VLANS [7:42932]
Hey all, got a quick question regarding VLANS. Can you create multiple VLANS in the same subnet? For instance if you have RouterA--VLAN1-- VLAN2--etc... Can both VLAN 1 and 2 be in the same subnet? Thank you. This electronic mail transmission contains confidential information intended only for the person(s) named. Any use, distribution, copying or disclosure by any other person is strictly prohibited. If you received this transmission in error, please notify the sender by reply e-mail and then destroy the message. Opinions, conclusions, and other information in this message, that do not relate to the official business of MARAKON ASSOCIATES shall be understood to be neither given nor endorsed by the Company. When addressed to MARAKON clients, any information contained in this e-mail is subject to the terms and conditions in the governing client contract. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42932t=42932 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Rack [7:38796]
This was not very helpful James! -Original Message- From: Lee James [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 21, 2002 5:39 PM To: [EMAIL PROTECTED] Subject: RE: Rack [7:38796] This electronic mail transmission contains confidential information intended only for the person(s) named. Any use, distribution, copying or disclosure by any other person is strictly prohibited. If you received this transmission in error, please notify the sender by reply e-mail and then destroy the message. Opinions, conclusions, and other information in this message, that do not relate to the official business of MARAKON ASSOCIATES shall be understood to be neither given nor endorsed by the Company. When addressed to MARAKON clients, any information contained in this e-mail is subject to the terms and conditions in the governing client contract. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=39156t=38796 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Using a PIX firewall with multiple IP addresses [7:31052]
Hey all. Anyone know if you can successfully use a PIX firewall with Multiple IP addresses? For example; If you assigned a Public IP address to the outside interface is it possible to assign a totally different Public IP address (different subnet) for the Global IP addresses to be translated? Thank you, -Rizzo Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31052t=31052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Using a PIX firewall with multiple IP addresses [7:31052]
Thank you much! -Original Message- From: Darrell Newcomb [mailto:[EMAIL PROTECTED]] Sent: Sunday, January 06, 2002 3:17 AM To: [EMAIL PROTECTED] Subject: Re: Using a PIX firewall with multiple IP addresses [7:31052] Yes. One pitfall is I don't think it'll do it's proxy arp for those addresses, but I can't recall. As long as your forwarding that subnet directly to the PIX's outside interface it'll be fine. Darrell Rizzo, Damian wrote: Hey all. Anyone know if you can successfully use a PIX firewall with Multiple IP addresses? For example; If you assigned a Public IP address to the outside interface is it possible to assign a totally different Public IP address (different subnet) for the Global IP addresses to be translated? Thank you, -Rizzo Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31075t=31052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Question about moving PVC's. [7:28062]
Sure does. Thank you all for your responses! -Original Message- From: R. Benjamin Kessler [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 04, 2001 11:01 AM To: CiscoG; [EMAIL PROTECTED] Subject: RE: Question about moving PVC's. [7:28062] The ASCII Art didn't come through too well on my e-mail so let me see if I have this straight... NY is the hub, PVCs between DLCI's 300 and 301 (CH) and 300 and 302 (SF). If you want to make CH the hub you'll need to add a PVC between 301 (CH) and 302 (SF); you can then remove the PVC between 300 and 302. This will move the hub from NY to CH. You'll need to contact the provider to have them build the new PVC (and possibly delete the one that isn't required any more if you want to remove the one between NY and SF). Does this answer your question? Ben -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of CiscoG Sent: Tuesday, December 04, 2001 8:39 AM To: [EMAIL PROTECTED] Subject: Question about moving PVC's. [7:28062] Hey all. I have a question regarding Frame Relay PVC's. Let's use the below as an example; NY (dlci 300) | /\ (dlci 301)CH SF (dlci 302) In a Hub+Spoke topology, NY is the hub in this example. What I am unclear of is: is it possible for myself to reconfigure the routers to make CH (dlci 301) the hub and the rest Spokes? Or do I have to call the Frame Relay provider and have them move the circuits for me??? Thanks in advance for your help! -C This electronic mail transmission contains confidential information intended only for the person(s) named. Any use, distribution, copying, or disclosure by any other person is strictly prohibited. If you received this transmission in error, please notify the sender by replying to e-mail and destroy message. Opinions, conclusions, and other information in this message that do not relate to the official business of MARAKON ASSOCIATES shall be understood to be neither given nor endorsed by the company. When addressed to MARAKON clients, any information contained in this e-mail is subject to the terms and conditions in the governing client contract. This electronic mail transmission contains confidential information intended only for the person(s) named. Any use, distribution, copying, or disclosure by any other person is strictly prohibited. If you received this transmission in error, please notify the sender by replying to e-mail and destroy message. Opinions, conclusions, and other information in this message that do not relate to the official business of MARAKON ASSOCIATES shall be understood to be neither given nor endorsed by the company. When addressed to MARAKON clients, any information contained in this e-mail is subject to the terms and conditions in the governing client contract. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=28075t=28062 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NAT commands [7:27539]
I do not think this will work. I had the exact same problem as below, though I was using a Cable connection. After talking with Cisco it was determined that the problem was attempting to forward GRE traffic. Since GRE is a Protocol and not a Port, it is extremeley difficult to route and/or forward, and in the event you are using a PIX firewall, as I found out, it is just not possible. I actually had to purchase another IP address from my ISP so I could Static map it and use ACL's to open the GRE protocol. Hope this helps. -Rizzo -Original Message- From: NKP [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 28, 2001 8:50 AM To: [EMAIL PROTECTED] Subject: NAT commands [7:27539] Hi All I have the following scenario . I have a Cisco 2600 router which is connected to the ISDN and I have got a fixed Ip address from my ISP which is assigned to the bri interface , it is connecting fine .All the internal addresses are translated on ethernet on my ethernet I have a Windows 2K server . I want a remote user to connect to my Win2K server , how should I configure my router to send the request for authentication to this win2K server via VPN as it has a translated IP address . . My remote client is on Win 98 . My present router configs are given below thanks in advance , Navin Parwal Router# Router# Router#sh run Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Router ! ! memory-size iomem 10 ip subnet-zero ! ip dhcp pool local network 192.168.1.0 255.255.255.0 default-router 192.168.1.1 dns-server 12.10.194.34 ! isdn switch-type basic-net3 ! ! ! ! interface Ethernet0/0 ip address 192.168.1.1 255.255.255.0 no ip directed-broadcast ip nat inside no cdp enable no mop enabled ! interface Serial0/0 no ip address no ip directed-broadcast no ip mroute-cache shutdown no fair-queue clockrate 64000 ! interface BRI0/0 ip address 202.157.70.61 255.255.255.0 no ip directed-broadcast ip nat outside encapsulation ppp dialer string 226476 dialer-group 1 isdn switch-type basic-net3 no cdp enable ppp chap refuse ppp pap sent-username jbc password hold-queue 75 in ! ip nat inside source list 10 interface BRI0/0 overload ip classless ip route 0.0.0.0 0.0.0.0 BRI0/0 no ip http server ! access-list 10 permit any dialer-list 1 protocol ip permit ! ! line con 0 transport input none line aux 0 line vty 0 4 login ! no scheduler allocate end This electronic mail transmission contains confidential information intended only for the person(s) named. Any use, distribution, copying, or disclosure by any other person is strictly prohibited. If you received this transmission in error, please notify the sender by replying to e-mail and destroy message. Opinions, conclusions, and other information in this message that do not relate to the official business of MARAKON ASSOCIATES shall be understood to be neither given nor endorsed by the company. When addressed to MARAKON clients, any information contained in this e-mail is subject to the terms and conditions in the governing client contract. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27576t=27539 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PPTP Through a PIX Firewall [7:26519]
Hello all; We have a challenge. It appears that we can not VPN through our PIX firewall using PPTP to a remote location. Note, we are NOT using PPTP on the PIX itself; we just want it to pass the traffic through it. Anyone see this issue before and/or have any ideas to a possible solution? Thanks all in advance, -Rizzo This electronic mail transmission contains confidential information intended only for the person(s) named. Any use, distribution, copying, or disclosure by any other person is strictly prohibited. If you received this transmission in error, please notify the sender by replying to e-mail and destroy message. Opinions, conclusions, and other information in this message that do not relate to the official business of MARAKON ASSOCIATES shall be understood to be neither given nor endorsed by the company. When addressed to MARAKON clients, any information contained in this e-mail is subject to the terms and conditions in the governing client contract. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26519t=26519 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Orange lights on Catalyst 2900XL Switch [7:22109]
Hey all, I have a quick question regarding a Catalyst 2900XL Switch. All appears well, all the status LED's are green with the exception of two of them. Coincidentally, those two ports are connected to the Uplink ports of two Hubs. Now both hubs work fine, all connected devices work fine, a show int on the switch show's both the ports with a Orange LED as UP and the Line Protocol as being up. Physically all appears to be working. It just bothers me that those two ports are Orange. I thought Orange only meant one thing, NO GOOD. Just Curious if anyone else has experienced this. Thanks for your time -Rizzo This electronic mail transmission contains confidential information intended only for the person(s) named. Any use, distribution, copying, or disclosure by any other person is strictly prohibited. If you received this transmission in error, please notify the sender by replying to e-mail and destroy message. Opinions, conclusions, and other information in this message that do not relate to the official business of MARAKON ASSOCIATES shall be understood to be neither given nor endorsed by the company. When addressed to MARAKON clients, any information contained in this e-mail is subject to the terms and conditions in the governing client contract. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=22109t=22109 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Orange lights on Catalyst 2900XL Switch [7:22109]
Thanks to all of you for your help. It looks like I found the problem and would like to let you all know in case you run into the same issue. Looks like the ports were in fact disabled by STP. After further investigation and tracing many wires, what happened was; There was a cable from the uplink port of the hub going to the switch, as well as two overlooked cables going from the hub to the switch. This must have caused STP to shut down the port going to the uplink port of the hub! One I removed the other two cables from the switch, the light went to that pretty green color we've all come to know and love! Again thanks for your assistance! -Rizzo -Original Message- From: Leigh Anne Chisholm [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 04, 2001 6:21 PM To: Patrick Ramsey; [EMAIL PROTECTED]; Rizzo, Damian Subject: RE: Orange lights on Catalyst 2900XL Switch [7:22109] I know with the defective 1900 I had, the ports that I had that were bad also turned the system LED orange as well. I suspect the 2900XL would do the same if that were the problem. What you likely have, is a case of a Spanning Tree loop. The ports are disabled because of a loop. Check your spanning tree protocol information to see if that's the case. Alternatively, the ports could have been disabled due to an address violation - but because of the hubs, depending on how you've got them connected, I suspect you've got a loop. -- Leigh Anne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Patrick Ramsey Sent: Thursday, October 04, 2001 3:42 PM To: [EMAIL PROTECTED] Subject: Re: Orange lights on Catalyst 2900XL Switch [7:22109] I believe in this case, the orange represents halfduplex Rizzo, Damian 10/04/01 05:28PM Hey all, I have a quick question regarding a Catalyst 2900XL Switch. All appears well, all the status LED's are green with the exception of two of them. Coincidentally, those two ports are connected to the Uplink ports of two Hubs. Now both hubs work fine, all connected devices work fine, a show int on the switch show's both the ports with a Orange LED as UP and the Line Protocol as being up. Physically all appears to be working. It just bothers me that those two ports are Orange. I thought Orange only meant one thing, NO GOOD. Just Curious if anyone else has experienced this. Thanks for your time -Rizzo This electronic mail transmission contains confidential information intended only for the person(s) named. Any use, distribution, copying, or disclosure by any other person is strictly prohibited. If you received this transmission in error, please notify the sender by replying to e-mail and destroy message. Opinions, conclusions, and other information in this message that do not relate to the official business of MARAKON ASSOCIATES shall be understood to be neither given nor endorsed by the company. When addressed to MARAKON clients, any information contained in this e-mail is subject to the terms and conditions in the governing client contract. This electronic mail transmission contains confidential information intended only for the person(s) named. Any use, distribution, copying, or disclosure by any other person is strictly prohibited. If you received this transmission in error, please notify the sender by replying to e-mail and destroy message. Opinions, conclusions, and other information in this message that do not relate to the official business of MARAKON ASSOCIATES shall be understood to be neither given nor endorsed by the company. When addressed to MARAKON clients, any information contained in this e-mail is subject to the terms and conditions in the governing client contract. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=22128t=22109 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: trying to get a poll of routers you guys are using for--- [7:18680]
I have the below and I personally feel as if I have too much!!! 2 1604's 1 2610 1 2924 Switch 1 PIX-506 Don't understand why so many people believe they must go overboard on equipment. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 05, 2001 3:57 PM To: [EMAIL PROTECTED] Subject: trying to get a poll of routers you guys are using for--- [7:18671] I am interested in finding out what routers/switches you guys are using for your ccna and ccnp studies. I currently own the following and Im interested in finding out if I need all these routers or should I sell one or two to get me some cash on hand. I'm planning to go all the way upto ccnp for now. Routers: TWO 2501 ONE 2503 ONE 2509 ONE 2514 ONE 804 isdn router ONE switch 1924en ONE switch 5002 supervisor 1, 12 10/100 TWO netgear 24 port switch ONE Teltone ISDN simulator 7 PC's Do you think I can sell one of my 2501 and be succesfull in completing my CCNP...please advice..thank you This electronic mail transmission contains confidential information intended only for the person(s) named. Any use, distribution, copying, or disclosure by any other person is strictly prohibited. If you received this transmission in error, please notify the sender by replying to e-mail and destroy message. Opinions, conclusions, and other information in this message that do not relate to the official business of MARAKON ASSOCIATES shall be understood to be neither given nor endorsed by the company. When addressed to MARAKON clients, any information contained in this e-mailis subject to the terms and conditions in the governing client contract. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=18680t=18680 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NM-2FE2W [7:18404]
Hi, does anyone know for sure if the NM-2FE2W 10/100 FastEthernet Module is in fact compatible with a 2600 series router? I've been told yes and no and I've only used it in a 3600. Thanks for your help! -R This electronic mail transmission contains confidential information intended only for the person(s) named. Any use, distribution, copying, or disclosure by any other person is strictly prohibited. If you received this transmission in error, please notify the sender by replying to e-mail and destroy message. Opinions, conclusions, and other information in this message that do not relate to the official business of MARAKON ASSOCIATES shall be understood to be neither given nor endorsed by the company. When addressed to MARAKON clients, any information contained in this e-mailis subject to the terms and conditions in the governing client contract. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=18404t=18404 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: how to build a pix firewall out of a PC box. [7:18335]
I as well! -Original Message- From: VNithianandam [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 04, 2001 12:23 PM To: [EMAIL PROTECTED] Subject: RE: how to build a pix firewall out of a PC box. [7:18335] I would be interested in building a PIX firewall. Vini -Original Message- From: Patrick Ramsey [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 04, 2001 11:44 AM To: [EMAIL PROTECTED] Subject: RE: how to build a pix firewall out of a PC box. [7:18335] I would also be interested. Who was the original poster of this message? -Patrick Raul F. Fernandez 09/03/01 06:52PM Mike, I am most definitely interested. PLease e-mail me the process if possible for building a PIX firewall. Thank you in advance, Raul -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of mike johnson Sent: Monday, September 03, 2001 4:59 PM To: [EMAIL PROTECTED] Subject: how to build a pix firewall out of a PC box. [7:18335] Hi Everyone, For those who are interested in learning Cisco PIX but do NOT want to spend a lot of money on buying an expensive PIX Firewall, I think I can help you. I have instructions on how to build a PIX firewall by using a PC. In case you didn't know, PIX firewall is essentially a PC with multiple interfaces. I've successfully built several PIX firewall using my old PCs (i.e. pentium 200 MHz processor). Actually, the PIX1 series (obsolete I know) is a PC with Intel EtherExpress Interface cards. However, you must have an account with CCO in order the software and download the software. The rest of the instructions on how to build a PIX firewall using PC is very simple. Anyone interested in learning it, let me know. Mike __ Do You Yahoo!? Get email alerts NEW webcam video instant messaging with Yahoo! Messenger http://im.yahoo.com This electronic mail transmission contains confidential information intended only for the person(s) named. Any use, distribution, copying, or disclosure by any other person is strictly prohibited. If you received this transmission in error, please notify the sender by replying to e-mail and destroy message. Opinions, conclusions, and other information in this message that do not relate to the official business of MARAKON ASSOCIATES shall be understood to be neither given nor endorsed by the company. When addressed to MARAKON clients, any information contained in this e-mailis subject to the terms and conditions in the governing client contract. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=18463t=18335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Is loading IOS into 2500 with no Flash possible? [7:14375]
Boot from a TFTP server. You don't need Flash! -Rizz -Original Message- From: Scott Lokey [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 31, 2001 12:18 PM To: [EMAIL PROTECTED] Subject: Is loading IOS into 2500 with no Flash possible? [7:14375] Hi, I have 3 2500's that have 16meg RAM but no Flash memory. I had read where you could boot to ROMMON and issue an XMODEM command and have the IOS transfered to the box. There is also a option to load it into RAM and run it (-r I think). Sounded good but when I boot to ROMMON, the xmodem command is not there. I have the latest boot ROM from Cisco on these as well. What gives? Documentation wrong? Am I doing something wrong? Is this even possible? Thanks for the help, Scott ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=14393t=14375 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Configuring 2600 series router for use with DSL [7:12643]
Since no one else opted to field your question, please allow me. It is absolutely possible! I have done in it at home with an Earthlink DSL account. There are two scenarios you can have as outline below; Scenario1: Lan 2600(wic-1adsl card)--Internet PPPOE client on the 2600 This is known as PPPOEOA Scenario 2: Lan eth1--2600--eth0-DSL modem(in bridge mode)internet PPPOE client on the 2600. This is known as PPPOEOE. If you have a PPPOE client running on your PC (like winpoet) then the 2600 will run in bridging mode. For best results use IOS version 12.2 with the IP PLUS feature set! Hope this helps, -Rizzo -Original Message- From: CiscoG [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 17, 2001 10:07 AM To: [EMAIL PROTECTED] Subject: Configuring 2600 series router for use with DSL [7:12643] Hey all, anyone have any success in configuring a 2600 series router to use a DSL connection that uses PPPoE? Is this possible? Thanks, -C Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=13015t=12643 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Telneting to the Outside Interface of a PIX [7:9218]
It was always my understanding that you could Not telnet to the outside interface of a PIX firewall. I hear today that it is in fact possible. Is that true? Thanks, -D Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9218t=9218 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Subject: Re: PPP Negotiation question --- HELP!!! PLEASE! [7:8730]
Cisco's ACS v2.6 using Radius and Funk's Radius Server are the only Two known Radius server's that support MPPE (Tacacs is not supported). I'm willing to bet your not using either one of those. -Rizz -Original Message- From: Kenneth [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 14, 2001 11:53 PM To: [EMAIL PROTECTED] Subject: Re: Subject: Re: PPP Negotiation question --- HELP!!! PLEASE! [7:8671] thanks. There is a bug in 12.2.1 IOS that wouldn't let me connect via PAP, CHAP or MS-CHAP. Now that I'm using 12.1.5T7, It's working better although if I use Ms-chap, it lets me in but wouldn't let me ping anything unless I disable PPP ENCRYPT MPPE which is not desireable at all. I'm going to have to use plain CHAP for this. michael liu wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... First check your router IOS version, only Enterprise version support ms-chap?What kind of radius server you use? I use Microsoft radius server with support ms-chap.enable debug aaa authen will give you enough info. about radius authentication info. Good Luck, ~ml Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8730t=8730 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
HDLC and Routing protocols [7:5739]
Anyone know why I would have problems with apparently ANY routing protocol over an HDLC point-to-point Link? Works fine with static routes, but when I try to implement any routing protocol (RIP, EIGRP, OSPF, etc..) they don't seem to work (no routes discovered). Am I missing something? Thanks! -Rizzo Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5739t=5739 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX question... [7:5248]
Hey all, is it possible to translate public IP addresses (outside) to private IP addresses (inside) on a PIX firewall. Basically the exact opposite of what's usually performed on a firewall. We are going to have users dial in to our internet router and receive a Public IP address. They have to get through our firewall to gain access to our LAN. Is there a way to translate the Public IP address they will obtain into a private IP address used by our LAN so they can access it? I thank you for your help... -Rizzo Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5248t=5248 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX question... [7:5248]
We are aware of the VPN solution and that is our long term goal. However, for the moment, all I need to know is if it is possible to NAT from an outside (not trusted) interface to an inside (trusted) interface. Thank you! -Rizzo -Original Message- From: Craig Columbus [mailto:[EMAIL PROTECTED]] Sent: Monday, May 21, 2001 11:44 AM To: Rizzo Damian Cc: [EMAIL PROTECTED] Subject: Re: PIX question... [7:5248] Sounds like a VPN is your best bet. Should you decide to implement the VPN, you may want to consider whether you still need to maintain the modem pool on the Internet router. Reducing this cost could help justify the cost of implementing a VPN solution. A properly authenticated VPN user should be able to use any dial-up Internet connection to reach your LAN. Craig At 10:15 AM 5/21/2001 -0400, you wrote: Hey all, is it possible to translate public IP addresses (outside) to private IP addresses (inside) on a PIX firewall. Basically the exact opposite of what's usually performed on a firewall. We are going to have users dial in to our internet router and receive a Public IP address. They have to get through our firewall to gain access to our LAN. Is there a way to translate the Public IP address they will obtain into a private IP address used by our LAN so they can access it? I thank you for your help... -Rizzo FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5265t=5248 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX question... [7:5248]
Actually it seems as if you understand exactly what I'm asking. Your idea is very similar to mine. However it didn't work unfortunately. Let me ask this another way, if you don't mind...You have an internet router which is directly connected to the external (un-trusted) interface of your PIX firewall. Basically I want to be able to access my internal LAN with private IP addresses from the Internet router with Public IP addresses. So I should be able to telnet onto my internet router and ping my privately held LAN. Forget about Security, I just want to know if it can be done. The static mapping doesn't seem to work. Probably because it require a one-to-one mapping no? Thanks for any help in advance! -Rizzo -Original Message- From: Craig Columbus [mailto:[EMAIL PROTECTED]] Sent: Monday, May 21, 2001 1:12 PM To: [EMAIL PROTECTED] Subject: RE: PIX question... [7:5248] I'm not clear on what you're asking. Are you asking if the PIX can take a public IP and make it appear as a private IP on the internal network? The answer is yes, although you certainly want to be careful with this and I can't say that this is a recommended config. You'll need a config similar to the one below: nat (outside) 1 0 0 static (inside,outside) netmask 255.255.255.255 access-list permit ip any host For more info, reference http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v52/config/exa mples.htm#xtocid274896 Thanks, Craig At 12:14 PM 5/21/2001 -0400, you wrote: We are aware of the VPN solution and that is our long term goal. However, for the moment, all I need to know is if it is possible to NAT from an outside (not trusted) interface to an inside (trusted) interface. Thank you! -Rizzo -Original Message- From: Craig Columbus [mailto:[EMAIL PROTECTED]] Sent: Monday, May 21, 2001 11:44 AM To: Rizzo Damian Cc: [EMAIL PROTECTED] Subject: Re: PIX question... [7:5248] Sounds like a VPN is your best bet. Should you decide to implement the VPN, you may want to consider whether you still need to maintain the modem pool on the Internet router. Reducing this cost could help justify the cost of implementing a VPN solution. A properly authenticated VPN user should be able to use any dial-up Internet connection to reach your LAN. Craig At 10:15 AM 5/21/2001 -0400, you wrote: Hey all, is it possible to translate public IP addresses (outside) to private IP addresses (inside) on a PIX firewall. Basically the exact opposite of what's usually performed on a firewall. We are going to have users dial in to our internet router and receive a Public IP address. They have to get through our firewall to gain access to our LAN. Is there a way to translate the Public IP address they will obtain into a private IP address used by our LAN so they can access it? I thank you for your help... -Rizzo FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5279t=5248 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP question [7:4973]
Hey folks, I have a quick question regarding BGP. We are looking for an alternative ISP for our Internet. One company we spoke with that offers a 100MB connection, said that in order to use their services we need to implement BGP on our Internet router. We currently utilize a class A address on our Internet router, and they said BGP will only work with Class C addresses. I don't know enough about BGP yet to argue this fact, so I turn to you to ask if you agree or disagree with this comment? Thanks a lot! -Rizzo Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=4973t=4973 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Can I use FE in 2610 [7:5040]
As you'll find out, there is no 10/100 network module for the 2600 series router. If you want a 10/100 capable router, you'll need a 2620, 2621, 2650 or 2651 router. -Rizzo -Original Message- From: Rashid Lohiya [mailto:[EMAIL PROTECTED]] Sent: Friday, May 18, 2001 2:32 PM To: [EMAIL PROTECTED] Subject: Can I use FE in 2610 [7:5040] I have been told by a friend that I cannot use a FE 10/100 network module in my Cisco 2610. Can someone pls. confirm this? Thanks Rashid Lohiya [EMAIL PROTECTED] 020 8509 2990 07785 362626 www.pioneer-computers.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5051t=5040 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Network Access Control [7:4873]
Access-Lists are your friend. -Original Message- From: andre [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 17, 2001 1:44 PM To: [EMAIL PROTECTED] Subject: Network Access Control [7:4873] Hello, How do I control who accesses a network? I want to use a Cisco 2611 router, mostly cause we already own one. I want to use a TACACS+ Cisco 2611 to control who has access to the 20 subnet from the 10 subnet. I can only seem to use it as a DB for users able to log into the router. Does anyone know how to set it up for what I want? 10 Net --- Router TACACS+ server 20Net Once again I don't want to use the TACACS+ to control access to who manages or accesses the router! I want to control who is able to access lets say an FTP server on the 20Net from the 10Net. Thanks, Andre FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=4887t=4873 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Frame relay and dropped packets... [7:4529]
Hi all, We have reason to believe we are experiencing Dropped packets between us and our remote branch. What I need Is proof, so I can go to my manager and say, here, look at this. He believes just because he looks at the router and does a show frame pvc and the Dropped Pkts statistic is 0, that there are no packets being dropped. Logical Assumption, but I've been told that just isn't the case. Let me throw this out to the groupForget about the FECN's, BECN's and the DE pkts...If you were to telnet to both routers and look at the statistics of the point-to-point DLCI and compare the Output pkts on one end to the Input pkts on the other end, and if you see a discrepancy of 500,000correct me if I'm wrong here, but wouldn't that symbolize Dropped packets???Thanks! -Rizzo Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=4529t=4529 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame relay and dropped packets... [7:4529]
I clear the counters usually every 30 days. And no there are no other branches going into this interface. -Original Message- From: Bob Timmons [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 15, 2001 10:59 AM To: [EMAIL PROTECTED] Subject: Re: Frame relay and dropped packets... [7:4529] Just a couple quick questions. Have you cleared the counters on both sides? How long after clearing the counters is it taking for the 500,000 packet difference to materialize? Do you have any other remote branches going to this interface? Hi all, We have reason to believe we are experiencing Dropped packets between us and our remote branch. What I need Is proof, so I can go to my manager and say, here, look at this. He believes just because he looks at the router and does a show frame pvc and the Dropped Pkts statistic is 0, that there are no packets being dropped. Logical Assumption, but I've been told that just isn't the case. Let me throw this out to the groupForget about the FECN's, BECN's and the DE pkts...If you were to telnet to both routers and look at the statistics of the point-to-point DLCI and compare the Output pkts on one end to the Input pkts on the other end, and if you see a discrepancy of 500,000correct me if I'm wrong here, but wouldn't that symbolize Dropped packets??? Thanks! -Rizzo FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=4541t=4529 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Serial cables... [7:3091]
Do they make a serial cable that goes from DB60M to the new High Density Smart Serial Male? Thanks! -Rizzo Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=3091t=3091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Sniffer on a Frame line... [7:2253]
Quick question for you all. If you were to break a Frame Relay connection going into a router by first plugging it into a hub, then connecting it to the router, for the purposes of plugging a sniffer into that hub to monitor all frame traffic, would this scenario work or not so much? Thanks for your input! -Rizzo Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2253t=2253 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Sniffer on a Frame line... [7:2253]
The RJ45 connection between the DSU/CSU and the wall jack. Would putting a hub between the two work? Then I could place a sniffer on the hub. -Original Message- From: Hire, Ejay [mailto:[EMAIL PROTECTED]] Sent: Friday, April 27, 2001 11:00 AM To: [EMAIL PROTECTED] Subject: RE: Sniffer on a Frame line... [7:2253] Frame over serial? (T1/Ds1/Ds3) They would have to plug into a Network analyzer with a compatible interface, not a hub. Most hardware network analyzers have pass-through connections that let you plug through the analyzer to the router. Good Luck, Ejay -Original Message- From: Rizzo Damian [mailto:[EMAIL PROTECTED]] Sent: Friday, April 27, 2001 10:10 AM To: [EMAIL PROTECTED] Subject: Sniffer on a Frame line... [7:2253] Quick question for you all. If you were to break a Frame Relay connection going into a router by first plugging it into a hub, then connecting it to the router, for the purposes of plugging a sniffer into that hub to monitor all frame traffic, would this scenario work or not so much? Thanks for your input! -Rizzo FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2267t=2253 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Question regarding OSPF [7:1599]
If I have 2 routers connected back-to-back via their AUX ports and I decided to implement OSPF, solely for the purposes of training...will OSPF function and update properly over the AUX ports? Thanks! -Rizzo Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1599t=1599 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: QoS [7:1346]
Depends on the IOS. -Original Message- From: Charles Nunie [mailto:[EMAIL PROTECTED]] Sent: Friday, April 20, 2001 6:42 AM To: [EMAIL PROTECTED] Subject: QoS [7:1346] Hi, Can Cisco 2600 and 3600 be configured to provide Quality of Service? We want to dedicate bandwidth to our wireless Internet subscribers Dzilo Get free email and a permanent address at http://www.netaddress.com/?N=1 FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1355t=1346 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Keystrokes to stop traceroute or Ping... [7:978]
Anyone remember the keystrokes to stop a router from performing an endless traceroute or ping?... Thanks. -Rizzo Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=978t=978 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FECN's and Dropped Packets... [7:110]
Hi all...When I do a "show frame-relay pvc" on our Internet Router, the following statistics bother me; in FECN pkts 12974 dropped pkts 27 We have recently been experiencing some noticeable slow downs on our Internet connection, do these statistics prove that we have a problem somewhere, or should I not be so concerned with these? Thanks! -Rizzo Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=110t=110 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Prioritizing Exchange traffic
Is there a way to Prioritize Frame-Relay traffic to give a higher preference to Microsoft Exchange traffic? Thanks. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Block Instant Messenger from the Pix..
If I recall correctly, Instant Messenger utililizes port 5190. So something like a "conduit deny tcp any any eq 5190" may work for you. -Original Message- From: Kevin O'Gilvie [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 04, 2001 12:42 PM To: [EMAIL PROTECTED] Subject: Block Instant Messenger from the Pix.. Does anyone know what command blocks this port.. Regards, Kevin _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: IPsec port
Actually your both right, PPTP (microsoft VPN) uses IP protocol 47 (GRE) and TCP port 1723. However ISAKMP uses UDP port 500, not TCP. -Rizzo -Original Message- From: cisco.groupstudy.com [mailto:[EMAIL PROTECTED]] Sent: Monday, April 02, 2001 10:19 AM To: [EMAIL PROTECTED] Subject: Re: IPsec port Just to add to what you've stated: GRE uses control port 1723. -Scott M. Trieste ""J Roysdon"" [EMAIL PROTECTED] wrote in message 9a96ge$rt5$[EMAIL PROTECTED]">news:9a96ge$rt5$[EMAIL PROTECTED]... The names and numbers are correct, but as someone else pointed out a few posts back, it's not a port number, but a protocol number. Protocols: 6TCP 17UDP 47GRE (PPTP requirement) 50ESP 51AH Just to delve a little further about security protocols, ISAKMP does use TCP/500, and you'll need it too. Bookmark 'em: ftp://ftp.isc.org/pub/rfc/rfc1700.txt http://www.isi.edu/in-notes/iana/assignments/port-numbers -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ Cisco resources: http://r2cisco.artoo.net/ ""Kane, Christopher A."" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Actually, you have it backwards. AH = port 51. ESP = port 50. Christopher A. Kane, CCNP Senior Network Control Tech Router Ops Center/Hilliard NOC UUNET (614)723-7877 -Original Message- From: Rizzo Damian [mailto:[EMAIL PROTECTED]] Sent: Friday, March 30, 2001 12:19 PM To: 'Ruihai An'; [EMAIL PROTECTED] Subject: RE: IPsec port AH-port 50, ESP-port 51 and ISAKMP-port 500 -Original Message- From: Ruihai An [mailto:[EMAIL PROTECTED]] Sent: Friday, March 30, 2001 12:05 PM To: [EMAIL PROTECTED] Subject: IPsec port I configured my PIX as the IPsec VPN terminator to support DES VPN client. I have an inbound access-list on my perimeter router. Does any one know the ports I need to open for IPsec VPN traffic on my perimeter router ? Ruihai _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IPsec port
AH-port 50, ESP-port 51 and ISAKMP-port 500 -Original Message- From: Ruihai An [mailto:[EMAIL PROTECTED]] Sent: Friday, March 30, 2001 12:05 PM To: [EMAIL PROTECTED] Subject: IPsec port I configured my PIX as the IPsec VPN terminator to support DES VPN client. I have an inbound access-list on my perimeter router. Does any one know the ports I need to open for IPsec VPN traffic on my perimeter router ? Ruihai _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Back -to-Back
Try here: http://www-1.cisco.com/cgi-bin/Support/OpenForum/dispnewqa.pl/6614 -Original Message- From: John Huston [mailto:[EMAIL PROTECTED]] Sent: Friday, March 30, 2001 12:47 PM To: [EMAIL PROTECTED] Subject: Back -to-Back I would appreciate someone's knowledge on how to setup two Cisco 1750's each having T1 DSU/CSU WIC's. Thank you in advance for your assitance. John Huston [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Freeware Tacacs+ and RADIUS?
I'd like to make a comment regarding "Radius is more powerful"...In actuality TACACS+ is Much more robust and versatile then RADIUS. From encrypting the entire datagram, to using TCP, to being able to split Authentication, Authorization and Accounting services, to setting privilege exec levels, TACACS+ is far more "powerful" then RADIUS. -Rizzo -Original Message- From: Sean Young [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 28, 2001 12:21 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Freeware Tacacs+ and RADIUS? Mr. Cheapskate, TACACS and RADIUS have always been free. Go to these sites: http://www.gazi.edu.tr/tacacs/ http://www.freeradius.org TACACS is esasy to setup and configure. RADIUS is more powerful, open-standard but a little more difficult to set up. F___ those bastards at Cisco. They provide you with a lot of documentation on how to setup TACACS but very little on how to set up RADIUS to communicate with your NAS From: "John Neiberger" [EMAIL PROTECTED] Reply-To: "John Neiberger" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Freeware Tacacs+ and RADIUS? Date: Wed, 28 Mar 2001 09:44:42 -0700 Are there such creatures? I'd like to play around with this stuff in my home lab and don't feel like shelling out hundreds of dollars for software just to play with it once in a while. I found some older freeware TACACS software, but I'd like to play with TACACS+ and RADIUS. Any ideas? Thanks, John the Cheapskate _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Freeware Tacacs+ and RADIUS?
There is a big difference between "powerful" and "more widely used". I'll give you that if your using a device other then Cisco, you may be best to go the RADIUS way. However, anyone who has any experience with TACACS+ and RADIUS, specifically with Cisco devices, will tell you that TACACS+ is the much preferable choice. Not just because Cisco "says", but because of all the reasons I mentioned earlier and more. -Rizzo -Original Message- From: Sean Young [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 28, 2001 1:52 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Freeware Tacacs+ and RADIUS? Rizzo, I will grant you that TACACS+ is versatile robust than RADIUS but only if you NAS of equipments are Cisco products. If you are using products from vendors other than Cisco, chances are RADIUS is the prefer choice. RADIUS and TACACS+ are both open-source so anyone can take the code and tweak them so that improvement can always be made. Go to freeradius.org and you will know what I am talking about. If you say that TACACS+ is more robust, versatile and far more "powerful" than RADIUS, where do get that from? Do you have any bench-mark to back it up or do you hear it from "somewhere (presumably) cisco". I am not saying RADIUS is better. I am just saying that RADIUS is more powerful because it is widely used and there more developers support RADIUS than TACACS+. Sean From: Rizzo Damian [EMAIL PROTECTED] Reply-To: Rizzo Damian [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: RE: Freeware Tacacs+ and RADIUS? Date: Wed, 28 Mar 2001 12:41:43 -0500 I'd like to make a comment regarding "Radius is more powerful"...In actuality TACACS+ is Much more robust and versatile then RADIUS. From encrypting the entire datagram, to using TCP, to being able to split Authentication, Authorization and Accounting services, to setting privilege exec levels, TACACS+ is far more "powerful" then RADIUS. -Rizzo -Original Message- From: Sean Young [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 28, 2001 12:21 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Freeware Tacacs+ and RADIUS? Mr. Cheapskate, TACACS and RADIUS have always been free. Go to these sites: http://www.gazi.edu.tr/tacacs/ http://www.freeradius.org TACACS is esasy to setup and configure. RADIUS is more powerful, open-standard but a little more difficult to set up. F___ those bastards at Cisco. They provide you with a lot of documentation on how to setup TACACS but very little on how to set up RADIUS to communicate with your NAS From: "John Neiberger" [EMAIL PROTECTED] Reply-To: "John Neiberger" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Freeware Tacacs+ and RADIUS? Date: Wed, 28 Mar 2001 09:44:42 -0700 Are there such creatures? I'd like to play around with this stuff in my home lab and don't feel like shelling out hundreds of dollars for software just to play with it once in a while. I found some older freeware TACACS software, but I'd like to play with TACACS+ and RADIUS. Any ideas? Thanks, John the Cheapskate _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
EIGRP clarification
Preparing for my BSCN exam, I have found myself unclear as to whether or not EIGRP is in fact a Hybrid or Distance-Vector protocol. All the Cisco classes I've been too have always referred to EIGRP as a Balanced Hybrid protocol, now studying for my CCNP, I am finding EIGRP referred to as a Distance-vector protocol???...How is this possible? Thanks... -Rizzo _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 2514 Upgrade Problem!!
Sure, first thing I do is set the register to 0x3920 to increase the baud rate on the router, then set your terminal software to a baudrate of 115200. From there a simple "xmodem filename" does the job. Never had a problem with it. -Original Message- From: Niraj Palikhey [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 27, 2001 11:34 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: 2514 Upgrade Problem!! Hi Jason, I would love to do the xmodem(after having done on a couple of 36 and 2600 series) but my problem is that I have never been able to upgrade the ios on a 2500 via the xmodem. Everytime I do that, the first thing it does is give me a prompt and when I type the xmodem command, gives me a what? response. I do NOT get this on the 36 or 2600 routers. I have tried to get this info. on CCO without any luck. Does ANYBODY know how to upgrade the ios on a 2500 via xmodem? Has ANYBODY done this successfully. Please advise. Thank you. Kind regards, [EMAIL PROTECTED] From: Jason Baker [EMAIL PROTECTED] Reply-To: Jason Baker [EMAIL PROTECTED] To: "'Niraj Palikhey'" [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: 2514 Upgrade Problem!! Date: Tue, 27 Mar 2001 16:57:42 +1000 sounds like a job for xmodem and a few hours of your time worrying if the power will go off:). -Original Message- From: Niraj Palikhey [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 27, 2001 3:45 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: 2514 Upgrade Problem!! Hi, When I was upgrading the IOS on a 2514 router via tftp, the connection was lost while the router was trying to download the new ios from the tftp server(after having erased the existing ios!!). The router retried a couple of times and I was finally forced to reboot the router. The routers now boots to the mini-ios(gives me the Router(boot) prompt. What can I do to successfully upgrade the ios on this router. Thank you for your help. Regards, [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Gateway of last resort vs. default Gateways
Can someone please give me a non-Cisco explanation between the differences of the Gateway of last resort and the Default Gateway, which logically appear to do the same thing?...Thank you! -Rizzo _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Pre requisite for CCDP
Pretty sure you have to complete the CCDA exam before attempting the CCDP. -Original Message- From: anil.philip [mailto:[EMAIL PROTECTED]] Sent: Monday, March 26, 2001 3:45 PM To: [EMAIL PROTECTED] Cc: Andrew Larkins; Audio Kisei Subject: Pre requisite for CCDP Hello Everyone, I passed my CCNA and CCNP. Now I want to go for CCDP. Can anyone help me to find out if CCDA is a prerequisite for CCDP, eventhough I completed CCNP?? Or can I give CCDP with out CCDA?? (since i have CCNP) Cheers, Anil Philip anil.philip e-mail: [EMAIL PROTECTED] Feed Your Greed !!! Get your 10MB Free space only at http://www.forindia.com NOW! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Load Balancing with EIGRP
Were currently using EIGRP as our routing protocol and we now have two separate T1 connections that were running Frame-relay on. If my understanding of EIGRP is correct, then I shouldn't have to make any modifications to the router in order for load balancing to take effect correct? Thanks! -Rizzo _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Hubs and switches...
If you have 5 Hubs attached to a Cisco Switch, will the switch add every MAC address that touches one of those Hubs to it's ARP table? Thanks. -Rizzo _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Password recovery
We have a problem with our 3660 router. We forgot the enable password and need to start from scratch and recreate the passwords. The problem is, the router has no Flash memory, so the router only boots into Rommon mode...I don't believe these routers have bootflash, because you can't use the "boot tftp" command without a BOOTLDR not set error. So even after we manualy install the IOS via X-modem and it is run in NVRAM, it loads the startup config in memory and that just brings us back to where we were beforeA router in which we have no enable password for. What are our options at this point? Thank you. - Rizzo _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: [Password recovery]
I assure you Louis, I have searched all appropriate web sites, including the link you supplied. All are completely useless if your router has NO Flash memory! The reason's for why the router has no flash memory are quite inconsequential. But thank you for your assistance! -Rizzo -Original Message- From: EA LOUIE [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 20, 2001 4:32 PM To: Rizzo Damian; [EMAIL PROTECTED] Subject: Re: [Password recovery] LOL... learn how to use http://www.cisco.com my search of "Password Recovery" gave me: http://www.cisco.com/warp/public/474/index.shtml I find it hard to believe that your top-of-the-line, expensive 3600 chassis has no flash memory...you might not have an external PC Card flash, but there's a flash SIMM inside the chassis, unless someone removed it...and IOS is not loaded into NVRAM - here's the memory breakdown... FLASH = IOS image(s) NVRAM = device configuration information, logging console messages, etc. DRAM = routing tables, ARP tables, running config, packet buffers, and IOS at runtime hth -e- Rizzo Damian [EMAIL PROTECTED] wrote: We have a problem with our 3660 router. We forgot the enable password and need to start from scratch and recreate the passwords. The problem is, the router has no Flash memory, so the router only boots into Rommon mode...I don't believe these routers have bootflash, because you can't use the "boot tftp" command without a BOOTLDR not set error. So even after we manualy install the IOS via X-modem and it is run in NVRAM, it loads the startup config in memory and that just brings us back to where we were beforeA router in which we have no enable password for. What are our options at this point? Thank you. - Rizzo _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get free email and a permanent address at http://www.netaddress.com/?N=1 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Question
I just recenlty asked Cisco this same question, and their answer is still "Not yet, but soon". -Original Message- From: Parris, Brian [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 15, 2001 11:20 AM To: '[EMAIL PROTECTED]' Subject: Question Has Cisco come out with a version of Cisco Secure VPN Client software yet, that is compatible with Windows 2000. I can't buy laptops with NT anymore and this is putting me in a real bind. Thanks, Brian _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
old 3102 router
Anyone know if a 3102 Router's serial port is the DB-60 kind of today or not so much? Damian Rizzo Senior IT Engineer Marakon Associates 203-978-6341 [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Browsing across subnets...
Here's an interesting problem...We have two routers on their own subnet, with Windows NT and 9x Clients. We setup WINS servers on each subnet to resolve Netbios names. On one subnet we can see everyone in network neighborhood (both subnets), but on the other subnet, we can only see machines on that particular subnet. Both routers are identical in model and configuration. I used the "ip forward-protocol udp 137 138" command, but that did nothing. Any thoughts? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Access list to deny IPSEC on C1600
Block ports 500(isakmp), 50(esp) and 51(ahp). -Original Message- From: Gil Shulman [mailto:[EMAIL PROTECTED]] Sent: Monday, March 12, 2001 6:37 AM To: 'Damien Kelly'; '[EMAIL PROTECTED]' Subject: RE: Access list to deny IPSEC on C1600 Hi, The IPSEC protocol uses UDP port 500. Gil -Original Message- From: Damien Kelly [mailto:[EMAIL PROTECTED]] Sent: ??? ??? 12 ??? 2001 12:33 To: '[EMAIL PROTECTED]' Subject: Access list to deny IPSEC on C1600 Hi All One of our office is on ISDN dialup and has a firewall behind it on the LAN, we have an issue with the line connecting to the ISP every min, 24 x 7, as you can imagine the ISDN bill is huge. We have determined the VPN link is cauing the dialup's. The Cisco is a 1603, I want to create an accesslist, But don't know how to define protocol 50 ( IPSEC ), as it isn't really TCP or UDP Can I set an access list as follows Access-list 101 deny IP any any eq 50 Or do I need to replace the IP with a different definition Any Suggestions ( If I can get the IPSec definition, I may create a timebased accesslist, so as not to defeat the purpose of the VPN. ) Thanks Damien Kelly ** The information contained in this message is confidential and is intended for the addressee(s) only. If you have received this message in error or there are any problems please notify the originator immediately. The unauthorised use, disclosure, copying or alteration of this message is strictly forbidden. This message and any attachments have been scanned for viruses. Orbiscom Ltd. will not be liable for direct, special, indirect or consequential damages arising from alteration of the contents of this message by a third party or as a result of any virus being passed on. www.Orbiscom.com ** _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: help with configuring TACACS+ server and NAS
The only way I know of to give seperate users "enable" mode passwords is by
using the "enable secret level 1-15" command, usually used in conjunction
with the "privilege exec" command.
-Original Message-
From: Sean Young
To: [EMAIL PROTECTED]
Sent: 3/11/01 8:58 AM
Subject: help with configuring TACACS+ server and NAS
Hi everyone,
I need help in configuring both the TACACS+ server and the Network
Access Server (NAS). I am currently running the TACACS+ server on
Linux RedHat 7 with kernel 2.4.2. I am running the NAS on a cisco 2610
router with IOS 12.0.15 Enterprise plus with ipsec capability. I am
running
TACACS server version tac_plus-F4.0.3.alpha-7. Here is the
configuration
of the tacacs configuration file:
key = "helpme"
user = xyz {
member = admin
login = des 7bYbKxc
cmd = show { permit .* }
cmd = disconnect { permit .* }
}
user = abc{
member = admin
login = des YZdX64CcM
cmd = show { permit .* }
cmd = disconnect { permit .* }
}
user = def {
service = exec {
default attribute = permit
}
member = normal
login = des 3zz3A/3Nc7RCU
expires = "Mar 08 2002"
cmd = where { permit .* }
}
group = admin {
default service = permit
service = exec {
priv-lvl = 15
}
}
group = normal{
}
user = $enab15$ {
login = cleartext "Ineedhelp"
}
Here is the what I configure on the NAS:
aaa new-model
aaa authentication login usetacacs tacacs+ local enable
aaa authentication login usenone none
aaa authorization commands 1 usetacacs1 tacacs+
enable secret 5 $1gGfwBcXfakuNKYSV0
tacacs-server host 172.16.1.240
tacacs-server key helpme
line vty 0 4
authorization commands 1 usetacacs1
login authentication usetacacs
I would like to be able to make both users abc and xyz to be
able to go into the privilege mode (enable) each with their
own password. Right now, even though abc and xyz can
access the NAS, they have to share the enable secret
password which is something I like to avoid. How can I
make this happen? What am I doing wrong here? Please
help... I am desperate...
Many thanks.
Harry
_
Get your FREE download of MSN Explorer at http://explorer.msn.com
_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
No Subject
It was my understanding that two devices in a PVC connection had to have the same DLCI number. Is this correct? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Off Topic: Load Balancing Through a PIX
IMO, the PIX is not a router and does not perform any routing or load balancing that I am aware of. -Original Message- From: Yonkerbonk [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 08, 2001 10:49 AM To: [EMAIL PROTECTED] Subject: Off Topic: Load Balancing Through a PIX What with the talk going on about load balancing between two PIXs, it has gotten me curious about another scenario. [RouterA] [RouterB] | | -- | [PIX] | [RouterC] In this scenario, I have two routers connecting to the Internet, a PIX behind it, and one router (router C) behind the PIX. I have two default routes on RouterC pointing to the other two, so that it would try to load balance between them, and then I have two static routes pointing to the PIX for recursive lookup of the default route next hops. My question is, RouterC would try to load balancing to the other two routers, but when the packet gets to the PIX, does the PIX make its own routing decision from that point? In which case, whatever routes I had on RouterC wouldn't matter and load balancing wouldn't work. My assumption is yes. The PIX is basically a router and not a switch. So the only way I can see this working is to tunnel through the PIX (security hole) or put another router in front of it to load balance. Any thoughts? Michael __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ****** Beside Cisco ****** OFF Topic Only Interested Read *****
Your joking right? -Original Message- From: Daawa LilAllah [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 08, 2001 11:16 AM To: [EMAIL PROTECTED] Subject: ** Beside Cisco ** OFF Topic Only Interested Read * Group, I know I will get flamed for this but I just want to share this with you. It may be Something that you, your friend, or some one you know looking for or want to understand it better. You may find something that may be helpful to you there. http://www.wvu.edu/~truth/lec_ann.htm http://www.it-is-truth.org/ A Friend FOR those who wnat to send flames please do so. _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IPsec proxy identities
I'm having some problems with a cisco-cisco IPsec setup that is utilizing private addresses on both ends of the SA with public addressing in between. When the SA begins to be established, IKE works fine - but the IPsec SA fails with the note 'proxy identities not supported'. What does 'proxy identity' refer to? I can't seem to find any reference to it in the RFCs. Thanks. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DSL internet with PPPoE
I have a home lab with a few routers and switches, I have a permanent DSL connection but unfortunately they use PPPoE for authentication. Is there any way possible I can use this connection with a Cisco Router??? I'd like to plug the modem into my router and then route traffic from there. But can't seem to get past the PPPoE problem. Thanks for the help. Damian Rizzo Senior IT Engineer Marakon Associates 203-978-6341 [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DSL internet with PPPoE
I don't see how any of this will provide me with what I desire. I desire to plug my DSL modem directly into my router and use that router's address as the gateway for my LAN. There's no reason that with only ONE registered IP address that every PC in my LAN can't access the internet. There are many solutions for this, I would probably use PAT on the router for instance. The only thing that stands between me and my desire, is this friggin, useless, does nothing but supply accounting info to the ISP, waste of bandwidth of a protocol, PPPoE! Once you plug the Modem into the router, you somehow have to authenticate to the ISP PPPoE server with a name and password. I have not found a way to implement this yet. This make me mad! Thanks for the ideas... -Original Message- From: Rahul Kachalia [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 06, 2001 2:48 PM To: Timothy Metz; Rizzo Damian; [EMAIL PROTECTED] Subject: Re: DSL internet with PPPoE Tim, PPPoE fundamentals are pretty much similar to PPP over WAN links but PPPoE breaks the boundary on router/modem brings down to host level where PPP is initiated just like a router but instead of serial links they send PPP request over Ethernet frame which may add more Layer 2 frame as configured on router/modem towards dslcloud. If second PC need to connect to internet that PC too needs an internet account PPPoE software in order to access else first PC can be multihomed provide a gateway service to other host on LAN. thanks rahul. - Original Message - From: "Timothy Metz" [EMAIL PROTECTED] To: "Rahul Kachalia" [EMAIL PROTECTED]; "Rizzo Damian" [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Tuesday, March 06, 2001 11:34 AM Subject: RE: DSL internet with PPPoE Yes, I think this would work but I don't see how a second PC could get access to the internet unless it used the PC that initiated the connection through the DSL modem as a gateway. Tim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Rahul Kachalia Sent: Tuesday, March 06, 2001 7:39 PM To: Rizzo Damian; [EMAIL PROTECTED] Subject: Re: DSL internet with PPPoE Rizzo, I think its possible, following would be your topology LAN-switch-Ciscorouter-eth-dsl modem--dsl cloud ( make sure you have to turn ON bridging on both ethernet interface of router ) I am assuming you are using PPPoE client software on the PC. PPPoE send Ethernet broadcast which needs to reach to PPPoE server unless you dont turn bridging on at routers traffic wont pass it will fail. thanks rahul. - Original Message - From: "Rizzo Damian" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, March 06, 2001 7:22 AM Subject: DSL internet with PPPoE I have a home lab with a few routers and switches, I have a permanent DSL connection but unfortunately they use PPPoE for authentication. Is there any way possible I can use this connection with a Cisco Router??? I'd like to plug the modem into my router and then route traffic from there. But can't seem to get past the PPPoE problem. Thanks for the help. Damian Rizzo Senior IT Engineer Marakon Associates 203-978-6341 [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DSL internet with PPPoE
You are correct Rahul. In theory, I do want my Router to be the PPPoE client, and have the PC's in my LAN travel through it. I currently have a 1601 and a 1604 router. -Original Message- From: Rahul Kachalia [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 06, 2001 3:15 PM To: Rizzo Damian; Timothy Metz; [EMAIL PROTECTED] Subject: Re: DSL internet with PPPoE Rizzo, As I mentioned you earlier I just assumed your PC is PPPoE client, from the following statement looks like you want router to be PPPoE client. Could please tell which is this series of router? thanks rahul. - Original Message - From: "Rizzo Damian" [EMAIL PROTECTED] To: "'Rahul Kachalia'" [EMAIL PROTECTED]; "Timothy Metz" [EMAIL PROTECTED]; "Rizzo Damian" [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Tuesday, March 06, 2001 11:58 AM Subject: RE: DSL internet with PPPoE I don't see how any of this will provide me with what I desire. I desire to plug my DSL modem directly into my router and use that router's address as the gateway for my LAN. There's no reason that with only ONE registered IP address that every PC in my LAN can't access the internet. There are many solutions for this, I would probably use PAT on the router for instance. The only thing that stands between me and my desire, is this friggin, useless, does nothing but supply accounting info to the ISP, waste of bandwidth of a protocol, PPPoE! Once you plug the Modem into the router, you somehow have to authenticate to the ISP PPPoE server with a name and password. I have not found a way to implement this yet. This make me mad! Thanks for the ideas... -Original Message- From: Rahul Kachalia [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 06, 2001 2:48 PM To: Timothy Metz; Rizzo Damian; [EMAIL PROTECTED] Subject: Re: DSL internet with PPPoE Tim, PPPoE fundamentals are pretty much similar to PPP over WAN links but PPPoE breaks the boundary on router/modem brings down to host level where PPP is initiated just like a router but instead of serial links they send PPP request over Ethernet frame which may add more Layer 2 frame as configured on router/modem towards dslcloud. If second PC need to connect to internet that PC too needs an internet account PPPoE software in order to access else first PC can be multihomed provide a gateway service to other host on LAN. thanks rahul. - Original Message - From: "Timothy Metz" [EMAIL PROTECTED] To: "Rahul Kachalia" [EMAIL PROTECTED]; "Rizzo Damian" [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Tuesday, March 06, 2001 11:34 AM Subject: RE: DSL internet with PPPoE Yes, I think this would work but I don't see how a second PC could get access to the internet unless it used the PC that initiated the connection through the DSL modem as a gateway. Tim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Rahul Kachalia Sent: Tuesday, March 06, 2001 7:39 PM To: Rizzo Damian; [EMAIL PROTECTED] Subject: Re: DSL internet with PPPoE Rizzo, I think its possible, following would be your topology LAN-switch-Ciscorouter-eth-dsl modem--dsl cloud ( make sure you have to turn ON bridging on both ethernet interface of router ) I am assuming you are using PPPoE client software on the PC. PPPoE send Ethernet broadcast which needs to reach to PPPoE server unless you dont turn bridging on at routers traffic wont pass it will fail. thanks rahul. - Original Message - From: "Rizzo Damian" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, March 06, 2001 7:22 AM Subject: DSL internet with PPPoE I have a home lab with a few routers and switches, I have a permanent DSL connection but unfortunately they use PPPoE for authentication. Is there any way possible I can use this connection with a Cisco Router??? I'd like to plug the modem into my router and then route traffic from there. But can't seem to get past the PPPoE problem. Thanks for the help. Damian Rizzo Senior IT Engineer Marakon Associates 203-978-6341 [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DSL internet with PPPoE
I currently am using a Linksys router. And it works fine, but the firewall feature (if thats what you want to call it) blows. And it's not very configurable, (you can only forward ports to one destination). So in a better world, if I could get my dsl to work through my Cisco Router, I could fool around with access-list's, Firewall feature set, NAT, PAT, etc... -Original Message- From: Glenn Johnson [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 06, 2001 3:58 PM To: Rizzo Damian; 'Rahul Kachalia'; Timothy Metz; [EMAIL PROTECTED] Subject: RE: DSL internet with PPPoE Any reason (other than $) that a simple linksys ($100) switch wouldn't allow you to accomplish your goal? Sample - http://www.us.buy.com/retail/product.asp?loc=sku=10249719PageFormat=7#prod uct It has DHCP, NAT, IPSec/PPTP pass-through, forwarding, etc. All of this for what seems like a bargain price. I'm not affiliated with Linksys. A Netgear switch would probably be fine as well. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Rizzo Damian Sent: Tuesday, March 06, 2001 2:59 PM To: 'Rahul Kachalia'; Timothy Metz; Rizzo Damian; [EMAIL PROTECTED] Subject: RE: DSL internet with PPPoE I don't see how any of this will provide me with what I desire. I desire to plug my DSL modem directly into my router and use that router's address as the gateway for my LAN. There's no reason that with only ONE registered IP address that every PC in my LAN can't access the internet. There are many solutions for this, I would probably use PAT on the router for instance. The only thing that stands between me and my desire, is this friggin, useless, does nothing but supply accounting info to the ISP, waste of bandwidth of a protocol, PPPoE! Once you plug the Modem into the router, you somehow have to authenticate to the ISP PPPoE server with a name and password. I have not found a way to implement this yet. This make me mad! Thanks for the ideas... -Original Message- From: Rahul Kachalia [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 06, 2001 2:48 PM To: Timothy Metz; Rizzo Damian; [EMAIL PROTECTED] Subject: Re: DSL internet with PPPoE Tim, PPPoE fundamentals are pretty much similar to PPP over WAN links but PPPoE breaks the boundary on router/modem brings down to host level where PPP is initiated just like a router but instead of serial links they send PPP request over Ethernet frame which may add more Layer 2 frame as configured on router/modem towards dslcloud. If second PC need to connect to internet that PC too needs an internet account PPPoE software in order to access else first PC can be multihomed provide a gateway service to other host on LAN. thanks rahul. - Original Message - From: "Timothy Metz" [EMAIL PROTECTED] To: "Rahul Kachalia" [EMAIL PROTECTED]; "Rizzo Damian" [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Tuesday, March 06, 2001 11:34 AM Subject: RE: DSL internet with PPPoE Yes, I think this would work but I don't see how a second PC could get access to the internet unless it used the PC that initiated the connection through the DSL modem as a gateway. Tim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Rahul Kachalia Sent: Tuesday, March 06, 2001 7:39 PM To: Rizzo Damian; [EMAIL PROTECTED] Subject: Re: DSL internet with PPPoE Rizzo, I think its possible, following would be your topology LAN-switch-Ciscorouter-eth-dsl modem--dsl cloud ( make sure you have to turn ON bridging on both ethernet interface of router ) I am assuming you are using PPPoE client software on the PC. PPPoE send Ethernet broadcast which needs to reach to PPPoE server unless you dont turn bridging on at routers traffic wont pass it will fail. thanks rahul. - Original Message - From: "Rizzo Damian" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, March 06, 2001 7:22 AM Subject: DSL internet with PPPoE I have a home lab with a few routers and switches, I have a permanent DSL connection but unfortunately they use PPPoE for authentication. Is there any way possible I can use this connection with a Cisco Router??? I'd like to plug the modem into my router and then route traffic from there. But can't seem to get past the PPPoE problem. Thanks for the help. Damian Rizzo Senior IT Engineer Marakon Associates 203-978-6341 [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report
image checksum error
I have two 1600 series routers that I am trying to upgrade to a IPsec feature set IOS. The problem I am experiencing is no matter version of the feature set I try (I've tried 4 so far), after the image appears to load successfuly from a TFTP server, the router displays the message "Image Checksum Error" and then procedes to boot from ROM. I have enough memory, flash shouldn't be of concern since I'm booting from a TFTP server. So what gives? Anyone else experience this problem? Is it likely I got 4 bad images from Cisco? Thanks. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN client for windows 2000
You wouldn't be able to authenticate to a Cisco Router running IPsec, using DES and MD5. -Original Message- From: michael liu [mailto:[EMAIL PROTECTED]] Sent: Friday, March 02, 2001 3:12 PM To: [EMAIL PROTECTED] Subject: VPN client for windows 2000 You could use pptp in windows 2000 Chris Lemagie wrote: The v1.0 and 1.1 (IRE) clients are not supported on Windows 2000. We will be shipping the Windows 2000 version of our VPN client shortly. Michael Liu _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to setup VLAN, Pls help.
Try here... http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_5_2/config/v lans.htm -Original Message- From: Gunjan Mathur [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 01, 2001 9:14 AM To: [EMAIL PROTECTED] Subject: How to setup VLAN, Pls help. Hi, I'm new to this field, and my boss want to implement VLAN in my network. We are using Cisco 2900/1900 switches. Pls guide me or send me links, which explain the procedure to implement the VLAN. Thanks, Gm __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to setup VLAN, Pls help.
Your absolutely right. I apologize, I didn't realize that was for a Cat 5000. -Original Message- From: David Armstrong [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 01, 2001 10:23 AM To: [EMAIL PROTECTED] Subject: Re: How to setup VLAN, Pls help. I don't think the link to the Catalyst 5000 will help him much. He's got an IOS based switch. Here's a couple of links that go over 2900XL switch configuration. You might want to download the pdf file format for easier readability. http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/29_35xu/scg/inde x.htm http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/29_35xu/scg/kivl an.htm David Armstrong "Rizzo Damian" [EMAIL PROTECTED] wrote in message 49C181ACF35ED311A7DC00508B5AF61102E52464@NAEXCHANGE">news:49C181ACF35ED311A7DC00508B5AF61102E52464@NAEXCHANGE... Try here... http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_5_2/config/v lans.htm -Original Message- From: Gunjan Mathur [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 01, 2001 9:14 AM To: [EMAIL PROTECTED] Subject: How to setup VLAN, Pls help. Hi, I'm new to this field, and my boss want to implement VLAN in my network. We are using Cisco 2900/1900 switches. Pls guide me or send me links, which explain the procedure to implement the VLAN. Thanks, Gm __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
embarrasing question...
Please excuse my ignorance, but what the heck is the command to enable events and messages to be displayed via a Telnet session instead of the default console session? Thank you! Damian Rizzo-CCNA+ Security, CNE, MCP Senior IT Engineer Marakon Associates 203-978-6341 [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: embarrasing question...
Ahhh yesthank you very much! -Original Message- From: Foulks, Brian, CTR [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 01, 2001 12:34 PM To: 'Rizzo Damian'; '[EMAIL PROTECTED]' Subject: RE: embarrasing question... term mon -Original Message- From: Rizzo Damian [SMTP:[EMAIL PROTECTED]] Sent: Thursday, March 01, 2001 10:24 To: '[EMAIL PROTECTED]' Subject: embarrasing question... Please excuse my ignorance, but what the heck is the command to enable events and messages to be displayed via a Telnet session instead of the default console session? Thank you! Damian Rizzo-CCNA+ Security, CNE, MCP Senior IT Engineer Marakon Associates 203-978-6341 [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPN Client for Windows 2000?
Anyone have any success using Ciscos' Secure VPN Client v.1.0 or 1.1 on Windows 2K?...It seems it doesn't work. What do I use on Win2K Clients then? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN Client for Windows 2000?
unfortunately. -Original Message- From: Chris Lemagie To: [EMAIL PROTECTED] Cc: Rizzo Damian; [EMAIL PROTECTED] Sent: 3/1/01 6:47 PM Subject: RE: VPN Client for Windows 2000? The only version of the VPN 3000 client that supports Windows 2000 is currently in Beta. I know a lot of people have this client, but the public beta is actually closed at this time. I use the beta version of the client (v2.6.2) and it does work great. The latest information I have on the ship date for version 3.0 of our VPN client (includes Win2K support) is March 19th... Chris Lemagie -Original Message- From: Brian Hartsfield [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 01, 2001 3:39 PM To: Chris Lemagie Cc: Rizzo Damian; [EMAIL PROTECTED] Subject: Re: VPN Client for Windows 2000? Chris Lemagie wrote: The v1.0 and 1.1 (IRE) clients are not supported on Windows 2000. We will be shipping the Windows 2000 version of our VPN client shortly. What about a Windows 2000 version of the VPN client for the VPN 3000? Brian Chris Lemagie.vcf _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to stash more than 100 ACLs in a router
Not sure what your using your access-list's for, but you may want to consider implementing CBAC or Reflexive Access List's. -Original Message- From: Murphy, Brian J SSI-ISET-31 [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 28, 2001 10:22 AM To: 'ciscojolof'; [EMAIL PROTECTED] Subject: RE: How to stash more than 100 ACLs in a router Use named access lists eg ip access-list extended name. - only supported in ios 11.2 and above -Original Message- From: ciscojolof [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 28, 2001 3:51 PM To: [EMAIL PROTECTED] Subject: How to stash more than 100 ACLs in a router Guys, I have a problem, in our network we are rate-limiting customers but we cannot get more than 100 ACLs per router so once we have over 100 customers we are compelled to install a second router. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cert Difficulty Comparison.
All depends on how much experience you have with Cisco products and overall network knowledge. If your looking for a career change and plan on taking the CCNA exam as your first IT Cert, it can and will be a very intimidating exam. For those of us who have been in the field for a few years and have experience with Cisco equipment, the CCNA exam will seem pretty painless. But enjoy it, because the moment you leap forward to the CCNP exam, there are no more easy rides! -Original Message- From: Steven Dangerfield [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 28, 2001 10:59 AM To: anthony kim; cisco; Craig Lindstrom Subject: RE: Cert Difficulty Comparison. Yes, I also agree, a couple of people i work with have recently taken the CCNA and passed, after a little push from me and a couple of others. They thought it was going to be hard and over studied for it, when they knew the stuff all the time. Having said that I did the same when I did the CCNA. Good look from me too ! Steve www.sjdsystems.com = Original Message From anthony kim [EMAIL PROTECTED] = To be fair, the CCNA is an entry level exam. If you are experienced, it is a piece of cake. Cisco has designed the exam for Level 1 support opportunities. Learn well and good luck on your journey. --- Craig Lindstrom [EMAIL PROTECTED] wrote: Hi, I'm just starting my Cisco Cert and I was wondering if anyone else is surprised how easy the Cisco tests are. I always hesitated doing the Cisco certs because I heard they were "hard". Not that I mind a challenge, its just I'm a little busy right now. Anyway, I just started a week and a bit ago. I took the CCNA the Monday before last, and switching last Monday. I felt the exams were quite easy. I passed both with scores well into the 900s and didn't spend that much time studying. I work full time and teach during the evenings, so all I studied was a little on Sat and Sun. I'm not the sharpest knife in the drawer, did I just luck out on questions, or take the easy test first, or are all the test about the same difficulty? I seem to see folks pooh-pooh the MCSE but I feel like the MS tests are much harder than the Cisco ones. MS tests cover a large range of topics where the Cisco test are a really small subset of topics. Does anyone else feel that way or am I just way up in the night? I've decided to do a test a week until I finish the CCNP, does this sound nuts? Anyway I am just trying to see what other folks think. A little mystified, Craig Lindstrom MCT MCSE+I CCNA(as of last week!) SOB:) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Steven Dangerfield, Network Engineer/Analyst B.Eng, CCNA, CCSA Email : [EMAIL PROTECTED] Totalise - the Users ISP - To become a member and a shareholder visit http://www.totalise.net --- InterMutual Healthcare from Totalise. Peace of mind at an affordable price. Visit http://www.intermutual.com/health/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Equipment for Home lab
I am currently using two 1600 series routers and a 2924 Catalyst Switch to prepare for my CCNP. I bought everything off of ebay. In my opinion, e-bay is the way to go if your looking for used equipment. -Original Message- From: Foulks, Brian, CTR [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 28, 2001 12:38 PM To: [EMAIL PROTECTED] Subject: Equipment for Home lab Hello, A question. What is the practical lab setup that I should look into to prepare for the CCNP/CCIE configurations and labs. I am looking on the cheap. Models, modules, and IOS versions would be a great help. Also I am hearing different tunes about where to purchase used equipment. Suggestions on this would help as well. Thank you, Brian _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Help!
It's relatively easy. For example if you wanted to simulate a Frame Relay connection between the two routers via a DCE/DTE cable, you would configure your routers as stated below; Router 1 (the DCE end, provides clock at 64Kb, "clockrate 64000") interface Serial1 no ip address encapsulation frame-relay clockrate 64000 no keepalive interface Serial1.1 point-to-point ip address 131.108.177.164 255.255.255.0 frame-relay interface-dlci 26 broadcast Router 2 interface Serial0 no ip address encapsulation frame-relay no keepalive frame-relay intf-type dce interface Serial0.1 point-to-point ip address 131.108.177.166 255.255.255.0 frame-relay interface-dlci 26 broadcast -Thats it. Hope this helps. Damian Rizzo CCNA+ Security, CNE, MCP -Original Message- From: Mixa [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 28, 2001 1:24 PM To: [EMAIL PROTECTED] Subject: Help! Hello, I'm new to Cisco and just bought 2 2500Series routers to practice my CCNA. Could you please show me how to make 2 routers talk via a back to back cable? Thanks in advance! Mixa PS: I know I need to configure a DTE/DCE but I can't find where. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Help!
No problem =) -Original Message- From: Mixa [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 28, 2001 1:50 PM To: [EMAIL PROTECTED] Subject: Re: Help! You're the man! Thanks Damian. This really helps. Mixa "Rizzo Damian" [EMAIL PROTECTED] wrote in message 49C181ACF35ED311A7DC00508B5AF61102E52458@NAEXCHANGE">news:49C181ACF35ED311A7DC00508B5AF61102E52458@NAEXCHANGE... It's relatively easy. For example if you wanted to simulate a Frame Relay connection between the two routers via a DCE/DTE cable, you would configure your routers as stated below; Router 1 (the DCE end, provides clock at 64Kb, "clockrate 64000") interface Serial1 no ip address encapsulation frame-relay clockrate 64000 no keepalive interface Serial1.1 point-to-point ip address 131.108.177.164 255.255.255.0 frame-relay interface-dlci 26 broadcast Router 2 interface Serial0 no ip address encapsulation frame-relay no keepalive frame-relay intf-type dce interface Serial0.1 point-to-point ip address 131.108.177.166 255.255.255.0 frame-relay interface-dlci 26 broadcast -Thats it. Hope this helps. Damian Rizzo CCNA+ Security, CNE, MCP -Original Message- From: Mixa [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 28, 2001 1:24 PM To: [EMAIL PROTECTED] Subject: Help! Hello, I'm new to Cisco and just bought 2 2500Series routers to practice my CCNA. Could you please show me how to make 2 routers talk via a back to back cable? Thanks in advance! Mixa PS: I know I need to configure a DTE/DCE but I can't find where. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: quick way to clear config totally
Did you try "erase start" -Original Message- From: Christopher Kolp [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 28, 2001 5:22 PM To: [EMAIL PROTECTED] Subject: quick way to clear config totally Is there a quick way to clear the entire config of a router? "setup" doesn't kill everything and I don't have the IOS to re-flash. any help is greatly appreciated since every way I've tried just doesn't take away everything, ie. access lists, etc... Thanks!!! Sincerely, Chris Kolp, CCNA Systems Engineer Neuron Broadcasting Technologies _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
