NBAR ACL and Redcreek Ravlin VPN devices [7:20615]
We're experiencing an issue with connectivity to one of our customers that require the use of a Redcreek Ravlin VPN device. They have been up and running fine up until we enabled the NBAR fix to prevent the Code Red Worm virus as referenced in http://www.cisco.com/warp/public/63/nbar_acl_codered.shtml . This is the only VPN that is affected by this ACL; we have several Cisco to Cisco VPN's as well as several Cisco to Checkpoint VPN's all of which we have broken only to have them come back up immediately. The Redcreek equipment isn't ours and we don't have a relationship with them at all for support so I'm awaiting our customer to contact Redcreek to find out what in this ACL would break the tunnel. My suspicions are that the Ravlin box sets the dscp value to 1 for whatever reason which is what our policy map assigns the value to as well. Has anyone seen this scenario? Shannon Murphy Network Engineer, CCNA, CCDA Global Networking Team Jabil Circuit, Inc. (727)803-3027 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=20615t=20615 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: a question about making cisco 6506 as a dhcp server [7: [7:14508]
Please do make sure you prefix the MAC address with the media identifier or it simply will not work. Thanks, Shannon Murphy, CCNA, CCDA -Original Message- From: Mark Monica Baker [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 01, 2001 10:20 AM To: [EMAIL PROTECTED] Subject: RE: a question about making cisco 6506 as a dhcp server [7: 14491] Leo, If I understand you correctly, you want to do a manual binding, giving one particular DHCP client the same address all the time? If so, go here and take a look at the config: http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft /120t/120t1/easyip2.htm#xtocid432218 Thanx, Mark Baker CCNA CCNP -Original Message- From: Leo Shen [SMTP:[EMAIL PROTECTED]] Sent: Wednesday, August 01, 2001 6:25 AM To: [EMAIL PROTECTED] Subject:a question about making cisco 6506 as a dhcp server [7:14465] first,the 6506 is a new one,it's ios is 12.16,so it can control layer2layer3 with one interface(the old has two interfaces,one is router,another is switch,but the new one only has one interface,it can control both router and switch). now,i have maken the 6506 as dhcp server for about 2 months,the config is : ip dhcp pool vlan210 network 10.2.10.0 255.255.255.0 default-router 10.2.10.254 dns-server 10.2.90.1 ! ip dhcp pool vlan230 network 10.2.30.0 255.255.255.0 default-router 10.2.30.254 dns-server 10.2.90.1 ! ip dhcp pool vlan221 network 10.2.21.0 255.255.255.0 default-router 10.2.21.254 dns-server 10.2.90.1 .. now,I want to make some special user have special ip address,for instance,one user's mac address is aa-bb-cc-dd-ee-ff,I want that his address will be 10.2.10.101,another user's mac address is 12-34-56-78-90-12,his address will be 10.2.21.202,how can I realize it?except using static address,must via dhcp and 6506'config could someone tell me the command and config? thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=14508t=14508 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IOS version 13.xxx ?? and a Rant...
I recently attended an IP Telephony class at Mentor Technologies and it was a terrible class. The instructor (who turned out to be the VP of sales) was not very knowledgable about the product, although he did have a good deal of background on CVOICE. The entire class was very frustrated and I know the three of us from my company complained to both Cisco and our Mentor rep. After a few months of going back and forth, we've finally been a free class to replace the one we took. Shannon -Original Message- From: Circusnuts [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 20, 2001 2:06 AM To: Priscilla Oppenheimer; [EMAIL PROTECTED] Subject: Re: IOS version 13.xxx ?? and a Rant... No Way Priscilla... "wr" is all it takes when hammering across the Hyper Term window ;-) I agree- that class sounds like a bummer. With you time in the field, what have you heard about refunds or complaints in cases such as this ??? Phil - Original Message - From: "Priscilla Oppenheimer" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, March 19, 2001 10:47 PM Subject: RE: IOS version 13.xxx ?? and a Rant... Sounds like your instructor didn't know BGP either. What a shame. You could ask for your money back... BTW, I like "cop run start" much better than "write mem." It's more intuitive. Not. ;-) Priscilla At 12:39 PM 3/19/01, Buri, Heather H wrote: Well, it may be like Z said earlier and that is...my instructor did not know what he was talking about. I thought 12.1 was still the most recent version but then again, I have not been on CCO recently upgrading my IOS's either. And...been too busy the past couple of days trying to get caught up from being gone for a week from work. I will check it out tonight. :-) Heather Buri CSC Technology Services - Houston Phone: (713)-961-8592 Fax:(713)-961-8249 Mobile: Alpha Page: Mailing:1360 Post Oak Blvd Suite 500 Houston, TX 77056 -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Monday, March 19, 2001 12:08 PM To: [EMAIL PROTECTED] Subject: Re: IOS version 13.xxx ?? and a Rant... Wow, 13 already? That's pretty surprising since 12.1 isn't GD yet and 12.2 isn't even out yet. "Buri, Heather H" [EMAIL PROTECTED] 3/19/01 10:41:14 AM Hi Everyone. Well, I finished my BSCN course through Global Knowledge last week. I have to say I was kind of disappointed. I really was wanting to spend some good time on BGP and OSPF but we had to rush through it because we wasted a whole day going over RIP??? I thought this was supposed to be an advanced class! My opinion is the only refresher we should have been given on RIP is: Router Rip Anyways, the instructor said they started making the labs easier because too many people complained about them being too difficult??? :::sigh::: Oh well. Thank God for this list and I guess I will be saving myself $2000 on the CIT course now. I will be taking my exam on April 5. I wanted to study BGP and Policy Based routing some more. My instructor did mention Cisco was up to IOS release 13 already. This was news to me. He said it had been out for some time. My question is, has anyone been using it yet? My instructor did say that they finally did away with my favorite command... write mem. A sad, sad day! Well, I knew it was coming. I don't suppose "c r s" will work at the command line?? :-) Heather Buri CSC Technology Services - Houston Phone: (713)-961-8592 Fax:(713)-961-8249 Mobile: Alpha Page: Mailing:1360 Post Oak Blvd Suite 500 Houston, TX 77056 Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]