  Any help would be greatly appreciated.
> >
> > Jason
> --

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64349&t=64214
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Help Pix 501 [7:64278]

2003-03-04 Thread Richard Deal

Juan,

The PIX does not permit you to telnet into it from the "outside"
interface--this is a security feature. There are two solutions available:
SSH and a VPN. My recommendation is to go the hard route and set up a remote
access VPN connection to the PIX--SSH has been shown recently to have some
vulnerabilities.

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.



""Juan Blanco""  wrote in message
news:[EMAIL PROTECTED]
> Team,
> I want to be able to telnet to my internal network(terminal server) via
the
> Pix 501, I have a connectivity via my cable provider, I have only one IP
> address. Before using the pix I have a router and I used to telnet to it
> from the Internet then connect to my terminal server, now I can't do it
> because there is no telnet capabilities from the Pix 501, Remember I have
> only one IPAny ideas how to do thisI looked in the Cisco Web
and
> the examples that I was able to find they assume that I have more than 1
IP
> which is no my case.At the present time I have not problem connecting
to
> the Pix from the Internet
>
> I really appreciate your help.
>
> Thanks,
>
> Juan




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64350&t=64278
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix port TELNET redirect [7:64764]

2003-03-08 Thread Richard Deal

Jojo,

I didn't see the ACL applied to the interface; also, make sure you execute
"clear xlate" after this.

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.



""jojo""  wrote in message
news:[EMAIL PROTECTED]
> Im trying to redirect telnet traffic from the pix to my Cisco 2511
> terminal server so I can access the devices over the internet.
> I checked the previous post and tried to configure the Pix.  However the
> traffic gets denied according to my syslog server.
>
> Any help will be appreciated.
>
> JB
>
>
> PC-INTERNET--CABLE/MODEMPIX501--
> ---HUB-TERMINAL SERVER
>
>
>  PIX501(config)# sh config
> : Saved
> :
> PIX Version 6.1(4)
> nameif ethernet0 outside security0
> nameif ethernet1 inside security100
> enable password 2KFQnbNIdI.2KYOU encrypted
> passwd 2KFQnbNIdI.2KYOU encrypted
> hostname PIX501
> domain-name ciscopix.com
> fixup protocol ftp 21
> fixup protocol http 80
> fixup protocol h323 1720
> fixup protocol rsh 514
> fixup protocol rtsp 554
> fixup protocol smtp 25
> fixup protocol sqlnet 1521
> fixup protocol sip 5060
> fixup protocol skinny 2000
> names
> access-list inbound permit icmp any any
> access-list 101 permit tcp any host 122.249.200.190 eq telnet
> pager lines 24
> logging on
> logging timestamp
> logging trap notifications
> logging host inside 192.168.1.20
> interface ethernet0 10baset
> interface ethernet1 10full
> mtu outside 1500
> mtu inside 1500
> ip address outside dhcp setroute
> ip address inside 192.168.1.1 255.255.255.0
> ip audit info action alarm
> ip audit attack action alarm
> pdm location 192.168.1.5 255.255.255.255 inside
> pdm location 192.168.1.20 255.255.255.255 inside
> pdm logging informational 100
> pdm history enable
> arp timeout 14400
> global (outside) 1 interface
> nat (inside) 1 0.0.0.0 0.0.0.0 0 0
> static (inside,outside) tcp 122.249.200.190 telnet 192.168.1.5 telnet
> netmask 255.255.255.255 0 0
> route outside 0.0.0.0 0.0.0.0 12.249.200.1 1
> timeout xlate 3:00:00
> timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323
> 0:05:00 sip 0:30:00 sip_media 0:02:00
> timeout uauth 0:05:00 absolute
> aaa-server TACACS+ protocol tacacs+
> aaa-server RADIUS protocol radius
> http server enable
> http 192.168.1.0 255.255.255.0 inside
> no snmp-server location
> no snmp-server contact
> snmp-server community public
> no snmp-server enable traps
> floodguard enable
> no sysopt route dnat
> telnet timeout 5
> ssh timeout 5
> dhcpd lease 3600
> dhcpd ping_timeout 750
> terminal width 100
> Cryptochecksum:69c02ec0dda407600fb27cb80979fcad
> PIX501(config)#




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64830&t=64764
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: can PIX IDS block spam?? [7:65017]

2003-03-11 Thread Richard Deal

Carol,

No, the PIX cannot block email SPAM. It can help filter web content
information, but requires a third party product, like WebSense or Sentian to
assist. You'll need to find another solution than the PIX.

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.



""Carol smith""  wrote in message
news:[EMAIL PROTECTED]
> Hi..  I wonder PIX generic IDS can block spam e-mail attack?
>
> Thanks
>
>
>
> -
> Do you Yahoo!?
> Yahoo! Web Hosting - establish your business online




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=65047&t=65017
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX Question [7:65095]

2003-03-12 Thread Richard Deal

Manny,

Yes, you can limit the maximum number of connections to a device and the
maximum number of half-open (embryonic) connections. This is done with the
NAT command, at least in your case, since the connections are going from
high-to-low security levels. The NAT command allows you to specify these two
parameters. You'll need to be careful as to what you set them to, otherwise
you might be preventing legitimate connections. By the way, the defaults for
these values is the limit of your connection license, so as you have seen,
an internal user could easily (purposefully or not) create a DoS attack and
paralyze your network.

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.





""Manny""  wrote in message
news:[EMAIL PROTECTED]
> I ran into a situation today where we had a machine that was trying to FTP
> through the firewall. We allow FTP outbound. The problem that came up was
> that the user had no idea that an FTP client was setup on his machine. The
> FTP client (spyware) kept trying to connect to a server (ispynow.com)
using
> the incorrect user name and password. For every attempt an xlate entry was
> created. It created about 7000 entries in a matter of minutes. The
firewall
> was paralyzed. I had to console in and look at the xlate table. Even
through
> the console I had a hard time viewing the table. Is there any way to
prevent
> this from happening again?This is the second time this year an incident of
> this nature with the xlate table has occurred. How can I monitor the xlate
> table for strange behavior?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=65173&t=65095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCNP recertification [7:65292]

2003-03-14 Thread Richard Deal

Priscilla,

I hate to burst the bubble, but the current BSCI test includes IS-IS. I'm
not sure about the new foundation exam, since I couldn' find when this was
updated, but the BSCI exam was updated within the last 6 months, so I'm
assuming you'll find IS-IS on it.

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.




""Priscilla Oppenheimer""  wrote in message
news:[EMAIL PROTECTED]
> I have CCNP recert next week.
>
> Does anyone know if IS-IS is on the CCNP recert test? How recently did
they
> add IS-IS to the routing exam? Has the recert exam been updated that
recently?
>
> I didn't encounter IS-IS on the CCDP recert, by the way. The copyright on
> the CCDP recert exam is 2000.
>
> I do know a bit about IS-IS, but I'd much rather study BGP which I'm also
> weak on but much more interested in. :-)
>
> Dennis is right, in general, that you can't just use your old materials.
The
> point of the recert is to make sure you're keeping up with new stuff. When
I
> took CCDP recert, however, it seemed that CID was still ancient and only a
> little different from the original CID test I took. Same with Remote
Access.
> Switching and Routing had clearly been updated from the exams I took 3
years
> ago, though they weren't the latest version, I don't think, because I
didn't
> encounter IS-IS.
>
> Thanks.
>
> Priscilla
>
> Dennis Laganiere wrote:
> >
> > There is only one test, but it covers all the materials from
> > the four CCNP
> > exams.  You could use whatever study material you used the
> > first time
> > around, but keep in mind the tests have evolved in the last
> > three years, and
> > there are some new topics. Here's the link on the Cisco website:
> >
> >
>
http://www.cisco.com/warp/public/10/wwtraining/certprog/testing/current_exam
> > s/640-851.html
> >
> > I've been studying the various topics, and started putting
> > together a
> > practice exam for Boson. It should be released in the next week
> > or so, but
> > please keep in mind it will be in beta for a while, shaking out
> > the bugs and
> > adding new material.
> >
> > I hope that helps...
> >
> > --- Dennis
> >
> >
> > - Original Message -
> > From: "Reza"
> > To:
> > Sent: Thursday, March 13, 2003 5:42 AM
> > Subject: CCNP recertification [7:65292]
> >
> >
> > > Hello Group,
> > >
> > > I just got an email from Cisco that I need to renew my CCNP
> > by  August
> > 25th.
> > > From what I was reading at Cisco's  Web site, I only need to
> > pass 1 exam
> > for
> > > recertification. Has any body prepare for this recently?
> > > if you have what material was most helpful. I saw this book
> > CCNP
> > Preparation
> > > Library (CCNP Self-Study) has any body used it? is this
> > enough to prepare
> > > you to pass the exam?
> > >
> > > Thanks
> > > Reza




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=65378&t=65292
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX Question [7:65095]

2003-03-14 Thread Richard Deal

Was this NAT or PAT?

If PAT, and the client kept on trying to open up new connections, the source
port would probably be different for each, thus a new xlate in the
translation table.

Cheers1
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.




""John Neiberger""  wrote in message
news:[EMAIL PROTECTED]
> I don't understand why the xlate table would grow.  I can understand the
> connections table growing, sure, but did the PIX really re-translate the
> same internal address over 7000 times in just  few minutes?
>
> John
>
> >>> Scott Roberts 3/13/03 11:08:29 AM >>>
> strange that it would create another translation instead of using the old
> one?? I suppose its more an error in the client software thinking it still
> has a valid server connection and tries to open a brand new one then.
>
> the only thing that comes to my mind would be to expire your translations
> faster, but I've never done this, so I don't even know if its possible.
>
> scott
>
> ""Manny""  wrote in message
> news:[EMAIL PROTECTED]
> > I ran into a situation today where we had a machine that was trying to
FTP
> > through the firewall. We allow FTP outbound. The problem that came up
was
> > that the user had no idea that an FTP client was setup on his machine.
The
> > FTP client (spyware) kept trying to connect to a server (ispynow.com)
> using
> > the incorrect user name and password. For every attempt an xlate entry
was
> > created. It created about 7000 entries in a matter of minutes. The
> firewall
> > was paralyzed. I had to console in and look at the xlate table. Even
> through
> > the console I had a hard time viewing the table. Is there any way to
> prevent
> > this from happening again?This is the second time this year an incident
of
> > this nature with the xlate table has occurred. How can I monitor the
xlate
> > table for strange behavior?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=65380&t=65095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX Question [7:65095]

2003-03-18 Thread Richard Deal

Was this NAT or PAT?

If PAT, and the client kept on trying to open up new connections, the source
port would probably be different for each, thus a new xlate in the
translation table.

Cheers1
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.




""John Neiberger""  wrote in message
news:[EMAIL PROTECTED]
> I don't understand why the xlate table would grow.  I can understand the
> connections table growing, sure, but did the PIX really re-translate the
> same internal address over 7000 times in just  few minutes?
>
> John
>
> >>> Scott Roberts 3/13/03 11:08:29 AM >>>
> strange that it would create another translation instead of using the old
> one?? I suppose its more an error in the client software thinking it still
> has a valid server connection and tries to open a brand new one then.
>
> the only thing that comes to my mind would be to expire your translations
> faster, but I've never done this, so I don't even know if its possible.
>
> scott
>
> ""Manny""  wrote in message
> news:[EMAIL PROTECTED]
> > I ran into a situation today where we had a machine that was trying to
FTP
> > through the firewall. We allow FTP outbound. The problem that came up
was
> > that the user had no idea that an FTP client was setup on his machine.
The
> > FTP client (spyware) kept trying to connect to a server (ispynow.com)
> using
> > the incorrect user name and password. For every attempt an xlate entry
was
> > created. It created about 7000 entries in a matter of minutes. The
> firewall
> > was paralyzed. I had to console in and look at the xlate table. Even
> through
> > the console I had a hard time viewing the table. Is there any way to
> prevent
> > this from happening again?This is the second time this year an incident
of
> > this nature with the xlate table has occurred. How can I monitor the
xlate
> > table for strange behavior?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=65638&t=65095
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Mentor Technologies... Bankrupt? [7:23274]

2001-10-18 Thread Richard Deal

To all,

I have no specifics to add about this, except to make a point about this
vlab thing--I know of MANY training parters that bought into this from Cisco
and got slammed because of the complete lack of demand on virtual training.
I think Cisco saw this vision of distance learning taking over the training
business and pushed a lot of their training partners to get into this game.
What Cisco didn't take the time to look at is that universities and colleges
have been looking at this for years. Now if these long-lived institutions
couldn't pull it off (not because of technology, but because of user's
perceptions), did Cisco think they could? Most people that are going to pay
$2,000 for training want the equipment in front of them to touch and feel it
and they want direct interaction with other people, ESPECIALLY the
instructor--making a phone call to some one in support when you have a
question in a vlab is counter-productive--you spend more time on the phone
than you do actually using the material. Plus, in an instructor-led
environment, you learn things that are NOT in the course and book and you
also learn about things other companies are doing by talking to the other
students in the class.

All of this sounds so basic, but many of the training partners got skinned
on this one...some are even filing for bankruptcy...since to do this vlab
and elearning stuff, you need to develop the materials, buy all of the
hardware, and develop a delivery mechanism...and that cost A LOT of money. I
was even asked by one of the training partners to get into this thing by
investing $50K. I thought about it for a few minutes, realized that no one
else pulled it off before this based on my previous remarks, and nicely
declined them.

So not only are training partners hurting like hell because of low
enrollment in their classes, but many of them are at the brink of death
because of very poor business decisions...

just my 2 cents ;-)

Enjoy!

""George Murphy CCNP, CCDP""  wrote in message news:200110
[EMAIL PROTECTED]
> Holy Hell!!, not only are they drowning, but are crude to the poor folks
> they are
> letting go.
>
> bmartin wrote:
>
> > Does anyone have any idea as to the fate of Mentor
> > Technologies?
> >
> >
>
http://www.mddailyrecord.com/current_issues/2_89_monday/businessnews/58338-1
.html
> >
--
__

Richard Deal

email: [EMAIL PROTECTED]
web:   http://pages.prodigy.net/richard.deal

* Just finished a CCNA ebook available at Boson (www.boson.com):
 + "CCNA Secrets Revealed!"

* CCNP test author for QuizWare (www.quizware.com)
 + CCNA #1 and #2 -- 550 questions each!
 + CCNP Routing #1 -- 500 questions
 + CCNP Switching #1 -- 500 questions
 + CCNP Remote Access #1 -- 500 questions
 + CCNP Support #1 -- 500 questions

*  Author of the following Coriolis books:
 + "CCNP Switching Exam Cram"
 + "CCNP Remote Access Exam Prep"
 + "CCNP Cisco Lan Switch Configuration Exam Cram"
__

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=23390&t=23274
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MCNS passing mark [7:24935]

2001-11-01 Thread Richard Deal


To all,

Does anyone know the MCNS passing mark as well as the number of questions?

Thanks!!!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24935&t=24935
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: "QuizWare" vs. "Boson" [7:26361]

2001-11-15 Thread Richard Deal


To all,

I'm an author for QuizWare for Cisco tests and I can say that ALL my tests
have COMPLETELY different questions than Boson. The test engine used by
QuizWare is the same engine that Boson uses. Actually, QuizWare is a channel
partner of Boson. QuizWare caters, for the most part, to authors that want
to develop customized tests. Boson restricts their test prices to $39.95 and
the number of questions per test to about 200. QuizWare has no such
restriction, so an author could charge $1,000 per test and put 10,000
questions in it. The tests that I have written for QuizWare have at least
500 questions each and only cost $49.95. Plus, I have a special of buy 3,
get the 4th free.

Hope this helps!

""Dimitris Vassilopoulos""  wrote in
message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>
> Same format, same questions...
>
> Dvass
--
__________

Richard Deal

email: [EMAIL PROTECTED]
web:   http://pages.prodigy.net/richard.deal

* Just finished a CCNA ebook available at Boson (www.boson.com):
 + "CCNA Secrets Revealed!"

* CCNP test author for QuizWare (www.quizware.com)
 + CCNA #1 and #2 -- 550 questions each!
 + CCNP Routing #1 -- 500 questions
 + CCNP Switching #1 -- 500 questions
 + CCNP Remote Access #1 -- 500 questions
 + CCNP Support #1 -- 500 questions

*  Author of the following Coriolis books:
 + "CCNP Switching Exam Cram"
 + "CCNP Remote Access Exam Prep"
 + "CCNP Cisco Lan Switch Configuration Exam Cram"
__




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=26408&t=26361
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix & non-Rfc networks. [7:56347]

2002-10-28 Thread Richard Deal

To all,

In 6.2 of the FOS you CAN do this :-).

You just have a situation of overlapping networks. here is the info on how
to accomplish this:
http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration
_guide_chapter09186a00800eb71e.html#xtocid26
(watch the wrap).

Cheers!

Richard


""Brett spunt""  wrote in message
news:200210270014.AAA27223@;groupstudy.com...
> True, but that network is not a private ip, so if inside host is trying to
> hit a "live" web server at 192.5.2.x, there are SCREWED, ya
> know.
>
> -Original Message-
> From: gogarty [mailto:ciaron@;gogarty.net]
> Sent: Saturday, October 26, 2002 4:47 PM
> To: Brett spunt; [EMAIL PROTECTED]
> Subject: Re: Pix & non-Rfc networks. [7:56347]
>
>
> No need to doubt.  If you have the network 192.5.2.0/24 inside the pix,
why
> would a client want to connect to the same network outside the pix?  As
far
> as the client is concerned it is ON the 192.5.2.0/24 network!!
>
> - Original Message -
> From: "Brett spunt"
> To:
> Sent: Saturday, October 26, 2002 7:36 PM
> Subject: RE: Pix & non-Rfc networks. [7:56347]
>
>
> > Yes,
> >
> > You will never even make it to the pix if your destined for the
> 192.5.2.0/24
> > network.
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:nobody@;groupstudy.com]On Behalf Of
> > [EMAIL PROTECTED]
> > Sent: Saturday, October 26, 2002 5:05 AM
> > To: [EMAIL PROTECTED]
> > Subject: Pix & non-Rfc networks. [7:56347]
> >
> >
> > Hello,
> >
> > I was just reading this document,from the following link
> > http://www.cisco.com/warp/customer/110/8.html I have attached the Pdf
file
> > of the same for your convinence :-).
> >
> >
> > now coming to my doubt.
> >
> > If i have a network say like 192.5.2.0/24 inside the pix (connecting to
> > internet) Does it mean that all the sites with 192.5.2.0/24 would not be
> > accessible to the inside network ??
> >
> > thanks and regards,
> > Murali
> >
> > [GroupStudy.com removed an attachment of type application/octet-stream
> which
> > had a name of non-rtc-net.pdf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56411&t=56347
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 828 3des Performance [7:57703]

2002-11-19 Thread Richard Deal

Arni,

I believe the throughput of the 800 series is about 384Kbps when doing
encryption, so you might want a bigger router.

Cheers!

--
Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.


""Arni V. Skarphedinsson""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi
>
> I have a VPN 3005 Concentrator, that establishes an Ipsec 3des tunnel to a
> 828 router, the router has uppgraded memory and 3des sofware.
>
> the router is connectd to my via a 2mbits line, and workes fine, but when
I
> establish the vpn tunnel the performance drops down to something line
> 256Kbits, and I can see one the router that the CPU load is about 50 - 80%
>
> Is this normal, i.e. can the 828 just not handle any more ipsec 3des
traffic ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=57705&t=57703
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix questions [7:57686]

2002-11-19 Thread Richard Deal

Ramesh,

As to routing, the PIX will forward packets from one interface to another,
but you have to do certain things to accomplish this:
>From higher security level to lower, you need nat and global commands; from
lower to higher, you need static and access-list commands.

Fro external people accessing the DMZ, you also need a static command, and I
assume that you have applied the ACL to the PIX's outside interface.

As to the inside interface accessing the DMZ, you'll need to set up a nat
and global command set (or use nat 0 to disable NAT between the two
networks).

""ramesh c""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> 1)I got traffic flowing from outside to dmz.I got a mail server sitting on
> the dmz.
>
> access-list acl_outside permit tcp any host mail eq smtp
>
> Do I need to the following?or just the access-list will do?
> static (dmz,outside) mail mail netmask 255.255.255.255 0
>
> 2)Can inside access DMZ without nat commands?.Meaning can pix act as a
> router?
>

--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=57707&t=57686
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 828 3des Performance [7:57703]

2002-11-20 Thread Richard Deal

Arni,

Thanks for the kudos!

Just do a search on Cisco's web site for "+router +encryption +throughput".
Unfortunately, the only place I've ever seen this information brought
together was Cisco's official course material (like the CSVPN coursebook).
Hope this helps.

Cheers!
--
Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.


""Arni V. Skarphedinsson""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I just realizied who you are, and that I am reading your book "Cisco PIX
> Firewalls" :)
>
> it4s a small networking world.
>
> I think it4s a great book, and has give me a lot of information about
> working with the cisco PIX.
>
> Thanx again.
>
> p.s. and if anyone knows of a link to www.cisco.com, that I can see the
> Ipsec throughput performance numbers for 3des on, especialy for the 800
> series routers, please let me know.
>
> Best regards,
> Arni




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=57781&t=57703
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: pix vpn [7:57740]

2002-11-20 Thread Richard Deal

Ciaron,

You know, I've been impatiently waiting for the same feature. When I teach
classes that are remote for Boson, we use a 3002 and a router. I need to set
up a GRE tunnel and then encrypt this tunnel. And because this stuff
typically goes through a firewall, I need a TCP VPN connection. It would be
great if Cisco's routers supported this feature; then I could get read of
the 3002 and 3005 and just use two routers as the endpoints of the
connection. If anyone knows if/when Cisco has plans for adding this feature
to their routers and PIXs, I'm sure quite a few people would be interested
in this information.

Cheers
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.

""Ciaron Gogarty""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Does anybody know if the PIX will support the client side TCP
encapsulation
> of VPN traffic in the near future, or must you buy a VPN concentrator to
get
> this feature??
>
> Thanks
>
> CG
>
>
> **
>  This email and any files transmitted with it are confidential and
>  intended solely for the use of the individual or entity to whom they
>  are addressed. If you have received this email in error please notify
>  the system manager.
>
>  This footnote also confirms that this email message has been swept for
>  the
>  presence of computer viruses.
>
>  For more information contact [EMAIL PROTECTED]
>
>  phone + 353 1 4093000
>
>  fax + 353 1 4093001
> **




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=57786&t=57740
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSS1/CCSP [7:58241]

2002-11-29 Thread Richard Deal

John,

The CSS1 exams are valid until the end of January, upon which you must take
the new exams. CiscoPress doesn't have any books out yet on the new tests.

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.


""John Cianfarani""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Can we still write CSS1 or has it been replaced with the CCSP?
>
> Thanks
> John
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, November 28, 2002 8:30 PM
> To: [EMAIL PROTECTED]
> Subject: RE: CSS1/CCSP [7:58241]
>
> I havent take the new CSI exam, but for CSS1 i suggest you do the
> following
> : MCNS - PIX - VPN - IDS, and if you already pass all of them, i dont
> think
> you would have problems with CSI.
>
>
> Ardi




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58290&t=58241
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX Book [7:58250]

2002-11-29 Thread Richard Deal

Arni,

Thanks for the plug on my book. You can also use it to study for the new PIX
exam, if you are thinking of pursing the CSS1, CCSP, or PIX specialist
certification. If you have any questions while reading it, please don't
hesitate to shoot me an email.

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.


""Arni V. Skarphedinsson""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> The Cisco PIX Firewalls by Richard A. Deal
>
> I am reading it, and would recomed it.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58291&t=58250
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSS1/CCSP [7:58241]

2002-11-29 Thread Richard Deal

Mark,

Actually, Mark, I'm one step ahead of you :-). My PIX book came out at the
end of October from McGraw-Hill/Osborne. I wrote it as a non-certification
book, but it covers everything you'd see on the new PIX exam. You can check
out a free chapter on Osborne's web site:
http://shop.osborne.com/cgi-bin/osborne/0072225238.html (watch the wrap!).

I also have some extra stuff on my web site that I couldn't fit in the book
because of page constraints. Just vist my home page below.

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.



""Mark Smith""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> So when are you going to write one, Rich?
> We're waiting.   :)
>
>
> Quoting Richard Deal :
>
> > John,
> >
> > The CSS1 exams are valid until the end of January,
> > upon which you must take
> > the new exams. CiscoPress doesn't have any books out
> > yet on the new tests.
> >
> > Cheers!
> > --
> >
> > Richard A. Deal
> >
> > Visit my home page at
> > http://home.cfl.rr.com/dealgroup/
> >
> > Author of Cisco PIX Firewalls, CCNA Secrets Revealed!,
> > CCNP Remote Access
> > Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco
> > LAN Switch Configuration
> > Exam Cram
> >
> > Cisco Test Prep author for QuizWare, providing the
> > most comprehensive Cisco
> > exams on the market.
> >
> >
> > ""John Cianfarani""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Can we still write CSS1 or has it been replaced with
> > the CCSP?
> > >
> > > Thanks
> > > John
> > >
> > > -Original Message-
> > > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]
> > > Sent: Thursday, November 28, 2002 8:30 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: RE: CSS1/CCSP [7:58241]
> > >
> > > I havent take the new CSI exam, but for CSS1 i
> > suggest you do the
> > > following
> > > : MCNS - PIX - VPN - IDS, and if you already pass
> > all of them, i dont
> > > think
> > > you would have problems with CSI.
> > >
> > >
> > > Ardi
> > [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58295&t=58241
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSS1/CCSP [7:58241]

2002-12-01 Thread Richard Deal

Mark,

Thanks for ordering my book. Actually, I was in discussion with McGraw-Hill,
Syngress and CiscoPress and all three wanted me to publish a book on the
PIX. CiscoPress wanted me to do a certification book and I wanted to do a
stand-alone book. I was leary about going with Syngress since they're a
small publisher and my last small publisher, The Coriolis Group, went
belly-up earlier this year. Let me know what you think about my book--good
and bad :-). Also, make sure you take advantage of the stuff that I couldn't
fit into the book by visiting my web site.

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.



""Mark Smith""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I was teasing, Richard. I ordered yours and a new one by a Callisma(?) and
> Umer Khan called Cisco Security Specialist's Guide to PIX Firewall from
> Bookpool.com yesterday after the post here mentioning it. When are you
going
> to write one for CiscoPress anyway? I'm surprised they haven't approached
> you about it. Never did understand why Ceeesco used to have Firewall IOS
> covered on the PIX test anyway. Glad to see they've changed it. While I
may
> go for CCSP the reason I bought yours is because of the areas you cover in
> it. I work with PIX's and have no training on them. It's a small part of
my
> daily chores and I don't have the time to devote to learning about them
that
> I wish I did. Too many other things to do and keep up with. Not much
> available on the PDM. Cisco's got squat on their site about it other than
> installation. Wonder what all I can do thru the PDM that I just don't know
> about.
> Thanks for writing the book.
>
> Mark
>
> Quoting Richard Deal :
>
> > Mark,
> >
> > Actually, Mark, I'm one step ahead of you :-). My PIX
> > book came out at the
> > end of October from McGraw-Hill/Osborne. I wrote it as
> > a non-certification
> > book, but it covers everything you'd see on the new
> > PIX exam. You can check
> > out a free chapter on Osborne's web site:
> > http://shop.osborne.com/cgi-bin/osborne/0072225238.html
> > (watch the wrap!).
> >
> > I also have some extra stuff on my web site that I
> > couldn't fit in the book
> > because of page constraints. Just vist my home page
> > below.
> >
> > Cheers!
> > --
> >
> > Richard A. Deal
> >
> > Visit my home page at
> > http://home.cfl.rr.com/dealgroup/
> >
> > Author of Cisco PIX Firewalls, CCNA Secrets Revealed!,
> > CCNP Remote Access
> > Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco
> > LAN Switch Configuration
> > Exam Cram
> >
> > Cisco Test Prep author for QuizWare, providing the
> > most comprehensive Cisco
> > exams on the market.
> >
> >
> >
> > ""Mark Smith""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > So when are you going to write one, Rich?
> > > We're waiting.   :)
> > >
> > >
> > > Quoting Richard Deal :
> > >
> > > > John,
> > > >
> > > > The CSS1 exams are valid until the end of January,
> > > > upon which you must take
> > > > the new exams. CiscoPress doesn't have any books
> > out
> > > > yet on the new tests.
> > > >
> > > > Cheers!
> > > > --
> > > >
> > > > Richard A. Deal
> > > >
> > > > Visit my home page at
> > > > http://home.cfl.rr.com/dealgroup/
> > > >
> > > > Author of Cisco PIX Firewalls, CCNA Secrets
> > Revealed!,
> > > > CCNP Remote Access
> > > > Exam Prep, CCNP Switching Exam Cram, and CCNP
> > Cisco
> > > > LAN Switch Configuration
> > > > Exam Cram
> > > >
> > > > Cisco Test Prep author for QuizWare, providing the
> > > > most comprehensive Cisco
> > > > exams on the market.
> > > >
> > > >
> > > > ""John Cianfarani""  wrote in message
> > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > > Can we still write CSS1 or has it been replaced
> > with
> > > > the CCSP?
> > > > >
> > > > > Thanks
> > > > > John
> > > > >
> > > > > -Original Message-
> > > > > From: [EMAIL PROTECTED]
> > > > [mailto:[EMAIL PROTECTED]]
> > > > > Sent: Thursday, November 28, 2002 8:30 PM
> > > > > To: [EMAIL PROTECTED]
> > > > > Subject: RE: CSS1/CCSP [7:58241]
> > > > >
> > > > > I havent take the new CSI exam, but for CSS1 i
> > > > suggest you do the
> > > > > following
> > > > > : MCNS - PIX - VPN - IDS, and if you already
> > pass
> > > > all of them, i dont
> > > > > think
> > > > > you would have problems with CSI.
> > > > >
> > > > >
> > > > > Ardi
> > > > [EMAIL PROTECTED]
> > [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58367&t=58241
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSS1/CCSP [7:58241]

2002-12-01 Thread Richard Deal

Shahid,

Unlike the CiscoPress book which omits this very important configuration
component, I've spent some time in by book about dealing with multiple
interfaces as it relates to address translation AND filtering, like ACLs and
conduits. Probably one of the most difficult configuration tasks on a PIX is
dealing with a PIX with muliple interfaces, especially when it comes to
address translation. So I definitely spent some time talking about these
topics and how to configure your PIX in this situation. Hope this helps. If
you have any other questions, don't hesitate to holler.

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.


""Shahid Muhammad Shafi""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hey Richard,
> I am about to purchase ur book but just one quick question: Did u cover
any
> details regarding multiple interfaces configuration examples like 0,100,99
> and 70. Thanks
> Shahid
>  Richard Deal  wrote:Mark,
>
> Actually, Mark, I'm one step ahead of you :-). My PIX book came out at the
> end of October from McGraw-Hill/Osborne. I wrote it as a non-certification
> book, but it covers everything you'd see on the new PIX exam. You can
check
> out a free chapter on Osborne's web site:
> http://shop.osborne.com/cgi-bin/osborne/0072225238.html (watch the wrap!).
>
> I also have some extra stuff on my web site that I couldn't fit in the
book
> because of page constraints. Just vist my home page below.
>
> Cheers!
> --
>
> Richard A. Deal
>
> Visit my home page at http://home.cfl.rr.com/dealgroup/
>
> Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
> Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch
Configuration
> Exam Cram
>
> Cisco Test Prep author for QuizWare, providing the most comprehensive
Cisco
> exams on the market.
>
>
>
> ""Mark Smith"" wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > So when are you going to write one, Rich?
> > We're waiting. :)
> >
> >
> > Quoting Richard Deal :
> >
> > > John,
> > >
> > > The CSS1 exams are valid until the end of January,
> > > upon which you must take
> > > the new exams. CiscoPress doesn't have any books out
> > > yet on the new tests.
> > >
> > > Cheers!
> > > --
> > >
> > > Richard A. Deal
> > >
> > > Visit my home page at
> > > http://home.cfl.rr.com/dealgroup/
> > >
> > > Author of Cisco PIX Firewalls, CCNA Secrets Revealed!,
> > > CCNP Remote Access
> > > Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco
> > > LAN Switch Configuration
> > > Exam Cram
> > >
> > > Cisco Test Prep author for QuizWare, providing the
> > > most comprehensive Cisco
> > > exams on the market.
> > >
> > >
> > > ""John Cianfarani"" wrote in message
> > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > Can we still write CSS1 or has it been replaced with
> > > the CCSP?
> > > >
> > > > Thanks
> > > > John
> > > >
> > > > -Original Message-
> > > > From: [EMAIL PROTECTED]
> > > [mailto:[EMAIL PROTECTED]]
> > > > Sent: Thursday, November 28, 2002 8:30 PM
> > > > To: [EMAIL PROTECTED]
> > > > Subject: RE: CSS1/CCSP [7:58241]
> > > >
> > > > I havent take the new CSI exam, but for CSS1 i
> > > suggest you do the
> > > > following
> > > > : MCNS - PIX - VPN - IDS, and if you already pass
> > > all of them, i dont
> > > > think
> > > > you would have problems with CSI.
> > > >
> > > >
> > > > Ardi
> > > [EMAIL PROTECTED]
> Shahid Muhammad Shafi
> "Every man dies; not every man really lives"
>
> remember, if God bringz u 2 it, He WILL bring u thru it!!!-
>
> Please help feed hungry people worldwide http://www.hungersite.com/
> A small thing each of us can do to help others less fortunate than
ourselves
>
>
> -
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up now




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58368&t=58241
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 501 reloading [7:58946]

2002-12-12 Thread Richard Deal

To all,

I have the same problem with my 501 at home--the power connector that Cisco
developed is junk. Just touching the power connector (seated into the PIX)
usually causes it to have conniptions.

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.


""MADMAN""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I'm guessing that the power is being lost for a split second causing
> the reload but the power connecter always "looks" secure.  The early
> 1600's had similiar problems but they changed the connector and they
> seem much better now.  Maybe I'm just lucky or more abusive.  If you set
> it up and never touch it it is fine but the slight moves that have
> caused reloads concern me.
>
>   Thanks
>
>   Dave
>
> "Roberts, Larry" wrote:
> >
> > I have 2 501's that I have deployed with no problems as such...
> >
> > (fingers crossed )
> >
> > Could the power connection in the back be loose on the inside? It might
be
> a
> > manufacturing problem?
> >
> > Thanks
> >
> > Larry
> >
> >
> > -Original Message-
> > From: Elijah Savage III [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, December 10, 2002 7:07 PM
> > To: [EMAIL PROTECTED]
> > Subject: RE: 501 reloading [7:58946]
> >
> > Dave,
> >
> > Do not say yours gave up the ghost please do not say that LOL. Because
mine
> > does the exact same thing I just put it in my rack and leave it alone,
> > anytime I have to recable my lab I turn it off because the slightest
move
> of
> > a cable and it reboots, and I hate doing it because my dsl line
sometimes
> is
> > hard to sync back up such an inconveyance. Now you got me worried about
how
> > long is it going to be before mine goes out.
> >
> > -Original Message-
> > From: MADMAN [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, December 10, 2002 6:42 PM
> > To: [EMAIL PROTECTED]
> > Subject: 501 reloading [7:58946]
> >
> > Hi,
> >
> >   Was wondering if anyone else out there has experienced PIX501 reloads
by
> > barely doing more than looking xeyed at it!  The 501 I originally had in
> the
> > lab was easily reloaded, then yesterday it seemed to give up the ghost
so I
> > RMAed it.  I got the new one and connected it to my PC on my desk.  I
> grabed
> > the PIX and tilted it some to see if I had a link light and wammo, it
> > reloaded.  Later I slid the PIX about 6 inches across my desk to give me
> > more elbow room and another reload.  I can too easily make this box
crash.
> > It doesn't loose power and there are no tracebacks or anything it just
> > restarts.
> >
> >   To make a short story long has anyone seen this behaviour on their
> PIX501.
> > If not can you try and reproduce it?  The engineer at Cisco who RMAed my
> > original PIX has not heard of this ocurring so maybe I'm just lucky:(
> >
> >   Thanks
> >
> >   Dave
> > --
> > David Madland
> > CCIE# 2016
> > Sr. Network Engineer
> > Qwest Communications
> > 612-664-3367
> >
> > "You don't make the poor richer by making the rich poorer." --Winston
> > Churchill
> --
> David Madland
> CCIE# 2016
> Sr. Network Engineer
> Qwest Communications
> 612-664-3367
>
> "You don't make the poor richer by making the rich poorer." --Winston
> Churchill




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59077&t=58946
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Resricicting Certain Users -Pix 515 UR [7:58861]

2002-12-12 Thread Richard Deal

To all,

WebSense, and N2H2 (in 6.2), are good solutions if you want to filter web
CONTENT--if you have a statitic list of sites, then using an ACL will do the
job. Another solution, especially if you have roaming users and their IPs
are assigned via DHCP, is to use Cut-Through proxy--with this solution, the
user must authenticate BEFORE you allow the connection going out. This gives
you per-group control on who access what. This can be used for traffic in
BOTH directions on the PIX.

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.


""Brad""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Kevin,
>
> Hi!  I would say the best way to do something like this would probably be
> using Websense (or similar software) in conjunction with your Pix.  I've
> setup Websense before, and it's pretty easy.
>
> thanks,
> -Brad Ellis
> CCIE#5796 (R&S / Security)
> Network Learning Inc
> [EMAIL PROTECTED]
> www.optsys.net (Cisco hardware)
>
> ""Kevin O'Gilvie""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Hi All,
> >
> > I would like to create a group lets say x,x,x,x-x.x.x.x and restrict
them
> to
> > only certain websites, I am guessing I will have to use ip addresses of
> > those sites, but still allow them to access the local network..
> > Whats the best way to go about this.
> > I have been using groups in my configs thus far..
> >
> > BTW- I love you guys in this group, it has to be the best news group
> around
> > right now, lets keep the standards high and weed out the slackers that
are
> > trying to water down the CCIE's. We are doing more work for less money
and
> > the main reason why is because we are settling, we work damn hard and
> invest
> > time and money to achieve these goals, and should be awarded as such. I
> dont
> > see doctors building practice labs in there homes to cure patients, nor
> > lawyers building practice court rooms..
> >
> > Sorry for the ranting but every year it seems you have to have more and
> more
> > letters after your name to earn a decent living in this technology
arena,
> > when we are the ones that are enabling these million and billion dollar
> > companies to do business seemlessly anytime and anywhere..
> >
> > -Kevin
> >
> > _
> > The new MSN 8: smart spam protection and 2 months FREE*
> > http://join.msn.com/?page=features/junkmail




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59076&t=58861
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Perhaps O/T: Window TCP Rcv Window [7:59400]

2002-12-18 Thread Richard Deal

To all,

There is a freeware program called Dr. TCP Win for Windows 2000/XP that
allows you to change both the MTU and TCP Window size--requires a reboot,
though, after the change.

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.



""Steve Dispensa""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > So one wild idea would be to remove memory from the host. Or maybe you
> could
> > get it to use up a chunk of memory by opening lots of large docs and/or
> > using a RAM disk!?
>
> In practice, you'd have to really restrict the amount of RAM to a level
> that the OS wouldn't function.  You're talking about an 8K buffer
> here... squeezing 8K out of a 256MB machine is usually pretty easy. :-)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=59469&t=59400
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX DHCP problem [7:60893]

2003-01-12 Thread Richard Deal

To all,

Use the "show route" command to see if you received the default route. One
configuration mistake that you might have made with the "ip address" command
is omitting the optional "setroute" parameter at the end. This parameter
accepts and uses the default route received from the ISP. The command should
look like this:
>> ip address outside dhcp setroute

Also, remember that if you are pinging THROUGH the PIX from the inside
interface, you must have an ACL on the outside interface allowing the
returning ICMP traffic: ICMP traffic is NOT stateful in the PIX.

You can also use the following debug command to help troubleshoot (assuming
you have 6.2):
>> [no] debug dhcpc detail|error|packet

Hope this helps!

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.



""supernet""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have a PIX 506 and would like to use it for my home office. My ISP
> assigns dynamic IP to me. I can see my PIX 506 got the IP address but I
> can't ping anywhere. I don't know if it gets default gateway. How do I
> verify? Thanks. Yoshi




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=60917&t=60893
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Richard A. Deal Books [7:62027]

2003-01-28 Thread Richard Deal

Mark,

Thanks for the kudos. I worked really hard on the book and I know, after
having written 6 books, that you can't please everyone. However, of all of
the books that I've written, I'm proudest of this book. Yes, there are some
errors that slipped in during my last review of the book and when it went to
production, which does, unfortunately, happen. But as I discover these, I
put them on my web site.

As to my MCNS book, which is what the first poster asked, I had finished it,
but before it went to print, the publisher (The Coriolis Group) went out of
business. Since the MCNS has changed, I've decided not to create a new book.
I'm getting a contract this week to write a CCNA book for McGraw-Hill and
have been desparately trying to convince them to write a Cisco VPN book--one
that covers ALL aspects of VPNS with Cisco products--PIX, router,
concentrator, and their software clients.

If you have any questions about my PIX book, please don't hesitate in
shooting me an email. Thanks for your support!

Cheers!
""Mark Smith""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I think his PIX book is very good. I've not found many errors in it but
then
> maybe I've not looked at it in as much depth as you have. If I have a
gripe
> about it it's for one thing. I use it as a desktop reference. Sometimes
I'm
> looking up how to accomplish "X" and find out that before I can do that I
> need to accomplish A, B and/or C. The instructions will simply say "That
> process was covered earlier and won't be repeated here. Now to accomplish
> "X"."  Earlier?  WhereEXACTLY? I've spent more time looking for
> "earlier" sometimes than I do accomplishing the task at hand. "Earlier in
> this chapter under the blah heading" or "this was covered in the chapter
on
> blah blah" would be helpful. As far as the info in the book goes I've
found
> stuff in there that I can't find at CCO (it may be there but I can't find
> it) or anywhere other than maybe from tech in a TAC call. Either that or
> I've had to look for it in a dozen different places and now it's all
> together in one book.
> It's the best book I've found on using a PIX. Beats the Cisco Press book
on
> the PIX by a long shot.
> Don't know about any others he's written.
>
> IMHO.
>
> Mark
>
>
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Sam Sneed
> Sent: Tuesday, January 28, 2003 9:57 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Richard A. Deal Books [7:62027]
>
>
> His PIX firewall book is OK. It does have a lot of errors in it though.
Hope
> his other books have proofreaders.
>
>
> ""Joseph R. Taylor""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Hi Everyone,
> > I'm interested in knowing how good Richard A. Deal's books are.
> > Especially in reference to MCNS. Thank you in advance.
> > Joseph R. Taylor
> > MCSE, CCNP




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62072&t=62027
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Richard A. Deal Books [7:62027]

2003-01-29 Thread Richard Deal

GM,

It depends :-). First, you typically get an advance. This varies, but can be
between $5,000 and $15,000, depending on the subject (how hot it is) and the
previous track record of the author. This money counts against any royalties
that you make...which is why they call it an "advance". You then get
royalties. Royalties are based on net profit of the book.

As an example, if a book says it costs $50 on the cover, this is considered
gross profit. Net profit is what the publisher gets for the book. The
publisher typically marks the book up by about 50%. This can vary depending
on whether the book is hard or soft-bound, includes CDs, and its page
length, as well as other things. So net profit on a $50 book is about $25.
You get a percentage of the $25. Royalties can range anywhere from a very
low 5% up to about %18 percent. Sometimes this is on a sliding scale. For
instance, it might be that you get 8% for selling 5,000 copies and between
5,000 and 10,000 you get 10% and for anything above 10,000 copies, you get
%12. As an example, if your percentage is 10% on a net profit of $25 a book,
you only get $2.50 a book.

Most technical writers don't get rich selling technical books. Most
publishers are looking for average sales of 500 copies a month. So given
$2.50 a book, you just make $1,250 for that month. Of course, if you had an
advance of $10,000, this money goes to paying off the advance. So you might
not see any real money until about 9 months later. A really hot topic
typically sells more than 1,000 or 2,000 copies a month, but this doesn't
happen too often. Of course, you might get really lucky, like Todd Lammle
did when he came out with his first CCNA book. Rumor is that he sold over
250,000 copies in 18 months...talk about nice royalty checks :-).

I got into the writing business by accident. In my first marriage, I was
paying a lot of alimony and didn't have any spending money :-(. This is when
Cisco's certifications were taking off. Since I taught these classes, and
had a minor in English, I thought, hey, what the heck. It will at least give
me some money to travel a bit. So my first contract was with the Coriolis
Group to write a Cisco Switching book for Cisco's switching exam.

Writing isn't for everyone. Constantly I get asked how easy is it, or how
can even begin to write a book? Typically, I can get a first proof of the
book done in 3-4 months, which is about 600-700 pages. It takes persistence.
There are many a day when I don't feel like working at it. When I was
writing my first book, I was under a lot of stress--working during the day
and then writing 3-4 hours every night. And then writing every weekend.
Today, my schedule is much more flexible

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.




""Mossburg, Geoff (MAN-Corporate)""  wrote in
message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I know a lot of people on this group have been published, some multiple
> times, and I hope I'm not offending anyone by asking this question: How
well
> does a book publisher pay for the books you write? I'm not expecting any
> specific figures, but a ballpark figure would be interesting.
> Thanks!
> GM
>
> -Original Message-
> From: Richard Deal [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, January 28, 2003 7:24 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Richard A. Deal Books [7:62027]
>
>
> Mark,
>
> Thanks for the kudos. I worked really hard on the book and I know, after
> having written 6 books, that you can't please everyone. However, of all of
> the books that I've written, I'm proudest of this book. Yes, there are
some
> errors that slipped in during my last review of the book and when it went
to
> production, which does, unfortunately, happen. But as I discover these, I
> put them on my web site.
>
> As to my MCNS book, which is what the first poster asked, I had finished
it,
> but before it went to print, the publisher (The Coriolis Group) went out
of
> business. Since the MCNS has changed, I've decided not to create a new
book.
> I'm getting a contract this week to write a CCNA book for McGraw-Hill and
> have been desparately trying to convince them to write a Cisco VPN
book--one
> that covers ALL aspects of VPNS with Cisco products--PIX, router,
> concentrator, and their software clients.
>
> If you have any questions about my PIX book, please don't hesitate in
> shooting me an email. Thanks for your support!
>
> Cheers!
> ""Mark Smith""  wrote in mess

ARe: PIX and asymmetry [7:62100]

2003-01-29 Thread Richard Deal

Jamie,

Not quite...what you can do, however, is have all traffic go through one PIX
and have another PIX as a failover. In this scenario, if one PIX would fail,
the other could kick in--in this scenario, only one PIX is active. Of
course, this still presents a problem of an exit path--by default, the
active PIX would choose its defalt route and thus you would lose load
balancing out your two exit points. The PIX does support passive RIP, so
this might help. Or you could configure static routes...but you would,
unfortuantely, not have any ability to route based on the source of the
address--only your Cisco routers have this ability. And perhaps in the
upcoming 6.3 release, OSPF might be introducted (--might--), but don't hold
your breath.

Hope this helps!

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.




""Arnold, Jamie""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have a situation that I hope some of you might shed some light on.  We
> have 2 points of ingress to our campus.  One OC3 (Nycernet) for internet 2
> and one (Time Warner)   Our commodity edge consists of a 7200 router then
> the PIX.  The I2 edge is just a 7200 series router.  Our problem is that
> with certain sites, traffic going out on the I2 OC3 is returning via our
> commodity OC3 and the pix drops it as it didn't see it originating on the
> inside (syn-ack without syn)  I recognize that the bigger problem may be
> with the way these sites are being routed back to us, but I have little
> control over that for now.  Both edge routers use BGP for updates.  I'm
> looking for a solution.  Can I install another PIX on the OC3 side and
> somehow have the 2 PIX boxes talk to each other and update each others
Xlate
> tables?
>
> Any suggestions would be appreciated
>
> Thanks
>
> Jamie




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62105&t=62100
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IDS [7:51147]

2002-08-12 Thread Richard Deal


Joe,

The Cisco Press book has material to help you with both tests. Boson and I
use the book to teach our CSS1 bootcamp classes.

Cheers!

--
Richard Deal

* Author of the ebook "CCNA Secrets Revealed!" and Exam Cram and Exam Prep
books from the Coriolis Group
* Test author for QuizWare (www.quizware.com)


""Joe Rubino""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am on the trail of the last test for CSS1 Cert  - The IDS test.
> From what I gather on their website; Cisco is phasing out CSIDS and
> replacing it with IDSPM.  There are no books titled IDSPM.
> So I have 2 questions:
> A) is the CSIDS book a valid study guide for IDSPM?
> B) If they are phasing it out how long do I have to take the
> CSIDS?
>
> Thanks in advance JDR




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=51156&t=51147
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN tunnel with IPSec over GRE [7:54634]

2002-10-01 Thread Richard Deal


It's probably an MTU problem.

I have an IPSec connection being tunneled via GRE, which in turn, is
tunneled by another IPSec connection. Don't ask why I'm doing this :-) But
we had to set the MTU down to 1320 to prevent fragmentation, and thus
performance, issues.

In your case, you might want to try using the extended ping with the "no
fragment" option to determine which MTU size will work in your situation.

Cheers!

Richarde
""Thomas N.""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi All,
>
> I am setting up a site-to-site VPN between 2 LANs using Cisco IOS VPN
(Cisco
> 2600 routers).  I could get the tunnel up and running between the two LANs
> with IPSec over GRE so that I can run EIGRP.  Data transfer between 2 LANs
> across the tunnel looks OK, and all dynamic routes learned with EIGRP.
> However, a problem come up when I put a Proxy Server on the first LAN and
> force Internet traffic from workstations from the second LAN to go out
with
> this Proxy server.  Workstations from the second LAN could browse Internet
> across the tunnel to reach the Proxy server then hit the Internet;
however,
> the performance is very poor (seem like browsing over a 56k modem).  I am
> thinking this may be because of fragmentation on the 2 routers.  Is there
> any work around for this issue?  If MTU size needs to be adjusted, what
> would be the ideal MTU size for IPSec over GRE tunnel in "tunnel" mode?
> Again, thank you All for the help!
>
> Thomas N.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54639&t=54634
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BSMSN 1.1 Vs 2.0 [7:71932]

2003-07-05 Thread Richard Deal

David,

No, the course has completely changed. The switches are different--3550s and
2950s. Most of the content is different, including topics like new enhanced
STP features, CEF, VRRP, queuing and prioritization, metro and optical, and
many other topics. I'd definitely take the newer version since, in the 1.1
course, you'll probably get a 5500 with an RSM to to multilayer switching
and this is an EOLed product; plus the 1.1 class covers the CatOS--the 2.0
covers the IOS, which is the direction Cisco is pushing.

Cheers!
-- 

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.




""David Vital""  wrote in message
news:[EMAIL PROTECTED]
> My company is sending me to the BCMSN class next week.  I'm grateful for
> that, but I had called the training company last month when registering to
> make sure it was the new class.  Just checked the Cisco website for a look
> and the link showed the class I'm taking as 1.1 not the new 2.0  .  From
> what I can gather, the main difference is AVVID.  I guess it's too late
now
> to make a change in plans.  does anyone know what else I will be missing
> compared to the newer class?
>
> David




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=71938&t=71932
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Exam changes [7:71982]

2003-07-07 Thread Richard Deal

DJ,

You need to either take the course or buy a used one off of eBay. And the
newer courseware won't be cheap--in some instances, expect to pay up to
$300US for it, depending on the demand.

Cheers!
-- 

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.




""maine dude""  wrote in message
news:[EMAIL PROTECTED]
> Hi,
>
> I want to get hold of the Cisco Learning Product folders you get when you
> sit on a Cisco official learning course.
>
> I find them much better to read then the Cisco press books.
>
> Does anyone know if I can purchase them from anywhere, or that if they are
> only available when I attend a official Cisco course.
>
> The other reason is that with all the exams changing (CCNP/DP/SP), Cisco
> press take a while for the books to come out, but with Cisco folders you
get
> on the course, I guess they will become available much earlier.
>
> Any ides?
>
> Thanks in advance,
> -Dj
>
>
>
>
>
> -
> Yahoo! Plus - For a better Internet experience




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=71988&t=71982
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MCNS EXAM - any pointers? besides the Book!!! [7:72760]

2003-07-22 Thread Richard Deal

There is a new exam, called SECUR. With this exam, no PIX stuff is
covered--only router stuff. I would definitely look at the objectives for
the exam, since there is a bunch of new stuff, like Authentication proxy,
IDS, and other stuff.

Cheers!

Richard Deal



""thartman""  wrote in message
news:[EMAIL PROTECTED]
> I am taking the exam in approx 1 week and have read the MCNS book - any
> other pointers to hit hard for the exam.
>
> Thanx,
> tlh




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=72766&t=72760
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: New Switching Exam [7:74684]

2003-09-03 Thread Richard Deal

Huge differences.

I'm just finishing my Exam Cram book for Que Publishing on the new exam, and
there is probably a 50-70% change in material. Out of all of the CCNP exams,
this one definitely changed the most. MLS is completely revamped--CEF; new
enhancements to STP--RSTP and other stuff; IOS configurations instead of
CatOS (with few exceptions); new hardware; Metro Ethernet; tons of stuff on
802.1Q; Queuing techniques and IP telephony; new security stuff--VACLs and
PVLANs, and many other things.

In other words, studying the 604 material is not near enough for the new
exam.

Hope this helps!

Cheers!
-- 

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of CCNA Cisco Certified Network Associate Study Guide (Exam 640-801),
Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access Exam Prep,
CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.



""Victor Tello""  wrote in message
news:[EMAIL PROTECTED]
> Please someone could comment what differences and new topics are included
in
> the new 642-811 exam versus the old version (640-604).
> What new topics are not included in the Cisco Press book ?
> Where could I find good info about these new topics ?
>
> Regards.
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74713&t=74684
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: New Switching Exam [7:74684]

2003-09-08 Thread Richard Deal

Tu Do,

Thanks for the kudos!

And goo luck with your studies!

Cheers!
-- 

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of CCNA Cisco Certified Network Associate Study Guide (Exam 640-801),
Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access Exam Prep,
CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.




""tu do""  wrote in message
news:[EMAIL PROTECTED]
> Hi Mr.Deal,
>
> Thanks for the you excillent book Cisco PIX Firewalls. I bought two
copies.
> One used at work, one read at home. It not only helped me pass CSPFA. When
I
> need to review about IPSec, your book is always a handy, good source.
>
> Thanks again,
>
> Tu Do.
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74964&t=74684
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

58 matches

Mail list logo