RE: cmd. to test all 7 layers of the OSI?? [7:44157]

2002-05-14 Thread Sean Knox 

Telnet and ftp both work at the application layer. You are correct.


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Cisco Nuts
> Sent: Tuesday, May 14, 2002 12:15 AM
> To: [EMAIL PROTECTED]
> Subject: cmd. to test all 7 layers of the OSI?? [7:44157]
> 
> 
> Hello,What is the command that tests all 7 layers of the 
> OSI?My answer is
> any protocol that works at the Application layer including telnet, ftp
> etc. But my coworker thinks it's only telnet?Anyone with 
> ideas??Thanks!
> 
> --
> --
> 
> Chat with friends online, try MSN Messenger: Click Here
> [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=44187&t=44157
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE communication and services [7:43714]

2002-05-10 Thread Sean Knox 

The lab is not the same for all three. As nrf has repeatedly tried to tell
you, they are three SEPARATE tracks. To achieve the R/S CCIE, you need to
pass the R/S written and the R/S CCIE Lab. To get your C/S CCIE, even if you
already have, say, you R/S CCIE *completed*, you still need to complete the
C/S written then take the C/S lab.

Sean

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Friday, May 10, 2002 5:07 AM
> To: [EMAIL PROTECTED]
> Subject: Re: CCIE communication and services [7:43714]
>
>
> Sorry, I guess that wasn't very clear. Suppose you attain an
> R/S CCIE and
> now wish to go for security or C/S. As the lab is the same
> for all three, is
> it necessary to keep retaking the lab or will the written be enough? I
> assume you probably do have to take the lab again, however
> since it is the
> same test you have already passed,it  just seems redundant.
>
> nrf wrote:
> >
> > Uh, what?  I don't understand your question.  If you're saying
> > that you're
> > thinking that you can just keep getting more than one C/S CCIE
> > by taking
> > that lab over and over again (but by passing different C/S
> > writtens), then
> > the answer is absolutely not.  Contrary to what many people
> > believe, there
> > are no different 'flavors' of the C/S.  There is only 1 C/S
> > CCIE, and you're
> > either a C/S CCIE or you're not.   And really, this makes
> > perfect sense,
> > since there is only one unified C/S lab which every C/S
> > candidate takes, no
> > matter which written he/she passed.
> >
> >
> >
> >
> > ""Jason Owens""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Based on your post above, as the lab is the same general
> > knowledge, would
> > > you need to keep taking it, providing you have passed it
> > once, to get more
> > > than one CCIE? Or would the various written exams suffice?
> > Just curious.
> [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43838&t=43714
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: what do the following sentences mean? [7:43803]

2002-05-09 Thread Sean Knox 

Autonomous switching is one of several switching types available. Process
switching is the slowest (main system processor has to switch the packets,
very slow) and autonomous is one of the faster switching methods (packets
match a cache entry and are switched on the interface processor itself).
Certain factors determine which switching method(s) are available; for
example turning on debugging automatically selects process switching. ACLs
also slow things down; ACLs require the router to inspect each packet that
comes through an interface. As far as to the specifics of ACLs and switching
interaction, I don't have much to offer. Here's a quick primer on switching
types:

Check out
http://www.cisco.com/univercd/cc/td/doc/product/software/ios11/rbook/rswitch
.htm

I would recommend "Inside the Cisco IOS Software Architecture" available
from Cisco press.
http://www.ciscopress.com/catalog/product.asp?product_id={44BD9713-382F-48A1
-B113-E4A8D0FF4F22}



> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> mlh
> Sent: Thursday, May 09, 2002 8:02 PM
> To: [EMAIL PROTECTED]
> Subject: what do the following sentences mean? [7:43803]
>
>
> Hi, there,
>
> Could any body can tell me what the following two sentences mean?
>
> 1. An interface using an extended IP access list cannot be
> autonomously
> switched;
>
> 2. Dynamic access lists cannot be silicon switched and may
> affect silicon
> switching performance.
>
> both of them are excerpted from page 880 of Routing TCP/IP vol.1.
>
> Thanks.
>
> mlh




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43809&t=43803
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

New CCNA test harder than originally thought? [7:43805]

2002-05-09 Thread Sean Knox 

My roommate took the 640-607 today (new CCNA test). Unfortunately, he didn't
pass. We discussed afterwards the material he saw on the test. I was
surprised at the "depth" (relative to CCNA level) necessary on a variety of
subjects- a good deal, from my experience (and probably everyone else's)
reserved for CCNP level. Detail to subjects such as Spanning Tree, WAN
protocols, and routing protocols and theory were included. While much
material from the original test still applies, it sounds that this test
really did get a "revamp." I think this is *good* for the CCNA and CCNA
holders, but of course to candidates studying for their CCNA it's another
hurdle. :) In fact, my roommate had literally just finished studying for the
CCNA when the new version came out. Guess I didn't help him prep as much as
I should have. D'oh!

Anyone on the list have *first-hand* experience with the new CCNA test? What
do you think?

Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43805&t=43805
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Immdeiate Assistance is Reaquired! [7:43449]

2002-05-06 Thread Sean Knox 

Minor quibbles/comments, see inline

> > 1-We just want that no user traffic should directly go to
> router and only
> > the traffic that is coming through Proxy Server should
> reach the router.
>
> Router(config)#access-list 1 permit  0.0.0.0
> Router(config)#interface Fast0
> Router(config-if)#ip access-group 1 in
>
> This would only allow traffic coming from the proxy server to
> be allowed
> into the router via the FastEthernet... modify as needed.

It should be blatantly obvious (to Cisco people anyway), but make sure you
replace the 0.0.0.0 with the address of your proxy server. :) 0.0.0.0
equates to "any host."

> > 3- We want to stop Telnet. No ne should be able to telnet
> it. We only want
> > to configure router through Console Port.
>
> The easiest way to prevent telnet access to the router is to
> simply not
> assign a password (or remove an existing password) on the VTY
> lines.  I see
> in your config you have a password on the VTY lines.  Remove
> it like so:
>
> Router(config)#line vty 0 4
> Router(config-line)# no password
>

I agree this is the easiest way to simply disable telnet, but for security
purposes, I would instead use another ACL to block - it's better than some
random person being able to identify your Cisco router immediately from the
"No password" dialog... of course with some additional knowledge of IP and
Cisco, one can determine it's a Cisco router, but at least this stops casual
users. Plus, with an open port (i.e., Telnet=23), a port scan could perform
some OS fingerprinting and other recon on your box. Here's an example...
blocked internal LAN access to the telnet as well as outside with this.

Router(config)access-list 100 deny any eq telnet
Router(config)access-list 100 permit 10.1.1.1 <--- Proxy server ip
Router(config-if)#ip access-group 100 in <--- LAN interface
Router(config)access-list 101 deny any eq telnet
Router(config)access-list 101 permit any any
Router(config-if)#ip access-group 101 in <--- WAN interface

Simple, but works.

Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43467&t=43449
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MPLS on existing routers [7:43414]

2002-05-06 Thread Sean Knox 

This might help:

http://www.cisco.com/warp/public/cc/pd/rt/2600/prodlit/1575_pp.htm

Goes over some MPLS terminology and concepts as well as the product lines
needed to accomplish various roles on the MPLS network (CE, PE, P).

Sean

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Michelle T
> Sent: Monday, May 06, 2002 11:35 AM
> To: [EMAIL PROTECTED]
> Subject: MPLS on existing routers [7:43414]
>
>
> Folks,
>
> I would like to mess around with MPLS, both Traffic
> Engineering and MPLS
> based VPN's if possible. However, the routers I have may or
> may not be able
> to do any MPLS. I've got some 2509's, a 2600, and some
> 4000-M's. Does anyone
> know what code levels I would need? I can figure out the
> memory and flash
> requirements if I can just figure out what minimum code level to run.
>
> Thanks,
>
> Michelle
> [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43423&t=43414
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CSS1 [7:43405]

2002-05-06 Thread Sean Knox 

I will sign up too. Also check out www.securityie.com for some good content.

Sean

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Brian Zeitz
> Sent: Monday, May 06, 2002 10:28 AM
> To: [EMAIL PROTECTED]
> Subject: CSS1 [7:43405]
> 
> 
> I started a yahoo group called CSS1 if anyone is interested. Currently
> it has 1 member, me :-)
> [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43413&t=43405
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE in 3-6 Months from cisco Interesting [7:43306]

2002-05-05 Thread Sean Knox 

It all depends on the person and in turn, their motivation, prior experience
and current knowledge. It can be done (although I think the end result would
be ridiculous).

If you love networking and technology, you're a huge step ahead.

Sean

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> FREDL L AZARES
> Sent: Sunday, May 05, 2002 8:27 PM
> To: [EMAIL PROTECTED]
> Subject: Re: CCIE in 3-6 Months from cisco Interesting [7:43306]
>
>
> You got to be kidding 3-6 months for CCIE. It's taking us labrats
> at Network Academies two years to make CCNP. Maybe for those
> who are already CCNPs.
>
> On Sat, 4 May 2002 20:27:31 -0400 "Steven A. Ridder"
>  writes:
> > Hey, it's a good sign that they're hiring, but I can guarantee that
> > no
> > recent college grad can get a CCIE in 6 months with little to no
> > experience.
> > It must be a typo.
> >
> > --
> >
> > RFC 1149 Compliant.
> > Get in my head:
> > http://sar.dynu.com
> >
> >
> > ""Johnzaggat""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Join Cisco and get CCIE in 3-6 months. Must be a typo.
> > >
> > >
> >
> http://www.cisco.com/pcgi-bin/jobs/JobAgent?rm=jobdetail&req_i
d=703608&ke
ywo
> > rds=+
> [EMAIL PROTECTED]
>


GET INTERNET ACCESS FROM JUNO!
Juno offers FREE or PREMIUM Internet access for less!
Join Juno today!  For your FREE software, visit:
http://dl.www.juno.com/get/web/.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43371&t=43306
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE in 3-6 Months from cisco Interesting [7:43306]

2002-05-05 Thread Sean Knox 

I believe you may be confusing this with the CCSI... I believe instructors
require a higher pass rate to become CCSI certified...can anyone verify?

Sean

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Wow
> Sent: Saturday, May 04, 2002 2:18 PM
> To: [EMAIL PROTECTED]
> Subject: Re: CCIE in 3-6 Months from cisco Interesting [7:43306]
>
>
> not sure if this is still true (or if it ever was) but i had
> heard that
> cisco has higher standards for certs for empolyees.  That the
> passing score
> on most of the tests for an employee is higher than for the
> rest of us.
>
>
>
> ""Johnzaggat""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Join Cisco and get CCIE in 3-6 months. Must be a typo.
> >
> >
> http://www.cisco.com/pcgi-bin/jobs/JobAgent?rm=jobdetail&req_i
> d=703608&keywo
> > rds=+
> [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43344&t=43306
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Free Sniffer download [7:43297]

2002-05-04 Thread Sean Knox 

Sniffer, as in the program from NA, is not available for a free download
(quite expensive actually). Ethereal, available at www.ethereal.com, IS free
and available for Windows and *NIX.

Sean

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Greg Owens
> Sent: Saturday, May 04, 2002 6:20 AM
> To: [EMAIL PROTECTED]
> Subject: Free Sniffer download [7:43297]
>
>
> I am searching for a Sniffer Download
> [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43303&t=43297
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VLAN Load balancing [7:43265]

2002-05-03 Thread Sean Knox 

Correct me if I'm wrong, but VLAN priorization isn't really load balancing-
you are just forcing VLANS over a preselected path. It does not take into
consideration that one VLAN may utilize more bandwidth than another.

Sean


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> MADMAN
> Sent: Friday, May 03, 2002 3:05 PM
> To: [EMAIL PROTECTED]
> Subject: Re: VLAN Load balancing [7:43265]
>
>
> Yes.  An example would be two core 6500 trunked together.  You have
> switches in the closets, one uplink to 6500A the other to 6500B.  Set
> priority on even VLAN/s to A odd to B.
>
>   Dave
>
> "Steven A. Ridder" wrote:
> >
> > Does anyone do any VLAN load balancing via STP in the real
> world?  I've
> > never seen it yet, and am just curious if it's ever done.
> >
> > --
> >
> > RFC 1149 Compliant.
> > Get in my head:
> > http://sar.dynu.com
> --
> David Madland
> Sr. Network Engineer
> CCIE# 2016
> Qwest Communications Int. Inc.
> [EMAIL PROTECTED]
> 612-664-3367
>
> "Emotion should reflect reason not guide it"
> [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43278&t=43265
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE Power Session 2000 WAS RE: Networkers in San Diego [7:42508]

2002-04-24 Thread Sean Knox 

Are there any discounts for the CCIE power session aside from
education/gov.'t? My company isn't paying for it, and I'd heavily prefer not
to pay $450 (the $295 discount price is ok).

- Sean

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Daniel Cotts
Sent: Wednesday, April 24, 2002 3:53 PM
To: [EMAIL PROTECTED]
Subject: CCIE Power Session 2000 WAS RE: Networkers in San Diego
[7:42474]


Here's the URL for the CCIE Power Session for the 2000 Networkers. See if it
is useful for you.
padding
padding
http://www.cisco.com/networkers/nw00/pres/3304/3304.htm

> -Original Message-
> From: Logan, Harold [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, April 24, 2002 4:59 PM
> To: [EMAIL PROTECTED]
> Subject: RE: Networkers in San Diego [7:42402]
>
>
> I'm trying to take the Monday one too. I don't know if I'll be able to
> though, because there are pseudo-mandatory networking academy
> events going
> on monday. Two of our other instructors are going though, so
> I'm going to
> try and get them to take one for the team while I do the CCIE
> power session.
> There's a second power session on friday, but it looks like
> I'm going to
> have to leave Thursday night.
>
> As for whether or not they're helpful, I've never been to
> networkers before.
> My only source of feedback from networkers is one of our
> instructors went
> last year, but he didn't do any of the power sessions.
>
> For the breakout sessions I'm going to try and take at least
> one that's on
> something I'm not even remotely knowledgeable of (probably
> MPLS) and I'll
> attend others on topics I'm weak on that are more likely to
> show up on the
> lab, as my lab date is in july.
>
> For those who went last year, did they have the CCIE power
> session then, and
> would you recommend it?
>
> Hal




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=42508&t=42508
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Secret Clearance [7:42499]

2002-04-24 Thread Sean Knox 

I'm sure someone will respond with a much detailed response, but in the
meantime, know that secret clearance is a very expensive, time consuming
process at the very least. Don't think it's like a Cisco cert that you can
just study or apply for. Usually people already have it from past jobs,
military experience, etc. Sponsorship by your employer is generally required
to attain TS. If a job description asks for TS clearance and you don't have
it, don't waste your time applying.

Sean

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
nilesh bothra
Sent: Wednesday, April 24, 2002 10:16 PM
To: [EMAIL PROTECTED]
Subject: Secret Clearance [7:42499]


how does one go about getting a secret clearance.

is there a website with this info

what are the requirements

nilesh




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=42506&t=42499
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

"Foreign" job sites? (Non-North American) [7:41927]

2002-04-19 Thread Sean Knox 

Hi all, where can I find links to out of county job sites? (in particular,
Japan)Dice and Monster just are not cutting it and I was hoping some list
members could provide some insight.

Thanks,
Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41927&t=41927
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX VPN Connection to Linksys Router [7:41821]

2002-04-18 Thread Sean Knox 

I only took a cursory glance at this thread, but it might be of use.

Check it out:

http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&CommCmd=MB%3Fcmd
%3Ddisplay_location%26location%3D.ee78ecb/1

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Craig Columbus
Sent: Thursday, April 18, 2002 7:39 AM
To: [EMAIL PROTECTED]
Subject: PIX VPN Connection to Linksys Router [7:41821]


Here's the deal:
I've got a PIX that serves as a security gateway for a Cisco VPN Client
3.1.  Settings are basically DES/MD5/ESP with pre-shared key.  Part of the
VPN3.1 client requires vpngroup name, as defined in the configuration on
the PIX.
I just bought one of the Linksys BEFVP41 VPN routers to test connectivity
to the PIX.  The Linksys doesn't understand vpngroup associations, so I
need to configure the PIX to also allow the connection based solely on
pre-shared key.
I think I've got it configured properly, and VPN Client-to-PIX connections
work fine, but negotiations break down at phase 2 when connecting with the
Linksys.  It's probably something simple that I'm missing because I've been
staring at it too long.  Anyone have any ideas?

PIX relevant config (sanitized):

access-list bypassingnat permit ip 10.0.0.0 255.0.0.0 192.168.100.0
255.255.255.0
ip local pool mypool 192.168.100.1-192.168.100.254
nat (inside) 0 access-list bypassingnat
sysopt connection permit-ipsec
no sysopt route dnat
crypto ipsec transform-set strong esp-des esp-md5-hmac
crypto dynamic-map users 11 set transform-set strong
crypto map remote 11 ipsec-isakmp dynamic users
crypto map remote client configuration address initiate
crypto map remote client configuration address respond
crypto map remote interface outside
isakmp enable outside
isakmp key  address 0.0.0.0 netmask 0.0.0.0
isakmp identity address
isakmp client configuration address-pool local mypool outside
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption des
isakmp policy 10 hash md5
isakmp policy 10 group 1
isakmp policy 10 lifetime 86400
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 86400
vpngroup vpn3000 address-pool mypool
vpngroup vpn3000 dns-server 10.x.x.x
vpngroup vpn3000 default-domain 
vpngroup vpn3000 idle-time 1800
vpngroup vpn3000 password 

Debug from PIX (sanitizedy.y.69.129 is the Linksys, x.x.67.2 is the
public interface of the PIX):

crypto_isakmp_process_block: src y.y.69.129, dest x.x.67.2
OAK_MM exchange
ISAKMP (0): processing SA payload. message ID = 0

ISAKMP (0): Checking ISAKMP transform 1 against priority 10 policy
ISAKMP:  encryption DES-CBC
ISAKMP:  hash SHA
ISAKMP:  auth pre-share
ISAKMP:  default group 1
ISAKMP:  life type in seconds
ISAKMP:  life duration (VPI) of  0x0 0x1 0x51 0x80
ISAKMP (0): atts are not acceptable. Next payload is 3
ISAKMP (0): Checking ISAKMP transform 2 against priority 10 policy
ISAKMP:  encryption DES-CBC
ISAKMP:  hash MD5
ISAKMP:  auth pre-share
ISAKMP:  default group 1
ISAKMP:  life type in seconds
ISAKMP:  life duration (VPI) of  0x0 0x1 0x51 0x80
ISAKMP (0): atts are acceptable. Next payload is 3
ISAKMP (0): SA is doing pre-shared key authentication using id type
ID_IPV4_ADDR
return status is IKMP_NO_ERROR
crypto_isakmp_process_block: src y.y.69.129, dest x.x.67.2
OAK_MM exchange
ISAKMP (0): processing KE payload. message ID = 0

ISAKMP (0): processing NONCE payload. message ID = 0

return status is IKMP_NO_ERROR
crypto_isakmp_process_block: src y.y.69.129, dest x.x.67.2
OAK_MM exchange
ISAKMP (0): processing ID payload. message ID = 0
ISAKMP (0): processing HASH payload. message ID = 0
ISAKMP (0): SA has been authenticated

ISAKMP (0): ID payload
 next-payload : 8
 type : 1
 protocol : 17
 port : 500
 length   : 8
ISAKMP (0): Total payload length: 12
return status is IKMP_NO_ERROR
crypto_isakmp_process_block: src y.y.69.129, dest x.x.67.2
OAK_QM exchange
ISAKMP (0:0): Need config/address
ISAKMP (0:0): initiating peer config to y.y.69.129. ID = 3267015605
(0xc2bab3b
5)
return status is IKMP_NO_ERROR
crypto_isakmp_process_block: src y.y.69.129, dest x.x.67.2
ISAKMP (0): retransmitting phase 2...
crypto_isakmp_process_block: src y.y.69.129, dest x.x.67.2
ISAKMP (0): retransmitting phase 2...
crypto_isakmp_process_block: src y.y.69.129, dest x.x.67.2

Finally it just times out trying to retransmit phase 2.

Thanks in advance!

Craig




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41913&t=41821
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MBA or CCIE [7:41809]

2002-04-18 Thread Sean Knox 

Sure, there are plenty of companies that would hire a CCIE, but you have to
remember, a CCIE has is supposed to have years of experience in large,
complex routing and switching setups. A "real" CCIE, or should I say, a CCIE
with plenty of experience (i.e., the exact demographic the cert is supposed
to appeal to), will have no problem finding work or consulting. Pay varies,
but work is out there for senior positions, even here in southern california
(as I pleasantly discovered).

The point to take home that has been emphasized many times is the dot.bomb
days are over, and you can't secure a 6 figure salary on basis of a CCIE
alone. I believe someone in the group said earlier, "you'll get laughed out
of a technical interview if you are a CCIE with only couple years of IT
experience (or less)." I would agree for the most part.

I was actually heading towards my CCIE, but after getting my CCNP, I am
content with that for now and and getting more experience (fortunately I am
not some new wide-eyed kid in the field and have been doing this awhile).
Congrats on your decision to pursue your MBA and I wish you luck.

Sean

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Ladrach, Daniel E.
Sent: Thursday, April 18, 2002 6:31 AM
To: [EMAIL PROTECTED]
Subject: RE: MBA or CCIE [7:41809]


I was considering both options I have a MIS degree from The Ohio
State University. After getting my CCNP and working for a large ISP and
seeing a co-worker pass the lab and get nothing but a pat on the back from
our company; I made the decision to enroll in an MBA program this fall.
After carefully reviewing my options, I did not want to put myself in such a
nich market. I think you need to ask yourself where can you go with a CCIE?
ISP, Consult, work for yourself. I know there are other companies that would
hire a CCIE but you probably would not be utalized to your full potential.
Also, a MBA does not expire and if you ever want to be a CTO or CIO most
likely you are going to need the education. I have debated this same topic
with my friends and co-workers and there is no easy answer. I think it is
personal preference but I will say a few things about the CCIE, salaries are
coming down due to the fact that there are more CCIE's(some are not the
experts they should be). The only reason I say this is once you get your
CCIE you should be an expert hence Internetworking Expert. I know people may
disagree with some of these statements, but I have seen some CCIE candidates
that have issues with basic skills.

Daniel Ladrach
CCNA, CCNP
WorldCom


> -Original Message-
> From: Antonio Montana [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, April 18, 2002 5:07 AM
> To: [EMAIL PROTECTED]
> Subject: OT: MBA or CCIE [7:41809]
>
>
> Hi all,
>
> Maybe this topic is discussed several times but I still can't
> decide wether
> to go for the CCIE or to go back to a good business school for MBA.
>
> I am doing networking for 3 yrs now and can see that it's
> getting harder to
> find a good. Have all Cisco cert's except of the "lab" and some others
> Microsoft, Novell etc. and a Computer Science degree.
> The problem is, that here, in europe, some CCIE's are doing
> jobs like System
> or Network Administration, which is indeed not well paid at
> all. It's just
> like creating some user logins, assigning and administering
> IP addresses and
> do some entries or changes on DNS or even Exchange Servers.
>
> Ok I understand that, it's better than being unemployed.
> But is this a CCIE job ?? Really don't think so.
>
> I don't know when the telco market is going up again, but I
> really think
> about going to school and getting a management education.
> Jobs for MBA's are still there.
>
> Who knows if and when the market will give back the CCIE's
> the recognition
> they earn ?!?
>
> So, should I stop my track towards the CCIE and go to the
> "dark side" ??
>
> What do you think guys ??
>
> cheers
> tony




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41833&t=41809
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Stupid Question time [7:41465]

2002-04-16 Thread Sean Knox 

I agree. Shaun mentioned that he prefers the written form over a test engine
for studying; that's understandable. Like Brian, I prefer multiple sources,
multiple formats. When studying for an exam, I generally use a Boson quiz or
two initially to see my strengths and weaknesses, and then prep using a
variety of books and text on the internet, and then finish up with some more
Boson or flash card quizes before I take an exam.

Also, as Brian mentions, Boson is the only way for many of the
specializations, such as the security or voice tests- most companies only
focus on CCNA/CCNP/CCIE.

-Sean

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Brian Zeitz
Sent: Tuesday, April 16, 2002 1:36 PM
To: [EMAIL PROTECTED]
Subject: RE: Stupid Question time [7:41465]


I have an un-bias opinion. For some of us who have already done a few
exams, Boson is the only choice. Do you have test software for PIX, VPN,
CVOICE etc.? I don't really use boson, I use books. But for CSS1, I
might need to use them, just to get an idea if I have any weak spots.
There is no 1 source for any exam. I have heard the term, "you get what
you pay for".

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 16, 2002 3:24 PM
To: [EMAIL PROTECTED]
Subject: RE: Stupid Question time [7:41465]

Everybody else is bad except Network Learning, because you work for
Network
Learning and have written materials for CCXX productions?

This is what I call an unbiased, honest opinion!!

A Strobel



Quoting "Kaminski, Shawn G" :

> CCxx Productions, and soon, Network Learning.
>
> Disclaimer: I have written materials for CCxx Productions and am
working on
> stuff for Network Learning
>
> > -Original Message-
> > From:   Michael L. Williams [SMTP:[EMAIL PROTECTED]]
> > Sent:   Tuesday, April 16, 2002 8:18 AM
> > To: [EMAIL PROTECTED]
> > Subject:Re: Stupid Question time [7:41465]
> >
> > Name one alternative that's cheaper AND offers the flexibility,
options
> > (like toggling the "score meter", showing answers ONLY when you're
wrong
> > WITH references to published explanations of the answers), and
quality
> > (not
> > so say I've never seen a wrong answer on a Boson exam, but way
better
> than
> > the quality of a Brainbuzz cramsheet, etc).
> >
> > I don't mean my above comment in a "smart ass" way, because I'd
really be
> > interested in an alternative, but to simply pop into the group and
make
> > such
> > statements without even a single URL or name of what you consider
"much
> > better and less expensive" doesn't lend much credibility to what you
say.
> >
> > Mike W.
> >
> > "Kaminski, Shawn G"  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > What the hell, get them all. In fact, buy two sets since money
seems to
> > be
> > > no object to any of you. :-) I still can't understand all the hype
over
> > > Boson when there are much better and less expensive alternatives
out
> > there.
> > > Hell, I've even written materials for Boson/Quizware but still
feel
> that
> > > everyone could pass their exams using less expensive methods. Just
my
> > > opinion because this forum is for helping people out. So look
around a
> > > little before rushing out to buy the "almighty overpriced" Boson.
> > >
> > > Sorry, just a little grumpy this morning. I think I just realized
how
> > > underpaid I really am! Just thankful to have a job right now,
though!
> > >
> > > Shawn K.

-_-_-_ Mail3000 gives you 30 Megs of Email space free -_-_-
This mail sent through http://mail3000.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41684&t=41465
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: WINS replication problem across PPP network [7:41410]

2002-04-15 Thread Sean Knox 

See my previous post where I corrected myself. I was incorrectly equating
netbios with WINS.
Try to read all the posts in a thread before you jump in.

-Sean

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Sunday, April 14, 2002 10:28 PM
To: [EMAIL PROTECTED]
Subject: Re: WINS replication problem across PPP network [7:41410]


IP helper for WINS ?
How is that going to help ? Cisco doesn't understand WINS either....

""Sean Knox""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I'm sure someone can provide a more detailed and accurate answer, but
> hopefully I can help.
>
> WINS is a TCP and UDP protocol. I imagine an IP HELPER-ADDRESS command
might
> be of use here. Try a search for WINS on CCO at www.cisco.com.
>
> hth,
> Sean
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Mayo, Simer
> Sent: Saturday, April 13, 2002 10:19 PM
> To: [EMAIL PROTECTED]
> Subject: WINS replication problem across PPP network [7:41410]
>
>
> I'm having problem with WINS replication to 2 differ servers
> Server 1 in Network 1 in Phx (PDC...WINS Server)
> Server 2 in Network 2 in LA   (BDC...WINS Server)
>
> server1.cisco2600---PPP---cisco2600.server2
>
> The server2 can browse all machines in network 1 and 2 but server 1 cant
see
> network 2.
>
> I have enabled the TCP ports 42 and 135 on both the routers but still no
> success.
>
> The network is NT 4 domain.
>
> Thanks in advance for help
>
> Simer




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41474&t=41410
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: WINS replication problem across PPP network [7:41410]

2002-04-13 Thread Sean Knox 

Incorrectly I said WINS is a TCP and UDP protocol - I was thinking of
netbios. WINS is just TCP.

Sean

-Original Message-
From: Sean Knox [mailto:[EMAIL PROTECTED]]
Sent: Saturday, April 13, 2002 11:13 PM
To: 'Mayo, Simer'; '[EMAIL PROTECTED]'
Subject: RE: WINS replication problem across PPP network [7:41410]


I'm sure someone can provide a more detailed and accurate answer, but
hopefully I can help.

WINS is a TCP and UDP protocol. I imagine an IP HELPER-ADDRESS command might
be of use here. Try a search for WINS on CCO at www.cisco.com.

hth,
Sean

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Mayo, Simer
Sent: Saturday, April 13, 2002 10:19 PM
To: [EMAIL PROTECTED]
Subject: WINS replication problem across PPP network [7:41410]


I'm having problem with WINS replication to 2 differ servers
Server 1 in Network 1 in Phx (PDC...WINS Server)
Server 2 in Network 2 in LA   (BDC...WINS Server)

server1.cisco2600---PPP---cisco2600.server2

The server2 can browse all machines in network 1 and 2 but server 1 cant see
network 2.

I have enabled the TCP ports 42 and 135 on both the routers but still no
success.

The network is NT 4 domain.

Thanks in advance for help

Simer




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41417&t=41410
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: WINS replication problem across PPP network [7:41410]

2002-04-13 Thread Sean Knox 

I'm sure someone can provide a more detailed and accurate answer, but
hopefully I can help.

WINS is a TCP and UDP protocol. I imagine an IP HELPER-ADDRESS command might
be of use here. Try a search for WINS on CCO at www.cisco.com.

hth,
Sean

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Mayo, Simer
Sent: Saturday, April 13, 2002 10:19 PM
To: [EMAIL PROTECTED]
Subject: WINS replication problem across PPP network [7:41410]


I'm having problem with WINS replication to 2 differ servers
Server 1 in Network 1 in Phx (PDC...WINS Server)
Server 2 in Network 2 in LA   (BDC...WINS Server)

server1.cisco2600---PPP---cisco2600.server2

The server2 can browse all machines in network 1 and 2 but server 1 cant see
network 2.

I have enabled the TCP ports 42 and 135 on both the routers but still no
success.

The network is NT 4 domain.

Thanks in advance for help

Simer




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41411&t=41410
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Dialer profile vs. rotary group? [7:41271]

2002-04-12 Thread Sean Knox 

Yes, I'm aware of what the commands are. However, my question asked for
further distinction between dialer profiles and rotary groups.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Michael Williams
Sent: Friday, April 12, 2002 11:07 AM
To: [EMAIL PROTECTED]
Subject: RE: Dialer profile vs. rotary group? [7:41271]


The "interface dialer " command defines a dialer rotary group.
The "dialer rotary-group " command includes an interface in a dialer rotary
group.

(page 235 Cisco BCRAN)

Mike W.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41350&t=41271
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: traffic analyzer [7:41267]

2002-04-12 Thread Sean Knox 

Agreed. Ethereal beats Sniffer Pro, Etherpeek, or any other sniffer I've
used hands down. Best of all, it's free.

Sean

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Patrick Ramsey
Sent: Thursday, April 11, 2002 11:58 PM
To: [EMAIL PROTECTED]
Subject: Re: traffic analyzer [7:41267]


send a linux box configured with X/ethereal and vnc out there and remote
control it from your end!

-Patrick

>>> supernet  04/12/02 12:42AM >>>
Hi Dear Friends,

I have 1 branch office connected to main office by frame relay. I
noticed a lot of traffic across this link and would like to find out
what they are. The problem is I don't have access to the branch office,
therefore, everything has to be done in main office. I tried sniffer
pro, etherpeek and anasil but they only allow me to specify a particular
source IP, not the whole branch office subnet. Is there any other
software I can use?

Thanks.
Yoshi
>  Confidentiality Disclaimer   
This email and any files transmitted with it may contain confidential and
/or proprietary information in the possession of WellStar Health System,
Inc. ("WellStar") and is intended only for the individual or entity to whom
addressed.  This email may contain information that is held to be
privileged, confidential and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient, you are hereby
notified that any unauthorized access, dissemination, distribution or
copying of any information from this email is strictly prohibited, and may
subject you to criminal and/or civil liability. If you have received this
email in error, please notify the sender by reply email and then delete this
email and its attachments from your computer. Thank you.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41279&t=41267
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCDA exam updated- who knew [7:41263]

2002-04-12 Thread Sean Knox 

Do you know what changed exactly? The PIX stuff seems to be a new addition;
I don't remember studying any PIX info when I took the CCDA.

Sean

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Andy Barkl
Sent: Thursday, April 11, 2002 8:42 PM
To: [EMAIL PROTECTED]
Subject: CCDA exam updated- who knew [7:41263]


Guess what?

The DCN (CCDA) exam was updated today with new objectives without prior
announcement or notification.

http://www.cisco.com/warp/public/10/wwtraining/certprog/testing/current_
exams/640-441.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41276&t=41263
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Dialer profile vs. rotary group? [7:41271]

2002-04-11 Thread Sean Knox 

Hey all,

I am confused by the difference(s) between dialer profiles and rotary
groups. All the text I've read seems rather convoluted - physical interfaces
can only be in one rotary group but can exist in many different dialer pools
(if using dialer profiles)? Is that the main difference? Rotary groups seem
to be an outdated configuration solution. Someone please point me in the
right direction...

Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41271&t=41271
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Frame-Relay Problem [7:41250]

2002-04-11 Thread Sean Knox 

Check the clock rate and cabling on both ends. If the clock rate specified
is different than what the module supports, then I believe the line will
come up and go back down. (For example, the WIC-2A/S cards only support a
maximum clock rate of 128K).

* Check cabling (are the DCE and DTE ends correct?)
* Make sure frame-relay intf-type is set correctly on both ends (and cabling
is OK)
* Check clock rate (set on the interface)
* Issue a "no shut" on all frame-relay interfaces on both ends of the PVC.

hth,
Sean

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
PING
Sent: Thursday, April 11, 2002 7:43 PM
To: [EMAIL PROTECTED]
Subject: Re: Frame-Relay Problem [7:41250]


The question is that Caslow says on page-110 that if FR switching is
on, just enabling the encapsulation will bring up the PVC by using
inverse arp. I don't see that happening.

/N

"Engelhard M. Labiro" wrote:

> Ping,
>
> Have you configure the following comands on FR switch ?
> 1. Global config mode : "frame-relay switching"
> 2. Interface config mode: "frame-relay intf-type dce"
>
> - Original Message -
> From: "PING"
> To:
> Sent: Friday, April 12, 2002 10:49 AM
> Subject: Frame-Relay Problem [7:41250]
>
> > If I have this simple net:
> >
> > 3660(FR Switch)---3640
> >
> > I am using NM-4T on both routers.
> > Default (HDLC) encapsulation causes both router serial interfaces to
> > come up. I am trying inverse ARP from Caslow book but as
> > soon as I enable FR (or even PPP) encap, line goes down. 3660 is the DCE
> >
> > and supplying clock.
> > I am not sure if someone has tried NM-4T with FR?
> >
> > /N




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41264&t=41250
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Boson Security Tests? (Cisco Security Specialist 1) [7:41256]

2002-04-11 Thread Sean Knox 

I am thinking of purchasing one of the MCNS Boson tests as well as a Boson
CSPFA test... anyone purchased/used these? Recommendations?

- Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41256&t=41256
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCDP [7:41071]

2002-04-10 Thread Sean Knox 

Doh, forget to include the CCDA! My bad.

Sean

-Original Message-
From: John Nemeth [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 10, 2002 2:23 PM
To: Sean Knox; [EMAIL PROTECTED]
Subject: RE: CCDP [7:41071]


On Aug 31, 11:40am, "Sean Knox" wrote:
}
} You need the CCNA to get the CCNP. So, to summarize:

} - CCDP
} * Valid CCNA
} ** Valid CCNP
} CID test

 Actually, you need valid CCNA, valid CCDA, Routing, Switching,
Remote Access, and CID (see http://www.cisco.com/go/ccdp/ ).  Of
course, once you have all this, you just need one more test
(Troubleshooting) in order to get CCNP as well, so you might as well
get it.

 One curious thing is that you no longer need CCNA to CCDA, i.e. it
is standalone (see http://www.cisco.com/go/ccda/ ).

}-- End of excerpt from "Sean Knox"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41106&t=41071
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCDP [7:41071]

2002-04-10 Thread Sean Knox 

You need the CCNA to get the CCNP. So, to summarize:

- CCNA
CCNA Test, No Prerequisites

- CCNP
* Valid CCNA
Routing, Switching, Remote, and Troubleshooting tests (or foundation)

- CCDP
* Valid CCNA
** Valid CCNP
CID test

The CCIE doesn't require any previous certs.

- Sean
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Ricky Chan
Sent: Wednesday, April 10, 2002 1:09 PM
To: [EMAIL PROTECTED]
Subject: RE: CCDP [7:41071]


No. Just you need CCDA, routing, switching, remote and Design to be CCDP. No
need to have CCNA.

Ricky

-Original Message-
From: Andy Barkl [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 10, 2002 3:32 PM
To: [EMAIL PROTECTED]
Subject: RE: CCDP [7:41071]


You must have the CCNA, CCDA, and the 3 CCNP exams (routing, switching,
and remote access), to qualify for the CCDP.


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 10, 2002 11:48 AM
To: [EMAIL PROTECTED]
Subject: CCDP [7:41071]

As a CCNP with out taking the CCDA exam, will taking the CID allow me
get
the CCDP w/out taking the CCDA?

Regards,

Chris




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41094&t=41071
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ISL Trunking from a h/w's perspective [7:39246]

2002-03-22 Thread Sean Knox 

Yes, you can. You can setup 802.1q trunks on a 10mb interface just as Dave
described. The information you received from Cisco pertains to ISL trunks,
which require a 100mb interface.

Sean

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Danny Andaluz, CCNP
Sent: Friday, March 22, 2002 7:25 PM
To: [EMAIL PROTECTED]
Subject: Re: ISL Trunking from a h/w's perspective [7:39246]


no you can't.  I got straight from cisco that they have to be 100 meg
full-dux interfaces.
""MADMAN""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Actually on some platforms with the right IOS you can trunk 10 meg ports:
>
> C3660B(config)#inter e2/0.1
> C3660B(config-subif)#encap dot1 1
> C3660B(config-subif)#
>
>   Dave
>
> danny wrote:
>
> > The router's ethernet must be 100 full dux.  You configure subinterfaces
on
> > the ethernet.  a trunking protocol must be configured on each sub with
the
> > corresponding vlan #.  The router will route between Vlans.
> >
> > Hope this helps.
> >
> > Danny
> > ""George Siaw""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Thanks for all your responses.
> > >
> > > One last question though. For external router, routing between vlans
if
> > > I have just one FastEthernet interface on the router can I route
between
> > > vlans?
> > >
> > > George.
> > >
> > > -Original Message-
> > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
Of
> > > Scott H.
> > > Sent: 23 March 2002 00:53
> > > To: [EMAIL PROTECTED]
> > > Subject: Re: ISL Trunking from a h/w's perspective [7:39246]
> > >
> > > The only time the SC0 interface comes into play is for telnet into the
> > > box.
> > > If you have any 100 MB ports on your switch, you can run trunking.
> > >
> > > set trunk (mod/port) on isl
> > >
> > > If this trunk is running into a router, you need to create the
> > > subinterfaces
> > > on the router to enable routing between VLANS.
> > >
> > > int fa1/0.100
> > > ip address (the subnet of the vlan)
> > > encap isl (the vlan #)
> > >
> > > HTH,
> > > Scott
> > >
> > > ""George Siaw""  wrote in message
> > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > Do I need an Sc0 port when routing between Vlans? However, there's
no
> > > > uplink module on neither of my supervisor engines. Would you know a
> > > s/w
> > > > work around without having to buy the module?
> > > >
> > > > George.
> > > >
> > > > -Original Message-
> > > > From: Larry Letterman [mailto:[EMAIL PROTECTED]]
> > > > Sent: 23 March 2002 00:17
> > > > To: George Siaw; [EMAIL PROTECTED]
> > > > Subject: RE: ISL Trunking from a h/w's perspective [7:39246]
> > > >
> > > > You dont have to configure SC0 interface to do isl or dot1q. Its
only
> > > > needed
> > > > for management, telnet etc...
> > > >
> > > >
> > > > Larry Letterman
> > > > Cisco Systems
> > > > [EMAIL PROTECTED]
> > > >
> > > >
> > > > -Original Message-
> > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf
Of
> > > > George Siaw
> > > > Sent: Friday, March 22, 2002 3:45 PM
> > > > To: [EMAIL PROTECTED]
> > > > Subject: ISL Trunking from a h/w's perspective [7:39246]
> > > >
> > > >
> > > > Guys,
> > > >
> > > >
> > > >
> > > > Any ideas as how I can configure isl trunking without an Sc0 port on
> > > the
> > > > supervisor engines? Can I configure on of the ports to assume this
> > > > position i.e. Sc0? If so what are the cmds?
> > > >
> > > >
> > > >
> > > > Regards,
> > > >
> > > > George.
> > > >
> > > >
> > > >
> > > > Configs as below:
> > > >
> > > >
> > > >
> > > > Console> (enable) sh mod 1
> > > >
> > > > Mod Module-Name Ports Module-Type   Model
> > > Serial-Num
> > > > Status
> > > >
> > > > --- --- - - -
> > > -
> > > > ---
> > > >
> > > > 1   ENGINE-10 Supervisor IIIWS-X5530
> > > 012144234
> > > > ok
> > > >
> > > >
> > > >
> > > > Mod MAC-Address(es)Hw Fw Sw
> > > >
> > > > --- -- -- --
> > > > -
> > > >
> > > > 1   00-50-f0-0c-64-00 to 00-50-f0-0c-67-ff 3.03.1.2  4.3(1a)
> > > >
> > > >
> > > >
> > > > Mod Sub-Type Sub-Model Sub-Serial Sub-Hw
> > > >
> > > > ---  - -- --
> > > >
> > > > 1   NFFC+WS-F5531  0012153640 1.0
> > > >
> > > >
> > > >
> > > > Console> (enable) sh mod
> > > >
> > > > Mod Module-Name Ports Module-Type   Model
> > > Serial-Num
> > > > Status
> > > >
> > > > --- --- - - -
> > > -
> > > > ---
> > > >
> > > > 1   ENGINE-10 Supervisor IIIWS-X5530
> > > 012144234
> > > > ok
> > > >
> > > > 2   ENGINE-20 Supervisor IIIWS-X5530
> > > 010867093
> > > > standby
> > > >
> > > > 3   CCIE_LAB-0  2410/100BaseTX Ethernet WS-X5224
> > > 012154

RE: TACACS+ Server [7:38324]

2002-03-15 Thread Sean Knox 

For the uninitiated, QA = Quality Assurance and SQA is Software Quality
Assurance. :)

-Sean

-Original Message-
From: Sean Knox [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 15, 2002 2:39 PM
To: [EMAIL PROTECTED]
Subject: RE: TACACS+ Server [7:38324]


Padding here, padding there, padding everywhere.

www.cisco.com buddy. Ever used it? Sarcasm aside, this is a topic that you
could have researched yourself with a 5 second search on Cisco or Google. I
found these through google actually:

TACACS+ Support Page (watch the wrap):
http://www.cisco.com/pcgi-bin/Support/PSP/psp_view.pl?p=Internetworking:Taca
cs_plus

TACACS+ Technical Tips:
http://www.cisco.com/warp/public/707/index.shtml#tacacs+

CiscoSecure ACS v2.3 for Solaris:
http://www.cisco.com/univercd/cc/td/doc/pcat/sqasux.htm

A funny note, check out that HTML page name in that last link... "SQA SUX"
or just a coincidence? I work in QA, so maybe I'm just seeing things.. :)

- Sean



-Original Message-
From: Ray Smith [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 15, 2002 11:25 AM
To: [EMAIL PROTECTED]
Subject: Re: TACACS+ Server [7:38324]


Solaris buddy.  Do you know how to build one?

>From: Brian 
>To: Ray Smith 
>CC: [EMAIL PROTECTED]
>Subject: Re: TACACS+ Server [7:38324]
>Date: Thu, 14 Mar 2002 16:52:17 -0800 (PST)
>
>I suspect that depends slightly on the od u want to use?
>BSD, Linux, and Solaris will all run on that, which r u planning to use?
>
>   Bri
>
>On Thu, 14 Mar 2002, Ray Smith wrote:
>
> > Does anyone know how to build/setup a TACACS+ Server on a Sparc-5?
> >
> > Ray
> >
> >
> > _
> > Chat with friends online, try MSN Messenger: http://messenger.msn.com
_
Send and receive Hotmail on your mobile device: http://mobile.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=38499&t=38324
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: TACACS+ Server [7:38324]

2002-03-15 Thread Sean Knox 

Padding here, padding there, padding everywhere.

www.cisco.com buddy. Ever used it? Sarcasm aside, this is a topic that you
could have researched yourself with a 5 second search on Cisco or Google. I
found these through google actually:

TACACS+ Support Page (watch the wrap):
http://www.cisco.com/pcgi-bin/Support/PSP/psp_view.pl?p=Internetworking:Taca
cs_plus

TACACS+ Technical Tips:
http://www.cisco.com/warp/public/707/index.shtml#tacacs+

CiscoSecure ACS v2.3 for Solaris:
http://www.cisco.com/univercd/cc/td/doc/pcat/sqasux.htm

A funny note, check out that HTML page name in that last link... "SQA SUX"
or just a coincidence? I work in QA, so maybe I'm just seeing things.. :)

- Sean



-Original Message-
From: Ray Smith [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 15, 2002 11:25 AM
To: [EMAIL PROTECTED]
Subject: Re: TACACS+ Server [7:38324]


Solaris buddy.  Do you know how to build one?

>From: Brian 
>To: Ray Smith 
>CC: [EMAIL PROTECTED]
>Subject: Re: TACACS+ Server [7:38324]
>Date: Thu, 14 Mar 2002 16:52:17 -0800 (PST)
>
>I suspect that depends slightly on the od u want to use?
>BSD, Linux, and Solaris will all run on that, which r u planning to use?
>
>   Bri
>
>On Thu, 14 Mar 2002, Ray Smith wrote:
>
> > Does anyone know how to build/setup a TACACS+ Server on a Sparc-5?
> >
> > Ray
> >
> >
> > _
> > Chat with friends online, try MSN Messenger: http://messenger.msn.com
_
Send and receive Hotmail on your mobile device: http://mobile.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=38483&t=38324
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Jr. CCIE Ad on Dice [7:38034]

2002-03-14 Thread Sean Knox 

They do this to collect as many resumes as possible and then flood *any* and
all openings with them...even if Atlantis has no intention of sending a
candidate to an interview. This prevents the applicant from applying
directly to said company on their own, because Atlantis will demand a cut
since they "referred" them. Another bad recruiting firm to watch out for is
MacArthur and Associates - same type of sleeze as Atlantis.

- Sean

-Original Message-
From: John Neiberger [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 14, 2002 7:14 AM
To: [EMAIL PROTECTED]
Subject: RE: Jr. CCIE Ad on Dice [7:38034]


Atlantis Partners is just a bad company all around, from what I can
tell.   Here in Denver they post fake job openings just to get people to
send in resumes to fill their databases.  I couldn't believe it when I
discovered that they did this.  Why would anyone use a company that does
stuff like that??

John

>>> "Sean Knox"  3/13/02 3:02:29 PM >>>
I would say it's a sign that recruiting firms, such as Atlantis, don't
have
a clue, as it has always been.

- Sean

-Original Message-
From: Tarek Sabry [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, March 12, 2002 6:27 PM
To: [EMAIL PROTECTED] 
Subject: RE: Jr. CCIE Ad on Dice [7:38034]


This is really funny :)

I don't think it's a sign that the industry doesn't acknowledge CCIEs
as
all-round experts anymore (hopefully not anyway!) I think the word
"junior"
is just to justify the relatively low salary range they're offering
(in
California).

Tarek

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Ken Diliberto
Sent: Tuesday, March 12, 2002 7:42 PM
To: [EMAIL PROTECTED] 
Subject: Jr. CCIE Ad on Dice [7:38034]


This is good for a laugh.  They are looking for a junior CCIE.

http://www.dice.com/DandL/c/cxapga.35951.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=38260&t=38034
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Jr. CCIE Ad on Dice [7:38034]

2002-03-13 Thread Sean Knox 

I would say it's a sign that recruiting firms, such as Atlantis, don't have
a clue, as it has always been.

- Sean

-Original Message-
From: Tarek Sabry [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 12, 2002 6:27 PM
To: [EMAIL PROTECTED]
Subject: RE: Jr. CCIE Ad on Dice [7:38034]


This is really funny :)

I don't think it's a sign that the industry doesn't acknowledge CCIEs as
all-round experts anymore (hopefully not anyway!) I think the word "junior"
is just to justify the relatively low salary range they're offering (in
California).

Tarek

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Ken Diliberto
Sent: Tuesday, March 12, 2002 7:42 PM
To: [EMAIL PROTECTED]
Subject: Jr. CCIE Ad on Dice [7:38034]


This is good for a laugh.  They are looking for a junior CCIE.

http://www.dice.com/DandL/c/cxapga.35951.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=38135&t=38034
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: The CCNA exam has changed effective 3-12-02 [7:37960]

2002-03-12 Thread Sean Knox 

If you're well on your way to the CCNP, I wouldn't be very concerned with
any changes to the CCNA... it'll be easy for you.

Sean

-Original Message-
From: Jeffrey Hall [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 12, 2002 10:52 AM
To: [EMAIL PROTECTED]
Subject: RE: The CCNA exam has changed effective 3-12-02 [7:37960]


I think this is a great idea.  However, I'm halfway thru my CCNP
certification.  Is it going to be necessary or advisable to recert in the
600 track?  Please advise.

Jeff




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=38000&t=37960
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Infrastructure Upgrade..... [7:37627]

2002-03-07 Thread Sean Knox 

Everything you are asking is freely available on Cisco's website. Check out
CCO for information about the 2900s (it will tell you port capabilities,
VLAN/trunking with ISL/802.1q info). As far as your question regarding the
purchase of a 1900 over a 2950, this really depends on the end devices
connected and how much traffic traverses your network.

- Sean

-Original Message-
From: Juan Blanco [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 07, 2002 7:28 PM
To: [EMAIL PROTECTED]
Subject: Infrastructure Upgrade. [7:37627]


Team,

I am in the process of upgrading all  hubs in 4 different sites, each site
has 8 hubs, I will replace each site with a 2950(24 ports)10/100mbs. I will
connect each switch(2,3,4) to the switch(1) on the basement where a router
will be available to connect to the Frame Relay cloud.

Questions:

Will it make more sense to get the 1900 switch(10mbs) and not the
2950
Will I be able to set any one port to full(100mbs) on the 2950
Will I be able to set up vlans and isl (as long as my route has a
fastethernet port)
Is this the appropriate replacements for the hubs(we don't have a
lot of
money to spend)
Thanks,


JB




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=37633&t=37627
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCNP v3.0 [7:37500]

2002-03-07 Thread Sean Knox 

How can the routing exam for the CCNP be 3 hours long? Do you mean the
CCNPv3 Foundation Beta?

- Sean

-Original Message-
From: Tarek Sabry [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 07, 2002 6:38 PM
To: [EMAIL PROTECTED]
Subject: RE: CCNP v3.0 [7:37500]


OK I just took it. Yes 3 hours. But the number of questions is horrendous!
It definitely took me by surprise. I thought as I have been studying for my
CCIE lab for the past year or so (on and off) then this will be a walk in
the park. Was NOT!

First of all I did not know that you cannot go back to questions. Definitely
I would have had a different strategy. I wasn't simply prepared for that so
I ended up spending too long on some questions, which I regretted later
because I had a lot of very difficult questions in the beginning and a lot
of easy ones in the end that I wish I could spend like 20 seconds on each
instead of 3! I had 10 minutes to answer 45 questions in the end!!!

I never took CCNP v2 but rumor has it that its routing exam isn't that hard.
Well, maybe I'm not that competent, but today I had real tricky questions in
this Beta. Well, but again the way the questions were asked was also really
bad in some instances. For the first time in an exam I just had to leave
some comments for some of the questions.

I don't know if I'll pass or not. I think I still did OK. The lesson I
learned from taking this test without preparing for it is that CCNP and CCIE
are just very different ball games, and not just 2 levels of competence. You
can get get away with some uncertainties as to how things really work, but
in the CCNP (or at least this new version) this is much less the case.

Tarek



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Byron
Sent: Thursday, March 07, 2002 5:49 PM
To: [EMAIL PROTECTED]
Subject: Re: CCNP v3.0 [7:37500]


any confirmation on the time? i plan to take it next week.

byron
- Original Message -
From: "EMW_Tech"
To:
Sent: Thursday, March 07, 2002 1:51 PM
Subject: Re: CCNP v3.0 [7:37500]


> I'm taking the Routing Beta tomorrow. Is it really 3 hours instead of 1
hour

And was it three hours?
_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=37625&t=37500
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE#8903 [7:37490]

2002-03-07 Thread Sean Knox 

Exactly, it depends on the circumstances. On a resume, I'll list everything
from CCNA to CCNP. This includes MS stuff like MCSE/MCP/etc, because some HR
people are so clueless they think that just because  is
missing from your resume (despite work experience), you don't have a certain
skill set. So I list everything I have just to be safe. In a forum such as
this one, none of that is necessary.

- Sean

-Original Message-
From: Ken Diliberto [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 07, 2002 3:58 PM
To: [EMAIL PROTECTED]
Subject: Re: CCIE#8903 [7:37490]


But it helps when applying for jobs where they want a CCNA and have no clue
what a CCNP is.

I had a job interview today where they asked what a CCIE was.  :-)

Ken

>>> "Michael J. Doherty"  03/07/02 04:28PM >>>
Actually, if I remember the agreements correctly - you can list the lower
level certs (CCxA, CCxP) with the CCIE.  It is when you are a CCxP that you
should not list the corresponding CCxA.

Mike
[snip]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=37615&t=37490
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE#8903 [7:37490]

2002-03-07 Thread Sean Knox 

As you don't need to hold any Cisco certs to get your CCIE, I would assume
he's still a CCNP. Anyone else know?

Sean

-Original Message-
From: Steven A. Ridder [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 07, 2002 5:11 AM
To: [EMAIL PROTECTED]
Subject: Re: CCIE#8903 [7:37490]


Rich, I don't think you're a CCNP any more.  I think the CCIE supercedes
that.  Am I correct?

--

RFC 1149 Compliant.


""Richard Newman""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Great job.
>
> Richard Newman, CCIE#8878, CCNP, CCDP
>
>
> ""George Zhang""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > All,
> >
> > The title says it all.  I took my first attempt at the CCIE lab test
> > yesterday (March 5) in Halifax and received the "Congratulations on
> Passing
> > the CCIE Lab!" this morning.
> >
> > I was the only person taking the lab test in Halifax yesterday.  I was
> told
> > that there was another person scheduled yesterday but did not show up.
My
> > test started about 8:15 AM in the morning.  We broke for lunch at about
> > 12:20PM.  By then, I only finished all the IGP stuff and felt some
> pressure
> > on time.  But I have already reviewed rest of the test and knew that I
> could
> > go through the rest quickly.  After the 15 min lunch break, I worked
> through
> > rest of the test very quickly.  By about 3:00 PM, I finished every thing
> > except one small requirement that I had no clue how to do it.  I decided
> to
> > skip that item.  Then, I started reviewing and checking my config.
Along
> > the way of reviewing/checking, I spotted and fixed a few issues.  Just
> about
> > the time I finished reviewing every thing, the proctor walked in and
told
> me
> > that it' time.  I looked at the watch.  It was 4:30 PM.  My proctor was
> > Steve.  Steve is a great proctor.  He answered quite a few of my
questions
> > and cleared my mis-understanding and confusion about the requirements of
> the
> > test.
> >
> > I would like to take this opportunity to thank all people who helped me
to
> > achieve my goal.  First, I would like to thank my wife for her support
and
> > understanding.  Without her support, there is no way I could achieve my
> > goal.  Next, I will give my thanks to Bruce, Val, and Fred of
> > NetMasterClass.  As I said earlier, the NMC1 class is the most important
> > part of my final preparation.  Thanks to Katie Wong of Cisco who
scheduled
> > me to access the ASET racks.  Thats my primary resource for hands-on
> > practices for the past couple of months.  Thanks to Eric Fairfield for
> > lending me a few routers when I was in Wisconsin.  Also thanks to those
> that
> > I've either studied with or have helped me one way or another.  Thanks
> also
> > to Paul for putting this great list together.
> >
> > As far as my story, I started my quest of the Cisco certifications a
> little
> > over two and half years ago.  I got my CCNA and CCNP in the first year.
> > Three months later, I passed the CCIE written test.  I wanted to take
the
> > lab a year ago.  However, due to work and personal reasons, I did not
get
> > time to do it until now.  Last year, I was too busy to do much study.
At
> > work, as a consultant, I was billing at least 40 hours/week for the
whole
> > year.  At home, my second child was born in February, my wife finished
> > school in July, and we moved to New Jersey from Wisconsin in September.
> In
> > October of last year, I foresaw a window of opportunity for me to take
the
> > lab test early this year.  Then, I lobbed my manager to let me go to the
> > ECP1 class.  By the time my manager approved my training request, I
found
> > that Mentor Technologies went belly up.  However, I learned that Bruce
and
> > Val founded a new company called NetMasterClass, LLC
> > (www.netmasterclass.net) and offering the NMC1 and NMC2 classes.  I
> > registered and took the NMC1 class by the end January.  By the end of
last
> > year, the project I worked on finished.  So since the beginning of this
> year
> > I got a lot of time to study.  For the past couple of months, I have
> studied
> > 8-10 hours every day.
> >
> > As far as how I prepared, I have read most of the books (Doyle I & II,
> > Caslow, Halabi, Tam-Nam-Kee, Solie, Satterlee, etc.) recommended by
people
> > on this list.  Among this long list of books, the only one I dont like
is
> > Solies book because there are too many errors in the book.  There are a
> few
> > topics I was more confused after reading the book.  I dont have a home
> lab.
> >   So my primary resource for hands-on practice is remote labs such as
> Mentor
> > Technologies vlabs (not available any more), Cisco ASET lab.  Because I
> > dont have a home lab, my preparation included more reading than
hands-on
> > practice.  That actually worked out very well for me.  Above all, the
most
> > important part of my preparation is the NMC1 class taught by Bruce, Val
> and
> > Fred.  IF I HAD NOT TAKEN THE NMC1 CLASS, IT PROBA

RE: after CCNA [7:37583]

2002-03-07 Thread Sean Knox 

With the constantly changing wireless standards and guidelines, I don't
think "wireless certification" really makes sense right now. In fact, I'm a
little shocked to hear that there is such a thing... I think it should be
part of some other existing certification if anything. Just my 0.02.

- Seam

-Original Message-
From: ashish [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 07, 2002 1:16 PM
To: [EMAIL PROTECTED]
Subject: after CCNA [7:37583]


hi,
I passed CCNA two days back...
and now I am thinking of next level of certification.
I am thinking of CCNP now.
Meanwhile, I was also looking at the option of CWNA (Certified Wireless
Network Administrator).
Has anyone gone through this certification.and any insights to its
recognition
in the IT market.

Thanks,
Ashish




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=37598&t=37583
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: oc3 config [7:37587]

2002-03-07 Thread Sean Knox 

I personally don't have any experience with ATM, but a quick search on CCO
yielded this page... hopefully you find something in here in addition to
advice from other groupstudy members. 

Watch the wrap:

http://www.cisco.com/cgi-bin/Support/PSP/psp_view.pl?p=Internetworking:ATM:A
TM_General&s=Implementation_and_Configuration

-Sean

-Original Message-
From: Bullock, Jason [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 07, 2002 1:38 PM
To: [EMAIL PROTECTED]
Subject: RE: oc3 config [7:37587]


Guys, 

I have been reading on the list for sometime, and I am always in awe.
Anyone out there know a quick and dirty trick to configure a point to point
ATM OC3 between two cisco routers?   

the line is offered by verizon and I am using 2 7500 cisco routers.

help.

thanks!

jason




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=37596&t=37587
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: RIP issue :-) [7:37339]

2002-03-05 Thread Sean Knox 

I should have read that post more carefully.. I didn't see you were running
v2. You need to turn off the automatic route summarization feature with a
"no auto-summary".

Sean

-Original Message-
From: Stanzin Takpa [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 05, 2002 4:59 PM
To: [EMAIL PROTECTED]
Subject: RIP issue :-) [7:37339]


Hi !
 I am enabling RIP b/w two p-to-p network /30. But the strange
thing is ,when I say 
RouterA__.1/30___.2/30__RouterB

router rip 
ver 2
network 150.1.11.0

and exec show runn, it is showing  the network as 150.1.0.0.

Any comment on this...

Stanzin




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=37347&t=37339
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: RIP issue :-) [7:37339]

2002-03-05 Thread Sean Knox 

Rip is a CLASSFUL protocol... it can't utilize CIDR notation. Therefore, rip
sees your address as a class B address and will hence only use two octets
for the network portion, regardless of any netmask you set. Hope this helps.

Sean

-Original Message-
From: Stanzin Takpa [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 05, 2002 4:59 PM
To: [EMAIL PROTECTED]
Subject: RIP issue :-) [7:37339]


Hi !
 I am enabling RIP b/w two p-to-p network /30. But the strange
thing is ,when I say 
RouterA__.1/30___.2/30__RouterB

router rip 
ver 2
network 150.1.11.0

and exec show runn, it is showing  the network as 150.1.0.0.

Any comment on this...

Stanzin




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=37346&t=37339
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: detect routers and switches [7:36873]

2002-02-28 Thread Sean Knox 

If you had control of the environment, you could setup a sniffer on the side
of the destination and see if the IP TTL is decremented as it passes through
the network device. Obviously this isn't the case. You might want to try
some IP fingerprinting tools, such as nmap, queso, and xprobe. Also, try
pinging the device. Different devices and OS's respond with various TTLs.
(I.e., TTL is set to 128 on Windows2K and 255 on most UNIXes).

- Sean

-Original Message-
From: ashish [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 28, 2002 3:34 PM
To: [EMAIL PROTECTED]
Subject: Re: detect routers and switches [7:36873]


well, that's not my problem.
I have to find a general way to find whether a remote IP box is a router or
a switch.
That IP box can be of any vendor.
and that remote box can be located across multiple networks.

- Original Message -
From: Larry Letterman 
To: 
Sent: Thursday, February 28, 2002 3:07 PM
Subject: RE: detect routers and switches [7:36873]


> if its cisco gear, do a show cdp neighbor detail and it should show you
> whats on the other end...
>
>
> Larry Letterman
> Cisco Systems
> [EMAIL PROTECTED]
>
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> ashish
> Sent: Thursday, February 28, 2002 2:30 PM
> To: [EMAIL PROTECTED]
> Subject: detect routers and switches [7:36873]
>
>
> Hi,
> this question is bit vauge.But thought you guys will surely be able to
help
> me
> out :-)
>
> is there any way to tell programmatically , whether a remote box is a
router
> or a switch.
>
> Thanks,
> Ashish




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36901&t=36873
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Booting from slot0: [7:36841]

2002-02-28 Thread Sean Knox 

Excellent read! FYI, to answer my question (explained in the paper):

"To enable booting from Flash memory, set configuration register
bits 3, 2, 1, and 0 to a value between 2 and 15 in conjunction with the boot
system flash [filename] configuration command."


-Original Message-
From: Douglas McConnell [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 28, 2002 3:15 PM
To: Sean Knox; [EMAIL PROTECTED]
Cc: Daniel McConnell
Subject: RE: Booting from slot0: [7:36841]


Team:

Larry Letterman responded with a great link!  Grab the attachment...
:-)


--- Sean Knox  wrote:
> Does the router follow the setting set in the config-register first
> or the
> "boot system" command.. anyone know?
> 
> Sean
> 
> -Original Message-
> From: Douglas McConnell [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, February 28, 2002 2:14 PM
> To: [EMAIL PROTECTED]
> Subject: RE: Booting from slot0: [7:36841]
> 
> 
> Woody,
> 
> Didn't work...  Is this related to the config-register and/or
> config_field= ... ?
> 
> --- "Woods, Randall, SOBUS"  wrote:
> > try 
> > 
> > boot system flash slot0:image-name.bin
> > 
> > Woody
> > CCNP
> > 
> > -Original Message-
> > From: Douglas McConnell [mailto:[EMAIL PROTECTED]]
> > Sent: Thursday, February 28, 2002 3:25 PM
> > To: [EMAIL PROTECTED]
> > Subject: Booting from slot0: [7:36841]
> > 
> > 
> > I am having troubles getting a 7000 Series router to boot from
> slot0:
> > only.
> > 
> > I tried the command boot flash slot0:, but it is still not
> working...
> > 
> > I know the answer is right in front of my face...  Ideas?
> > 
> > :-)
> > 
> > =
> > Douglas McConnell - Senior Network Engineer
> > Cisco Certified Network Professional
> > 
> > __
> > Do You Yahoo!?
> > Yahoo! Greetings - Send FREE e-cards for every occasion!
> > http://greetings.yahoo.com
> [EMAIL PROTECTED]
> 
> 
> =
> Douglas McConnell - Senior Network Engineer
> Cisco Certified Network Professional
> 
> __
> Do You Yahoo!?
> Yahoo! Greetings - Send FREE e-cards for every occasion!
> http://greetings.yahoo.com
[EMAIL PROTECTED]


=
Douglas McConnell - Senior Network Engineer
Cisco Certified Network Professional

__
Do You Yahoo!?
Yahoo! Greetings - Send FREE e-cards for every occasion!
http://greetings.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36894&t=36841
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Booting from slot0: [7:36841]

2002-02-28 Thread Sean Knox 

Does the router follow the setting set in the config-register first or the
"boot system" command.. anyone know?

Sean

-Original Message-
From: Douglas McConnell [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 28, 2002 2:14 PM
To: [EMAIL PROTECTED]
Subject: RE: Booting from slot0: [7:36841]


Woody,

Didn't work...  Is this related to the config-register and/or
config_field= ... ?

--- "Woods, Randall, SOBUS"  wrote:
> try 
> 
> boot system flash slot0:image-name.bin
> 
> Woody
> CCNP
> 
> -Original Message-
> From: Douglas McConnell [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, February 28, 2002 3:25 PM
> To: [EMAIL PROTECTED]
> Subject: Booting from slot0: [7:36841]
> 
> 
> I am having troubles getting a 7000 Series router to boot from slot0:
> only.
> 
> I tried the command boot flash slot0:, but it is still not working...
> 
> I know the answer is right in front of my face...  Ideas?
> 
> :-)
> 
> =
> Douglas McConnell - Senior Network Engineer
> Cisco Certified Network Professional
> 
> __
> Do You Yahoo!?
> Yahoo! Greetings - Send FREE e-cards for every occasion!
> http://greetings.yahoo.com
[EMAIL PROTECTED]


=
Douglas McConnell - Senior Network Engineer
Cisco Certified Network Professional

__
Do You Yahoo!?
Yahoo! Greetings - Send FREE e-cards for every occasion!
http://greetings.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36890&t=36841
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Easy ways to pick up a few extra minutes on the CCIE lab. [7:36254]

2002-02-22 Thread Sean Knox 

Nice! Been looking for something like that for awhile.

Sean

-Original Message-
From: Jeff Buehler [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 22, 2002 10:46 AM
To: [EMAIL PROTECTED]
Subject: Re: Easy ways to pick up a few extra minutes on the CCIE lab.
[7:36242]


Another option with a newer IOS is if you want to see the Config for an
interface is to use:

sh ru INT E 0

and you will get the config for the interface only


""Redback Users""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Well, start by not to see the config so often (just to look for the IP
> address).
>
> 25XX is extremely slow doing the thing so.
>
> Better use "show ip int brie" or "show ip int"  instead.
>
>
> ""Wright, Jeremy""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > also, check the groupstudy database...there was a list of aliases that a
> guy
> > put on the list
> >
> > -Original Message-
> > From: Daniel Cotts [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, February 15, 2002 2:19 PM
> > To: [EMAIL PROTECTED]
> > Subject: RE: Easy ways to pick up a few extra minutes on the CCIE lab.
> > [7:35547]
> >
> >
> > Better than the CTRL+R that I've been using.
> >
> > > -Original Message-
> > > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
> > > Sent: Friday, February 15, 2002 1:45 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: RE: Easy ways to pick up a few extra minutes on the CCIE lab.
> > > [7:35541]
> > >
> > >
> > > That's a really good one. I hate it when the console blasts
> > > some stupid
> > > message at you while you're typing. It still throws me off
> > > even though I
> > > should be used to it. ;-) Thanks for telling us about this.
> > >
> > > Priscilla
> > >
> > > At 02:11 PM 2/15/02, Sean Knox wrote:
> > > >I always enter console config and turn on "logging
> > > synchronous"; it inserts
> > > >a carriage return automatically after system messages show
> > > up. Doesn't hurt
> > > >to enable it on the vtys either.
> > > >
> > > >core8500#conf t
> > > >Enter configuration commands, one per line.  End with CNTL/Z.
> > > >core8500(config)#line con 0
> > > >core8500(config-line)#logg sync
> > > >
> > > >-Original Message-
> > > >From: Hire, Ejay [mailto:[EMAIL PROTECTED]]
> > > >Sent: Friday, February 15, 2002 10:32 AM
> > > >To: [EMAIL PROTECTED]
> > > >Subject: Easy ways to pick up a few extra minutes on the CCIE lab.
> > > >[7:35523]
> > > >
> > > >
> > > >no ip domain-lookup  (how do you spell pnig again)
> > > >terminal escape-char 3  (Press Ctrl-c to break out of ping & Telnet)
> > > >
> > > >Anybody got others?
> > > 
> > >
> > > Priscilla Oppenheimer
> > > http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36254&t=36254
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CISCO INTERNSHIP.....CCIE..... [7:36091]

2002-02-21 Thread Sean Knox 

A CCNA with little or no experience? Hardly. He's lucky to even land a job
right now. I think this intern program is aimed at people new to the field.

-Original Message-
From: Steven A. Ridder [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 21, 2002 12:50 PM
To: [EMAIL PROTECTED]
Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091]


A CCNA makes more than 50k.  And you wouldn't have to pay your company to
work for them and get training.  Most companies pay you and pay for your
training.

--
RFC 1149 Compliant.

""Sean Knox""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I've taken some classes at ICTP. From what I gather, their CCIE intern
> program works like this: you sign up for their CCIE program (which is not
> cheap I should add) and when you pass your CCIE written/lab (I vaguely
> remember that the CCIE written pass is all you need), you can work as a
> subcontractor for ICTP. You make substantially   less money than a CCIE is
> "worth", (I believe around $50,000, don't quote me on that) but for those
> with little or no experience (i.e., people enrolling in this program), it
> works out really well. Hopefully Mr. Lee could explain the program more in
> detail.
>
> - Sean
>
> -Original Message-
> From: Brian [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, February 21, 2002 11:34 AM
> To: [EMAIL PROTECTED]
> Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091]
>
>
> Perhaps its a new look on recruiting, they train u, get a slice of the
> dough for awhile??  Just speculating of course..
>
> Brian
>
> On Thu, 21 Feb 2002, Cisco Nuts wrote:
>
> > And upon finishing the program, how many years of slavery will we
> > unfortunate ones be indebted to your gracious company? :-)
> > Can you clarify this??
> >
> >
> > >From: "Jason Lee"
> > >Reply-To: "Jason Lee"
> > >To: [EMAIL PROTECTED]
> > >Subject: CISCO INTERNSHIP.CCIE. [7:36091]
> > >Date: Thu, 21 Feb 2002 13:40:20 -0500
> > >
> > >Hi all,
> > >
> > >My name is Jason Lee I currently work for ICTP located in anaheim
> > >california
> > >we are currently looking for few candidates to go through our very
> intense
> > >cisco training, also to note that upon finishing the program CEA (cisco
> > >expert academy)you can be eligible for an internship... we have
> information
> > >session going on every other friday, so if this sounds interesting to
> you,
> > >or if you need a lab to study for the ccie or ccnp please give me a
call.
> > >
> > >Jason Lee
> > >IT specialist
> > >714-783-1083
> > >www.ICTP.com
> > _
> > Join the worlds largest e-mail service with MSN Hotmail.
> > http://www.hotmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36103&t=36091
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CISCO INTERNSHIP.....CCIE..... [7:36091]

2002-02-21 Thread Sean Knox 

I've taken some classes at ICTP. From what I gather, their CCIE intern
program works like this: you sign up for their CCIE program (which is not
cheap I should add) and when you pass your CCIE written/lab (I vaguely
remember that the CCIE written pass is all you need), you can work as a
subcontractor for ICTP. You make substantially   less money than a CCIE is
"worth", (I believe around $50,000, don't quote me on that) but for those
with little or no experience (i.e., people enrolling in this program), it
works out really well. Hopefully Mr. Lee could explain the program more in
detail.

- Sean

-Original Message-
From: Brian [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 21, 2002 11:34 AM
To: [EMAIL PROTECTED]
Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091]


Perhaps its a new look on recruiting, they train u, get a slice of the
dough for awhile??  Just speculating of course..

Brian

On Thu, 21 Feb 2002, Cisco Nuts wrote:

> And upon finishing the program, how many years of slavery will we
> unfortunate ones be indebted to your gracious company? :-)
> Can you clarify this??
>
>
> >From: "Jason Lee"
> >Reply-To: "Jason Lee"
> >To: [EMAIL PROTECTED]
> >Subject: CISCO INTERNSHIP.CCIE. [7:36091]
> >Date: Thu, 21 Feb 2002 13:40:20 -0500
> >
> >Hi all,
> >
> >My name is Jason Lee I currently work for ICTP located in anaheim
> >california
> >we are currently looking for few candidates to go through our very
intense
> >cisco training, also to note that upon finishing the program CEA (cisco
> >expert academy)you can be eligible for an internship... we have
information
> >session going on every other friday, so if this sounds interesting to
you,
> >or if you need a lab to study for the ccie or ccnp please give me a call.
> >
> >Jason Lee
> >IT specialist
> >714-783-1083
> >www.ICTP.com
> _
> Join the worlds largest e-mail service with MSN Hotmail.
> http://www.hotmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36101&t=36091
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Different type of intervlan routing problem... [7:35595]

2002-02-20 Thread Sean Knox 

Gandolf and Larry, thanks for the advice. The problem was the management
VLAN interface on the 3500XL. I just turned off the VLAN1 interface and
VLAN23 was routed again. Thanks again.

- Sean

-Original Message-
From: Gandolf [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 19, 2002 8:31 PM
To: [EMAIL PROTECTED]
Subject: Re: Different type of intervlan routing problem... [7:35595]


A problem I have come across on the 3500XL switches and dot1q trunking is
when the XL switch expected the packets on the native VLAN to be untagged
and the device on the other end of the trunk expects the packets to be
tagged.  This prevents communication through the trunk on the native VLAN.
The way to get around this is to set the native VLAN to a VLAN that does not
exist anywhere on your network such as VLAN 999.  This way all packets going
through the trunk are tagged and you will be able to route on vlan 24 again.


""Sean Knox""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi all, I'm having a problem with intervlan routing on a 3500XL. Port
> FastEthernet0/17 is an access link and the host, part of VLAN23, is
working
> fine and can traverse the network. FastEthernet 0/18 is a 802.1q trunk
link
> connected to a 802.1q aware host (a special network device my company
> makes). Vlan24 is defined as the native vlan for this link on both sides
> (the switch and 802.1q host). Connected to the 3500XL's FastEthernet 0/1
is
> a router with subifs defined with IP addresses and appropriate 802.1q VLAN
> tags for each vlan. VLAN23, our access link, is routed fine throughout the
> network. However, I can't ping the 802.1q host on VLAN24 from the
connected
> router or elsewhere. The 802.1q device has its default gateway set to the
> corresponding router subinterface. What am I missing? Below are the
relevant
> parts of the 3500XL config and router config.
>
> Thanks in advance!
> Sean
>
>
>
> Relevant parts of show running-config on 3500XL:
>
> interface FastEthernet0/1
>  duplex full
>  speed 100
>  switchport trunk encapsulation dot1q
>  switchport mode trunk
>
> interface FastEthernet0/17
>  duplex full
>  speed 100
>  switchport access vlan 23
>  spanning-tree portfast
>
> interface FastEthernet0/18
>  duplex half
>  speed 100
>  switchport trunk encapsulation dot1q
>  switchport trunk native vlan 24
>  switchport mode trunk
>  spanning-tree portfast
>
> interface VLAN1
>  ip address 10.6.200.2 255.255.255.0
>  no ip directed-broadcast
>  no ip route-cache
> !
> ip default-gateway 10.6.200.1
>
> Switch#show vlan
> VLAN Name StatusPorts
>   -
> ---
> 1default  activeFa0/2, Fa0/3, Fa0/4,
Fa0/5,
> Fa0/6, Fa0/7, Fa0/8,
Fa0/9,
> Fa0/10, Fa0/11, Fa0/12,
> Fa0/13,
> Fa0/14, Fa0/15, Fa0/16,
> Fa0/19,
> Fa0/20, Fa0/21, Fa0/22,
> Fa0/23,
> Fa0/24, Fa0/25, Fa0/26,
> Fa0/27,
> Fa0/28, Fa0/29, Fa0/30,
> Fa0/31,
> Fa0/32, Fa0/33, Fa0/34,
> Fa0/35,
> Fa0/36, Fa0/37, Fa0/38,
> Fa0/39,
> Fa0/40, Fa0/41, Fa0/42,
> Fa0/43,
> Fa0/44, Fa0/45, Fa0/46,
> Fa0/47,
> Fa0/48, Gi0/1, Gi0/2
> 24   VLAN0024 active
>
> VLAN Type  SAID   MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1
> Trans2
>  - -- - -- --    --
> --
> 1enet  11 1500  -  -  ---1002
1003
> 24   enet  100024 1500  -  -  ---0  0
>
> Router8510#show run
>
> interface FastEthernet1/0/4
>  description Core8500 to 3500XL
>  ip address 10.6.200.2 255.255.255.0
>  duplex full
>  speed 100
>
> interface FastEthernet1/0/4.23
>  encapsulation dot1Q 23
>  ip address 10.6.23.1 255.255.255.0
>
> interface FastEthernet1/0/4.24
>  encapsulation dot1Q 24
>  ip address 10.6.24.1 255.255.255.0




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35970&t=35595
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Different type of intervlan routing problem... [7:35595]

2002-02-19 Thread Sean Knox 

Also of note: the trunk connection between switch x and y is using vlan 23
as the native vlan... the other links use vlan 1.

-Original Message-
From: Sean Knox 
Sent: Tuesday, February 19, 2002 6:38 PM
To: '[EMAIL PROTECTED]'
Cc: '[EMAIL PROTECTED]'
Subject: RE: Different type of intervlan routing problem... [7:35595]


If it helps, think of the host ("Switch" X) as L3 switch on the other end of
the dot1q trunk. Switch Z is a L3 switch (Extreme 48port).

Router A  Switch Y --- Switch Z
10.6.200.1   802.1q  10.6.200.3   802.1q  10.6.200.2
  |
  | 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35921&t=35595
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Different type of intervlan routing problem... [7:35595]

2002-02-19 Thread Sean Knox 

If it helps, think of the host ("Switch" X) as L3 switch on the other end of
the dot1q trunk. Switch Z is a L3 switch (Extreme 48port).

Router A  Switch Y --- Switch Z
10.6.200.1   802.1q  10.6.200.3   802.1q  10.6.200.2
  |
  | 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35920&t=35595
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Different type of intervlan routing problem... [7:35595]

2002-02-18 Thread Sean Knox 

Larry, thanks for the response. As I tried to explain in the initial post,
the host on the other end of the 1q connection is a trunk connection. I
don't understand why it's not being routed. Any clues?

-Original Message-
From: Larry Letterman
To: Sean Knox; [EMAIL PROTECTED]
Sent: 2/17/02 11:52 PM
Subject: RE: Different type of intervlan routing problem... [7:35595]

The device connected to the 1Q trunk must be a trunk
connection. The host on the other end of the trunk link
will not usually respond to your ping when the link is a
trunk. If you want the host to respond you need the link
to be a switchport access type link.

Larry Letterman
Cisco Systems
[EMAIL PROTECTED] 





-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Sean Knox
Sent: Friday, February 15, 2002 11:06 PM
To: [EMAIL PROTECTED]
Subject: Different type of intervlan routing problem... [7:35595]


Hi all, I'm having a problem with intervlan routing on a 3500XL. Port
FastEthernet0/17 is an access link and the host, part of VLAN23, is
working
fine and can traverse the network. FastEthernet 0/18 is a 802.1q trunk
link
connected to a 802.1q aware host (a special network device my company
makes). Vlan24 is defined as the native vlan for this link on both sides
(the switch and 802.1q host). Connected to the 3500XL's FastEthernet 0/1
is
a router with subifs defined with IP addresses and appropriate 802.1q
VLAN
tags for each vlan. VLAN23, our access link, is routed fine throughout
the
network. However, I can't ping the 802.1q host on VLAN24 from the
connected
router or elsewhere. The 802.1q device has its default gateway set to
the
corresponding router subinterface. What am I missing? Below are the
relevant
parts of the 3500XL config and router config.

Thanks in advance!
Sean



Relevant parts of show running-config on 3500XL:

interface FastEthernet0/1
 duplex full
 speed 100
 switchport trunk encapsulation dot1q
 switchport mode trunk

interface FastEthernet0/17
 duplex full
 speed 100
 switchport access vlan 23
 spanning-tree portfast

interface FastEthernet0/18
 duplex half
 speed 100
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 24
 switchport mode trunk
 spanning-tree portfast

interface VLAN1
 ip address 10.6.200.2 255.255.255.0
 no ip directed-broadcast
 no ip route-cache
!
ip default-gateway 10.6.200.1

Switch#show vlan
VLAN Name StatusPorts
  -
---
1default  activeFa0/2, Fa0/3, Fa0/4,
Fa0/5,
Fa0/6, Fa0/7, Fa0/8,
Fa0/9,
Fa0/10, Fa0/11, Fa0/12,
Fa0/13,
Fa0/14, Fa0/15, Fa0/16,
Fa0/19,
Fa0/20, Fa0/21, Fa0/22,
Fa0/23,
Fa0/24, Fa0/25, Fa0/26,
Fa0/27,
Fa0/28, Fa0/29, Fa0/30,
Fa0/31,
Fa0/32, Fa0/33, Fa0/34,
Fa0/35,
Fa0/36, Fa0/37, Fa0/38,
Fa0/39,
Fa0/40, Fa0/41, Fa0/42,
Fa0/43,
Fa0/44, Fa0/45, Fa0/46,
Fa0/47,
Fa0/48, Gi0/1, Gi0/2
24   VLAN0024 active

VLAN Type  SAID   MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1
Trans2
 - -- - -- --    --
--
1enet  11 1500  -  -  ---1002
1003
24   enet  100024 1500  -  -  ---0
0

Router8510#show run

interface FastEthernet1/0/4
 description Core8500 to 3500XL
 ip address 10.6.200.2 255.255.255.0
 duplex full
 speed 100

interface FastEthernet1/0/4.23
 encapsulation dot1Q 23
 ip address 10.6.23.1 255.255.255.0

interface FastEthernet1/0/4.24
 encapsulation dot1Q 24
 ip address 10.6.24.1 255.255.255.0




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35714&t=35595
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Not allowed to use 802.1q and ISL at the same time [7:35659]

2002-02-17 Thread Sean Knox 

Greog,

That's exactly what I tried. :) I will give it another shot and
separate the ports. Thanks!

- Sean

-Original Message-
From: Georg Pauwen [mailto:[EMAIL PROTECTED]]
Sent: Sunday, February 17, 2002 12:47 AM
To: [EMAIL PROTECTED]
Subject: RE: Not allowed to use 802.1q and ISL at the same time
[7:35655]


Hi Sean,

I am not sure if you try to use ISL and 802.1q on adjacent ports, but the
8500 has the following VLAN Encapsulation Restrictions:
The four adjacent ports (such as 0-3 or 4-7) on a 10/100 interface must all
use the same VLAN encapsulation, that is, either 802.1Q and native, or ISL
and native.

Hope this helps.

Regards,

Georg




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35659&t=35659
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Not allowed to use 802.1q and ISL at the same time? [7:35655]

2002-02-16 Thread Sean Knox 

I was surprised to find that I couldn't enable ISL and 802.1q on different
ports on a Catalyst 8500. Is this a known "feature?"

Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35655&t=35655
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Different type of intervlan routing problem... [7:35595]

2002-02-15 Thread Sean Knox 

Hi all, I'm having a problem with intervlan routing on a 3500XL. Port
FastEthernet0/17 is an access link and the host, part of VLAN23, is working
fine and can traverse the network. FastEthernet 0/18 is a 802.1q trunk link
connected to a 802.1q aware host (a special network device my company
makes). Vlan24 is defined as the native vlan for this link on both sides
(the switch and 802.1q host). Connected to the 3500XL's FastEthernet 0/1 is
a router with subifs defined with IP addresses and appropriate 802.1q VLAN
tags for each vlan. VLAN23, our access link, is routed fine throughout the
network. However, I can't ping the 802.1q host on VLAN24 from the connected
router or elsewhere. The 802.1q device has its default gateway set to the
corresponding router subinterface. What am I missing? Below are the relevant
parts of the 3500XL config and router config.

Thanks in advance!
Sean



Relevant parts of show running-config on 3500XL:

interface FastEthernet0/1
 duplex full
 speed 100
 switchport trunk encapsulation dot1q
 switchport mode trunk

interface FastEthernet0/17
 duplex full
 speed 100
 switchport access vlan 23
 spanning-tree portfast

interface FastEthernet0/18
 duplex half
 speed 100
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 24
 switchport mode trunk
 spanning-tree portfast

interface VLAN1
 ip address 10.6.200.2 255.255.255.0
 no ip directed-broadcast
 no ip route-cache
!
ip default-gateway 10.6.200.1

Switch#show vlan
VLAN Name StatusPorts
  -
---
1default  activeFa0/2, Fa0/3, Fa0/4, Fa0/5,
Fa0/6, Fa0/7, Fa0/8, Fa0/9,
Fa0/10, Fa0/11, Fa0/12,
Fa0/13,
Fa0/14, Fa0/15, Fa0/16,
Fa0/19,
Fa0/20, Fa0/21, Fa0/22,
Fa0/23,
Fa0/24, Fa0/25, Fa0/26,
Fa0/27,
Fa0/28, Fa0/29, Fa0/30,
Fa0/31,
Fa0/32, Fa0/33, Fa0/34,
Fa0/35,
Fa0/36, Fa0/37, Fa0/38,
Fa0/39,
Fa0/40, Fa0/41, Fa0/42,
Fa0/43,
Fa0/44, Fa0/45, Fa0/46,
Fa0/47,
Fa0/48, Gi0/1, Gi0/2
24   VLAN0024 active

VLAN Type  SAID   MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1
Trans2
 - -- - -- --    --
--
1enet  11 1500  -  -  ---1002   1003
24   enet  100024 1500  -  -  ---0  0

Router8510#show run

interface FastEthernet1/0/4
 description Core8500 to 3500XL
 ip address 10.6.200.2 255.255.255.0
 duplex full
 speed 100

interface FastEthernet1/0/4.23
 encapsulation dot1Q 23
 ip address 10.6.23.1 255.255.255.0

interface FastEthernet1/0/4.24
 encapsulation dot1Q 24
 ip address 10.6.24.1 255.255.255.0




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35595&t=35595
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Weird 8510CSR problem... HELP! (RESOLVED...almost) [7:35588]

2002-02-15 Thread Sean Knox 

Kent, ooops, misread that post! Sorry- what you said makes complete sense.
Thanks again.

-Original Message-
From: Sean Knox 
Sent: Friday, February 15, 2002 8:32 PM
To: 'Kent Yu'; [EMAIL PROTECTED]
Subject: RE: Weird 8510CSR problem... HELP! (RESOLVED...almost)
[7:35582]


Kent, 

That makes sense... however, does this apply if I don't have a SRP
installed on the 8510? (I just have Fastethernet and GigE ports).

-Original Message-
From: Kent Yu [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 15, 2002 7:47 PM
To: [EMAIL PROTECTED]
Subject: Re: Weird 8510CSR problem... HELP! (RESOLVED...almost)
[7:35582]


Sean,

My understanding is that the 8510 SRP is pretty much the same as ASP of
LS1010, it is a ATM switch fabric. That's why both the ASP and SRP can be
installed in slot 13 of the Cat 5500, which connects to the 5G cell-switch
fabric, not the backplanes.
Internally, the 8510 line cards chop the frames into cells before sending
them across the SRP , that's why you got the AAL5 error.

HTH
Kent


""Sean Knox""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Isn't it amazing how often after posting a problem in a public forum, you
> figure out the problem on your own? D'oh!
>
> Anyway, the source of all the troubles was an apparently bad Extreme
Summit
> switch. No matter how the speed and duplex was configured on both ends,
> thousands of collisions and errors were occurring on the link; cable's
good
> too, tested that. As soon as I shut down the connection, cpu usage dropped
> to normal levels and all was happy and merry. However, I am still curious
> why I was receiving the "%AAL5-3-NOBUFFER:  No reassembly buffers to
receive
> pkt , vpi 0, vci 36" error-- as that is definitely an ATM error. I would
> think the error have been something along the lines of no buffer as this
is,
> but without mention of the ATM stuff... would anyone with more experience
> care to comment?
>
> - Sean
>
> -Original Message-




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35588&t=35588
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Weird 8510CSR problem... HELP! (RESOLVED...almost) [7:35587]

2002-02-15 Thread Sean Knox 

Kent, 

That makes sense... however, does this apply if I don't have a SRP
installed on the 8510? (I just have Fastethernet and GigE ports).

-Original Message-
From: Kent Yu [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 15, 2002 7:47 PM
To: [EMAIL PROTECTED]
Subject: Re: Weird 8510CSR problem... HELP! (RESOLVED...almost)
[7:35582]


Sean,

My understanding is that the 8510 SRP is pretty much the same as ASP of
LS1010, it is a ATM switch fabric. That's why both the ASP and SRP can be
installed in slot 13 of the Cat 5500, which connects to the 5G cell-switch
fabric, not the backplanes.
Internally, the 8510 line cards chop the frames into cells before sending
them across the SRP , that's why you got the AAL5 error.

HTH
Kent


""Sean Knox""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Isn't it amazing how often after posting a problem in a public forum, you
> figure out the problem on your own? D'oh!
>
> Anyway, the source of all the troubles was an apparently bad Extreme
Summit
> switch. No matter how the speed and duplex was configured on both ends,
> thousands of collisions and errors were occurring on the link; cable's
good
> too, tested that. As soon as I shut down the connection, cpu usage dropped
> to normal levels and all was happy and merry. However, I am still curious
> why I was receiving the "%AAL5-3-NOBUFFER:  No reassembly buffers to
receive
> pkt , vpi 0, vci 36" error-- as that is definitely an ATM error. I would
> think the error have been something along the lines of no buffer as this
is,
> but without mention of the ATM stuff... would anyone with more experience
> care to comment?
>
> - Sean
>
> -Original Message-




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35587&t=35587
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Weird 8510CSR problem... HELP! (RESOLVED...almost) [7:35575]

2002-02-15 Thread Sean Knox 

Isn't it amazing how often after posting a problem in a public forum, you
figure out the problem on your own? D'oh! 

Anyway, the source of all the troubles was an apparently bad Extreme Summit
switch. No matter how the speed and duplex was configured on both ends,
thousands of collisions and errors were occurring on the link; cable's good
too, tested that. As soon as I shut down the connection, cpu usage dropped
to normal levels and all was happy and merry. However, I am still curious
why I was receiving the "%AAL5-3-NOBUFFER:  No reassembly buffers to receive
pkt , vpi 0, vci 36" error-- as that is definitely an ATM error. I would
think the error have been something along the lines of no buffer as this is,
but without mention of the ATM stuff... would anyone with more experience
care to comment?

- Sean

-Original Message-
From: Sean Knox [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 15, 2002 3:49 PM
To: [EMAIL PROTECTED]
Subject: Weird 8510CSR problem... HELP! [7:35571]


Hi all, I posted this problem before, but didn't get any replies. Here it is
again with some additional info; hopefully one of you can help. :) I've
searched CCO without any luck either.

I'm seeing this error message on our Catalyst 8510CSR switch-router:

00:15:01: %AAL5-3-NOBUFFER:  No reassembly buffers to receive pkt , vpi 0,
vci 36

Show proc cpu shows cpu usage around 75-85% continually. There isn't nearly
enough of traffic on the network to generate this, and I confirmed by
checking the loads on all the interfaces (ALL are at 1/255 except
Controller0). So I assume its something isolated to this router.

Show proc cpu (possible interesting items shown):

  43   0 1  0   0.00%  0.00%  0.00%   0 IMAPAM Onesec
 PID  Runtime(ms)  Invoked  uSecs5Sec   1Min   5Min TTY Process
  44   0 1  0   0.00%  0.00%  0.00%   0 IMAPAM Config Ma
  45   0 1  0   0.00%  0.00%  0.00%   0 IMAPAM Mailbox M
  46 308   231   1333   0.00%  0.00%  0.00%   0 CDP Protocol
  47  707880 79294   8927  29.47% 27.66% 26.18%   0 IP Input


I'm thinking this is an ATM problem of some kind, but we don't run any ATM
nor have any ATM interfaces in the 8510. While looking through the
interfaces, i saw this:

Controller0 is up, line protocol is up
  Hardware is ATM Swi/Proc
  MTU 4470 bytes, sub MTU 4470, BW 155520 Kbit, DLY 0 usec,
 reliability 147/255, txload 1/255, rxload 5/255
  Encapsulation ATM, loopback not set
  Keepalive not supported
  Encapsulation(s):
  8192 maximum active VCs, 0 current VCCs
  VC idle disconnect time: 300 seconds
  Signalling vc = 35, vpi = 128, vci = 37
  UNI Version = 3.0, Link Side = user
  Last input 00:00:00, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue :0/40 (size/max)
  5 minute input rate 3577000 bits/sec, 4522 packets/sec
  5 minute output rate 57 bits/sec, 1333 packets/sec
 4753676 packets input, 469607611 bytes, 0 no buffer
 Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
 18427 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
 1384921 packets output, 73400813 bytes, 0 underruns
 0 output errors, 0 collisions, 0 interface resets
 0 output buffer failures, 0 output buffers swapped out

I imagine the reliabiltiy indicated in this output can't be good! Also, why
is there any load at all when we aren't running ATM? Anyway, is this the
source of the problem or not? If not, what could it be? Any help is greatly
appreciated. Thanks!

Thanks,
- Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35575&t=35575
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Weird 8510CSR problem... HELP! [7:35571]

2002-02-15 Thread Sean Knox 

Hi all, I posted this problem before, but didn't get any replies. Here it is
again with some additional info; hopefully one of you can help. :) I've
searched CCO without any luck either.

I'm seeing this error message on our Catalyst 8510CSR switch-router:

00:15:01: %AAL5-3-NOBUFFER:  No reassembly buffers to receive pkt , vpi 0,
vci 36

Show proc cpu shows cpu usage around 75-85% continually. There isn't nearly
enough of traffic on the network to generate this, and I confirmed by
checking the loads on all the interfaces (ALL are at 1/255 except
Controller0). So I assume its something isolated to this router.

Show proc cpu (possible interesting items shown):

  43   0 1  0   0.00%  0.00%  0.00%   0 IMAPAM Onesec
 PID  Runtime(ms)  Invoked  uSecs5Sec   1Min   5Min TTY Process
  44   0 1  0   0.00%  0.00%  0.00%   0 IMAPAM Config Ma
  45   0 1  0   0.00%  0.00%  0.00%   0 IMAPAM Mailbox M
  46 308   231   1333   0.00%  0.00%  0.00%   0 CDP Protocol
  47  707880 79294   8927  29.47% 27.66% 26.18%   0 IP Input


I'm thinking this is an ATM problem of some kind, but we don't run any ATM
nor have any ATM interfaces in the 8510. While looking through the
interfaces, i saw this:

Controller0 is up, line protocol is up
  Hardware is ATM Swi/Proc
  MTU 4470 bytes, sub MTU 4470, BW 155520 Kbit, DLY 0 usec,
 reliability 147/255, txload 1/255, rxload 5/255
  Encapsulation ATM, loopback not set
  Keepalive not supported
  Encapsulation(s):
  8192 maximum active VCs, 0 current VCCs
  VC idle disconnect time: 300 seconds
  Signalling vc = 35, vpi = 128, vci = 37
  UNI Version = 3.0, Link Side = user
  Last input 00:00:00, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue :0/40 (size/max)
  5 minute input rate 3577000 bits/sec, 4522 packets/sec
  5 minute output rate 57 bits/sec, 1333 packets/sec
 4753676 packets input, 469607611 bytes, 0 no buffer
 Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
 18427 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
 1384921 packets output, 73400813 bytes, 0 underruns
 0 output errors, 0 collisions, 0 interface resets
 0 output buffer failures, 0 output buffers swapped out

I imagine the reliabiltiy indicated in this output can't be good! Also, why
is there any load at all when we aren't running ATM? Anyway, is this the
source of the problem or not? If not, what could it be? Any help is greatly
appreciated. Thanks!

Thanks,
- Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35571&t=35571
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Easy ways to pick up a few extra minutes on the CCIE lab. [7:35554]

2002-02-15 Thread Sean Knox 

I may not be able to configure routing, but damnit, my screen is always
clear! :) j/k (I hope)

- Sean

-Original Message-
From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 15, 2002 11:45 AM
To: [EMAIL PROTECTED]
Subject: RE: Easy ways to pick up a few extra minutes on the CCIE lab.
[7:35541]


That's a really good one. I hate it when the console blasts some stupid 
message at you while you're typing. It still throws me off even though I 
should be used to it. ;-) Thanks for telling us about this.

Priscilla

At 02:11 PM 2/15/02, Sean Knox wrote:
>I always enter console config and turn on "logging synchronous"; it inserts
>a carriage return automatically after system messages show up. Doesn't hurt
>to enable it on the vtys either.
>
>core8500#conf t
>Enter configuration commands, one per line.  End with CNTL/Z.
>core8500(config)#line con 0
>core8500(config-line)#logg sync
>
>-Original Message-
>From: Hire, Ejay [mailto:[EMAIL PROTECTED]]
>Sent: Friday, February 15, 2002 10:32 AM
>To: [EMAIL PROTECTED]
>Subject: Easy ways to pick up a few extra minutes on the CCIE lab.
>[7:35523]
>
>
>no ip domain-lookup  (how do you spell pnig again)
>terminal escape-char 3  (Press Ctrl-c to break out of ping & Telnet)
>
>Anybody got others?


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35554&t=35554
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Easy ways to pick up a few extra minutes on the CCIE lab. [7:35531]

2002-02-15 Thread Sean Knox 

I always enter console config and turn on "logging synchronous"; it inserts
a carriage return automatically after system messages show up. Doesn't hurt
to enable it on the vtys either.

core8500#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
core8500(config)#line con 0
core8500(config-line)#logg sync

-Original Message-
From: Hire, Ejay [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 15, 2002 10:32 AM
To: [EMAIL PROTECTED]
Subject: Easy ways to pick up a few extra minutes on the CCIE lab.
[7:35523]


no ip domain-lookup  (how do you spell pnig again)
terminal escape-char 3  (Press Ctrl-c to break out of ping & Telnet)

Anybody got others?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35531&t=35531
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cat5k Reboots sporadically [7:35477]

2002-02-14 Thread Sean Knox 

I have a old Catalyst 5500 that is continually resetting. A show log
displays:

Console> (enable) show log

Network Management Processor (ACTIVE NMP) Log:
  Reset count:   538
  Re-boot History:   Feb 15 2002 01:46:06 0, Feb 15 2002 00:10:24 0
 Feb 15 2002 00:03:35 0, Feb 14 2002 14:13:25 0
 Feb 14 2002 14:07:15 0, Feb 14 2002 14:05:16 0
 Feb 14 2002 13:12:20 0, Feb 14 2002 11:29:54 0
 Feb 14 2002 11:05:38 0, Feb 14 2002 10:35:35 0
  Bootrom Checksum Failures:  0   UART Failures:  0
  Flash Checksum Failures:0   Flash Program Failures: 0
  Power Supply 1 Failures:   65   Power Supply 2 Failures:0
  Swapped to CLKA:0   Swapped to CLKB:0
  Swapped to Processor 1: 0   Swapped to Processor 2: 0
  DRAM Failures:  0

  Exceptions: 0

  Loaded NMP version:4.5(12)
  Reload same NMP version count: 176

  Last software reset by user: 2/15/2002,00:10:13
 output omitted 

I'm assuming the 65 power supply 1 failures is a possible cause? Does this
indicate a dying power supply and the source of the resets, or is something
else to blame? 


- Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35477&t=35477
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Ip subnet Zero & Ip classess [7:35340]

2002-02-13 Thread Sean Knox 

Well,

From
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/np1_r
/1rprt2/1ripadr.htm#xtocid12 :

ip classless

At times the router might receive packets destined for a subnet of a network
that has no network default route. To have the Cisco IOS software forward
such packets to the best supernet route possible, use the ip classless
global configuration command. To disable this feature, use the no form of
this command.

Regarding subnet zero, the IOS didn't used to let you assign an address that
was part of subnet zero. It wasn't allowed because it could create an
address that was the same as the subnet address.  Here's a link from cisco
with more lovely info about that and the all one's subnet:

http://www.cisco.com/warp/public/105/40.html


-Original Message-
From: Arnaldo Gomez [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 13, 2002 1:45 PM
To: [EMAIL PROTECTED]
Subject: Ip subnet Zero & Ip classess [7:35340]


Can someone give a gerneral explanation on these two commands?

ip subnet-zero
ip-classless


What do they do and why would you use them?

Thanks. 

Arnaldo




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35343&t=35340
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: SNMP- (S)ecurity is (N)ot (M)y (P)roblem [7:35329]

2002-02-13 Thread Sean Knox 

As demonstrated by the security group, some vendor SNMP implementations
crash when this new test suite is run against them -- even when SNMP is not
actively listening! I do agree about protecting SNMP devices, but this is
much more difficult from INSIDE an SNMP network.

-Original Message-
From: Steven A. Ridder [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 13, 2002 11:12 AM
To: [EMAIL PROTECTED]
Subject: SNMP- (S)ecurity is (N)ot (M)y (P)roblem [7:35329]


It's kind of high but not really.  Most networks have SNMP pretty well
hidden behind firewalls, or turned off if on the net, but if it's open, then
I can ddos you and / or add code into the memory space of the crashed SNMP
process (servers).  There haven't been many attacks reported yet from the
firewall logs people have examined - YET.  Maybe the script kiddies are just
waiting to write the good tools.

But, as I said earlier, a properly designed system will have SNMP protected.

""Frederick R. Carlson""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> All,
> What is the real risk in the newly announced CERT bullitin on SNMP.
>
> Its at : http://www.cert.org/advisories/CA-2002-03.html
>
> Thanks in advance,
> FRC




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35332&t=35329
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Looking for Supervisor IIG [7:35060]

2002-02-10 Thread Sean Knox 

Hi all, I hope this post is relevant in this forum-- if not I apologize.

I'm looking to pickup a [preferably] used Supervisor IIG for a Catalyst
5500. If anyone has any to sell or possibly trade (I have a OC-3 ATM card
someone might want) please contact me at [EMAIL PROTECTED]

- Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35060&t=35060
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MPLS and VPN Architectures book [7:34792]

2002-02-08 Thread Sean Knox 

Heh, that's pretty ironic the book doesn't go into depth about traffic
engineering... um hello? Oh well. Which books out of the Juniper course
material go over MPLS?

- Sean

-Original Message-
From: nrf [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 08, 2002 9:03 PM
To: [EMAIL PROTECTED]
Subject: Re: MPLS and VPN Architectures book [7:34792]


The book is all-right, it's not great.  It's OK as an intro book to the
subject.  Unfortunately many of the more complex topics in later chapters
are written in such garbled way as to be almost unintelligible, particularly
some of the 'carrier of carrier' and 'Internet access' stuff, and those are
precisely the topics that need to be as clear as possible because of their
complexity.   I swear, some of the grammar is so convuleted that the only
way to really understand everything in those chapters is to already know it
in the first place, but then if you already know it, why are you reading the
book at all?

The book is also missing any mention of probably the most important reason
to use MPLS at all: traffic-engineering.  Unfortunately there is no really
good Cisco book about this subject (it is covered briefly in IP Quality of
Service, but not in any serious depth).  The best stuff I've ever found on
TE is, ahem, Juniper course material.

But like I said, a decent intro book on the subject.



""Caplan M""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I'm reading it and so far I'm pleased with it. I haven't got to the VPN
> stuff yet though, but its given me a good grounging in tag switching and
MPLS.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34944&t=34792
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco exams are too easy??? [7:34923]

2002-02-08 Thread Sean Knox 

Hi Mike,

That's a good deal of testing. :) I think it would help if you
defined your background and history-- perhaps someone working in enterprise
networking for 10 years with a good deal of routing/switching background,
the CCIE is all too trivial.

Sean

-Original Message-
From: mike johnson [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 08, 2002 4:10 PM
To: [EMAIL PROTECTED]
Subject: OT: Cisco exams are too easy??? [7:34923]


Hi All,
I took the Cisco PIX CSPFA exam yesterday and I was
suprised to find out that my score is 970/1000.  I've
never worked with any type of firewalls let alone PIX
Firewall.  I read the CSPFA book and borrowed the 
materials from a friend of mine who went to global
knowledge training a few weeks earlier.  I am very 
disappointed with the exam.  I don't think anyone like

myself should be able to pass the exam that easily.  

I thought yesterday's test score was a fluke so this
morning I went and took the MCNS exam and I got a
score
of 960/1000.  I was completely shocked.  A few hours,
I
decide to sign up for the CCIE written exam. 
Amazingly
I passed with a score of 92/100  That is unbelievable.
To pass the exam for someone like myself really
de-value the prestige of Cisco Certification by some
bookworms like me.  Cisco, after all, should make the
exam a lot harder than the way it is now.

Anyone care to comment on this.

Mike Johnson


__
Do You Yahoo!?
Send FREE Valentine eCards with Yahoo! Greetings!
http://greetings.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34929&t=34923
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Security certification [7:34904]

2002-02-08 Thread Sean Knox 

www.securityfocus.com has a mailing list for the CISSP certification if i
recall correctly.

Sean

-Original Message-
From: Simon Yang (ITeX) [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 08, 2002 2:09 PM
To: [EMAIL PROTECTED]
Subject: Security certification [7:34904]


There is one certification called CISSP (certified information system
security professional). Does anybody family with it?  How's it value?
Any comment/suggestion?

Thanks

-Simon
CCNP, MCSE




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34908&t=34904
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 3DES [7:34756] AES? [7:34756]

2002-02-08 Thread Sean Knox 

I'm not sure when Cisco will incorporate AES, but it is already used in SSH2
and other products (can't think of any others of the top of my head). In
fact, my company incorporates in AES into a client-server solution we offer.
I've only read and heard good things about AES.

- Sean

-Original Message-
From: Alex Lei [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 08, 2002 9:50 AM
To: [EMAIL PROTECTED]
Subject: RE: 3DES [7:34756] AES? [7:34863]


FIPS197 was declared as the new AES in November, 2001. The standard will be
in effect in May, 2002. When do we see it in actual products... not too
sure.

http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34882&t=34756
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Deleting Subinterfaces. [7:34802]

2002-02-08 Thread Sean Knox 

Yes, this applies to ethernet as well. Andy's suggestion-- to tftp the file
elsewhere, edit out any mentions of subinterfaces, then tftp the edited file
back-- worked like a charm.

- Sean

-Original Message-
From: george gittins [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 08, 2002 6:28 AM
To: [EMAIL PROTECTED]
Subject: RE: Deleting Subinterfaces. [7:34802]


does the same apply to ethernet?

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Andy Hoang
Sent: Thursday, February 07, 2002 11:05 PM
To: [EMAIL PROTECTED]
Subject: RE: Deleting Subinterfaces. [7:34802]


After you remove the subif and do a "write mem" does the startup-config
still shows the subif?  If it does, I would tftp the config to a file, edit
the file and tftp it back to the router and reload.

Just a guess.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Sean Knox
Sent: Thursday, February 07, 2002 9:26 PM
To: [EMAIL PROTECTED]
Subject: RE: Deleting Subinterfaces. [7:34802]


The router has been rebooted multiple, but the subif's persist.

- Sean

-Original Message-
From: Michael Williams [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 07, 2002 8:51 PM
To: [EMAIL PROTECTED]
Subject: RE: Deleting Subinterfaces. [7:34802]


In general, I believe that when you delete a subinterface (at least on
serial lines) the subinterface won't go away until you reboot the router.

HTH,
Mike W.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34879&t=34802
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Deleting Subinterfaces. [7:34802]

2002-02-08 Thread Sean Knox 

Andy, tftp'ing the config and editing out the subif's did the trick. Thanks!

-Sean

-Original Message-
From: Andy Hoang [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 07, 2002 11:01 PM
To: Sean Knox; [EMAIL PROTECTED]
Subject: RE: Deleting Subinterfaces. [7:34802]


After you remove the subif and do a "write mem" does the startup-config
still shows the subif?  If it does, I would tftp the config to a file, edit
the file and tftp it back to the router and reload.

Just a guess.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Sean Knox
Sent: Thursday, February 07, 2002 9:26 PM
To: [EMAIL PROTECTED]
Subject: RE: Deleting Subinterfaces. [7:34802]


The router has been rebooted multiple, but the subif's persist.

- Sean

-Original Message-
From: Michael Williams [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 07, 2002 8:51 PM
To: [EMAIL PROTECTED]
Subject: RE: Deleting Subinterfaces. [7:34802]


In general, I believe that when you delete a subinterface (at least on
serial lines) the subinterface won't go away until you reboot the router.

HTH,
Mike W.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34876&t=34802
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Deleting Subinterfaces. [7:34802]

2002-02-07 Thread Sean Knox 

The router has been rebooted multiple, but the subif's persist.

- Sean

-Original Message-
From: Michael Williams [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 07, 2002 8:51 PM
To: [EMAIL PROTECTED]
Subject: RE: Deleting Subinterfaces. [7:34802]


In general, I believe that when you delete a subinterface (at least on
serial lines) the subinterface won't go away until you reboot the router.

HTH,
Mike W.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34825&t=34802
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: collissions on serial line? [7:34816]

2002-02-07 Thread Sean Knox 

A serial line is a point-to-point link. Collisions are only possible on a
shared medium, such as ethernet.

-Original Message-
From: somera cecilia [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 07, 2002 7:46 PM
To: [EMAIL PROTECTED]
Subject: collissions on serial line? [7:34816]


Folks, I've been searching CCO but cannot find answers to this. Is it
possible to get collissions in serial lines? If there are, what could cause
this?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34824&t=34816
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Deleting Subinterfaces. [7:34802]

2002-02-07 Thread Sean Knox 

I'm having trouble deleting subinterfaces on a 8510CSR. I'm getting the
following "error":

core8500(config)#no int fa1/0/7.203
% Not all config may be removed and may reappear after reactivating the
sub-interface

None of the subifs I attempt to delete actually go away. Furthermore,
certain interface properties like VLAN tagging directly affect the main
physical interface, even when I shut down the subifs, which as you can
imagine causes all sorts of problems. I'm running 12.1(7a)EY on a 8510CSR.
Any ideas? Should I blame the early deployment code?

- Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34802&t=34802
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE Catalyst 5000 not being routed RESOLVED [7:34800]

2002-02-07 Thread Sean Knox 

I promise this is the last time I respond to myself :) Hopefully it will
provide some insight.

I believe I found the reason the Cat5k was not being routed when connected
to a certain port on the default gateway-- I noticed the encapsulation for
the interface was set to 802.1q...which I definitely DIDN'T do-- in fact I
had created a subif with ISL encapsulation. It turns out there were some
subif's created quite a while ago. The encapsulation of these subifs were
all set to 802.1q. Despite the fact that all these 802.1q subinterfaces were
administratively shut down, the physical interface still reflected this and
listed its encapsulation as 802.1q as well. To resolve, I went to each subif
on the problem interface and took off any and all encapsulation via "no
encap". I shut down each interface (again) just for good measure. After
doing this, the physical interface displayed ARPA encapsulation and
everything works fine-- connected the Cat5k to the to the problem port, and
everything was routed fine. Whew! What a pain to track down. Even when
entering "no interface ", the subinterfaces remained persistent.
Weird. I'll close this thread and open a new one regarding this persistent
subif behavior. :) Thanks to Dave and everyone helped/offered help.

- Sean

-----Original Message-
From: Sean Knox [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 07, 2002 1:34 PM
To: [EMAIL PROTECTED]
Subject: RE: Catalyst 5000 not being routed [7:34566]


Well, strangely the Cat5k is being routed now... Due to another situation, I
was forced to move the interface the Cat5 connected to on the default
gateway... Originally the Cat5k connected to FastEthernet 1/0/7 on a
Cat8510, but now its connected to Fa1/0/4 on the Cat8510. I configured the
new connection with the same IP as the other, and it works fine. For the
record, I don't have any VLAN encapsulation set on the new port. I think I
have a bad port, because I'm having problems connecting another device to
the original port. I'm seeing a lot of "%AAL5-3-NOBUFFER:  No reassembly
buffers to receive pkt , vpi 0, vci 35" errors when I connect the port in
question to another device (an older Extreme Summit48 switch).

- Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34800&t=34800
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: %AAL5-3-NOBUFFER: error on Catalyst 8510 [7:34787]

2002-02-07 Thread Sean Knox 

I moved the Extreme Switch to a different port. Everything seems "ok" and I
don't see any extraneous CPU usage, however the error message is still
appearing, albeit with a slightly different message:

%AAL5-3-NOBUFFER:  No reassembly buffers to receive pkt , vpi 0, vci 36

Note the "vci 36" instead of 35 from my previous post. I found a little
information about this error on some Cat6000 release notes:

CSCdp22285

The "no reassembly buffers to receive pkt, vpi 0, vci 36" message is
displayed.
Symptom: On a system with over 10,000 IP multicast routes, multiple "No
reassembly buffers to receive pkt, vpi 0, vci 36" messages are displayed. 

Well 1) I'm not running any multicast routing, 2) I'm using a Cat8510 not a
6000 and 3) this bug is reported "resolved" in 12.0(5)W5(13a), furthermore,
I'm running 12.1(7a)EY, which lists no mention of this bug in the release
notes. Wonder what this is? 



-Original Message-
From: Sean Knox [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 07, 2002 1:25 PM
To: [EMAIL PROTECTED]
Subject: %AAL5-3-NOBUFFER: error on Catalyst 8510 [7:34787]


Anyone familiar with this error? A search on CCO and the error decoder tool
didn't reveal anything.

%AAL5-3-NOBUFFER:  No reassembly buffers to receive pkt , vpi 0, vci 35  

I was under the impression this error was related to ATM. However, we don't
have any ATM interfaces on this 8510, just a GigE port and some fast
ethernet. The error appears when I connect a fast ethernet port to an older
Extreme Summit 48 switch; CPU usage rockets to 99%. As soon as I shut the
interface down, the error stops. Any ideas?


 - Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34798&t=34787
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MPLS and VPN Architectures book [7:34792]

2002-02-07 Thread Sean Knox 

This book gets very good reviews on Amazon. I trust the opinions here far
more however... what do you think of this book? Better ones out there?

MPLS and VPN Architectures: A Practical Guide to Understanding, Designing
and Deploying MPLS and MPLS-Enabled VPNs
by Jim Guichard, Ivan Pepelnjak
ISBN: 1587050021




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34792&t=34792
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Catalyst 5000 not being routed [7:34566]

2002-02-07 Thread Sean Knox 

Well, strangely the Cat5k is being routed now... Due to another situation, I
was forced to move the interface the Cat5 connected to on the default
gateway... Originally the Cat5k connected to FastEthernet 1/0/7 on a
Cat8510, but now its connected to Fa1/0/4 on the Cat8510. I configured the
new connection with the same IP as the other, and it works fine. For the
record, I don't have any VLAN encapsulation set on the new port. I think I
have a bad port, because I'm having problems connecting another device to
the original port. I'm seeing a lot of "%AAL5-3-NOBUFFER:  No reassembly
buffers to receive pkt , vpi 0, vci 35" errors when I connect the port in
question to another device (an older Extreme Summit48 switch).

- Sean





-Original Message-
From: MADMAN [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 06, 2002 3:15 PM
To: Sean Knox
Cc: [EMAIL PROTECTED]
Subject: Re: Catalyst 5000 not being routed [7:34566]



  Send the router config.  You say the laptop works but that's obviously
not doing ISL so I suspect your ethernet config as the cat looks fine.

  Dave

Sean Knox wrote:
> 
> I'll post [what I think are] relevant parts of my config:
> 
> #ip
> set interface sc0 1 10.2.16.2 255.255.255.248 10.2.16.7
> 
> set interface sc0 up
> set interface sl0 192.168.0.1 255.255.255.255
> set interface sl0 down
> set arp agingtime 1200
> set ip redirect   enable
> set ip unreachable   enable
> set ip fragmentation enable
> set ip route 0.0.0.0 10.2.16.1   1
> set ip alias default 0.0.0.0
> 
> Aside from this, I am running a stock configuration (I erased the previous
> startup-config.). I'm running CatOS 4.5(12).
> 
> 1. I can ping the default gateway and the default gateway can ping the sc0
> interface back.
> 2. I can ping other interfaces on the default gateway (default gateway is
> 10.2.16.1, and I can ping 10.1.1.1, which is another int on the router)
> 3. Can't reach external subnets from the Cat5k sc0 interface, and vice
> versa.
> 4. Routing is ok-- I swapped out the catalyst with a laptop, mirroring the
> IP config. Laptop was able to reach external subnets.
> 5. The sc0 interface is part of vlan 1 by default, I can't change this
with
> the CatOS version I have. I configured the default gateway's port to be
part
> of vlan 1 as using ISL. Results the same as before (can ping the gateway,
> but nothing else)
> 
> One of Catalyst gurus must know what I'm doing wrong! :)
> 
> - Sean
> 
> -Original Message-
> From: Fraasch James [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, February 06, 2002 8:22 AM
> To: [EMAIL PROTECTED]
> Subject: RE: Catalyst 5000 not being routed [7:34566]
> 
> Any chance you could submit the configs? Might make it easier to
> troubleshoot for people over here.
> 
> It sounds as if you are not using the RSM on the 5000 at all which means
> that all you really need to have is the default route set on the switch
and
> that the port on the router needs to be configured correctly.
> 
> You may want to double check your OSPF settings as well.  If the Cat5000
is
> on a different network altogether than the rest of your routers, of course
> it will not route to that network (IE, your network is 172.25.0.0 but this
> 5000 is on 172.26.0.0 and your OSPF statement reads network 172.25.0.0
> 0.0.255.255 then of course the Cat5000 would not be in the tables). I have
> done that before.
> 
> Like I said, configs would be great if possible.
> 
> James
-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED]
612-664-3367

"Emotion should reflect reason not guide it"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34788&t=34566
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

%AAL5-3-NOBUFFER: error on Catalyst 8510 [7:34787]

2002-02-07 Thread Sean Knox 

Anyone familiar with this error? A search on CCO and the error decoder tool
didn't reveal anything.

%AAL5-3-NOBUFFER:  No reassembly buffers to receive pkt , vpi 0, vci 35  

I was under the impression this error was related to ATM. However, we don't
have any ATM interfaces on this 8510, just a GigE port and some fast
ethernet. The error appears when I connect a fast ethernet port to an older
Extreme Summit 48 switch; CPU usage rockets to 99%. As soon as I shut the
interface down, the error stops. Any ideas?


 - Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34787&t=34787
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Catalyst 5000 not being routed [7:34566]

2002-02-06 Thread Sean Knox 

I'll post [what I think are] relevant parts of my config:

#ip
set interface sc0 1 10.2.16.2 255.255.255.248 10.2.16.7

set interface sc0 up
set interface sl0 192.168.0.1 255.255.255.255
set interface sl0 down
set arp agingtime 1200
set ip redirect   enable
set ip unreachable   enable
set ip fragmentation enable
set ip route 0.0.0.0 10.2.16.1   1
set ip alias default 0.0.0.0

Aside from this, I am running a stock configuration (I erased the previous
startup-config.). I'm running CatOS 4.5(12). 

1. I can ping the default gateway and the default gateway can ping the sc0
interface back.
2. I can ping other interfaces on the default gateway (default gateway is
10.2.16.1, and I can ping 10.1.1.1, which is another int on the router)
3. Can't reach external subnets from the Cat5k sc0 interface, and vice
versa.
4. Routing is ok-- I swapped out the catalyst with a laptop, mirroring the
IP config. Laptop was able to reach external subnets.
5. The sc0 interface is part of vlan 1 by default, I can't change this with
the CatOS version I have. I configured the default gateway's port to be part
of vlan 1 as using ISL. Results the same as before (can ping the gateway,
but nothing else)

One of Catalyst gurus must know what I'm doing wrong! :)

- Sean

-Original Message-
From: Fraasch James [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 06, 2002 8:22 AM
To: [EMAIL PROTECTED]
Subject: RE: Catalyst 5000 not being routed [7:34566]


Any chance you could submit the configs? Might make it easier to
troubleshoot for people over here.

It sounds as if you are not using the RSM on the 5000 at all which means
that all you really need to have is the default route set on the switch and
that the port on the router needs to be configured correctly.

You may want to double check your OSPF settings as well.  If the Cat5000 is
on a different network altogether than the rest of your routers, of course
it will not route to that network (IE, your network is 172.25.0.0 but this
5000 is on 172.26.0.0 and your OSPF statement reads network 172.25.0.0
0.0.255.255 then of course the Cat5000 would not be in the tables). I have
done that before.

Like I said, configs would be great if possible.

James




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34686&t=34566
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Pinging all the way!!! [7:34611]

2002-02-06 Thread Sean Knox 

Looks like the Zebra site is down. If anyone is interested, I believe you
can download it from here: http://www.gnu.org/software/zebra/zebra.html

- Sean

-Original Message-
From: Sean Knox [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 06, 2002 11:30 AM
To: [EMAIL PROTECTED]
Subject: RE: Pinging all the way!!! [7:34611]


Also, check out GNU Zebra, which basically turns a linux box into a IOS-ish
router. It has a pretty complete BGP, OSPF, and RIP implementation. Very
cool, getting better all the time. Plus, it's free and open source :)

GNU Zebra
http://www.zebra.org

- Sean

-Original Message-
From: Kent Hundley [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 06, 2002 10:39 AM
To: [EMAIL PROTECTED]
Subject: RE: Pinging all the way!!! [7:34611]


It's already prime time if you have a 2500.  Check it out:

http://www.mcvax.org/~koen/uClinux-cisco2500/

Probably not something you want to run in production, but pretty darn cool
nonetheless.

Regards,
Kent

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 06, 2002 9:30 AM
To: [EMAIL PROTECTED]
Subject: Re: Pinging all the way!!! [7:34611]


so when will the Linux IOS be ready for prime time?

I'm all in favor of open source code for Cisco routers ;->



""W. Alan Robertson""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Sure, that's one way, but the preferred method is to format C:, and
> install Linux.  (Warning: This may cause data loss...)
>
> ;)
>
> - Original Message -
> From: "Scott Baron"
> To:
> Sent: Wednesday, February 06, 2002 9:27 AM
> Subject: RE: Pinging all the way!!! [7:34611]
>
>
> > ping -t 198.133.219.25
> >
> > -Original Message-
> > From: Tel Khan [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, February 06, 2002 9:22 AM
> > To: [EMAIL PROTECTED]
> > Subject: Pinging all the way!!! [7:34611]
> >
> >
> > Hi folks,
> > As far as i know if you ping an address it will usally responsed
> with 4
> > lines TTL. If i want to continue the ping lets say for over an hour
> is
> > there
> > a command to do this?
> >
> > Thanks in advance.
> >
> > Tel
> >
> > Example:
> >
> > C:\>ping cisco.com
> >
> > Pinging cisco.com [198.133.219.25] with 32 bytes of data:
> >
> > Reply from 198.133.219.25: bytes=32 time=160ms TTL=238
> > Reply from 198.133.219.25: bytes=32 time=160ms TTL=238
> > Reply from 198.133.219.25: bytes=32 time=160ms TTL=238
> > Reply from 198.133.219.25: bytes=32 time=161ms TTL=238
> >
> > Ping statistics for 198.133.219.25:
> > Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
> > Approximate round trip times in milli-seconds:
> > Minimum = 160ms, Maximum =  161ms, Average =  160ms
> [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34669&t=34611
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Pinging all the way!!! [7:34611]

2002-02-06 Thread Sean Knox 

Also, check out GNU Zebra, which basically turns a linux box into a IOS-ish
router. It has a pretty complete BGP, OSPF, and RIP implementation. Very
cool, getting better all the time. Plus, it's free and open source :)

GNU Zebra
http://www.zebra.org

- Sean

-Original Message-
From: Kent Hundley [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 06, 2002 10:39 AM
To: [EMAIL PROTECTED]
Subject: RE: Pinging all the way!!! [7:34611]


It's already prime time if you have a 2500.  Check it out:

http://www.mcvax.org/~koen/uClinux-cisco2500/

Probably not something you want to run in production, but pretty darn cool
nonetheless.

Regards,
Kent

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 06, 2002 9:30 AM
To: [EMAIL PROTECTED]
Subject: Re: Pinging all the way!!! [7:34611]


so when will the Linux IOS be ready for prime time?

I'm all in favor of open source code for Cisco routers ;->



""W. Alan Robertson""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Sure, that's one way, but the preferred method is to format C:, and
> install Linux.  (Warning: This may cause data loss...)
>
> ;)
>
> - Original Message -
> From: "Scott Baron"
> To:
> Sent: Wednesday, February 06, 2002 9:27 AM
> Subject: RE: Pinging all the way!!! [7:34611]
>
>
> > ping -t 198.133.219.25
> >
> > -Original Message-
> > From: Tel Khan [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, February 06, 2002 9:22 AM
> > To: [EMAIL PROTECTED]
> > Subject: Pinging all the way!!! [7:34611]
> >
> >
> > Hi folks,
> > As far as i know if you ping an address it will usally responsed
> with 4
> > lines TTL. If i want to continue the ping lets say for over an hour
> is
> > there
> > a command to do this?
> >
> > Thanks in advance.
> >
> > Tel
> >
> > Example:
> >
> > C:\>ping cisco.com
> >
> > Pinging cisco.com [198.133.219.25] with 32 bytes of data:
> >
> > Reply from 198.133.219.25: bytes=32 time=160ms TTL=238
> > Reply from 198.133.219.25: bytes=32 time=160ms TTL=238
> > Reply from 198.133.219.25: bytes=32 time=160ms TTL=238
> > Reply from 198.133.219.25: bytes=32 time=161ms TTL=238
> >
> > Ping statistics for 198.133.219.25:
> > Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
> > Approximate round trip times in milli-seconds:
> > Minimum = 160ms, Maximum =  161ms, Average =  160ms
> [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34665&t=34611
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Catalyst 5000 not being routed [7:34566]

2002-02-05 Thread Sean Knox 

Thanks for responding guys-- I'll try to cover both responses in this email.

I'm sorry if I wasn't clear enough in my first post...what I meant
to say was I replaced the Cat5k with a laptop (using the same IP settings)
to verify it was a problem specific to the Catalyst, and not the routing
being performed on the default gateway. This turned out to be true. The
default gateway is an external router (a Catalyst 8510 fyi), but I do have a
RSM in the Catalyst. I noticed there was a "no ip routing" statement in the
RSM configuration. I assume this doesn't affect what I'm trying to do,
correct?

>sc0 and the port that the "Default Gateway" device is attached to need
>to be in the same VLAN.

Alan, this makes sense. After you mentioned this I tried the following:

Created a subif on the default router and put it in vlan 1 with ISL tagging
(as the Cat5k supervisor card I have doesn't support 802.1q). unfortunately
this didn't seem to change anything-- I could still ping the default gateway
from the Catalyst and vice versa, but still no access to and from remote
subnets. Did I miss a step? Do I need to enable MLS or something on the
default gateway?

>I am uncertain if in your message you mean that you can ping the
>default gateway from the Catalyst itself, of if you mean that you can
>ping the gateway device from other stations.

The default gateway is a 8510 acting as a DR in an OSPF network. It's
working fine-- all subnets contained are ok-- it's just the Catalyst's sc0
interface that isn't getting routed.

Further help/insight would be appreciated!

- Sean



-Original Message-
From: flemish flemish [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 05, 2002 6:57 PM
To: [EMAIL PROTECTED]
Subject: RE: Catalyst 5000 not being routed [7:34566]


You proved that sc0 belonging to vlan1 has not much to do with it.

You configured the laptop with the same default route as the cat5k.
This kinda tells me that sc0 and the laptop are on the same subnet.
So the laptop was connected to a port belonging to vlan1 , is that correct ?


Is that default router an RSM or external router ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34591&t=34566
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: kazaa / morpheus blocking / rate-limiting [7:34529]

2002-02-05 Thread Sean Knox 

A solution we used here was to implement QoS to prevent Kazaa/gnutella users
from sucking up too much bandwidth from other users.

- Sean

-Original Message-
From: Maccubbin, Duncan [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 05, 2002 6:06 PM
To: [EMAIL PROTECTED]
Subject: RE: kazaa / morpheus blocking / rate-limiting [7:34529]


Those are some bandwidth hogs. I knocked down incoming/outgoing traffic on
1214 and used a sniffer to catch the internal offenders. Keep in mind you
will probably have GNUTella running around as well which opens a port on the
PC. If you do a port scan on the PC in question you will see the GNUTella
port open. GNUTella is a bandwidth hog too.

-Original Message-
From: bergenpeak
To: [EMAIL PROTECTED]
Sent: 2/5/02 5:13 PM
Subject: kazaa / morpheus blocking / rate-limiting [7:34529]

Hi,

Wondering if anyone has been using ACLs to block or rate-limit
Kazaa/Morpheus
traffic.  I'd be interested in how well this worked.

Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34571&t=34529
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Catalyst 5000 not being routed [7:34566]

2002-02-05 Thread Sean Knox 

Hi folks, 

I assume this is a very simple problem, but it has me stumped.
Despite having set up the sc0 interface, enabling it, and defining a default
route, I am not able to access external subnets. I can ping and telnet to
the default gateway ok however (and vice-versa). I confirmed it is a
configuration problem with the Catalyst as I configured a laptop with the
same IP address and default route as the Catalyst, and it had no problem
reaching external subnets. Before I go on any further, is this because sc0
is part of vlan1 by default? What else could I be missing?

- Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34566&t=34566
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PAT'S RULE!!! -- actual Cisco stuff mentioned [7:34392]

2002-02-04 Thread Sean Knox 

After reading the article, the author didn't give any evidence to support
his claim that Cisco is using Microsoft code... If he's right, I am
certainly interested to know what platforms are using MS code.

- Sean

-Original Message-
From: Patricia Leeb-Hart [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 04, 2002 2:23 PM
To: [EMAIL PROTECTED]
Subject: Re: PAT'S RULE!!! -- actual Cisco stuff mentioned [7:34392]


Not only am I from CA, I'm from Oakland.  But I don't actually think the
game was unfair; I just like griping .  I root for any team whose town I
live in (the Warriors excepted)

Has anyone read the recent article in Network Computing mag on Windows
technology in Cisco gear? 
(http://www.networkcomputing.com/1303/1303colshipley.html).   My God,
stupidity and cupidity will never cease.  It certainly would make me want to
re-think migrating my voice system to VoIP on any platform that does this. 
I've already fired off an e-mail to the author asking about which platforms
other than Cisco are adopting this. Must research further...

And just to keep this on-topic, I'm starting my CCNP in a couple of weeks...

>>> "Steven A. Ridder"  02/04/2002 1:18:21 PM >>>
Another person from CA, eh? The call was by the rule book, even if the rule
may have been unfair as some people have claimed.  We had that exect call go
against us in week 2 of a Jets game and we never cried.  We even lost that
game.  It's a legitimate rule.  AND, the Raiders still could have stopped us
before getting to kick the FG that put it into overtime. Then in overtime,
the Raiders still didn't stop us. So it wasn't like the refs just handed us
the game. There still were some major playing and feats that we had to make
to get us to where we got in that game.

Steve

""Patricia Leeb-Hart""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Dang it, Steven, you had me thinking that this was a message about Port
> Address Translation!  :-D
>
> Next time please spell out the team name.  Or pick another team!  The
> Raiders were robbed, robbed, I say!
>
> >>> "Steven A. Ridder"  02/03/2002 8:48:08 PM >>>
>   PATRIOTS!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34397&t=34392
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAJOR OT: Free CCNPtraining for convicts [7:34039]

2002-02-01 Thread Sean Knox 

This thread is veering too far off course so I'll end my ramblings here...
 
I'm just in general objection to the US prison system in its current
(entire?) incarnation. I don't think the prison system ultimately benefits
society. I'm not saying we bend over backwards to comfort criminals -- but,
on a practical note, our tax dollars are pumped into this institution, but
crime trends (in the states anyway) aren't going down, nor are (most)
ex-con's tendency to commit crimes once back on the outside. The current
"solution" isn't working. I was just little appaled by the general apathy on
this list. People are people, and yes there are some terrible ones, but I
don't think we grow as a culture nor a species by continuing alienate
segments of our population even further. 
 
 
- Sean

-Original Message-
From: MADMAN [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 01, 2002 2:54 PM
To: Sean Knox
c: [EMAIL PROTECTED]
Subject: Re: MAJOR OT: Free CCNPtraining for convicts [7:34039]


  
  And character is not taught. 

  I thought prisons were for punishment anyway.  Your not sent there to
prepare for a new life though they sure seem to have ample resources if they
so choose the use them. 


  By saying we deny them a better life implies that we can grant them one? 


  Dave 


Sean Knox wrote: 


Of course actions have consequences. In our society, we have deemed the more

severe criminal actions require prison/jail time, among other things. 
Further punishing ex-cons by denying them a better life when they get out 
isn't right-- isn't that why we sent them to prison in the first place? Was 
that not their punishment? 

Furthermore, character has absolutely NOTHING to do with certifications in 
general, IT, and sadly, business in general. I know a good deal people 
employed in this industry that have little character and skill (IMO). 
Character is a very relative and subjection thing. 


- Sean 


-Original Message- 
From: Puckette, Larry (TIFPC) [ mailto:[EMAIL PROTECTED]
 ] 
Sent: Friday, February 01, 2002 11:53 AM 
To: 'Sean Knox'; Puckette, Larry (TIFPC); [EMAIL PROTECTED] 
Subject: RE: MAJOR OT: Free CCNPtraining for convicts [7:34039] 


And you seem to subscribe that character is not a relevant issue and that 
actions should not have consequences. 


Larry Puckette 
Network Analyst CCNA,MCP,LANCP 
Temple Inland 
[EMAIL PROTECTED] 
512/434-1838 


 -Original Message- 
From:   Sean Knox [ mailto:[EMAIL PROTECTED]  ] 
Sent:   Friday, February 01, 2002 12:15 PM 
To: 'Puckette, Larry (TIFPC)'; [EMAIL PROTECTED] 
Subject:RE: MAJOR  OT: Free CCNPtraining for convicts [7:34039] 


Oh I see, you subscribe to the school that thinks denying ex-convicts the 
basic skill sets to survive and perhaps even thrive in society will somehow 
benefit all of us. Yes, let's keep the downtrodden even further below the 
higher classes! Only the already fortunate may benefit from white collar 
jobs! Gee I wonder what happens when convicts finish their jail tail and 
re-enter society without any means to support themselves... more crime, ya 
think? 


But I guess you think locking people up in cages is tax money well spent, 
right? Some of the elitism on this list is revolting. 


- Sean 


-Original Message- 
From: Puckette, Larry (TIFPC) [ mailto:[EMAIL PROTECTED]
 ] 
Sent: Friday, February 01, 2002 6:19 AM 
To: [EMAIL PROTECTED] 
Subject: RE: MAJOR OT: Free CCNPtraining for convicts [7:34039] 


Maybe I missed it, but I haven't seen anybody mention the character 
reputation degradation that is sure to follow when these convicts populate 
our ranks after their release. Looks like just another feel good image 
enhancement project without considering long term effects to me. Cisco 
should keep that in mind and realize that there are more people with proven 
character strengths involved in the Cisco ranks now than the field will ever

need and not throw a bunch of rotten apples in to the mix. 


Just my 2 cents worth, hope it's just a urban legend 


Larry Puckette 
Network Analyst CCNA,MCP,LANCP 
Temple Inland 
[EMAIL PROTECTED] 
512/434-1838 


 -Original Message- 
From:   c1sc0k1d [ mailto:[EMAIL PROTECTED]  ] 
Sent:   Friday, February 01, 2002 7:52 AM 
To: [EMAIL PROTECTED] 
Subject:Re: MAJOR  OT: Free CCNPtraining for convicts [7:34039] 


Cool... well I feel a little better now about my sentencing next week.  Do 
you know if I'll have newsgroup access? 


""steve skinner""  wrote in message 
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]
 ... 
> guys, 
> 
> my boss has just told me that cisco are trailing a few prisons where they 
> are offering free CCNP training to convicts 
> 
> man does that just bite the buscuit. 
> 
> i worked long and hard to pay for my exams.get some work experience 
> an

RE: Duplicates [7:33955]

2002-02-01 Thread Sean Knox 

FYI, I am also seeing duplicates... however, it only seems to be with
certain threads.

- Sean

-Original Message-
From: Tom Lisa [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 31, 2002 10:09 PM
To: [EMAIL PROTECTED]
Subject: Re: Duplicates [7:33955]


I'm using Netscape Communicator.
Of course it could just be our college mail disserver.
I sent a couple of examples to Paul for examination.

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy

Rik Guyler wrote:

> Tom, I had this issue a few weeks ago and I tracked it down to Outlook
inbox
> rules.  I deleted my rules and recreated them and now I only receive
single
> posts.
>
> Rik
>
> -Original Message-
> From: Tom Lisa [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, January 31, 2002 7:23 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Duplicates [7:33955]
>
> Ole,
>
> I just got two copies of your message.  Very Interrresting!!!
>
> Prof. Tom Lisa, CCAI
> Community College of Southern Nevada
> Cisco ATC/Regional Networking Academy
>
> Ole Drews Jensen wrote:
>
> > FYI, I am only getting singlecate messages (or whatever it's called) -
> only
> > one copy of each message. It might be your end Tom, unless you are a
> > double/trible member.
> >
> > Hth,
> >
> > Ole
> >
> > ~~~
> >  Ole Drews Jensen
> >  Systems Network Manager
> >  CCNP, MCSE, MCP+I
> >  RWR Enterprises, Inc.
> >  [EMAIL PROTECTED]
> > ~~~
> >  http://www.RouterChief.com
> > ~~~
> >  NEED A JOB ???
> >  http://www.oledrews.com/job
> > ~~~
> >
> > -Original Message-
> > From: Tom Lisa [mailto:[EMAIL PROTECTED]]
> > Sent: Thursday, January 31, 2002 3:48 PM
> > To: [EMAIL PROTECTED]
> > Subject: Duplicates [7:33955]
> >
> > Paul,
> >
> > It might be just me, but we seem to be suffering once again from
> > duplicate/triplicate and more, message transmission disease.
> >
> > Prof. Tom Lisa, CCAI
> > Community College of Southern Nevada
> > Cisco ATC/Regional Networking Academy




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34124&t=33955
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAJOR OT: Free CCNPtraining for convicts [7:34039]

2002-02-01 Thread Sean Knox 

Of course actions have consequences. In our society, we have deemed the more
severe criminal actions require prison/jail time, among other things.
Further punishing ex-cons by denying them a better life when they get out
isn't right-- isn't that why we sent them to prison in the first place? Was
that not their punishment? 

Furthermore, character has absolutely NOTHING to do with certifications in
general, IT, and sadly, business in general. I know a good deal people
employed in this industry that have little character and skill (IMO).
Character is a very relative and subjection thing.

- Sean

-Original Message-
From: Puckette, Larry (TIFPC) [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 01, 2002 11:53 AM
To: 'Sean Knox'; Puckette, Larry (TIFPC); [EMAIL PROTECTED]
Subject: RE: MAJOR OT: Free CCNPtraining for convicts [7:34039]


And you seem to subscribe that character is not a relevant issue and that
actions should not have consequences.

Larry Puckette
Network Analyst CCNA,MCP,LANCP
Temple Inland
[EMAIL PROTECTED]
512/434-1838

 -Original Message-----
From:   Sean Knox [mailto:[EMAIL PROTECTED]] 
Sent:   Friday, February 01, 2002 12:15 PM
To: 'Puckette, Larry (TIFPC)'; [EMAIL PROTECTED]
Subject:RE: MAJOR  OT: Free CCNPtraining for convicts [7:34039]

Oh I see, you subscribe to the school that thinks denying ex-convicts the
basic skill sets to survive and perhaps even thrive in society will somehow
benefit all of us. Yes, let's keep the downtrodden even further below the
higher classes! Only the already fortunate may benefit from white collar
jobs! Gee I wonder what happens when convicts finish their jail tail and
re-enter society without any means to support themselves... more crime, ya
think?

But I guess you think locking people up in cages is tax money well spent,
right? Some of the elitism on this list is revolting.

- Sean

-Original Message-
From: Puckette, Larry (TIFPC) [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 01, 2002 6:19 AM
To: [EMAIL PROTECTED]
Subject: RE: MAJOR OT: Free CCNPtraining for convicts [7:34039]


Maybe I missed it, but I haven't seen anybody mention the character
reputation degradation that is sure to follow when these convicts populate
our ranks after their release. Looks like just another feel good image
enhancement project without considering long term effects to me. Cisco
should keep that in mind and realize that there are more people with proven
character strengths involved in the Cisco ranks now than the field will ever
need and not throw a bunch of rotten apples in to the mix. 

Just my 2 cents worth, hope it's just a urban legend 

Larry Puckette
Network Analyst CCNA,MCP,LANCP
Temple Inland
[EMAIL PROTECTED]
512/434-1838

 -Original Message-
From:   c1sc0k1d [mailto:[EMAIL PROTECTED]] 
Sent:   Friday, February 01, 2002 7:52 AM
To: [EMAIL PROTECTED]
Subject:Re: MAJOR  OT: Free CCNPtraining for convicts [7:34039]

Cool... well I feel a little better now about my sentencing next week.  Do
you know if I'll have newsgroup access?





""steve skinner""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> guys,
>
> my boss has just told me that cisco are trailing a few prisons where they
> are offering free CCNP training to convicts
>
> man does that just bite the buscuit.
>
> i worked long and hard to pay for my exams.get some work experience
> and at my expence (bieng a tax payer)i am funding a convict to learn
> about cisco.
>
> i know about re-abilitation.but it is just a bit sick that i as an
> individual,could
>
> a) been robbed by this man ... my house is trashed and my insurence goes
up
> (i pay )
> b) funding him in prison to learn Cisco (i pay)
> c) comes out of prison and de-vaules a cert becuse he has no experience (i
> pay)
>
>
> does cisco want to have a "useless" cert system(except ofcourse the
> CCIE)because the more people who BLANTENTLY DONT have any experience
> witht these certs ...the less they mean...
>
>
> i`m  sorry to rantbut sometimes i wish company`s would consider there
> future..
>
> FACT (from Cisco) there will always be more jobs for NA/NP than IE`s
>
> 1)i get exams to be employable...
> 2)in order to get these exams i push the company`s kit ..
>
> i have recently installed some 4000`s over another companies kit,even
> thought the other kit is more than capable of doing the job..because i get
a
> side benefit of learning about the equipment and increasing my CV value
> 
>
> 3)if i am working at a company and i dont want a cisco cert because it is
> worthless..why would i push that companies products..
>
> i would simply push another company`s products to get my certs in the
there
> equipment ,to keep my empl

RE: MAJOR OT: Free CCNPtraining for convicts [7:34039]

2002-02-01 Thread Sean Knox 

Oh I see, you subscribe to the school that thinks denying ex-convicts the
basic skill sets to survive and perhaps even thrive in society will somehow
benefit all of us. Yes, let's keep the downtrodden even further below the
higher classes! Only the already fortunate may benefit from white collar
jobs! Gee I wonder what happens when convicts finish their jail tail and
re-enter society without any means to support themselves... more crime, ya
think?

But I guess you think locking people up in cages is tax money well spent,
right? Some of the elitism on this list is revolting.

- Sean

-Original Message-
From: Puckette, Larry (TIFPC) [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 01, 2002 6:19 AM
To: [EMAIL PROTECTED]
Subject: RE: MAJOR OT: Free CCNPtraining for convicts [7:34039]


Maybe I missed it, but I haven't seen anybody mention the character
reputation degradation that is sure to follow when these convicts populate
our ranks after their release. Looks like just another feel good image
enhancement project without considering long term effects to me. Cisco
should keep that in mind and realize that there are more people with proven
character strengths involved in the Cisco ranks now than the field will ever
need and not throw a bunch of rotten apples in to the mix. 

Just my 2 cents worth, hope it's just a urban legend 

Larry Puckette
Network Analyst CCNA,MCP,LANCP
Temple Inland
[EMAIL PROTECTED]
512/434-1838

 -Original Message-
From:   c1sc0k1d [mailto:[EMAIL PROTECTED]] 
Sent:   Friday, February 01, 2002 7:52 AM
To: [EMAIL PROTECTED]
Subject:Re: MAJOR  OT: Free CCNPtraining for convicts [7:34039]

Cool... well I feel a little better now about my sentencing next week.  Do
you know if I'll have newsgroup access?





""steve skinner""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> guys,
>
> my boss has just told me that cisco are trailing a few prisons where they
> are offering free CCNP training to convicts
>
> man does that just bite the buscuit.
>
> i worked long and hard to pay for my exams.get some work experience
> and at my expence (bieng a tax payer)i am funding a convict to learn
> about cisco.
>
> i know about re-abilitation.but it is just a bit sick that i as an
> individual,could
>
> a) been robbed by this man ... my house is trashed and my insurence goes
up
> (i pay )
> b) funding him in prison to learn Cisco (i pay)
> c) comes out of prison and de-vaules a cert becuse he has no experience (i
> pay)
>
>
> does cisco want to have a "useless" cert system(except ofcourse the
> CCIE)because the more people who BLANTENTLY DONT have any experience
> witht these certs ...the less they mean...
>
>
> i`m  sorry to rantbut sometimes i wish company`s would consider there
> future..
>
> FACT (from Cisco) there will always be more jobs for NA/NP than IE`s
>
> 1)i get exams to be employable...
> 2)in order to get these exams i push the company`s kit ..
>
> i have recently installed some 4000`s over another companies kit,even
> thought the other kit is more than capable of doing the job..because i get
a
> side benefit of learning about the equipment and increasing my CV value
> 
>
> 3)if i am working at a company and i dont want a cisco cert because it is
> worthless..why would i push that companies products..
>
> i would simply push another company`s products to get my certs in the
there
> equipment ,to keep my employability
>
> 4) cisco dont sell as much equipment 
> 5) certs become even more worthless..
> 6) cisco sells even less equipment as no-one is trained anymore
> 7) cisco becomes Novell(my appologies to all novell staff)...
>
> a little for-thought is all that required...
>
> as my boss says...
>
> " one of my main reson for buying kit is the amount of tech staff
availible
> to install/fix the kit...if there`s no staff there no kit"
>
> in a job market that is already depressed that last thing that is needed
is
> a flood of Certified but unexperienced people on the market..
>
> the it industry is like no other ,in that fact that we have to CONSTANTLY
> update our skills ...that takes time,money and personal
> sacrfisesomething i dont think cisco is at all concernd with...
>
> ahh welll.
>
> no chance of a "[EMAIL PROTECTED]" list starting any time soon...??
>
> Sorry for the downer
>
> steve
>
>
>
> _
> Join the worlds largest e-mail service with MSN Hotmail.
> http://www.hotmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34086&t=34039
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MTU packet fragmentation Q [7:34022]

2002-02-01 Thread Sean Knox 

Normally, the packet will be fragmented, sent on its way, and reassembled by
the receiving host. However, there is a "Don't Fragment" (DF Bit) option
with IP, and if toggled, indicates that the packet should not be fragmented
by routers-- instead an ICMP "can't fragment" error is returned sent to the
sender and the packet is dropped. There is are also ways to override the DF
bit, but I hope this answers your question. :)

- Sean


-Original Message-
From: somera cecilia [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 01, 2002 12:35 AM
To: [EMAIL PROTECTED]
Subject: MTU packet fragmentation Q [7:34022]


hello, i need some help on this subject. If a packet is more than the set
mtu size of 1500, say packet size is 4352 bytes
-does the packet get dropped?
-or fragmented and re-assembled in the destination end

what should be the correct behaviour? 
when does the packet don't get fragmented?


TIA
cecil




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34070&t=34022
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Dumb CCO Doc CD question... [7:34008]

2002-01-31 Thread Sean Knox 

Juli, that did the trick, thanks! I wonder why the Cisco launcher can't do
the same... :)

-Original Message-
From: Juli Hato [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 31, 2002 11:15 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Dumb CCO Doc CD question... [7:34008]


Try this, if you have internet connection please cut it off. Then go to 
127.0.0.1:8080

HATO


>From: "Sean Knox" 
>Reply-To: "Sean Knox" 
>To: [EMAIL PROTECTED]
>Subject: Dumb CCO Doc CD question... [7:34008]
>Date: Fri, 1 Feb 2002 00:42:00 -0500
>
>Whenever I try to run the documentation cd, a browser window comes up with
>"about:blank" in the url and that's it. Is this a known problem? How do 
>work
>around/fix it? FYI, I'm running IE 5.5.
>
>Thanks,
>Sean





_
MSN Photos is the easiest way to share and print your photos: 
http://photos.msn.com/support/worldwide.aspx




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34018&t=34008
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Minimum Cat5k Supervisor to support 802.1q? [7:34014]

2002-01-31 Thread Sean Knox 

Despite using the CatOS software and compatibility advisors, I'm still
unclear to the minimum version of the Catalyst 5000 Supervisor engine needed
for 802.1q.. is it II or III?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34014&t=34014
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Dumb CCO Doc CD question... [7:34008]

2002-01-31 Thread Sean Knox 

Whenever I try to run the documentation cd, a browser window comes up with
"about:blank" in the url and that's it. Is this a known problem? How do work
around/fix it? FYI, I'm running IE 5.5.

Thanks,
Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=34008&t=34008
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Anyone know what udp port 164 is? [7:33991]

2002-01-31 Thread Sean Knox 

I have a host spitting out a UDP packet to 255.255.255.255, port 164
occasionally. I checked out the IANA port and found:

cmip-agent  164/udpCMIP/TCP Agent 

Anyone know what this is?

-Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33991&t=33991
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Worth upgrading Supervisor on Cat5k? (was: How prevalent is [7:33808]

2002-01-30 Thread Sean Knox 

You are correct that the Sup. 1 doesn't support 802.1q. Fortunately, I have
a CCO account to download the necessary software, once I upgrade my Sup.
engine. :)

-Sean

-Original Message-
From: David C Prall [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 30, 2002 6:21 PM
To: [EMAIL PROTECTED]
Subject: Re: Worth upgrading Supervisor on Cat5k? (was: How prevalent is
[7:33801]


On the 5000 Both the software (CatOS) and hardware have to support dot1q.
The 5225 which supports ISL will not support dot1q, hence the need for a
revised version the 5225R. If you have a software image which doesn't
support dot1q, it will not support the hardware necessary to support dot1q.
I've never played with dot1q on the supervisors interfaces, this may be a
different story, but I suspect that the Sup1 only supports ISL.

David

David C Prall   [EMAIL PROTECTED]   http://dcp.dcptech.com
- Original Message -----
From: "Sean Knox" 
To: 
Sent: Wednesday, January 30, 2002 4:58 PM
Subject: RE: Worth upgrading Supervisor on Cat5k? (was: How prevalent is
[7:33770]


> You bring up a point I was going to bring up... I have a cat5k with a
> supervisor I (I believe)-- doesn't support dot1q. I was thinking of
> upgrading the supervisor engine to a version that does support dot1q, but
> was curious to known issues. Could you elaborate more about that problem
you
> mentioned? (changing dot1q trunks to isl)
>
> - Sean
>
> -Original Message-
> From: Mike Bernico [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 30, 2002 1:54 PM
> To: 'Sean Knox'
> Subject: RE: How prevalent is ISL in the "real world"? [7:33759]
>
>
> We mostly use .1q, but i heard it is still better to use isl on old c5ks
> because even if they support .1q they still change it to isl on their
> backplane.
>
> mike
>
> ---
> Mike Bernico [EMAIL PROTECTED]
> Illinois Century Network  http://www.illinois.net
> (217) 557-6555
>
>
> > -Original Message-
> > From: Sean Knox [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, January 30, 2002 2:52 PM
> > To: [EMAIL PROTECTED]
> > Subject: How prevalent is ISL in the "real world"? [7:33759]
> >
> >
> > Is ISL still widely used? Are there still many shops out
> > there using it? (I
> > assume Cisco only outfits) It seems that Cisco has all but
> > dropped support
> > for it in favor of dot1q.
> >
> > Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33808&t=33808
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How prevalent is ISL in the "real world"? [7:33758]

2002-01-30 Thread Sean Knox 

We have an older Cat5k sitting in our Quality Assurance lab, and I was
considering performing some tests for work with ISL... in this case, the
supervisor engine is too old to run dot1q. I was just curious on how many
companies still use ISL, be it exclusively or with dot1q.

- Sean

-Original Message-
From: Peter van Oene [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 30, 2002 2:15 PM
To: [EMAIL PROTECTED]
Subject: Re: How prevalent is ISL in the "real world"? [7:33758]


What are the current advantages for running ISL over 802.1q?  I would 
expect its proprietary nature to be enough to warrant choosing against it.

Pete


At 03:47 PM 1/30/2002 -0500, you wrote:
>Is ISL still widely used? Are there still many shops out there using it? (I
>assume Cisco only outfits) It seems that Cisco has all but dropped support
>for it in favor of dot1q.
>
>Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33781&t=33758
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Worth upgrading Supervisor on Cat5k? (was: How prevalent is [7:33770]

2002-01-30 Thread Sean Knox 

You bring up a point I was going to bring up... I have a cat5k with a
supervisor I (I believe)-- doesn't support dot1q. I was thinking of
upgrading the supervisor engine to a version that does support dot1q, but
was curious to known issues. Could you elaborate more about that problem you
mentioned? (changing dot1q trunks to isl)

- Sean

-Original Message-
From: Mike Bernico [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 30, 2002 1:54 PM
To: 'Sean Knox'
Subject: RE: How prevalent is ISL in the "real world"? [7:33759]


We mostly use .1q, but i heard it is still better to use isl on old c5ks
because even if they support .1q they still change it to isl on their
backplane.

mike

---
Mike Bernico [EMAIL PROTECTED]
Illinois Century Network  http://www.illinois.net
(217) 557-6555


> -Original Message-
> From: Sean Knox [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 30, 2002 2:52 PM
> To: [EMAIL PROTECTED]
> Subject: How prevalent is ISL in the "real world"? [7:33759]
> 
> 
> Is ISL still widely used? Are there still many shops out 
> there using it? (I
> assume Cisco only outfits) It seems that Cisco has all but 
> dropped support
> for it in favor of dot1q.
> 
> Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33770&t=33770
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

How prevalent is ISL in the "real world"? [7:33759]

2002-01-30 Thread Sean Knox 

Is ISL still widely used? Are there still many shops out there using it? (I
assume Cisco only outfits) It seems that Cisco has all but dropped support
for it in favor of dot1q.

Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33759&t=33759
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

How prevalent is ISL in the "real world"? [7:33758]

2002-01-30 Thread Sean Knox 

Is ISL still widely used? Are there still many shops out there using it? (I
assume Cisco only outfits) It seems that Cisco has all but dropped support
for it in favor of dot1q.

Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33758&t=33758
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

  1   2   >