Re: CCIE question... [7:59042]
You need the following too in addition to the above one.. 1. Doyle 1 and 2 2. Clark Lan switching 3. Caslow's book 4. CCO links on MPLS or book on MPLS and VPN architecture. 5. www.cisco.com :) Hope this helps.. All the best. regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59078t=59042 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN Question? [7:59043]
The default route will work. When the packet reaches the PIX it will compare the access-list. If it matches then it will look for the peer address and send it to the peer. regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59081t=59043 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MTU problem handling [7:58894]
I agree with Priscilla, the switch will drop the packets if it receives a packet greater than the default mtu size (1500). I faced an issue with MTU size when I configured MPLS. Although I was able to ping the other end, I was not able run any application over the backbone. The problem was with Catalyst 3550 which we were using in the backbone. So we had to increase the mtu size in the switch from the default 1500. regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59036t=58894 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Ccie is a rip off! [7:58458]
The book was released as per the old test. So there is no point in blaming the book. Atleast give some credit to the author for releasing the book. He might have spend nights writing the chapters.Its a good book to start with. Also you cannot expect the whole topic to cover in one single book. Its true that new CCIE written goes in depth. But its better than the old written. Read Doyle 1 and 2, CCIE Lan switching, Internet routing Architecture, CCIE book by Caslow and www.cisco.com. regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58476t=58458 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Serial Ports [7:58525]
You can use USB port. But you need to buy an USB to Serial converter cable along with the driver software. It will appear as COM port in the hyperterminal software. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58528t=58525 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RAS problem [7:58398]
Why dont you go for access-lists permiting only server addresses to access? regards Silju Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58399t=58398 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Last Minute Thought - OSPF authentication issue? [7:58352]
Hi, I tried this too. I am pasting the results. R5# interface Serial0/2 ip address 192.168.1.209 255.255.255.252 ip ospf authentication ip ospf authentication-key cisco router ospf 10 log-adjacency-changes area 0 authentication network 30.30.30.0 0.0.0.255 area 0 network 192.168.1.208 0.0.0.3 area 0 1w5d: OSPF: Rcv pkt from 192.168.1.210, Serial0/2 : Mismatch Authentication Key - Clear Text 1w5d: OSPF: Rcv pkt from 192.168.1.210, Serial0/2 : Mismatch Authentication Key - Clear Text 1w5d: OSPF: Rcv pkt from 192.168.1.210, Serial0/2 : Mismatch Authentication Key - Clear Text R7# interface Serial0/0 ip address 192.168.1.210 255.255.255.252 ip ospf authentication ip ospf authentication-key abcd clockrate 64000 router ospf 10 log-adjacency-changes area 0 authentication network 20.20.20.0 0.0.0.255 area 0 network 192.168.1.208 0.0.0.3 area 0 2d22h: OSPF: Rcv pkt from 192.168.1.209, Serial0/0 : Mismatch Authentication Key - Clear Text 2d22h: OSPF: Rcv pkt from 192.168.1.209, Serial0/0 : Mismatch Authentication Key - Clear Text I think when you configure message-digest authentication you have to give the command ip ospf message-digest-key 7 md5 under interface mode. ip ospf authentication-key will not work for message-digest. This works for clear text authentication. Also under router ospf just give area 0 authentication. Or did I make any mistake... regards Silju Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58356t=58352 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: G.SHDSL connection urgent!!!!! [7:58336]
I am not sure about your scenario. But I can give you a link to check the configuration...maybe you have already gone through this. http://www.cisco.com/warp/public/794/index.shtml try this.. Silju Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58357t=58336 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Reduce the bandwidth on gigabit interface [7:57927]
I would like to reduce the bandwidth of gigabit interface of 7600 OSR from 1000Mbps to 10Mbps for MPLS-VPN setup. Please sugest a solution. Thanks for the help regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57927t=57927 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RE: Re: Fw: New CCIE Written Exam [7:57341]
You can get practice questions from sites like boson, certificationzone etc. regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57763t=57341 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco 26xx image with MPLS support? [7:57299]
Use the following IOS version.. c2600-js-mz.122-12.bin regards Silju Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57608t=57299 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco 26xx image with MPLS support? [7:57299]
Use the following IOS version.. c2600-js-mz.122-12.bin. But remember you need 16Mb flash and 64M RAM. regards Silju Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57609t=57299 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Fw: RIF URL changed...(Was: Re: New CCIE writt [7:57486]
HI Dennis, I passed my written yesterday.I dont know your mail id. I want to thank you for your Boson test as well as your notes on cramsession. regards Silju Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57500t=57486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE Practical Studie - VOL II - out when?? [7:57473]
I am borrowing the below link which was posted in another study group. It says Sept2003 :( http://www.pearsonptg.com/book_detail/0,3771,1587050722,00.html regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57490t=57473 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE Practical Studie - VOL II - out when?? [7:57473]
Cisco Nuts, I think its you who has posted the same question in that group...:). I think you already have the answer...:) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57491t=57473 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RE: Re: Fw: New CCIE Written Exam [7:57341]
I passed the written exam yesterday. Do not confuse between written and lab exam topics. Cisco clearly says that IPX, Tokenring and IGRP is removed from the CCIE lab. For CCIE written, study all the topics thats given on the blueprint. regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57492t=57341 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
MPLS problem-Urgent [7:56441]
Hi, I am implementing a MPLS-VPN. I am able to ping and trace from site to site. But I am not able to access internet or log into the domain of central site. But if I remove MPLS everything works fine. I am using 7609 at the core and 7401 at edge. thanks for any help, Silju Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56441t=56441 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Ping and traceroute throught pix [7:55470]
just give the following commands... access-list acl-in permit icmp any any access-list acl-out permit icmp any any access-group acl-in in interface inside access-group acl-out in interface outside I gave two access-lists to distinguish between inside and outside traffic. This will allow ping and traceroute in both directions. But remember PIX interfaces will not showup in the traceroute. Hope this helps regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55488t=55470 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE Lab test price? [7:55487]
$1250 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55489t=55487 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP dumps????????????? [7:55156]
Its true that Vinod has asked for something thats illegal. But that doesnt mean that you can talk against ones motherland. So please avoid such indecent comments. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55197t=55156 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE numbers [7:55201]
Stuart Briggs is the first CCIE, # 1025. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55205t=55201 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Need help on BGP [7:54737]
HI Binoy, Try to get the book Internet Routing Architectures by Basam Halabi if you want to study BGP in depth. You can also try the following link. http://www.cisco.com/warp/public/459/bgp-toc.html regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54784t=54737 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 2950 cat sample config [7:54719]
I dont know what type of basic configuration you are looking for...but you can find all the information on the following link. http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12111ea1/scg/index.htm regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54727t=54719 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Call Back on NM-16AM [7:54030]
This link should help you... http://www.cisco.com/warp/public/793/access_dial/async_ppp.html regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54216t=54030 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Access-list Help [7:53185]
Hi Param, Create an ACL and apply to the group-async interface configured for dial up users. It should work. regards Silju Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53188t=53185 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE security Lab [7:53159]
I dont think you will have to do any configurations on Unix in CCIE Security Lab. The applications are already running on servers. You have to configure routers, PIX in order for these applications to work. Maybe somebody else can give more details. regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53189t=53159 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE qualification Exam, misconception? Longi [7:52235]
Hi Dennis, I was planning to buy the Boson Test 3. Now I will wait for your updated version. Will I able to receive the info from boson.com as soon as it is released? regards Silju Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52431t=52235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN not connecting [7:50144]
Hi, Just wondering why you have to specifically open the ports 500, 50, 51. I have installed IPSec VPNs with PIX and Routers. I have never opened any port. Infact we have a VPN setup in my office itself. You believe me or not, with default ones it worked smoothly. Also according to Mike he is receiving IKMP_NO_Error message. So his ISAKMP policies are matching between the locations. I think you have to check your transform sets, access lists and crypto maps which comes in the second phase. Mike, the following link will help you with sample configurations. You might have already gone through it.But still I am putting it here. http://www.cisco.com/pcgi-bin/Support/PSP/psp_view.pl?p=Internetworking:IPSecs=Implementation_and_Configuration#Samples_%26_Tips regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50529t=50144 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN not connecting [7:50144]
HI Ciaron, I totally agree with you that Phase-1 is completed in Mike's setup. But I would like to discuss some points. The problem I think is in phase-2 only. 1. Normally if your end-to-end traffic has to pass the ISP (public network) then you create a VPN tunnel. ISPs doesnt block any traffic or ports (500,50 or 51). If at all you are blocking these ports it will be at customer site. 2. You are right that sysopt connection permit-ipsec should be given on PIX to allow the IPSec traffic. But I assume Mike might hvae already tried that. Thanks a lot for this information as I never thought of turning it off and testing it. I just had a look at the cisco site regarding this info. Which is better? Turn it off and permit the specific ports or give this command and let PIX do the rest. 3. You define interesting traffic only for those networks or machines where you want to communicate using private network securely. So there is no point in filtering the traffic. Configure access-list so that only specific traffic is permitted. If the traffic doesnt match the crypto access list how the packets will enter into the network? In my opinion they will get dropped. Hope you get me. thanks once again, regards Silju Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50554t=50144 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN Tunnel through the PIX [7:50417]
HI Fabil, Its very difficult to explain unless you give the exact scenario.Normally you configure an access list for the VPN traffic and deny the NATing using nat (inside) 0 access-list command. Try the below link. You will find all the configurations there. http://www.cisco.com/pcgi-bin/Support/PSP/psp_view.pl?p=Internetworking:IPSecs=Implementation_and_Configuration#Samples_%26_Tips Hope this helps, regards, Silju Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50555t=50417 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to setup Pix site-to-site VPN with overlapping [7:50255]
HI David, I have a link for you. It may help you a bit. It says NAT the existing addresses to a different address at both sites (although the document says one bcoz of the concentrator). http://www.cisco.com/warp/public/707/vpn_pix_private.html. If you are trying this ust tell me if it works or not. regards Silju Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50556t=50255 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN not connecting [7:50144]
Hi, Pls check the interesting traffic configured (access list) configured at both ends. Your transform set parameters too. It should be same. As you are receiving IKMP_no_error your isakmp policies are working fine. regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50170t=50144 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN not connecting [7:50144]
Mike, I dont know why you told its very frustrating. I had faced the similar problem with access lists when I configured the VPN. As it was not same at both ends I was not able to ping the other end. But I was able to see the VPN tunnel state as IDLE showing that tunnel has established. Also transform set parameters should match at both ends. If you think that this is rubbish forget my comments. regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50238t=50144 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Lab Preparation workbook [7:47776]
HI, Which lab workbook (RS) is the best to prepare for the lab... 1. IP Expert 2. CCBootcamp 3. Hello Computers 4. Boson 5. CCIE Practical Studies (Karl Solie)- Volume 1. regards, Silju Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47776t=47776 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 350-001 Expiry date [7:47744]
HI, As per Cisco, it is expected to get retire by late july. regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47778t=47744 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]