Re: ATM or 3550 [7:75082]
My opinion you can rent one day of rack time for ATM and understand it. Dave Williams wrote in message news:[EMAIL PROTECTED] Group, I'm planning on purchasing my final addition to my RS home lab sometime this month. I'm having a hard time deciding if I should add another 3550 (I have one already) or if I should pick up a Lightstream 1010 with two 4500s that have an OC3 MM interface. ATM for the 3600s is way too expensive for me. Any suggestions would be appreciated. -dave **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75130t=75082 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: OSPF summary address with Null 0 [7:73500]
under ospf no discard route internal (does not install the Null0 route in routing table) no discard route external (used whey you use the summary address command) Ronnie Shab Hanon wrote in message news:[EMAIL PROTECTED] Hi everybody The case .. OSPF summary address with Null 0 In all the case studies for CCIE R S we told don't use static routes! **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Dialer-list 1protocol permit... [7:72379]
You are correct. Dialer-group 1 looks for dialer-list 1 protocol ip permit. The dialer-list 1 command is right after you access list if you are looking at your running config. If it is not there then this is your problem. Will have no effect on users login. Only effect is they will not be disconnected anymore. This will fix your issue. Ronnie Ants wrote in message news:[EMAIL PROTECTED] Hi.. We are using dialer interfaces instead of DDR on a diaup router 3640 IO 12.0(9) currently have quite a number of dialer interfaces setup and all of them has a 'dialer group 1' statement but I don't have a 'dialer-list 1 protocol ip permit' statement anywhere else in my config. I take that this dialer group 1 statement serves no purpose without my dialer-list 1' command? If I do add it will it make a difference to currently logged on users? thanks in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72383t=72379 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Debugging ISDN problems [7:72396]
If your idle timeout is 120 sec and you have interesting traffic defined with the dialer-list 1 protocol ip permit command then I would start check for bugs in my IOS. As long as some interest traffic is going over the link (ie. routing protocol, user traffic, etc) something has to reset the timers. Are you running a routing protocol over the link? Can you post some debug dialer. Ants wrote in message news:[EMAIL PROTECTED] me again on isdn issues. have resolved previous problems thanks for all input. another ugly snake has reared it's neck.. have a number of isdn sites dialing in (dialer interfaces and not ddr) and being disconnected on random timeouts. they idle timeout is set to 120 seconds.. somtimes they disconnect after 70.. sometimes as much a 1050 seconds.. which debugging command can i use to best analyze what causes these conections to disconnect? thanks in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72439t=72396 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN Dialer time-out settings [7:72247]
Sounds like you don't have interesting traffic associated with the interface. Are you using DDR or Dialer interfaces? Are you running a routing protocol over this ISDN link? In the running-config DDR look for int bri 0 dialer-group 1 global command dialer-list protocol ip permit Dialer interfaces int dialer 1 dialer-group 1 global command dialer-list protocol ip permit If this is not setup to reset the idle timers on the interface it will disconnect at default 120 secs or what ever time you have specified with dialer idle-timeout command. Hope this helps.. Ronnie Ants wrote in message news:[EMAIL PROTECTED] Hi, Have a Dialup Cisco 3640 router with IOS 12.0(9) recently had a number of ISDN users complaining that they lose their connection after a set time once logged in successfully.. the idle-timeout on the dialer interfaces is not set..so the default is 120 seconds... promptly on 120 seconds they get chucked off the network.. when I increase this timeout to whatever amount it disconnects the user regardless but at the spefcified timeout set. thusfar only a couple of the dialer interfaces in use affected and most of them set to same settings. no upgrades or changes recently made. could this be a bug? thanks in adv. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72271t=72247 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN question. [7:71653]
Check you Spids they are not valid on both the router and simulator. If they are correct issue the command clear int bri0 which will clear the bri interface. If this doesn't work you may have to reboot your routers and simulator. Rajesh Kumar wrote in message news:[EMAIL PROTECTED] Hello all, I have a practice lab setup as follows : R1 ( bri int ) -- ISDN switch --- (bri int ) -- R2. I have configured the ISDN simulator with Basic-ni1 settings and the directory #s and SPIDs for both the ports. The following output I see when I issue sh isdn status R1. == ISDNSW1#sh isdn status Global ISDN Switchtype = basic-ni ISDN BRI1/0 interface dsl 8, interface ISDN Switchtype = basic-ni Layer 1 Status: ACTIVE Layer 2 Status: TEI = 65, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED TEI 65, ces = 1, state = 8(established) spid1 configured, spid1 sent, spid1 NOT valid TEI Not Assigned, ces = 2, state = 1(terminal down) spid2 configured, spid2 NOT sent, spid2 NOT valid Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 8 CCBs = 0 The Free Channel Mask: 0x8003 on R2 === Global ISDN Switchtype = basic-ni ISDN BRI1/0 interface dsl 8, interface ISDN Switchtype = basic-ni Layer 1 Status: ACTIVE Layer 2 Status: TEI = 64, Ces = 2, SAPI = 0, State = TEI_ASSIGNED TEI = 255, Ces = 1, SAPI = 0, State = ESTABLISH_AWAITING_TEI TEI Not Assigned, ces = 1, state = 3(await establishment) spid1 configured, spid1 NOT sent, spid1 NOT valid TEI 64, ces = 2, state = 1(terminal down) spid2 configured, spid2 sent, spid2 valid Endpoint ID Info: epsf = 0, usid = 3, tid = 1 Layer 3 Status: 0 Active Layer 3 Call(s) CCB:callid=0, sapi=0, ces=1, B-chan=0, calltype=INTERNAL (BR1/0) SPC Call Active dsl 8 CCBs = 1 The Free Channel Mask: 0x8003 = Can anybody suggest what could be the reason for this inconsistent output? Thanks, Rajesh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71708t=71653 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Boot problem with new 6513 [7:71390]
Ronnie Ron wrote in message news:[EMAIL PROTECTED] I have a new 6513 Catalyst switch and am getting the following when I boot the device: Autoboot: failed, BOOT string is empty rommon 1 Can someone lead me in the right direction on what to do to get the boot string set up properly? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71400t=71390 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VTP Domain Server Question [7:70942]
Dave, You are correct. Same setup I have working on many 6509's and 4006's today. 4006's dual ran to each 6509. Each 6509 is my VTP Server. I can take one completely down for maintenance or whatever and it will never miss a packet. Under than the first 50 seconds for spanning tree to go from a listening---learning-forwarding state... When I said Vlans would basically go down What I meant is with you VTP server down no vlan routing can take place because the server announcing that vlan is down. If you were to have 2 clients on different vlans on a 4006 and you take down your VTP server. Client A in VLAN A could not get to Client B in Vlan B. All local vlan traffic would work on the 4006 because it is locally switched but it cannot route vlans. Ronnie The Road Goes Ever On wrote in message news:[EMAIL PROTECTED] Ronnie Higginbotham wrote in message news:[EMAIL PROTECTED] Once you take the VTP server down all vlans will basically go down. Which will bring down the network with only one VTP server. They will sit there and do nothing until the vtp server comes back online. Is this right? I got to wondering about this, but I don't have enough equipment to simulate a real network to test end to end. What I did do was take my two switches, set one as the VTP server, the other as the client, create some vlans on the server, assigning those vlans to ports on the client switch, shut down the trunk ports between the two switches, and watch. I'm not sure how long I need to wait, but what I am seeing ( or not seeing ) confirms my suspicion - that the assigned ports on the client switch remain functional. My trunks are down on the client switch, but that is expected in this setup. What I am unable to test is whether or not the trunks, over which vlan information is propagated, will still function in the scenario described. I suppose you are correct when you say that all vlans will basically go down. Certainly, in my simulation, no one on a local switch could get to the core. What I am wondering is in a dual core switch situation as described, if servers and services were dual homed to the redundant switches, if all would remain well. Certainly no new vlans could be added, but I'm wondering if all else would remain functioning. some info on the switch Switch_48#sh vtp stat VTP Version : 2 Configuration Revision : 2 Maximum VLANs supported locally : 1005 Number of existing VLANs: 12 VTP Operating Mode : Client Switch_48#sh vlan VLAN Name StatusPorts - -- -- --- 1default activeFa0/4, Fa0/5, Fa0/6, Fa0/7 Fa0/11, Fa0/12, Fa0/13, Fa0/14 edited for brevety 10 VLAN0010 activeFa0/10 20 VLAN0020 activeFa0/20 30 VLAN0030 activeFa0/8, Fa0/30 40 VLAN0040 activeFa0/40 100 VLAN0100 activeFa0/1 200 VLAN0200 activeFa0/2 300 VLAN0300 activeFa0/3 1002 fddi-default active 1003 trcrf-defaultactive --M Switch_48#sh int trunk Switch_48# ( demonstrating that the trunk is down ) As I said, with two switches, I can't test a real world. However, I suspect that if the network is properly design, with dual homing of servers and services, and dual home of the access closets to the core switch, that things might just be fine. Can anyone provide info in a more realistic simulation? It would be a good idea to have two VTP servers so you can take them down one at a time and upgrade. always a good idea. I must assume the 2 6509's or for you core routing and the 4006's are your closet access switches. If the other standby 6509 is a client in the same VTP domain as you server which I don't see why it would not be, they already that the same VTP revision all you have to do is promote the client 6509 to server. set vtp domain (Domain Name) mode server Then you have two servers. You must have the 4006's dual ran to both 6509's to work... Ronnie Dave C. wrote in message news:[EMAIL PROTECTED] I have a question regarding VTP. I am working with a network configuration that has dual 6509's as core switches. One is the VTP domain server, the other is a VTP domain client. All other 4000 switches are defined as client also. I need to take both 6509's down to upgrade the Cat-OS on them, however I am concerned about what happens to the other switches when the VTP domain server goes away while the other 6509 is in client mode. I know that I can assign multiple VTP servers to a domain. My original thought is to first
Re: VTP Domain Server Question [7:70942]
Once you take the VTP server down all vlans will basically go down. Which will bring down the network with only one VTP server. They will sit there and do nothing until the vtp server comes back online. It would be a good idea to have two VTP servers so you can take them down one at a time and upgrade. I must assume the 2 6509's or for you core routing and the 4006's are your closet access switches. If the other standby 6509 is a client in the same VTP domain as you server which I don't see why it would not be, they already that the same VTP revision all you have to do is promote the client 6509 to server. set vtp domain (Domain Name) mode server Then you have two servers. You must have the 4006's dual ran to both 6509's to work... Ronnie Dave C. wrote in message news:[EMAIL PROTECTED] I have a question regarding VTP. I am working with a network configuration that has dual 6509's as core switches. One is the VTP domain server, the other is a VTP domain client. All other 4000 switches are defined as client also. I need to take both 6509's down to upgrade the Cat-OS on them, however I am concerned about what happens to the other switches when the VTP domain server goes away while the other 6509 is in client mode. I know that I can assign multiple VTP servers to a domain. My original thought is to first make sure that the client 6509 is running the same VTP revision # as the server 6509. Then I should be able to change the client 6509 to VTP server mode. Then in theory either server can take over VTP responsibilites, because one will be able to act as the other if the other one goes away. What I was also wondering, do all VLAN's go disabled if I were to only have a single VTP server and shut it down when the rest of the switches are clients? If so, would this happen right away, or after 5 minutes? If I take the 6509 server down, it will not be able to tell anyone that a topology change has occurred, but will the clients be looking for the VTP 5 minute updates? If anyone could help clarify this, I would appreciate it. Thanks. Dave C. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70943t=70942 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VTP Domain Server Question [7:70942]
Once you take the VTP server down all vlans will basically go down. Which will bring down the network with only one VTP server. They will sit there and do nothing until the vtp server comes back online. It would be a good idea to have two VTP servers so you can take them down one at a time and upgrade. I must assume the 2 6509's or for you core routing and the 4006's are your closet access switches. If the other standby 6509 is a client in the same VTP domain as you server which I don't see why it would not be, they already that the same VTP revision all you have to do is promote the client 6509 to server. set vtp domain (Domain Name) mode server Then you have two servers. You must have the 4006's dual ran to both 6509's to work... Ronnie Dave C. wrote in message news:[EMAIL PROTECTED] I have a question regarding VTP. I am working with a network configuration that has dual 6509's as core switches. One is the VTP domain server, the other is a VTP domain client. All other 4000 switches are defined as client also. I need to take both 6509's down to upgrade the Cat-OS on them, however I am concerned about what happens to the other switches when the VTP domain server goes away while the other 6509 is in client mode. I know that I can assign multiple VTP servers to a domain. My original thought is to first make sure that the client 6509 is running the same VTP revision # as the server 6509. Then I should be able to change the client 6509 to VTP server mode. Then in theory either server can take over VTP responsibilites, because one will be able to act as the other if the other one goes away. What I was also wondering, do all VLAN's go disabled if I were to only have a single VTP server and shut it down when the rest of the switches are clients? If so, would this happen right away, or after 5 minutes? If I take the 6509 server down, it will not be able to tell anyone that a topology change has occurred, but will the clients be looking for the VTP 5 minute updates? If anyone could help clarify this, I would appreciate it. Thanks. Dave C. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70950t=70942 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN problem [7:70856]
In the 2503 router you have two options to make it dial put a dialer-string under the bri or assign a sting to the end of your dialer map command. You are missing that. Ronnie wrote in message news:[EMAIL PROTECTED] Hi group, I recently got a ILS-1000 ISDN simulator for my lab, I config two router according to the CCIE LAB configuration and i just can not make the BRI dial. Did anyone have any experience for the this simulator. Here is the output and the config, pleas help. R2503# interface BRI0 ip address 100.100.100.200 255.255.255.0 encapsulation ppp dialer idle-timeout 90 dialer map ip 100.100.100.100 name r2521 dialer-group 1 isdn switch-type basic-ni isdn spid1 0835866201 isdn spid2 0835866401 no fair-queue ppp multilink ! no ip classless ip route 100.0.0.0 255.255.255.0 BRI0 ip route 196.1.1.0 255.255.255.0 BRI0 no ip http server no ip pim bidir-enable ! dialer-list 1 protocol ip permit ! r2521# interface BRI0 ip address 100.100.100.100 255.255.255.0 ip directed-broadcast encapsulation ppp dialer idle-timeout 90 dialer map ip 100.100.100.200 name r2503 broadcast 8358662 dialer load-threshold 1 outbound dialer-group 1 isdn switch-type basic-ni isdn spid1 0835866101 isdn spid2 0835866301 no fair-queue ppp multilink ! router rip network 100.0.0.0 ! ip nat translation timeout never ip nat translation tcp-timeout never ip nat translation udp-timeout never ip nat translation finrst-timeout never ip nat translation syn-timeout never ip nat translation dns-timeout never ip nat translation icmp-timeout never ip classless ! dialer-list 1 protocol ip permit r2503#sh isdn status Global ISDN Switchtype = basic-ni ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-ni Layer 1 Status: ACTIVE Layer 2 Status: TEI = 119, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED TEI = 121, Ces = 2, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED TEI 119, ces = 1, state = 5(init) spid1 configured, no LDN, spid1 sent, spid1 valid Endpoint ID Info: epsf = 0, usid = 2, tid = 1 TEI 121, ces = 2, state = 5(init) spid2 configured, no LDN, spid2 sent, spid2 valid Endpoint ID Info: epsf = 0, usid = 4, tid = 1 Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x8003 Number of L2 Discards = 0, L2 Session ID = 52 Total Allocated ISDN CCBs = 0 r2503#sh int bri0 BRI0 is up, line protocol is up (spoofing) Hardware is BRI Internet address is 100.100.100.200/24 MTU 1500 bytes, BW 64 Kbit, DLY 2 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set Last input 00:00:29, output 00:00:29, output hang never Last clearing of show interface counters 01:01:09 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 302 packets input, 1536 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 326 packets output, 1696 bytes, 0 underruns 0 output errors, 0 collisions, 8 interface resets 0 output buffer failures, 0 output buffers swapped out 19 carrier transitions Thank you very much.. Philip Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70904t=70856 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: dhcp packets not visible in 6509 [7:70898]
you need to enable portfast. Read about portfast. Set spantree portfast enable ( I think this is the syntax I don't have a 6509 in front of me now.) Vik Vikky wrote in message news:[EMAIL PROTECTED] Hi *, am fairly new to cisco products/ commands. have a problem got a WS-X6348-RJ-45 module at slot 3 of 6509. In which am unable to get DHCP broadcast /address from the main dhcp server. configured all the ports to respective vlan-x and at the routing module in a core switch (6509 with msfc) I hv given the ip helperaddress for this vlan. rest of the catalyst 4006 switch fetches dhcp frm this scope. Below is the module capabilities: Type 10/100BaseTX Speedauto,10,100 Duplex half,full Trunk encap type 802.1Q,ISL Trunk mode on,off,desirable,auto,nonegotiate Channel yes Broadcast suppressionpercentage(0-100) Flow control receive-(off,on),send-(off) Security yes Dot1xyes Membership static,dynamic Fast start yes QOS scheduling rx-(1q4t),tx-(2q2t) CoS rewrite yes ToS rewrite DSCP UDLD yes Inline power no AuxiliaryVlan1..1000,1025..4094,untagged,dot1p,none SPAN source,destination COPS port group 3/1-48 Link debounce timer yes Module configuration: set vlan 68 3/1-48 set port auxiliaryvlan 3/1-48 none set port qos 3/1-48 trust-ext untrusted set port qos 3/1-48 cos-ext 0 set port enable 3/1-48 set port speed 3/1-48 auto set port trap 3/1-48 enable set port name 3/1-48 set port dot1x 3/1-48 port-control force-autho set port dot1x 3/1-48 multiple-host disable set port dot1x 3/1-48 re-authentication disabl set port security 3/1-48 disable age 0 maximum set port broadcast 3/1-48 100.00% set port membership 3/1-48 static set port protocol 3/1-48 ip on set port protocol 3/1-48 ipx auto set port protocol 3/1-48 group auto set port flowcontrol3/1-48 send off set port flowcontrol3/1-48 receive off set cdp enable 3/1-48 set udld disable 3/1-48 set udld aggressive-mode disable 3/1-48 Cat-OS version: cat6000-sup.6-3-9.bin Can you guide me, anything I am missing out. Thank you _ Get 10mb of inbox space with MSN Hotmail Extra Storage http://join.msn.com/?pgmarket=en-sg Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70903t=70898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Documentation CD [7:70490]
Best Documentation CD you can get updated quite regularly. http://www.cisco.com/univercd/home/home.htm John Tafasi wrote in message news:[EMAIL PROTECTED] Hi Group, I need to buy an updated documentation cd that contains Catalyst 3550 documentations. If any one can sell me one please let me know. Thanks John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70495t=70490 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Documentation CD [7:70490]
Best Documentation CD you can get updated quite regularly. John Tafasi wrote in message news:[EMAIL PROTECTED] Hi Group, I need to buy an updated documentation cd that contains Catalyst 3550 documentations. If any one can sell me one please let me know. Thanks John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70494t=70490 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Nortel Passport to Cisco 6500 [7:69798]
Fast Ethernet to both 6500's. Not sure exactly what the question is? Does the 8600 no have a Fast Ethernet card installed or is it OC3 or something. Ronnie Owens Samuel wrote in message news:[EMAIL PROTECTED] I have a project where I need to connect a Nortel Passport 8600 to two Cisco 6500. What would be the best way to make connection? Thank you for any help. Sam Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69836t=69798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: isdn scripts.. [7:62793]
I have written expect scripts to test connectivity. Do you have backup interface applied or are you using dialer watch. Ronnie Rich Muller wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello- Anyone have a current script used to test isdn line availability? There are app's available, but scripting seems to be the way to go...anyone out there using their own scripts to test isdn call setups etc..? Thx! _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62795t=62793 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 4000 and DHCP [7:62632]
Make sure you turn on portfast for workstation ports. set spantree portfast enable This will cause the port to start forwarding in 5 seconds as apposed to 50. Ronnie Tunde Kalejaiye wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hi all, we just upgraded our network to a switched, a catalyst 4006 to be exactsome users have been getting 'no domain server available ' error message. they usually have to try more than 4 - 6 times to successfully log on to the network. has anybody come across this problem before? what work around did u use besides configuring static ip addresses? thanks for your response(s) in advance Tunde Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62633t=62632 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hi problem regarding PPP HELPpppppppp [7:59184]
Can you please post Router 2 config Ronnie Munit Singla wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, I am new to this group.A big Great hello to every one. Now my problem... I have leased line back to back routers.I have configured dialer interface although dialer interface is mostly used on switched ckts.But I am using here on leased line bavck to back.Now what happens after restting the interface physical It get disconnect after idle-timeout so I have made dilaer list to define interesting traffic also but still I am not able to trigger the call so dilaer interface timesout after being idle.I have used Map command Map protocol ip name broadcast ..I have not defined any string.I cannot define any string in above command as I have leased line ,no number to dial. During which the call is active i am able to transfer data but if it times out after idle time specified I am unable to activate the call. My config Configuration of router 1: router1#sh run Building configuration... Current configuration : 1209 bytes ! version 12.2 no parser cache service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname router1 ! no logging console enable secret 5 $1$xYa1$1.YkO1.NXT1epX8oSH8KQ1 ! username router2 password 0 abc ip subnet-zero ! frame-relay de-list 3 protocol ip gt 500 ! ! ! ! interface Loopback0 ip address 192.168.10.2 255.255.255.0 ! interface FastEthernet0 ip address 10.77.152.223 255.255.255.0 speed auto ! interface Serial0 no ip address encapsulation ppp dialer in-band dialer rotary-group 1 pulse-time 1 ! interface Serial1 no ip address encapsulation ppp shutdown dialer in-band dialer rotary-group 1 pulse-time 1 ! interface Dialer1 ip unnumbered Loopback0 encapsulation ppp dialer in-band dialer idle-timeout 30 dialer map ip 192.168.20.1 name router2 broadcast dialer-group 1 ppp authentication chap ppp direction callout ! ip classless ip route 0.0.0.0 0.0.0.0 10.77.152.129 ip route 192.168.20.1 255.255.255.255 Dialer1 no ip http server ! access-list 100 permit ip any any dialer-list 1 protocol ip list 100 ! line con 0 line aux 0 line vty 0 4 exec-timeout 200 0 password lab login line vty 5 15 login ! no scheduler allocate end router1# similar is configuration on router 2 Debug ppp nego o/p on router 1 4:39:54: %LINK-3-UPDOWN: Interface Serial0, changed state to up 4:39:54: Se0 PPP: Using configured call direction 4:39:54: Se0 PPP: Treating connection as a callout 4:39:54: Se0 PPP: Phase is ESTABLISHING, Active Open [0 sess, 1 load] 4:39:54: Se0 LCP: O CONFREQ [Closed] id 203 len 15 4:39:54: Se0 LCP: AuthProto CHAP (0x0305C22305) 4:39:54: Se0 LCP: MagicNumber 0x03B9ED37 (0x050603B9ED37) 4:39:54: Se0 LCP: I CONFREQ [REQsent] id 44 len 15 4:39:54: Se0 LCP: AuthProto CHAP (0x0305C22305) 4:39:54: Se0 LCP: MagicNumber 0x00FF543D (0x050600FF543D) 4:39:54: Se0 LCP: O CONFACK [REQsent] id 44 len 15 4:39:54: Se0 LCP: AuthProto CHAP (0x0305C22305) 4:39:54: Se0 LCP: MagicNumber 0x00FF543D (0x050600FF543D) 4:39:54: Se0 LCP: I CONFACK [ACKsent] id 203 len 15 4:39:54: Se0 LCP: AuthProto CHAP (0x0305C22305) 4:39:54: Se0 LCP: MagicNumber 0x03B9ED37 (0x050603B9ED37) 4:39:54: Se0 LCP: State is Open 4:39:54: Se0 PPP: Phase is AUTHENTICATING, by both [0 sess, 1 load] 4:39:54: Se0 CHAP: O CHALLENGE id 240 len 28 from router1 4:39:54: Se0 CHAP: I CHALLENGE id 35 len 28 from router2 4:39:54: Se0 CHAP: O RESPONSE id 35 len 28 from router1 4:39:54: Se0 CHAP: I SUCCESS id 35 len 4 4:39:54: Se0 CHAP: I RESPONSE id 240 len 28 from router2 4:39:54: Se0 CHAP: O SUCCESS id 240 len 4 4:39:54: Se0 PPP: Phase is UP [0 sess, 1 load] 4:39:54: Se0 IPCP: O CONFREQ [Closed] id 8 len 10 4:39:54: Se0 IPCP: Address 192.168.10.2 (0x0306C0A80A02) 4:39:54: Se0 CDPCP: O CONFREQ [Closed] id 8 len 4 4:39:54: Se0 IPCP: I CONFREQ [REQsent] id 1 len 10 4:39:54: Se0 IPCP: Address 192.168.20.1 (0x0306C0A81401) 4:39:54: Se0 IPCP: O CONFACK [REQsent] id 1 len 10 4:39:54: Se0 IPCP: Address 192.168.20.1 (0x0306C0A81401) 4:39:54: Se0 IPCP: I CONFACK [ACKsent] id 8 len 10 4:39:54: Se0 IPCP: Address 192.168.10.2 (0x0306C0A80A02) 4:39:54: Se0 IPCP: State is Open 4:39:54: Se0 LCP: I PROTREJ [Open] id 45 len 10 protocol CDPCP (0x820701080004) 4:39:54: Se0 CDPCP: State is Closed 4:39:54: Di1 IPCP: Install route to 192.168.20.1 4:39:55: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up router1#show dialer Di1 - dialer type = IN-BAND SYNC NO-PARITY Idle timer (30 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Number of active calls = 1 Dial String Successes Failures Last DNIS Se0 - dialer type = IN-BAND SYNC NO-PARITY Rotary group 1, priority 0 Idle timer (30 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is data link layer up Time
Re: Hi problem regarding PPP HELPpppppppp [7:59184]
Try changing the dialer list - Original Message - From: Munit Singla To: Ronnie Higginbotham Cc: [EMAIL PROTECTED] Sent: Friday, December 13, 2002 6:09 PM Subject: Re: Hi problem regarding PPP HELP [7:59184] Hi Ronnie, thanx for the reply.see router 2 configuration is almost same.I am sorry i have just removed that test bed I have to setup again.The confguration you can ge if u just to go the link mentioned at the end of this mail ,Just same configuration I used except multilink. If u still did not get the problem I can again Explain you. Regards, munit Ronnie Higginbotham wrote: Can you please post Router 2 config Ronnie Munit Singla wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, I am new to this group.A big Great hello to every one. Now my problem... I have leased line back to back routers.I have configured dialer interface although dialer interface is mostly used on switched ckts.But I am using here on leased line bavck to back.Now what happens after restting the interface physical It get disconnect after idle-timeout so I have made dilaer list to define interesting traffic also but still I am not able to trigger the call so dilaer interface timesout after being idle.I have used Map command Map protocol ip name broadcast ..I have not defined any string.I cannot define any string in above command as I have leased line ,no number to dial. During which the call is active i am able to transfer data but if it times out after idle time specified I am unable to activate the call. My config Configuration of router 1: router1#sh run Building configuration... Current configuration : 1209 bytes ! version 12.2 no parser cache service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname router1 ! no logging console enable secret 5 $1$xYa1$1.YkO1.NXT1epX8oSH8KQ1 ! username router2 password 0 abc ip subnet-zero ! frame-relay de-list 3 protocol ip gt 500 ! ! ! ! interface Loopback0 ip address 192.168.10.2 255.255.255.0 ! interface FastEthernet0 ip address 10.77.152.223 255.255.255.0 speed auto ! interface Serial0 no ip address encapsulation ppp dialer in-band dialer rotary-group 1 pulse-time 1 ! interface Serial1 no ip address encapsulation ppp shutdown dialer in-band dialer rotary-group 1 pulse-time 1 ! interface Dialer1 ip unnumbered Loopback0 encapsulation ppp dialer in-band dialer idle-timeout 30 dialer map ip 192.168.20.1 name router2 broadcast dialer-group 1 ppp authentication chap ppp direction callout ! ip classless ip route 0.0.0.0 0.0.0.0 10.77.152.129 ip route 192.168.20.1 255.255.255.255 Dialer1 no ip http server ! access-list 100 permit ip any any dialer-list 1 protocol ip list 100 ! line con 0 line aux 0 line vty 0 4 exec-timeout 200 0 password lab login line vty 5 15 login ! no scheduler allocate end router1# similar is configuration on router 2 Debug ppp nego o/p on router 1 4:39:54: %LINK-3-UPDOWN: Interface Serial0, changed state to up 4:39:54: Se0 PPP: Using configured call direction 4:39:54: Se0 PPP: Treating connection as a callout 4:39:54: Se0 PPP: Phase is ESTABLISHING, Active Open [0 sess, 1 load] 4:39:54: Se0 LCP: O CONFREQ [Closed] id 203 len 15 4:39:54: Se0 LCP: AuthProto CHAP (0x0305C22305) 4:39:54: Se0 LCP: MagicNumber 0x03B9ED37 (0x050603B9ED37) 4:39:54: Se0 LCP: I CONFREQ [REQsent] id 44 len 15 4:39:54: Se0 LCP: AuthProto CHAP (0x0305C22305) 4:39:54: Se0 LCP: MagicNumber 0x00FF543D (0x050600FF543D) 4:39:54: Se0 LCP: O CONFACK [REQsent] id 44 len 15 4:39:54: Se0 LCP: AuthProto CHAP (0x0305C22305) 4:39:54: Se0 LCP: MagicNumber 0x00FF543D (0x050600FF543D) 4:39:54: Se0 LCP: I CONFACK [ACKsent] id 203 len 15 4:39:54: Se0 LCP: AuthProto CHAP (0x0305C22305) 4:39:54: Se0 LCP: MagicNumber 0x03B9ED37 (0x050603B9ED37) 4:39:54: Se0 LCP: State is Open 4:39:54: Se0 PPP: Phase is AUTHENTICATING, by both [0 sess, 1 load] 4:39:54: Se0 CHAP: O CHALLENGE id 240 len 28 from router1 4:39:54: Se0 CHAP: I CHALLENGE id 35 len 28 from router2 4:39:54: Se0 CHAP: O RESPONSE id 35 len 28 from router1 4:39:54: Se0 CHAP: I SUCCESS id 35 len 4 4:39:54: Se0 CHAP: I RESPONSE id 240 len 28 from router2 4:39:54: Se0 CHAP: O SUCCESS id 240 len 4 4:39:54: Se0 PPP: Phase is UP [0 sess, 1 load] 4:39:54: Se0 IPCP: O CONFREQ [Closed] id 8 len 10 4:39:54:
Re: what is this spantree msg? [7:55540]
Basically it means that the server or whatever connected it flapping. Try hard coding the speed and duplex to match if set to auto. Ronnie Sim, CT (Chee Tong) wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi.. I checked from the log of my cat5505 switch, I found the following. What is the meaning? But there was no impact at all. I have enable the portfast on those ports but why those port still create spanning tree msg? Oct 5 00:00:05 57.198.45.252 2002 Oct 04 17:35:13 %PAGP-5-PORTFROMSTP:Port 5/21 left brid ge port 5/21 Oct 5 00:00:16 57.198.45.252 2002 Oct 04 17:35:25 %PAGP-5-PORTTOSTP:Port 5/21 joined brid ge port 5/21 Oct 5 00:14:24 57.198.45.252 2002 Oct 04 17:49:33 %PAGP-5-PORTFROMSTP:Port 4/13 left brid ge port 4/13 Oct 5 00:14:37 57.198.45.252 2002 Oct 04 17:49:45 %PAGP-5-PORTTOSTP:Port 4/13 joined brid ge port 4/13 Oct 5 00:20:34 57.198.45.252 2002 Oct 04 17:55:42 %PAGP-5-PORTFROMSTP:Port 4/19 left brid ge port 4/19 Oct 5 00:20:46 57.198.45.252 2002 Oct 04 17:55:54 %PAGP-5-PORTTOSTP:Port 4/19 joined brid ge port 4/19 Oct 5 00:23:52 57.198.45.254 2002 Oct 04 17:51:51 %PAGP-5-PORTFROMSTP:Port 4/12 left brid ge port 4/12 Oct 4 23:59:00 57.198.45.254 2002 Oct 04 17:52:04 %PAGP-5-PORTTOSTP:Port 4/12 joined brid ge port 4/12 Oct 4 23:59:57 57.198.45.254 2002 Oct 04 17:53:01 %PAGP-5-PORTFROMSTP:Port 4/12 left brid ge port 4/12 Oct 5 00:05:18 57.198.45.254 2002 Oct 04 17:58:22 %PAGP-5-PORTFROMSTP:Port 4/10 left brid ge port 4/10 Oct 5 00:05:31 57.198.45.254 2002 Oct 04 17:58:34 %PAGP-5-PORTTOSTP:Port 4/10 joined brid ge port 4/10 Oct 5 00:12:13 57.198.45.254 2002 Oct 04 18:05:16 %PAGP-5-PORTFROMSTP:Port 4/10 left brid ge port 4/10 Oct 5 00:12:25 57.198.45.254 2002 Oct 04 18:05:28 %PAGP-5-PORTTOSTP:Port 4/10 joined brid ge port 4/10 Oct 5 00:23:19 57.198.45.254 2002 Oct 04 18:16:22 %PAGP-5-PORTFROMSTP:Port 4/10 left brid ge port 4/10 Oct 5 00:23:33 57.198.45.254 2002 Oct 04 18:16:35 %PAGP-5-PORTTOSTP:Port 4/10 joined brid ge port 4/10 Oct 5 00:23:35 57.198.45.254 2002 Oct 04 18:16:38 %PAGP-5-PORTFROMSTP:Port 4/10 left brid ge port 4/10 == De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. == The information contained in this message may be confidential and is intended to be exclusively for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. == Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55612t=55540 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Enable Secret of AS5300 [7:55086]
You will have to do a password recovery,. It will require rebooting the router. Attached is link of step by step instructions http://www.cisco.com/en/US/products/hw/univgate/ps501/products_password_reco very09186a0080093e1a.shtml Ronnie bi.s wrote in message news:200210091616.QAA00483;groupstudy.com... Frank Merrill wrote: I lost the enable secret password of my Cisco AS5300.I have the configuration showing. enable secret 5 $1$6YRM$nzNXQuv4h24C3AlB8N3rp. enable password 7 110A1016141D5A One more point, since you have an 'enable secret' configured, the 'enable password' serves no purpose. When you type 'enable' to go to exec mode, it will only work with the 'enable secret' at the password prompt. If a secret is configured, the enable password is never utilized. You can safely remove the 'enable password'. apart from that, i always thought the enable secret can not be cracked/reverted etc? just those marked with 7 (e.g. enable secret, vty password etc) can. or have i missed something? cya -bis Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55481t=55086 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Lab Swap [7:54172]
Have lab for RTP Feb 28, would like to swap for sometime in March or early May RTP or San Jose. Please email me at [EMAIL PROTECTED] Ronnie Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54172t=54172 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Need help with RIP config [7:51483]
If these are the configs you are running two different versions of RIP. Router 2501A is running version 2 while the others are version 1. Did you mean to do this? What is the reason you need to redistribute the connected interfaces on the bottom 2 routers? Rip will do this for you. Let the routing protocol do its job. I would remove the redistribute connected on the bottom two routers and load version 2 under rip. This should correct your issues. Rip 2 is classless protocol and supports VLSM as apposed to Rip version 1 which is classful and doesn't support VLSM. (Variable Length Subnet Mask) Ronnie Jack Lane wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Thanks for the quick response. Here is the current setup: Router2501A: Router rip version 2 network 172.16.0.0 network 192.168.1.0 no auto-summary Router2502A: router rip redistribute connected network 172.16.0.0 Router2524A: router rip redistribute connected network 172.16.0.0 network 192.168.2.0 Any further ideas? Thanks, Jack Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51499t=51483 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cat 4000 Series Power Supply Question [7:50510]
Yes The power supplies are hot-swappable. Firesox wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Could please someon confirm the additional power supply the existing cat 4000 serires switches are hot-swappable? For example for 4006, I can plug in the third power supply without disrupting the operation. for 4003, 2nd power supply can be added without disrupting the service Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50515t=50510 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT - PPPOE on a PIX [7:50085]
I have PPPoE working on a 501 PIX no issues with 6.2.1. My MTU size is set to 1500 both inside and outside. I never adjusted the default settings. mtu outside 1500 mtu inside 1500 Ronnie Rik Guyler wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Has anybody had a problem with PPPOE on a PIX 506 running 6.2(1) code? My problem appears to be MTU-related - I can PING all day but HTTP only brings up about a third of the sites I browse. There is a caveat in the docs about MTU dropping to 1492 with PPPOE, which is supposed to happen automagically but I tried to hard-code it and still the same problem. I opened a case with TAC but the engineer hasn't given me any good info. 6.2(2) is out so I'll try to upgrade it Wednesday but I thought maybe somebody else has run into this before. Rik Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50087t=50085 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: polycom Video Unit [7:49882]
Watch for word wrap Ronnie Michael L. Williams wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Depends on the model, but usually you'll see traffic all into either 128Kbps, 384kbps, 768Kbps or 1.5Mbps We have a Polycom unit that has ISDN and a LAN port, but if you telnet to it's IP on the LAN you get a status page showing H.323 is disabled, so we can't use it on the LAN (at least without a software update or something). But if you Polycam can video conference over IP with it's ethernet port, then it should be standard H.323. I can't recall the ports right off the top of my head, but I'm thinking somewhere in the 2600+ range (I've seen other units that use 2000-2063), but don't quote me on that It's regular IP unicast traffic, but (depending on the model) it's possible to do a multicast streaming presentation (usually you'll use the multicast when you want to broadcast a presentation or video, etc to many viewer but most times you're not in a conference where there are many senders and receivers) HTH, Mike Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Does anyone know what type of traffic a typical Polycom Video Con. unit creates? It it multicast? What ports does it use? Is it standard h.323? I can sniff it, but if anyone has already done their homework on it, it will save me some time. -- RFC 1149 Compliant. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49896t=49882 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: polycom Video Unit [7:49882]
Ronnie Higginbotham wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Watch for word wrap Ronnie Michael L. Williams wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Depends on the model, but usually you'll see traffic all into either 128Kbps, 384kbps, 768Kbps or 1.5Mbps We have a Polycom unit that has ISDN and a LAN port, but if you telnet to it's IP on the LAN you get a status page showing H.323 is disabled, so we can't use it on the LAN (at least without a software update or something). But if you Polycam can video conference over IP with it's ethernet port, then it should be standard H.323. I can't recall the ports right off the top of my head, but I'm thinking somewhere in the 2600+ range (I've seen other units that use 2000-2063), but don't quote me on that It's regular IP unicast traffic, but (depending on the model) it's possible to do a multicast streaming presentation (usually you'll use the multicast when you want to broadcast a presentation or video, etc to many viewer but most times you're not in a conference where there are many senders and receivers) HTH, Mike Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Does anyone know what type of traffic a typical Polycom Video Con. unit creates? It it multicast? What ports does it use? Is it standard h.323? I can sniff it, but if anyone has already done their homework on it, it will save me some time. -- RFC 1149 Compliant. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49897t=49882 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: polycom Video Unit [7:49882]
It is not sending the URL. Go to Cisco.com and do a search on Polycom Video First link http://www.cisco.com/warp/public/788/voip/polycom_video_over_ip.html Ronnie Higginbotham wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Ronnie Higginbotham wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Watch for word wrap Ronnie Michael L. Williams wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Depends on the model, but usually you'll see traffic all into either 128Kbps, 384kbps, 768Kbps or 1.5Mbps We have a Polycom unit that has ISDN and a LAN port, but if you telnet to it's IP on the LAN you get a status page showing H.323 is disabled, so we can't use it on the LAN (at least without a software update or something). But if you Polycam can video conference over IP with it's ethernet port, then it should be standard H.323. I can't recall the ports right off the top of my head, but I'm thinking somewhere in the 2600+ range (I've seen other units that use 2000-2063), but don't quote me on that It's regular IP unicast traffic, but (depending on the model) it's possible to do a multicast streaming presentation (usually you'll use the multicast when you want to broadcast a presentation or video, etc to many viewer but most times you're not in a conference where there are many senders and receivers) HTH, Mike Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Does anyone know what type of traffic a typical Polycom Video Con. unit creates? It it multicast? What ports does it use? Is it standard h.323? I can sniff it, but if anyone has already done their homework on it, it will save me some time. -- RFC 1149 Compliant. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49898t=49882 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PPPOE [7:47827]
Had the same problem. I had some one help me out so I will pass this info on. First you have to be running 6.2 on the firewall on the here is a PDF for cisco's site explaining the PPPoE setup needed http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/config/pixc lnt.htm Here are the commands added to the PIX in a nutshell Commands added to PIX vpdn group pppoe-ISP request dialout pppoe vpdn group pppoe-ISP localname xx vpdn group pppoe-ISP ppp authentication pap vpdn username xx password xx ip address outside pppoe setroute (Allows Pix to receive default route from ISP) Use debug commands in PDF to see if you are having any issues Ronnie Mamoon Dawood wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Dear All, We are facing a problem configuring a PIX firewall as follows: Our customer connects his LAN to the internet using an ADSL modem, the ADSL connects by an ethernet connection to the LAN internet server Ethernet card, the ISP installs a special software called CFOS on the internet server to connect to the internet, this software provide a username and password to be authenticated on the ISP ADSL side, The Internet server gets a dynamic IP address for his WAN side from the ISP, Now, we need to install the PIX between the ADSL modem and the Internet Server, Ethernet 0 of the PIX will be connected to the ADSL, Ethernet 1 will be connected to the Internet server, What we need: 1- We need the PIX to get it's IP address dynamically from the ISP 2- We need the PIX to provide the username and password so that the ISP can authunticate him. Kindly let us know what we shall do, Waiting your response, Kindest Regards, Mamoon Dawood. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47905t=47827 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Configuring Pix with EnterNet DSL [7:43302]
Mark I sent you a email. Brian Here is the config I used on my PPPoE. Works great. Commands added to PIX vpdn group pppoe-sbc request dialout pppoe vpdn group pppoe-sbc localname xx vpdn group pppoe-sbc ppp authentication pap vpdn username xx password xx ip address outside pppoe setroute showing the active PPPoE session** pixfirewall# sh vpdn session PPPoE Session Information (Total tunnels=1 sessions=1) Remote MAC is 00:10:67:00:B1:AD Session state is SESSION_UP Time since event change 97811 secs, interface outside PPP interface id is 1 16269 packets sent, 16820 received, 1464059 bytes sent, 0 received *showing the route received for my ISP** pixfirewall# sh ip address outside pppoe PPPoE Assigned IP addr: 65.67.102.20 255.255.255.255 on Interface: outside Remote IP addr: 65.67.103.254 This is now my default route. Once I reboot my pix it takes about 3 to 4 minutes to restore a active PPPoE session. Mark Odette II wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Brian... I'd be interested to hear what your results are... as the documentation for 6.2 says that it only supports PPPoE/DHCP connections on the 501 and 506 models of PIX. If you get it to work on the 515, that would be good to know. Since you changed GSPs, does that mean that you don't have to worry about PPPoE, and you just simply get a Dynamic IP straight off the wire?? Only reason I ask is, I have SWB DSL, and it's the Enhanced service, which simply means I get 5 static IPs assigned to me. The technical difference for my CPE connecting to them, whether it be a Cisco Router or the PIX, is that I don't have to configure the User ID/Password Authentication stuff anymore which was something I had to do with the Basic Service, and it was dependent upon PPPoE. Anyway... let us know how you do! Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Brian Zeitz Sent: Monday, May 06, 2002 11:31 AM To: [EMAIL PROTECTED] Subject: RE: Configuring Pix with EnterNet DSL [7:43302] I am going to try to hook up a Pix to an ADSL line with a dynamic IP, this should be interesting. In the past I have tried Microsoft ISA SERver 2000 Enterprise with ADSL, it had a lot of trouble binding the packet filters cause the IP was dynamic. The fix, install a Netgear router before the firewall. Also for PPPoE testing purposes, Windows XP has the PPPoE stuff built in it. All you need is a XP machine, and a DSL Modem. Use BroadBand connection when creating an internet connection. Good when the service provider INSISTs that you have 1 PC hooked up to the DSL modem. Even though you own a business account. This is the biggest scam in the book, but I don't pay the bill ;) Now, I am going to try a Pix 515U, with an ADSL dynamic IP. I am not sure what the results will be. I could buy another cheapy router, but just to learn it, and see what results I get, im going to hook it up to the DSL line. This is just for development. Eventually I will get real cisco routers. Also I had verizon change my ADSL Global Service provider. I was having some routing problems within verizons network. Now I have Qwest, and everything is cool. So ill try the pix with the new GSP. If anyone wants to contact me about ADSL or pIx 515 stuff, feel free. -Original Message- From: Mark Odette II [mailto:[EMAIL PROTECTED]] Sent: Saturday, May 04, 2002 3:20 PM To: [EMAIL PROTECTED] Subject: RE: Configuring Pix with EnterNet DSL [7:43302] Ronnie- I assume you are referring to the fact that your DSL is PPPoE DSL (You have to install the EnterNet DSL software on your computer if you want to access the DSL Gateway and connect to the internet (which also means you use a User Name/Password combination to connect) correct!?! If so, what model PIX do you have? The 501/506 models support PPPoE under 6.2.1. The following link should get you started http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/config/ pixc lnt.htm Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ronnie Higginbotham Sent: Saturday, May 04, 2002 10:32 AM To: [EMAIL PROTECTED] Subject: Configuring Pix with EnterNet DSL [7:43302] I am new to the Pix setup has anybody configured a PIX with EnterNet DSL setup. Any config help would be appreciated. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43441t=43302 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Configuring Pix with EnterNet DSL [7:43302]
Got it working Mark. Thanks for your help. Ronnie Higginbotham wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Thanks again Mark. Right now I working on licensing with Cisco because I need to upgrade my PIX code to 6.2 which supports PPPoE. Then I will give it a try. I was trying to get it working without the Enhanced DSL at this time. Ronnie Mark Odette II wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Keep in mind that you will be *REPLACING* your workstation with the PIX for PPPoE connectivity. You will no longer need the client software on your workstation; your workstation(s) will be on whatever Private Subnet you choose/assign to the 'Inside Interface', and PAT or NAT Overload on the 'Outside Interface' will be the way the workstation(s) reach the internet. With that in mind, you should be able to figure out the configuration of the PIX, as it's pretty straight forward. For myself, I have the Enhanced DSL package from Ma Bell, which means I don't have to worry about PPPoE, and I get 5 IPs for home use. Before I used the PIX though, I had a 1750 with the WIC-1ENET card configured, and similar VPDN commands were used to make the PPPoE negotiation work under the Basic DSL account I started out with. For this reason, this is why I think you shouldn't have a problem getting it working. Good luck! Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ronnie Higginbotham Sent: Saturday, May 04, 2002 4:21 PM To: [EMAIL PROTECTED] Subject: Re: Configuring Pix with EnterNet DSL [7:43302] Yes Mark I was referring to the PPPoE. I have the client loaded on my PC and cannot pass through the PIX. However I can ping the PIX inside address. I have the 501 just for home use. Thanks for the link. I searched the site and could find anything like this. Let me try this stuff and I will let you know what happens. When I launch the client I cannot find the server. Thanks for you help. Ronnie Mark Odette II wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Ronnie- I assume you are referring to the fact that your DSL is PPPoE DSL (You have to install the EnterNet DSL software on your computer if you want to access the DSL Gateway and connect to the internet (which also means you use a User Name/Password combination to connect) correct!?! If so, what model PIX do you have? The 501/506 models support PPPoE under 6.2.1. The following link should get you started http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/config/pixc lnt.htm Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ronnie Higginbotham Sent: Saturday, May 04, 2002 10:32 AM To: [EMAIL PROTECTED] Subject: Configuring Pix with EnterNet DSL [7:43302] I am new to the Pix setup has anybody configured a PIX with EnterNet DSL setup. Any config help would be appreciated. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43339t=43302 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Configuring Pix with EnterNet DSL [7:43302]
I am new to the Pix setup has anybody configured a PIX with EnterNet DSL setup. Any config help would be appreciated. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43302t=43302 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Configuring Pix with EnterNet DSL [7:43302]
Yes Mark I was referring to the PPPoE. I have the client loaded on my PC and cannot pass through the PIX. However I can ping the PIX inside address. I have the 501 just for home use. Thanks for the link. I searched the site and could find anything like this. Let me try this stuff and I will let you know what happens. When I launch the client I cannot find the server. Thanks for you help. Ronnie Mark Odette II wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Ronnie- I assume you are referring to the fact that your DSL is PPPoE DSL (You have to install the EnterNet DSL software on your computer if you want to access the DSL Gateway and connect to the internet (which also means you use a User Name/Password combination to connect) correct!?! If so, what model PIX do you have? The 501/506 models support PPPoE under 6.2.1. The following link should get you started http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/config/pixc lnt.htm Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ronnie Higginbotham Sent: Saturday, May 04, 2002 10:32 AM To: [EMAIL PROTECTED] Subject: Configuring Pix with EnterNet DSL [7:43302] I am new to the Pix setup has anybody configured a PIX with EnterNet DSL setup. Any config help would be appreciated. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43308t=43302 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Layer2 Layer3 or Hardware problem? [7:42391]
Joe, I had the exact same problem but in a larger environment. Some client on one subnet would get disconnected while other did not. After hours and days of troubleshooting and this is what we found out. 1.) As400 needed some PTF files applied for the TCP/IP stack (Basically applied patches to the AS400) 2.) Also the NIC on the 400 was running 2 frame types 802.2 and 802.3. What we found in the sniffer trace was the AS400 would send out a 802.3 frame every once and a while and cause the switch to re-arp and client would lose the telnet session to the 400. I cannot pin point a single client or segment I did not know how it dropped this person and not this one. Once we remove one of the frame type to stop the re-arp. No more problem. No I cannot say the PTF applied to the 400 did not fix the problem also. Some thing to look at. I am curious to see if anyone else has had a problem? Ronnie Joe Morabito wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all. I have a real world problem and would like some thoughts, here it goes. Client has a central site with 7 remote locations. Central site has a 6513 with MSFC2, all sites have T1 in. Eigrp is used between sites and is fine. At the central site lies an AS/400 that all remote sites connect into (users use IBM client access). All is IP no SNA anywhere. What happens is at one and only one location users get bounced out of there session about 4 or 5 times a day. They have full connectivity to the central site, just no AS/400. So I was at the remote site where the problem exists, could ping the as400 fine. So I waited for a blackout, it came. When the users were bounced I tried to ping the as400 and was unsuccessful. I tried to ping the central router and was good, I tried to ping the vlan ip address that the as400 was in, that was good. I even tried to ping other computers in the same subnet as the as400 and that was good. Tried to ping the as400 again and that was NO good. These outages only last a couple of minutes and then it comes back up. There is NO route flapping. All eigrp neighbors stay put and all routes stay put. What is really strange is that this happens only from one remote location, all other locations are fine. The as400 has only one NIC (ehternet) and all other sites connect to the same IP address. So where is the problem? I checked the port the as400 was plugged into and found some errors, I found out that the port was set to 100/full and the as400 nic was set to 100/half, so I adjusted the port on the switch to 100/half. But if this was the problem, wouldn't all sites have trouble? Could the switch possibly be aging out its cam table to the remote site that is having problems? I don't remember if they blacked out again after changing the duplex (I had been staring at debugs for about 8 hours). I called TAC and bumped up the outbound queue size to the site that is having problems, but haven't had a chance to call them back. Any suggestions? Thanks. -Joe [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42399t=42391 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Networkers in San Diego [7:42402]
Yes. Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Is anyone attending Networkers in San Diego this year? Just curious. -- RFC 1149 Compliant Get in my head: http://sar.dynu.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42409t=42402 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CID [7:30456]
Focus on the CID book. You need to know the SNA backward and forward. I had alot of questions on it. I used boson test 1 to help me find my weakness and where to focus my studies. Do not underestimate the test it is tough but doable. Ronnie Juan Blanco wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Team, I am studying to take the CID test in about two weeks, I am using the following books: Cisco - CID Exam Certification Guide and Cisco - Internetwork Design The problem that I am having is that there is a lot of overlapping with these two books but a the same time some gaps for example. The CID-Exam book has a lot of materials in SNA The Internetwork Design has a lot of materials on Microsoft and Frame relay Question, which one is the correct one.The one in which I really should concentrate for my test... Both books are very good to have as a reference besides using them for the test. Thanks, JB Juan Blanco MCSE, CCNA, CCNP, CCDA Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30461t=30456 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]