Re: PIX firewall
Their 3rd party partner is called Funk software ( http://www.funk.com) . The product is called Steel Belt Radius and yes it works. Runs on NT platform and performs authentication into NT domains. ""haroldnjoe"" <[EMAIL PROTECTED]> wrote in message 96kb43$3ev$[EMAIL PROTECTED]">news:96kb43$3ev$[EMAIL PROTECTED]... > Cisco told me that they have third party partners who have access servers > similar to TACACS+, but which use the NT user database. I have yet to > squeeze the name of any of these partners out of them, but they are rumored > to exist anyway. I hope it's true. It would be nice to only have to deal > with one user database. > > [EMAIL PROTECTED] > > ""Jason"" <[EMAIL PROTECTED]> wrote in message > 96ikbs$uka$[EMAIL PROTECTED]">news:96ikbs$uka$[EMAIL PROTECTED]... > > The PIX can use internally stored pre-shared keys, or can use external > > authentication such as TACACS+. > > > > http://www.cisco.com/warp/public/700/configsec.html > > > > -- > > Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ > > List email: [EMAIL PROTECTED] > > Homepage: http://jason.artoo.net/ > > Cisco resources: http://r2cisco.artoo.net/ > > > > > > "Deepak Sharma" <[EMAIL PROTECTED]> wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > quick question, and probably dumb question!!. > > > > > > when I set up a pix firewall > > > > > > > > > user--56k dialup-->pix--nt server > > > > > > to authenticate the user, does pix use NT auth. or another type of > > > auth.username/password has to be setup within pix... > > > > > > thanks > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Have a problem
I was trying to reset a password on router and i guess I fat fingered the entry and mistyped the entry for the configuration register. Now all i get is a bunch of " CCC's" on boot up. Does anyone know how I can fix this? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Radiius with Windows2000
Has anyone got any Cisco products to run with the Windows2000 Radius? I was curios as we are trying to get the Cisco 5001 VPN to work with Win2K radius but have not been successful. It does work with funk radius, however I don't want to have to buy a third party product when windows has it built in. We did have it working at one time, but when we upgraded the IOS on the VPN box it suddenly stopped working...Still had errors when it worked, but at least it worked. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Have a problem
I was trying to do the password recovery where you change the config register. I figure i typed something in wrong. You think that replacing the boot chips would work? I had planned on doing this anyway. Especially if this fixes the problem "John Neiberger" <[EMAIL PROTECTED]> wrote in message 28995509.984329759512.JavaMail.imail@slippery">news:28995509.984329759512.JavaMail.imail@slippery... > It looks like you might have changed the console port baud rate. At least I > think that's possible with the config register. I just woke up and I'm a > little sluggish. > > Anyway, try changing the connection speed in your terminal software to other > settings to see if something else works. > > Good luck! > > John > > > I was trying to reset a password on router and i guess I fat fingered the > > entry and mistyped the entry for the configuration register. Now all i > get > > is a bunch of " CCC's" on boot up. Does anyone know how I can fix this? > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > ___ > Send a cool gift with your E-Card > http://www.bluemountain.com/giftcenter/ > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Have a problem
How do i reset the config? When the router comes up I can't read anything it comes up all jibber'ish. I can't read anything..Its all heiroglyphics. So If i cant read the screen, how in the hell is password recovery going to do me anygood? Once again let me say this: I can't even read the screen. Where the System boot info usually comes up, I get all capital C's across the screen. I'm sure that it is something with the config reg. I just don't know how to fix it... I was doing the password recovery to begin with ( setting the 0x2102 on a 2502). It was on the reboot that all the CCC's starting coming up. Once again that is all that is on my hyperterm screen all CCC's. Thanks for any help you can give...Mr supino has given the best advice, i just don't have a lo "Chris Supino" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Have you tried just resetting the config reg back to the proper setting? > This information is on CCO. > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > The.Rock > Sent: Sunday, March 11, 2001 12:08 PM > To: [EMAIL PROTECTED] > Subject: Re: Have a problem > > > I was trying to do the password recovery where you change the config > register. I figure i typed something in wrong. You think that replacing the > boot chips would work? I had planned on doing this anyway. Especially if > this fixes the problem > > "John Neiberger" <[EMAIL PROTECTED]> wrote in message > 28995509.984329759512.JavaMail.imail@slippery">news:28995509.984329759512.JavaMail.imail@slippery... > > It looks like you might have changed the console port baud rate. At least > I > > think that's possible with the config register. I just woke up and I'm a > > little sluggish. > > > > Anyway, try changing the connection speed in your terminal software to > other > > settings to see if something else works. > > > > Good luck! > > > > John > > > > > I was trying to reset a password on router and i guess I fat fingered > the > > > entry and mistyped the entry for the configuration register. Now all i > > get > > > is a bunch of " CCC's" on boot up. Does anyone know how I can fix this? > > > > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > > > > > > ___ > > Send a cool gift with your E-Card > > http://www.bluemountain.com/giftcenter/ > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Have a problem
John...Thank you very much... I'm an idiot. I went back thru and ran thru all the console baud rates and the only one i didn't try was 1200. As soon as I set it now eveyting is working. Thanks Thanks to everyone for input. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Radiius with Windows2000
We see the radius request make it to the server but no authentication is ever given. I know there are a lot of attributes to configure. You have to actually set the VPN box up as the radius client not the person that is remote. It's like it makes the call and then it times out. ""Ramesh, N (IM)"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi, > > we have success in configuring the RADIUS to recognize the incoming calls > but not on the callback front. > > what are you looking for ? > > may be i could help you. > > Warm regards > > Ramesh N > > -Original Message- > From: The.Rock [mailto:[EMAIL PROTECTED]] > Sent: Sunday, March 11, 2001 8:37 PM > To: [EMAIL PROTECTED] > Subject: Radiius with Windows2000 > > > Has anyone got any Cisco products to run with the Windows2000 Radius? I was > curios as we are trying to get the Cisco 5001 VPN to work with Win2K radius > but have not been successful. It does work with funk radius, however I don't > want to have to buy a third party product when windows has it built in. We > did have it working at one time, but when we upgraded the IOS on the VPN box > it suddenly stopped working...Still had errors when it worked, but at least > it worked. > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: O/T One question CID test
With that kind of so called deductive reasoning, F would also be a correct answer. Here's the reason. E is negating all the above answers ( that is to say that A,B,C and D are wrong). Then F says that even E is wrong. So F covers all basis more so than E. The simple logic is that there is no "answer" given to the question in the first place, so how could one argue that one answer is better with such trivial choices. It's like the chicken and the egg factor, which one came firstProve it And what is logic??..And if you do know, based on who's definition?...Presumable one that you were taught, which is opinion and biased anyway..So where does that leave you, back to square 1. "Priscilla Oppenheimer" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > It can't be F because E is true. E is the right answer. All the other > answers produce at least one contradiction. Simple logic, Sherlock. &;-) > > Priscilla > > At 11:02 PM 3/11/01, Arthur Simplina wrote: > >My answer is F. None of the above. Reason: pure guess. It is better to > >guess than no answer. :D > > > >Arthur > > > > > >>From: Priscilla Oppenheimer <[EMAIL PROTECTED]> > >>Reply-To: Priscilla Oppenheimer <[EMAIL PROTECTED]> > >>To: [EMAIL PROTECTED] > >>Subject: O/T One question CID test > >>Date: Sun, 11 Mar 2001 19:28:35 -0800 > >> > >>I saw something like this in Parade magazine in the Ask Marilyn article > >>today. I thought it was funny (and thought-provoking). > >> > >>In a campus network design, you should recommend ATM LANE if your > >>customer has > >> > >>A. All of the below > >>B. None of the below > >>C. All of the above > >>D. One of the above > >>E. None of the above > >>F. None of the above > >> > >>Doesn't this sound like a CID test question? &;-) There is a right answer! > >>Can you deduce what it is? > >> > >>Priscilla > >> > >> > >> > >>Priscilla Oppenheimer > >>http://www.priscilla.com > >> > >>_ > >>FAQ, list archives, and subscription info: > >>http://www.groupstudy.com/list/cisco.html > >>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > >_ > >Get your FREE download of MSN Explorer at http://explorer.msn.com > > > > > Priscilla Oppenheimer > http://www.priscilla.com > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: O/T One question CID test
I mean really...define wrong...What is wrong??.. and in who's eyes is F wrong? Is it because so so called group said it was wrong??.. There is nothing wrong with contradiction...Look at Christopher Columbus...Contradictions inspire actions that of not so normal. It is that kind of thinking that led Albert Einstein to be the genius that he was "Priscilla Oppenheimer" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > At 03:19 PM 3/12/01, The.Rock wrote: > >With that kind of so called deductive reasoning, F would also be a correct > >answer. Here's the reason. E is negating all the above answers ( that is to > >say that A,B,C and D are wrong). Then F says that even E is wrong. > > So F can't be right. > > F is wrong because it says that E is wrong, which isn't true. E is right! > &;-) E is the only answer that doesn't result in a contradiction. > > > >So F > >covers all basis more so than E. > > Maybe it covers all bases, but it's wrong. > > Why did they bother adding F, someone asked? Just to be cruel, I think. &;-) > > Priscilla > > > The simple logic is that there is no > >"answer" given to the question in the first place, so how could one argue > >that one answer is better with such trivial choices. It's like the chicken > >and the egg factor, which one came firstProve it And what is > >logic??..And if you do know, based on who's definition?...Presumable one > >that you were taught, which is opinion and biased anyway..So where does that > >leave you, back to square 1. > > > >"Priscilla Oppenheimer" <[EMAIL PROTECTED]> wrote in message > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > It can't be F because E is true. E is the right answer. All the other > > > answers produce at least one contradiction. Simple logic, Sherlock. &;-) > > > > > > Priscilla > > > > > > At 11:02 PM 3/11/01, Arthur Simplina wrote: > > > >My answer is F. None of the above. Reason: pure guess. It is better to > > > >guess than no answer. :D > > > > > > > >Arthur > > > > > > > > > > > >>From: Priscilla Oppenheimer <[EMAIL PROTECTED]> > > > >>Reply-To: Priscilla Oppenheimer <[EMAIL PROTECTED]> > > > >>To: [EMAIL PROTECTED] > > > >>Subject: O/T One question CID test > > > >>Date: Sun, 11 Mar 2001 19:28:35 -0800 > > > >> > > > >>I saw something like this in Parade magazine in the Ask Marilyn article > > > >>today. I thought it was funny (and thought-provoking). > > > >> > > > >>In a campus network design, you should recommend ATM LANE if your > > > >>customer has > > > >> > > > >>A. All of the below > > > >>B. None of the below > > > >>C. All of the above > > > >>D. One of the above > > > >>E. None of the above > > > >>F. None of the above > > > >> > > > >>Doesn't this sound like a CID test question? &;-) There is a right > >answer! > > > >>Can you deduce what it is? > > > >> > > > >>Priscilla > > > >> > > > > > Priscilla Oppenheimer > http://www.priscilla.com > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Looking used Router
I've got 3 of them. Was going to sell them on e-bay. They are in good condition. I have 2 2501's and 1 2502. I spent a little money to upgrade them but I'll im asking for is to get out of them what I put in. One 2501 has 16DRAM/16FLASH and the other has 16DRAM/8FLASH. The token ring has 8DRAM/8FLASH. I also have two crossover cables. They have the 12.09 IOS on them. You can also try www.ebay.com to get a good deal, sometimes... _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: redhat 7.0
UU hello...this is a cisco newsgroup.. "Daniel Rush" <[EMAIL PROTECTED]> wrote in message DB187B7715EED3118FE700508B60DD420376BF88@ILCHIMSG01">news:DB187B7715EED3118FE700508B60DD420376BF88@ILCHIMSG01... > Hey all, > > First time sending, not sure if there are any linux folks online, does > anyone know how to start the openssh daemon? > > > Dan > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Looking used Router
I've got 3 of them. Was going to sell them on e-bay. They are in good condition. I have 2 2501's and 1 2502. I spent a little money to upgrade them but I'll im asking for is to get out of them what I put in. One 2501 has 16DRAM/16FLASH and the other has 16DRAM/8FLASH. The token ring has 8DRAM/8FLASH. I also have two crossover cables. They have the 12.09 IOS on them. ""Steiven Poh (Jaring)"" <[EMAIL PROTECTED]> wrote in message 003f01c0ab6b$dd604c60$[EMAIL PROTECTED]">news:003f01c0ab6b$dd604c60$[EMAIL PROTECTED]... > Hi, > > I live in Malaysia and looking for used 2500 series router > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Phone line simulator
Instead of buying an ISDN simulator, can you just buy another router with ISDN interface and connect them together, or is it not possible? The price for the simulator is kinda steep, considering you could just buy another router... "Jim Dixon" <[EMAIL PROTECTED]> wrote in message 93D78DD50BC5D311B295009027DCF0F11D005B@SAMURAI">news:93D78DD50BC5D311B295009027DCF0F11D005B@SAMURAI... > There is a discount listed for Groupstudy members for Teltone ISDN > simulator. > Check here for details. Zorro Mentioned the price, this link > will give you the contact information as well. > http://www.groupstudy.com/discounts/index.html > > -Original Message- > From: Mask Of Zorro [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, March 14, 2001 10:06 AM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: Re: Phone line simulator > > > You need ISDN to practice looking at q921 and q931 issues. You will need it > to practice your multilink ppp bundles... You need to be able to configure > switch types, spids, etc. It is not a good idea to get to the lab and see > ISDN for the first time. > > You can practice DDR on the modems, but that is not the same as knowing > ISDN. > > As for simulating Analog Dial, Teltone makes an analog simulator that sells > used for about $300 - $400. The Teltone ISDN simulator is available from > BigD Communications for under $1700. Take a look on Ebay, you'll see that > these things sell regularly for that price used. Buy it on a credit card, > use it for a few months to practice for the lab, then sell it on Ebay and > get all your money back. All you pay is the finance charge to the credit > card company for a few months. This is a hell of a lot less than you would > pay to rent it for that time period, and considerably less than you would > pay to install ISDN in your home. > > Not to mention that as long as the simulator is not defective, it will > always be working when you want to do labs. Try to explain to your telco's > tech support that you are trying to do some practice labs and desperately > need them to repair your downed ISDN service right away! That's IF they even > > have tech support at midnight, which is when I usually end up doing labs... > > I hope this helps you out. > > Z > >From: "Joe Wong" <[EMAIL PROTECTED]> > >Reply-To: "Joe Wong" <[EMAIL PROTECTED]> > >To: [EMAIL PROTECTED] > >Subject: Phone line simulator > >Date: Wed, 14 Mar 2001 23:36:47 +0800 > > > >I am looking for a phone line simulator to do some dial-up practice using > >modems. I would appreciate any recommendation of model, price and setup. > >And > >I wonder a low cost PABX can do the job? > > > >I ask this because the ISDN simulator is too expensive for me and if I use > >the modem dial-up for practice, will I lose anything that I can't do? > > > >Thanks in advance > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ICND BOOK in PDF ?
Anyone have this in a pdf file ? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
3 2500 routers for sale...
I'm about to sell 3 routers. 2 - 2501's and one Token ring 2502. Unless someone buys them from me outright, i sell them on e-bay. I'm only asking what I paid for them. 1600 total for all 3 plus whatever shipping w/insurance costs. One has 16DRAM/16FLASH - 2501 (has 12.xx enterprise on it currently) One has 16DRAM/8FLASH - 2501 ( IOS 12.09) One has 8DRAM/8FLASH - 2502 (token ring) I also have 2 crossover cables to go with them. If your interested you can email me back otherwise you'll see them on ebay. This includes power cords and 3 transceivers, and of course 2 console cables. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: cisco works
Sometimes people overlook the simple fact that the buffers on the NIC just may be a little on the full side depending on what kind you have. So get a good NIC and make sure that its not ISA!!! "nobody" <[EMAIL PROTECTED]> wrote in message 005901c0acc3$247bb0a0$[EMAIL PROTECTED]">news:005901c0acc3$247bb0a0$[EMAIL PROTECTED]... > cw2k on nt > i ran it on a p3, 500mb ram, 12gig ide, and it was slugish. > from talking to others and implementing it at different sites > my experience is to not to get anything less than: > > dual processor p4 or p3 with > 1 gig ram > 2 4+gig ultra-wide scsi-2 hdds > > cw2k on solaris > this is a better solution, more stable but requires people > who know solaris. > > Enterprise Ultra 10s (lower power for cw2k) > Enterprise 220r (high end for cw2k) > > pain: > patches when you are installing solaris > > > remember a lot of people buy enterprise packages to manage > their network, but never really use it. it takes resources to run > cw2k, it will not do your job for you ;-) "just a disclaimer" > > p. > > - Original Message - > From: "Moahzam Durrani" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, March 14, 2001 10:46 AM > Subject: cisco works > > > > > > I want to implement cisco works in my campus. Especiall y need it for > > traffic director. What are decent servers to run this software. ... > > Mo Durrani > > IS&T > > WYSE\EDS > > phone:408-473 1246 > > [EMAIL PROTECTED] > > [EMAIL PROTECTED] > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: vpn 3000 setup
We'll we have a 3000 but haven't set it up yet. Just out of curiosity why is the vpn-inside address in the 192 range instead of 10.x . Our 5000 roughly is setup with the VPN-inside address in the same range as the address pool ( this is so we could isolate the vpn user traffic on their own network). This will come in handy if you ever need to create tunnels between vendors and need to restrict their access. The default gateway for everyone coming in, then becomes the interface for the address on the VPN-inside address (this after the tunnel is established). You should be able to ping the default gateway. You may try making a pool that falls into the same subnet as the inside interface otherwise your going to need a static route in for the 192.1.1.1 to 10.1.1.o ..right? "kevin burts" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > if any of you know and have doen setup a vpn 3000 > i have a vpn 3000 in dmz behind pix. > i want people to create a secure communication through > vpn. i can login and create a secure tunnel from > outside to the vpn 3000. from that point i can not > ping anything inside. from vpn 3k i can ping the > client(the address for the client is from a pool of > address in the vpn) the address pool is 10.1.1.0 /24, > inside network is 192.1.1.0/24 and 192.1.2.0/24(fake) > and the dmz is 192.1.0.0 /24. > address: > pix-dmz: 192.1.0.254 > vpn-outside: 192.1.0.1 > vpn-inside: 192.1.1.1 > pool: 10.1.1.0 /24 > > and i have built static routing table in the vpn > 0.0.0.0 0.0.0.0 192.1.0.254 > 10.1.1.0 255.255.255.0 192.1.0.254 > 192.1.1.0 255.255.255.0 192.1.1.254 > 192.1.2.0 255.255.255.0 192.1.1.254 > > what am i missing? > > > __ > Do You Yahoo!? > Yahoo! Auctions - Buy the things you want at great prices. > http://auctions.yahoo.com/ > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Browsing across subnets...
Its also a known problem that Win9x clients are not able to browse across different subnets...I can't remember the article ID, but if I find it i'll post it. "Rizzo Damian" <[EMAIL PROTECTED]> wrote in message 49C181ACF35ED311A7DC00508B5AF61102E524E3@NAEXCHANGE">news:49C181ACF35ED311A7DC00508B5AF61102E524E3@NAEXCHANGE... > Here's an interesting problem...We have two routers on their own subnet, > with Windows NT and 9x Clients. We setup WINS servers on each subnet to > resolve Netbios names. On one subnet we can see everyone in network > neighborhood (both subnets), but on the other subnet, we can only see > machines on that particular subnet. Both routers are identical in model and > configuration. I used the "ip forward-protocol udp 137 & 138" command, but > that did nothing. Any thoughts? > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: help : one isdn question about ddr and nat
The answer to your question is(drum roll)...YES! ""xuyong"" <[EMAIL PROTECTED]> wrote in message 00d101c0ad30$9675ec80$[EMAIL PROTECTED]">news:00d101c0ad30$9675ec80$[EMAIL PROTECTED]... > DQotLS0tLSBPcmlnaW5hbCBNZXNzYWdlIC0tLS0tIA0KRnJvbTogeHV5b25nIA0KVG86IGdyb3Vw > c3R1ZHkgDQpTZW50OiBUaHVyc2RheSwgTWFyY2ggMTUsIDIwMDEgNDo0NiBQTQ0KU3ViamVjdDog > aGVscCA6IG9uZSBpc2RuIHF1ZXN0aW9uIGFib3V0IGRkciBhbmQgbmF0DQoNCg0KSGVsbG8sDQog > ICAgSSBoYXZlIGEgcHJvYmxlbSBhYm91dCBpc2RuIEREUj8NCg0KICAgIE9uZSBDaXNjbyAzNjIw > IHJvdXRlciwgaXNkbiBicmkgaW50ZXJmYWNlLkkgY29uZmlnIGl0IGFzIEREUi4gSSB1c2VkIGR5 > bmFtaWMgTkFULlRoZSBwdWJsaWMgaW50ZXJmYWNlKGJyaSAwLzApIGlwIGlzIG5lZ290aWF0ZWQu > DQogICAgIE5vdyBJIGNhbiBwaW5nIHRoZSBpbnRlcm5ldCB3ZWJzaWRlIG9uIG15IHJvdXRlci5C > dXQgSSBjYW4ndCBwaW5nIGl0IHN1Y2Nlc3NmdWxseSBvbiBteSB3b3Jrc3RhdGlvbi4gSSBkZWJ1 > ZyBOQVQuIEkgZmluZCB0aGUgZmlyc3QgcGFja2V0IGlzIHN1Y2Nlc3NmdWxseSB0cmFuc2xhdGVk > IGZvciByZXF1ZXN0IGFuZCByZXBseSB3aGVuIEkgcGluZyB3ZWJzaWRlIGZyb20gbXkgd29ya3N0 > YXRpb24sIGJ1dCB0aGUgb3RoZXIgdGhyZWUgYXJlIG9ubHkgdHJhbnNsYXRlZCBmb3IgcmVxdWVz > dCwgbm8gcmVwbHkuICBXaGF0J3MgdGhlIHByb2JsZW0/DQogICAgDQogDQogICAgIFRoYW5rcyBh > IGxvdA0KIA0KIHNpbmNlcmVseSwNCnN0ZXBoZW4geHUNCg0KDQoNCg== > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3 2500 routers...(rock, where are you)
My email is [EMAIL PROTECTED] "Dennis Laganiere" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hey Rock... > > A guy from my office is trying to get in touch with you to buy your routers, > but the e-mail keeps getting bumped back... > > Can you let me know if you still have them? Thanks... > > --- Dennis > > -Original Message- > From: The.Rock [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, March 14, 2001 2:42 PM > To: [EMAIL PROTECTED] > Subject: 3 2500 routers for sale... > > > I'm about to sell 3 routers. 2 - 2501's and one Token ring 2502. Unless > someone buys > them from me outright, i sell them on e-bay. I'm only asking what I paid for > them. 1600 total for all 3 plus whatever shipping w/insurance costs. > > One has 16DRAM/16FLASH - 2501 (has 12.xx enterprise on it currently) > > One has 16DRAM/8FLASH - 2501 ( IOS 12.09) > > One has 8DRAM/8FLASH - 2502 (token ring) > > I also have 2 crossover cables to go with them. If your interested you can > email me back otherwise you'll see them on ebay. This includes power cords > and 3 transceivers, and of course 2 console cables. > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Browsing across subnets...
He's exactly right!!! That is how you fix it. Also you can have a WINS server on both subnets and you need to setup replication between the two. Although this doesn't always work like you want it to. Sometimes it takes a long time to update the browse list depending on how big your network is. "Timothy Metz" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I had the same problem and fixed it with ip helper-address. Your goal here > is to get netbios broadcasts forwarded to the destination network. I don't > quite remember if the helper address in this case should be the network > address or the broadcast address (I'm not at work to check) but someone will > correct me if I'm wrong. > > > Network A 192.168.10.X/24 > Network B 192.168.20.X/24 > > on the interface that is directly connected to network A type > > (config-if)#ip helper-address 192.168.20.0 > > and on the interface that is directly connected to network B type the > opposite > > (config-if)#ip helper-address 192.168.10.0 > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > The.rock > > Sent: Thursday, March 15, 2001 4:52 AM > > To: [EMAIL PROTECTED] > > Subject: Re: Browsing across subnets... > > > > > > Its also a known problem that Win9x clients are not able to browse across > > different subnets...I can't remember the article ID, but if I find it i'll > > post it. > > > > "Rizzo Damian" <[EMAIL PROTECTED]> wrote in message > > 49C181ACF35ED311A7DC00508B5AF61102E524E3@NAEXCHANGE">news:49C181ACF35ED311A7DC00508B5AF61102E524E3@NAEXCHANGE... > > > Here's an interesting problem...We have two routers on their own subnet, > > > with Windows NT and 9x Clients. We setup WINS servers on each subnet to > > > resolve Netbios names. On one subnet we can see everyone in network > > > neighborhood (both subnets), but on the other subnet, we can only see > > > machines on that particular subnet. Both routers are identical in model > > and > > > configuration. I used the "ip forward-protocol udp 137 & 138" > > command, but > > > that did nothing. Any thoughts? > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > > > _ > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Flash memory question
You will be able to overwrite the flash file with a newer one(or whatever), it will ask you first if you want to erase flash before coming the IOS over. If not just take the memory out and reverse the slots and then do "erase flash" . ""Nabil Fares"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Greetings all, > > I never really paid attention to this before till someone asked the > question! On a 2500 router with 2/8MB flash memory, it shows one as Read > only and the other Read/Write: > > > System flash directory, partition 1: > File Length Name/status > 1 7992252 /c2500-j-l_112-17.bin > [7992316 bytes used, 396292 available, 8388608 total] > 8192K bytes of processor board System flash (Read ONLY) > > > System flash directory, partition 2: > File Length Name/status > 1 7992252 c2500-j-l_112-17.bin > [7992316 bytes used, 396292 available, 8388608 total] > 8192K bytes of processor board System flash (Read/Write) > > Any input > > Thanks, > > Nabil > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3 2500 routers...(rock, where are you)
or try [EMAIL PROTECTED] "Dennis Laganiere" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hey Rock... > > A guy from my office is trying to get in touch with you to buy your routers, > but the e-mail keeps getting bumped back... > > Can you let me know if you still have them? Thanks... > > --- Dennis > > -Original Message- > From: The.Rock [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, March 14, 2001 2:42 PM > To: [EMAIL PROTECTED] > Subject: 3 2500 routers for sale... > > > I'm about to sell 3 routers. 2 - 2501's and one Token ring 2502. Unless > someone buys > them from me outright, i sell them on e-bay. I'm only asking what I paid for > them. 1600 total for all 3 plus whatever shipping w/insurance costs. > > One has 16DRAM/16FLASH - 2501 (has 12.xx enterprise on it currently) > > One has 16DRAM/8FLASH - 2501 ( IOS 12.09) > > One has 8DRAM/8FLASH - 2502 (token ring) > > I also have 2 crossover cables to go with them. If your interested you can > email me back otherwise you'll see them on ebay. This includes power cords > and 3 transceivers, and of course 2 console cables. > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3 2500 routers for sale...
Sold!!! ""The.Rock"" <[EMAIL PROTECTED]> wrote in message 98p035$cuj$[EMAIL PROTECTED]">news:98p035$cuj$[EMAIL PROTECTED]... > I'm about to sell 3 routers. 2 - 2501's and one Token ring 2502. Unless > someone buys > them from me outright, i sell them on e-bay. I'm only asking what I paid for > them. 1600 total for all 3 plus whatever shipping w/insurance costs. > > One has 16DRAM/16FLASH - 2501 (has 12.xx enterprise on it currently) > > One has 16DRAM/8FLASH - 2501 ( IOS 12.09) > > One has 8DRAM/8FLASH - 2502 (token ring) > > I also have 2 crossover cables to go with them. If your interested you can > email me back otherwise you'll see them on ebay. This includes power cords > and 3 transceivers, and of course 2 console cables. > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco share in downfall
Is that a turnkey or Turkey solution?? By the way, are the cans your talking about the little 10oz ones or of the 3LB variety??? ""Raul F. Fernandez-IGLOU"" <[EMAIL PROTECTED]> wrote in message 012101c0ae4a$11a6a240$f1402ca6@WG647J50805">news:012101c0ae4a$11a6a240$f1402ca6@WG647J50805... > Yes, I see the end is near.I wonder if this would work: > > Mac-Mac---Mac--Mac > > Look folks, so what if CISCO is going down and Juniper is better in some > respectslearn something from Microsoft. > > Its hard to kill somthing that is so entrenched in the industry or for that > matter is the industry. > > Anywayone day CISCO will just buy Juniper and if you are good you will > always have a job. > > > - Original Message - > From: "Mask Of Zorro" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Friday, March 16, 2001 1:07 PM > Subject: Re: Cisco share in downfall > > > > > > Campbell's soup cans are a proprietary solution. I prefer a more open > > solution, like the soup cans from Progresso. Besides, Progresso offers a > > turnkey soup solution, no need to turn to add water or anything > > > > [=`) > > > > Z > > > > >From: "Lance Hubbard" <[EMAIL PROTECTED]> > > >Reply-To: "Lance Hubbard" <[EMAIL PROTECTED]> > > >To: [EMAIL PROTECTED] > > >Subject: Re: Cisco share in downfall > > >Date: Fri, 16 Mar 2001 09:30:22 -0800 > > > > > >Sure, > > > > > >My Manager told me to stop work on all new network projects, and > implement > > >the following solution for full-mesh, Point-to-Point network > > >connectivity. > > > > > >Campbell soup can-String-Campbell soup can > > > > > >Pow! instant solution!!!...and what a savings! > > > > > >Cheers, > > > > > >Lance > > > > > > > > > >From: "ahmadbilal" <[EMAIL PROTECTED]> > > > >Reply-To: "ahmadbilal" <[EMAIL PROTECTED]> > > > >To: [EMAIL PROTECTED] > > > >Subject: Cisco share in downfall > > > >Date: Fri, 16 Mar 2001 09:32:02 +0500 > > > > > > > >Dear all, > > > > > > > >i would like to know your comments and suggestions,as we all know IT is > > >in > > > >shaky ground these days the hype surrounding it is fizzling out.We the > > > >network engineers are facing more and more competion and the openings > > >once > > > >prjected seem far,what should we do ?should we continue our quest > should > > >we > > > >keep at networking or shift towards system(unix,sun,etc) or should we > > >wait > > > >. > > > >the situation maynot be that gloomy as ive projected but we need a > > >serious > > > >rethinking to survive ,any suggestions. > > > > > > > >Regards, > > > > > > > > > > > > > > > >_ > > > >FAQ, list archives, and subscription info: > > > >http://www.groupstudy.com/list/cisco.html > > > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > >_ > > >Get your FREE download of MSN Explorer at http://explorer.msn.com > > > > > >_ > > >FAQ, list archives, and subscription info: > > >http://www.groupstudy.com/list/cisco.html > > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > > Get your FREE download of MSN Explorer at http://explorer.msn.com > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certs Becoming Paper CCXX
Your an idiot, and that is his whole point. Grades and certs don't mean Sh*t. It's experience that matters in the end. I whole heartedly agree that it is becoming just as much a PAPER thing, as well as another way for the big companies to generate revenue. On the other hand, leave it up to the companies to hire these PAPER certified people. So they are as much to blame as anyone else. Only tried and true vets, generally will be able to tell you how to do something with confidence, and they aren't even certified usually due to the workload not because they aren't smart). So here's your pacifier.. Cheers ""Wilfredo M. Ruelos, Jr."" <[EMAIL PROTECTED]> wrote in message 001901c0af46$551b5500$32ce64d4@ohno">news:001901c0af46$551b5500$32ce64d4@ohno... > JUst because u think they dont know nothing, they really dont know nothing > . Can u post your grades here so that well see how smart u are? If u think > that you know more than people who are getting CCXX certified then why > dont u hurry up and take the lab. Dont u think that these people should be > credited for what they have achieved. Cisco is not mystery anymore. More > and more people will try to learn it. More and more people will produce > learning aides, materials that will enables guys to learn as easily as > possible. These guys dont have to worry about your opinions after they > passed these exams. These guys may even passed the lab before you do. And > maybe you will come here complaining that Cisco made the lab so easy. > -Original Message- > From: Mike Davis <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> > Date: Sunday, March 18, 2001 2:54 AM > Subject: Cisco Certs Becoming Paper CCXX > > > >I will probably get yelled at for this one but... > > > >I am a CCNA, CCDA, CCNP, and yes going after the CCIE. > >So up front I am not against certs. > > > >I am becoming aware of more and more people becoming > >Cisco certified and not know enough to go and actually > >do the work. Our company has and is interviewing for > >network folks, I have the opportunity to interview > >these people to verify technical experience. I have > >had CCNA, CCNP, and yes even CCIE written folks who > >could not tell me what they 'should' acutally know. > > > > > >This scares me because I am also working hard toward > >my certs and the CCIE. But it has been proven and is > >showing up more that these people are becoming "paper" > >Cisco folks, as in the paper MCSE. > > > >I know and hope the CCIE LAB and title will remain as > >difficult if not more so in the future. I for one do > >not want to spend a year of my life gaining the CCIE > >title to be one among thousands who also have it. > > > >That is my insite and hope Cisco will > >try to make it more difficult to obtain the CCNP/DP > >and not become another MCSE program. > > > > > > > > > >__ > >Do You Yahoo!? > >Get email at your own domain with Yahoo! Mail. > >http://personal.mail.yahoo.com/ > > > >_ > >FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Paper CCXX ...LONG
You can also blame big corporations for not taking in interest in actually looking at someone's resume as nowadays they use a scanning technology to pull keywords. And unfortunately someone with the IQ of Bevis and Butthead with a resume that has all the right words gets them to interview; versus someone who's a techie and is very sharp but lacks the writing ability to convey all they information they know into a resume that sells themselves. i know first hand that this happens all the time, and often). My .01 cents worth... "Craig Columbus" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Ok...before I even begin addressing this point, let me state that I think > that there's value in obtaining certification and that I certainly admire > everyone who's taken the time and money to better himself, or herself, > through the certification process. However, as someone who hires network > people, I have a problem with paper certs and in this post, I'll explain > why. If you're going to flame me, at least read through the entire post > first. With that much said: > > I think most of you are missing the point. Let me rephrase this in the > form of a question: > > What is the point of becoming certified? > > I think we can all agree that the point of becoming certified is so that an > independent third party "certifies" our competency, or level of > understanding, in a field of study. We desire this third-party > acknowledgement so that peers and employers will understand, at a glance, > that we have at least the minimum level of understanding to pass > examinations of a certain difficulty. > So, given this set of parameters, what happens when those obtaining > certification do not have the minimum skills, as defined by the > certification process? We must conclude that the certification process is > not reliable, not valid, or both not reliable and not valid. Is it the > fault of those obtaining, or seeking to obtain, certification? No. It's > the fault of the third-party certifier. When this situation occurs, the > certification process should be revised so that it's both reliable and > valid, reducing the number of certified individuals who are incompetent as > defined by the minimum standards of the level of certification in > question. It's at this point that we're faced with a reality > check: vendors don't particularly care that some of the certified > individuals don't meet at least minimum standards. Why? They have a pool > of individuals who have staked time and money on the certification process > and won't readily abandon the desire to keep working. To keep working, > they have to make sure that their employer keeps the product on which > they're certified in stock. With little effort, besides offering someone > the satisfaction of obtaining the letters of certification, the vendor has > gained a massive "indentured" sales force. > > When hiring someone for an open position, I used to look at experience, > certifications, formal education, and references, in that order. I did > this because experience showed what the candidate had done, certifications > showed at least a certain amount of direct competency in a study area, > formal education showed at least a certain broad level of knowledge, and > references verified the experience. Today I look at experience, formal > education, references, and finally, certifications. Why the > change? Because anymore, the certifications don't really tell me what a > candidate knows; they're not a valid or reliable indicator of competency. > > Who's to blame for the devaluation of certain certifications? Certainly > not the paper certs themselves. While some argument could be made that > those only in it for the money are at fault, I acknowledge that we're all > looking for a better life and the paper certs see an opportunity and are > taking it in an effort to better their lives. Personally, I blame the > vendors and the training centers. Vendors need a certain "critical mass" > of certified individuals to meet marketing objectives and have thus lowered > the barrier to entry. Training centers only care about making a buck off > the current hot certification. You've all heard the ads..."Get CCNA > certified in 2 weeks and join the ranks of those making $70k a year!". The > training centers know the realities, but aren't about to advertise them > since few people would enroll in a course if they realized that two weeks > of training and a CCNA will get you only a foot in the door at a very low > salary. > > So, why bother with the certification at all? A few reasons: > 1) Given that all else is equal on two resumes, most employers generally > bring in the certified person for an interview before the non-certified. > 2) The market still looks for certifications, irrespective of knowledge, > for some positions. You've all seen the ads...CCNP required, CCNA > preferred. Some companies don't understan
Re: Paper CCXX ...LONG
One thing to remember, big companies are BIG on TITLES!!!.. We have a "NETWORK ENGINEER" who is as dumb as tree stump. Its just a title another words.And yes it is hard to know everything. I don't think there is one person who knows everything they studied in their cert a year later. You'll forget something, and it will be the stuff that you don't use very often. "Scott Ramos" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I took Cisco approved courses through a Cisco Premier Training Partner > about a year and a half > ago. I took ICRC, ACRC, CMTD, CLSC, and CIT. On the first day, the > instructor would have > everyone say a little about who they were and what they did. Of all the > students in all the > coursed, only two, myself and one other, were there on their own. All > the others were sent by > their employers. Most had been Network Engineers for over > two years, and several had been Network Engineers for over five years. > Some of the companies > represented were Disney, Universal Studios, GTE (Verison), and various > regional and national > financial institutions. In general, the more experience these people > had, the more confidence > they portrayed on the first day, but by the middle of the week, most of > these same seasoned and > experienced Network Engineers were understanding the > material and performing the labs no better than those with less (or even > no) experience. Many > times they would say things like > "Oh, that explains why we were experiencing that problem on our network" > or "Boy, did I find > that out the hard way!" or "We don't use that protocol on our network, > so this is all new to > me" or "So, that's why thus and such works that way" or "Can you > explain subnetting again?". > On that first day, when we introduce ourselves, I would say that I had > been a PC Tech and had > no experience, but was looking to become a CCNP and find > employment as a Network Engineer and had already completed courses in > Novell. Someone would > almost always say "Why don't you get a job, work a while and have your > employer send you?". > Often, when they would introduce themselves, they would talk about how > they had been trying to > take this course, but had to reschedule several times because of this > project or that outage, > but by the end of almost every course, one of them would > say how they wished they could go through all the courses and get > certified the way I was > (except for having to pay for it themselves, of course), and that even > though the course was > great, and would help them tremendously at work, they wouldn't have the > time to study and > become certified. The others would nod in agreement. > I know there is no substitution for experience, but I think it is > important to remember that > the courses are designed to provide the students with the benifit of > those who have extensive > experience. These courses don't exist in a vacume. The writers of the > Cisco self study > materials are written by true Experts. Will courses teach you > everything you will come across > on the job? Of course not. But from what I learned interacting > with 40 or so Network Engineers from a wide variety of industries, what > you learn in persuit of > a CCNP is valuable and will continue to be. > Well, I have to get back to studying for my Microsoft 70-221 test ... > > Scott A. Ramos A+, CNA, CNE, (4.11 & 5.0), CCNA, CCNP > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certs Becoming Paper CCXX ( very long)
We'll said.. I'm reading the CCNA book now and I haven't taken the test yet. I've worked in networking since early 90's and I have a good background about how everything works, just not the Cisco IOS. But as I'm reading thru this book, I can't believe really, how basic it is. I know how routing works, just not the IOS. Like i said these tests are just learning the IOS, nothing really much more. Its been a week and a half now and I'm only 100 pages away from finishing the book. I'll admit i will have to go back an re-read a few things, but only cause im studying thru lunches at work and interrupted constantly, as I don't have the time to go home and do this. I'm actually dissapointed that Cisco hands out a CCNA cert if this is all it is. But then again my standards for learning I believe are much higher than most, and we'll above average. Not because I want it that way, but because i have a high aptitude to learn new things and concepts and strive to be better than everyone else. When i pass the test I'm sure that I'll be just as dissapointed in the CCNA cert as i was the MCSE that I blew out in 3 months. 3 months because I actually know the material and had little time to study due to traveling( without the help of study aides). The funny thing was I read an exam cram 6 hours before I took the last test later the same day for my MCSE. Althought the CCNA isn't there, I'm sure that its only a couple of days of reading for someone who has a clue. And that's only cause Cisco test's are like Microshaft's, ambiguous and having to read between the lines as opposed to what real world scenarios are like. Anyone who works in the corporate world will tell you one of the things: 1. It's all about perception. 2. Its who you know, not what you know. And unfortunately, that's the bottom line. "John Neiberger" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I think a person's attitude regarding this situation depends entirely on > their experience. For me, I began in this field a little over two years > ago. Starting from scratch, not even knowing what a router was, I looked up > to the CCNA certification as something fairly lofty. All I did for months > was study until my head hurt, and then I'd study some more. I also was > getting daily hands-on experience at work doing very basic stuff and my > employer sent me to a few classes that helped out greatly. One of the > biggest helps was discovering this list! > > By the time I got around to taking the test, it was far easier than I > expected. This was my first Cisco test and I discovered that for a great > number of questions, one did not need to know the answer, but you simply had > to have decent reasoning skills. For me, I had reached a new plateau and I > was totally psyched about it. At this point I thought I might never be able > to grasp even CCNP-level concepts, as I was just really getting a hold on > material at my current level. I wasn't content, yet I was glad that I had > reached one of my first major goals. > > It was later, while still a CCNA, that I would interact from time to time > with other CCNA-level people who had not had the benefit of employer-paid > classes and hands-on experience. Because I tend to be egocentric and expect > everyone to be like me I would sometimes be surprised that they could > not answer what I thought was a simple question. I began to be concerned > that the CCNA was really too easy, not remembering how hard I had studied > for months. That was easy?? It was pretty dang hard at the time! > > My concerns grew when I would interact with CCNP-level people who also could > not answer questions that I thought they should have known the answers to. > Now I was worried that CCNP was too easy and I hadn't even gotten there yet! > It seemed pretty hard to me at the time and it took me longer to get it than > I originally expected. > > After finally reaching CCNP and then CCDP, I wasn't as excited as I was > about getting CCNA. I think at this point, the further we progress the more > we realize how much we don't know, especially when faced with the daunting > CCIE written and lab. > > In hindsight, it should be noted that the certification does not make the > person. There are CCNA-level people out there who are far more advanced > than I, and there are CCNPs out there who can't troubleshoot their way out > of a paper sack. I find that this is largely dependent on personal work > experience. A CCNA with four years experience in a production environment > is probably going to be more advanced than a CCNP with two years under his > belt. > > When expecting a certain level of knowledge, we should look at both > certifications as well as the actual experience of the person in question. > > Okay, with all of that said, I must agree in part with the original poster. > It does concern me sometimes when a CCNP-level person doesn't seem to > understand a basic CCNA-level concept
Re: Need the statements for 1601 router/proxy
Can't you use a Static IP for the firewall ?? ""Vincent"" <[EMAIL PROTECTED]> wrote in message 992vv0$npc$[EMAIL PROTECTED]">news:992vv0$npc$[EMAIL PROTECTED]... > his case > > I have a 1601 router , a web server and a checkpoint firewall going into a > HUB. There is one Ethernet slot for both the router and the webserver. The > web server sends the traffic upstream to the router in a normal environment. > When we hook up the firewall - the firewall grabs the IP address and sends > the traffic downstream. I need the router to force all traffic from the Web > server to the router. > > ""Bradley J. Wilson"" <[EMAIL PROTECTED]> ¼¶¼g©ó¶l¥ó > 011401c0afcd$24dd1900$750bf7a5@bwilson">news:011401c0afcd$24dd1900$750bf7a5@bwilson... > > Huh? > > > > Can you give a more concrete example of what's going on? We may be able > to > > help you better. :-) > > > > BJ > > > > > > - Original Message - > > From: Hyman, Craig > > To: [EMAIL PROTECTED] > > Sent: Sunday, March 18, 2001 11:12 AM > > Subject: Need the statements for 1601 router/proxy > > > > > > Can someone tell me the statements I need to put in this router that will > > force the arp to grab what is in the router not a external device.. > > > > Thanks a ton > > Craig Hyman > > SUN SRS Implementation Team > > Help Desk Tier 2 > > [EMAIL PROTECTED] > > Broomfield Office 303-272-2661 > > Virtual Office Phone Number 303-692-7005 > > SkyPager Number 1-888-860-5913 > > > > > > _ > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: email service set up
This post is along with Groupstudy's post. This isn't hard, but there's a little bit of work.Your going to need 2 things up front ( have to have these!!!)... You need to set up an MX record (ASAP) (your isp can do that for you, or you can if your running your own DNS server). You also need to decide to whether your exchange server is going to be on the internet or if your going to relay thru an SMTP. ( IIS has an SMTP agent). In a basic understanding here, You'll need to setup Exchange to relay mail thru SMTP (if you do it this way). Then which ever machine is getting mail (either exchange or the SMTP server) you'll want your MX record set to that IP address. Lets say your server is called EXCHANGE (and your not using SMTP relay). Then your mx record is going to point to exchange.yourdomain.com (along with the IP address of that machine). If your using SMTP then use that ip address ( you can use multiple smtp relays if you want,m which means you'll have multiple mx records). I believe you can set a priority level on your smtp server within exchange itself (so as to make one a default). Read up on exchange, but you need to specifically back up 2 things. One is the database and the other is some global file (not sure, but look it up). "Jim Bond" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hello, > > Sorry for this OT question. I'm setting up a network > for a small company, they've got a DSL Internet > connection. What's the best way to handel email > service? If I set up an exchange server locally, what > happens if there is something wrong with DSL > connection? > > Thanks in advance. > > Jim > > __ > Do You Yahoo!? > Get email at your own domain with Yahoo! Mail. > http://personal.mail.yahoo.com/ > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Password Utility
Anyone have the password hash utility to de-crypt a password? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Password Utility
nevermind i found one on the web... ""The.Rock"" <[EMAIL PROTECTED]> wrote in message 995gnf$uld$[EMAIL PROTECTED]">news:995gnf$uld$[EMAIL PROTECTED]... > Anyone have the password hash utility to de-crypt a password? > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2500 wont save config
It might not save due to lack of mem. Make sure you have enough room to hold both the current IOS as well as the one your trying to upgrade. Otherwise you will need to delete one of them first. Being that your on IOS 10.3 tells me that probably you don't have enough memory. And I see your title." LAN Engineer". I'm not picking on you, but it just seems that for the question you just asked, its not one that someone would ask in your position. This goes back to the paper cert thing ""Plantier, William (Spencer)"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I have a 2500 router with 10.3 IOS and I cant save the config. Any > suggestions? > > Wm. Spencer Plantier > LAN Engineer > (919) 474-1300 ext 0873 Office > (919) 474-1056 Fax > (919)696-8848 Cell > [EMAIL PROTECTED] > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Password Utility
I have a need to decrypt a password not create a new one with password recovery but thanks anyway... ""John Neiberger"" <[EMAIL PROTECTED]> wrote in message sab5d70a.089@fsutil01">news:sab5d70a.089@fsutil01... > http://www.alcrypto.co.uk/cisco/ > > >>> "The.Rock" <[EMAIL PROTECTED]> 3/19/01 9:39:18 AM >>> > Anyone have the password hash utility to de-crypt a password? > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certs Becoming Paper CCXX - Reply to The Rock
My point was that more often then not, certified people aren't what they seem. I like the fact that people want to learn more, because it keeps "everyone" on their toes and learning about new technology. Part of the problem is the industry's lack of insight into these so called certs. They have put too much faith in them and its really the experienced guys who have to take time out to teach newbies. No, no newbies stole my job, I welcome the challenge tho, I doubt they could do it as effective as I do today. I'm not saying they can't do it, but I can do it better and faster, and downtime is $$. Prove it on an exam ? I will in about 2 weeks. Certification is a formality for those that have been in the industry for a while, for others it is their foot in the door. I truly believe that there are a couple out of a hundred that are new to the industry and truly understand concepts and what they are doing. Its unfortunate that its the other 96 or so people that give the certs a bad rap. And yes some are idiots, not most, not all, i said some. I believe that certs show a level of understanding ( don't get that confused with KNOWLEDGE). Knowledge implies some sort of experience that most don't have. I would be glad to call you, but I don;t have the time, and its long distance... ""Wilfredo M. Ruelos"" <[EMAIL PROTECTED]> wrote in message 01C0B076.7D826160@COMMS1">news:01C0B076.7D826160@COMMS1... > > You sounded like some newbies has stole your job. Do you have something against up and coming people who just want to learn about Cisco and consequently be certified for it. I do not belong to this group of guys for i have been on this business for 12 years but i'm not insecure if too many of them are coming up. Did'nt you said that experience alone can prove your qualification. Then why you cannot prove it on some exam which you pointed out as unimportant and to easy for you. > The guy did not called me an idiot, you do! so if you really want to talk about it i have included my address and telephone number so we can discuss it without cluterring this list. > And oh yeah. I've been a victim of guys like you twelve years ago. I cannot make myself part of it now. > Wilfredo M. Ruelos > Network Engineer > Riyad Bank -Riyadh Data Center > Tel +966-1-472-2750 ext 299 > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Recall: Password Utility
too late :) "Evan Francen" <[EMAIL PROTECTED]> wrote in message E580CB8FBC72D211A94A00A0C9B57292020A51DF@EXCHANGE_SERVER">news:E580CB8FBC72D211A94A00A0C9B57292020A51DF@EXCHANGE_SERVER... > Evan Francen would like to recall the message, "Password Utility". > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certs Becoming Paper CCXX - Reply to The Rock
oh yeah one more thing...In case you forgot, certs don't prove anything you really are an idiot if you think they "prove " something). The only prove your ability to regurgitate info that you supposedly learned. Having the know how, and knowing how to use are two different things. Lets say your 8 years old and I give you a bunch of craftsman tools, does that mean you know how to work on a car if someone said fix it? probably not. And there's my point. You have the tools, but do you really know how to use them, most newbys don't, although they have a clue ( or at least some do) they are unsure. If you truly are experienced in every sense of the word, yes I believe that alone, can prove your qualification. I'll take a guy with "experience" anyday over someone who is certified and little experience. Your the victim??? Of what ?? I didn't do it, nobody did anything to you, you make your own desicions, live with them. You must be a newbie cause you certainly can't handle responsibility if your a "victim". ""Wilfredo M. Ruelos"" <[EMAIL PROTECTED]> wrote in message 01C0B076.7D826160@COMMS1">news:01C0B076.7D826160@COMMS1... > > You sounded like some newbies has stole your job. Do you have something against up and coming people who just want to learn about Cisco and consequently be certified for it. I do not belong to this group of guys for i have been on this business for 12 years but i'm not insecure if too many of them are coming up. Did'nt you said that experience alone can prove your qualification. Then why you cannot prove it on some exam which you pointed out as unimportant and to easy for you. > The guy did not called me an idiot, you do! so if you really want to talk about it i have included my address and telephone number so we can discuss it without cluterring this list. > And oh yeah. I've been a victim of guys like you twelve years ago. I cannot make myself part of it now. > Wilfredo M. Ruelos > Network Engineer > Riyad Bank -Riyadh Data Center > Tel +966-1-472-2750 ext 299 > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certs Becoming Paper CCXX - Reply to The Rock
No im just overworked, like anyone else in the IT industry Hey I agree with ya. I'm actually pretty down to earth. I'm just sick of people saying how being certified is the greatest thing since sliced bread. I'm not a jerk and very reasonable. If the opportunity affords itself, I'll take a new person in and train them instead an person who thinks they know everything. I'll be the first to admit that I by no means am greater than anyone. And if for one mintue you think you have an edge, you already have fallen behind, because someone will always be better. I know what I know now, only due to experience and research ""Christopher Kolp"" <[EMAIL PROTECTED]> wrote in message 001901c0b0b0$2399d270$8be0acc6@ck2kadvanced">news:001901c0b0b0$2399d270$8be0acc6@ck2kadvanced... > You sound very insecure about your knowledge and your job security. > > Why must you bash newbies? Are you scared of them? Do they threaten > your job? I'd take a newbie with an open mind over a jerk who thinks > they know the world anyday. Sure you know it now. But you'll spend > ALL of your time "fending off evil newbies" and then loose whatever > edge you think you have. > > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > The.Rock > > Sent: Monday, March 19, 2001 12:33 PM > > To: [EMAIL PROTECTED] > > Subject: Re: Cisco Certs Becoming Paper CCXX - Reply to The Rock > > > > > > oh yeah one more thing...In case you forgot, certs don't > > prove anything > > you really are an idiot if you think they "prove " > > something). The only > > prove your ability to regurgitate info that you supposedly > > learned. Having > > the know how, and knowing how to use are two different > > things. Lets say your > > 8 years old and I give you a bunch of craftsman tools, does > > that mean you > > know how to work on a car if someone said fix it? probably > > not. And there's > > my point. You have the tools, but do you really know how to > > use them, most > > newbys don't, although they have a clue ( or at least some > > do) they are > > unsure. If you truly are experienced in every sense of the word, yes I > > believe that alone, can prove your qualification. I'll take a guy with > > "experience" anyday over someone who is certified and little > > experience. > > Your the victim??? Of what ?? I didn't do it, nobody did > > anything to you, > > you make your own desicions, live with them. You must be a > > newbie cause you > > certainly can't handle responsibility if your a "victim". > > > > ""Wilfredo M. Ruelos"" <[EMAIL PROTECTED]> wrote in message > > 01C0B076.7D826160@COMMS1">news:01C0B076.7D826160@COMMS1... > > > > > > You sounded like some newbies has stole your job. Do you > > have something > > against up and coming people who just want to learn about Cisco and > > consequently be certified for it. I do not belong to this > > group of guys for > > i have been on this business for 12 years but i'm not > > insecure if too many > > of them are coming up. Did'nt you said that experience alone > > can prove your > > qualification. Then why you cannot prove it on some exam > > which you pointed > > out as unimportant and to easy for you. > > > The guy did not called me an idiot, you do! so if you > > really want to talk > > about it i have included my address and telephone number so > > we can discuss > > it without cluterring this list. > > > And oh yeah. I've been a victim of guys like you twelve > > years ago. I > > cannot make myself part of it now. > > > Wilfredo M. Ruelos > > > Network Engineer > > > Riyad Bank -Riyadh Data Center > > > Tel +966-1-472-2750 ext 299 > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to > > [EMAIL PROTECTED] > > > > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certs Becoming Paper CCXX - Reply to The Rock
Louie that would be somthing, and as far as I know, nobody's done that. Hmmm But i understand what your saying. What I do want to emphasize is that in building a car is kind of a big deal, but not fixing a small part of the car when your told by someone else what is wrong with it. While people here are talking about CCNA like its some of major accomplishment. CCIE=accomplishment. CCNA=not really worth the paper its printed on at this point. CCNA is a small piece of the puzzle. Come on people this isn't the whole enchilada!!! NEWSFLASH ""Belt, Louie"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > If I gave you all of the manuals and engineering specs on a car and told you > to study them and then tested you on every detail in those books and you > were able to pass the test would that prove anything? > > If I then gave you all of the tools and all of the parts to a car and said > "build it" and you successfully built it, and I then sent you away and I > broke the car (in several ways) and told you to come back and fix it and you > were able to fix it would this prove anything? > > Obviously it would prove a lot. This is what the CCIE certfication is like. > You must study all of the networking manuals and know every detail and pass > a difficult exam to prove your knowledge. Then you are given all of the > tools and equipment you need and you must build an extremely complex routing > and switching network in a very short amount of time using very limiting > rules. If you succesfully complete the task, you then get to leave while > someone "breaks your network in any untold number of ways" you are then > told to fix it once again in a very limited time frame. > > If you can accomplish this, then you become a CCIE. I think the CCIE > certification proves a lot. It proves you have the knowledge, the ability > and the troubleshooting skills. It also shows you can work under pressure to > accomplish a goal in a limited time. > > But that's just my opinion, I could be wrong > > Louie Belt > CCIE #7054 > > -Original Message- > From: The.Rock > To: [EMAIL PROTECTED] > Sent: 3/19/01 11:32 AM > Subject: Re: Cisco Certs Becoming Paper CCXX - Reply to The Rock > > oh yeah one more thing...In case you forgot, certs don't prove anything > you really are an idiot if you think they "prove " something). The only > prove your ability to regurgitate info that you supposedly learned. > Having > the know how, and knowing how to use are two different things. Lets say > your > 8 years old and I give you a bunch of craftsman tools, does that mean > you > know how to work on a car if someone said fix it? probably not. And > there's > my point. You have the tools, but do you really know how to use them, > most > newbys don't, although they have a clue ( or at least some do) they are > unsure. If you truly are experienced in every sense of the word, yes I > believe that alone, can prove your qualification. I'll take a guy with > "experience" anyday over someone who is certified and little experience. > Your the victim??? Of what ?? I didn't do it, nobody did anything to > you, > you make your own desicions, live with them. You must be a newbie cause > you > certainly can't handle responsibility if your a "victim". > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IPX Help
Yeah that's the *best* command to use ""Bradley J. Wilson"" <[EMAIL PROTECTED]> wrote in message 01f001c0b0c7$866acaa0$af0af7a5@bwilson">news:01f001c0b0c7$866acaa0$af0af7a5@bwilson... > The command "no ipx routing" will clear up *all* your troubles. ;-) > > BJ > > - Original Message - > From: Nabil Fares > To: [EMAIL PROTECTED] > Sent: Monday, March 19, 2001 5:32 PM > Subject: IPX Help > > > Greetings all, > > I'm trying to find out how routers treat IPX traffic, is there any type of > switching or optimization taking place. I hope my questions is clear! > > Thanks, > > Nabil > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Economic downturn--Impact on Cisco Certification aspirations?
As someone else mentioned, i wouldn't even know there was a slowdown if it wasn't for the media broadcasting that message every 30 seconds. It also depends on what place your business has in the market as well as location. I'm in Texas and there are plenty of jobs to be had, even for newbies. It may be different out in Cali. IS is a solid career, its an investment in your time, you'll get out of it what you put in. And with all the layoffs from the big companies, that would be a good thing for the little companies. Now they have an educated talent pool to choose from where as before they didn't as much. I would also have to think that salaries might drop a slight bit, so a guy that was once not -affordable, now is...due to the recession. People aren't going to be as picky getting jobs seeing as how they are all competing against each other. Its a good thing in all because it diversifies the talent pool, kind of like spreading the wealth My .02 cents ""Rich Chang"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I thought IS would be a solid career, but now with some of the unpleasant > DOT.COM stories in the news, is everyone cranking out the exams still? > Hasthis had an impact on your morale? > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Good IOS images
If your studying for your CCNA use 12.09. There all good images, just depends on what your wanting to do and need. ""Roberts, Timothy"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > What is a goof IOS image in the 11.3 class and the 12.0 class for the 2501 > series? > Thanks > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Something to think about
After all, the CCNA is really just an admission ticket to play in the big leagues. It doesn't prove that you can play or hit the ball over the fence. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Whew! Can you smell that VLan?
Well I have a bunch of 3548's and you can monitor whatever you please. First figure what port is going to do the monitoring. From that = interface issue the "port monitor" montior command along with the = interface your wanting to capture packets from. port monitor fastEthernet 0/3 =20 and type it in again for another port to monitor. If you don't specify = the interface to monitor it will monitor all the interfaces for the same = VLAN.=20 ""NetEng"" <[EMAIL PROTECTED]> wrote in message = 99bbkk$p8a$[EMAIL PROTECTED]">news:99bbkk$p8a$[EMAIL PROTECTED]... > We have had a pissing match lately and here's the details. One person = states > that a VLan can not be sniffed because it is on a different subnet. = The > other person says it can becuase it's physically on the same switch. I = think > you can to a point. Here's what I mean; let's say we have a 3524 with = two > Vlans, VLAN1 (we'll call it InfoSys), and VLAN2 (called HR). If I have = a > sniffer running on InfoSys, I should be able to sniff traffic on my = subnet > as well as traffic from HR to InfoSys (ie HR employee accessing mail = server > on InfoSys), right? The only difference is that the source MAC address = would > change. I should not be able to sniff traffic local to HR (ie an = employee > accessing accounting software) right? What's the rub? >=20 >=20 >=20 >=20 > _ > FAQ, list archives, and subscription info: = http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] >=20 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Whew! Can you smell that VLan?
I believe that the 3500 Catalyst series will even let you monitor ports on other switches if you want. Check into it, but I think you can. ""NetEng"" <[EMAIL PROTECTED]> wrote in message 99bbkk$p8a$[EMAIL PROTECTED]">news:99bbkk$p8a$[EMAIL PROTECTED]... > We have had a pissing match lately and here's the details. One person states > that a VLan can not be sniffed because it is on a different subnet. The > other person says it can becuase it's physically on the same switch. I think > you can to a point. Here's what I mean; let's say we have a 3524 with two > Vlans, VLAN1 (we'll call it InfoSys), and VLAN2 (called HR). If I have a > sniffer running on InfoSys, I should be able to sniff traffic on my subnet > as well as traffic from HR to InfoSys (ie HR employee accessing mail server > on InfoSys), right? The only difference is that the source MAC address would > change. I should not be able to sniff traffic local to HR (ie an employee > accessing accounting software) right? What's the rub? > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Checkpoint & Cisco VPN 5000 Concentrator
I believe the level of IPSec is done at the client level. We have one in production and works very well. Ours is actually hot on the internet and NOT parallel. Supposedly it will work either way and be just as secure. But to answer your question. The DES encryption is dependant upon the client. The rest is configured on the vpn box itself. I haven't touched it in a while so don't know all the specifics right off. Behind checkpoint firewall I'm not sure. That 5002 box was originally owned by Compatible systems. Check here for more info: http://www.compatible.com/tech_support/index.html "pat" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > HellO Everyone: > > Does this box works with Checkpoint to establish > IPSec tunnels..? > I am new to this VPN 5002 box, though I have good > hands on on other VPN. Can anybody through some light > on how this box works with the client software that > comes with the box. I am not looking for configuration > details at this stage. My concern is I have seen VPN > client software where in you can configure IPSec > details such as AH,ESP,des,3des,md5,sha. But in this > client software (which can be installed on Win98/NT) > I don't see any options to do this. Does it detect > from VPN 5000 box automatically? > I am planning to place this VPN box behind the > checkpoint firewall. Is this correct way of doing > it..? The box has only one ethernet interface.Does it > suppose to be like this or it needs to have min of two > interfaces..? > If somebody can help me out with answers it will > really be great. > > thanks. > > > > > > > __ > Do You Yahoo!? > Yahoo! Photos - Share your holiday photos online! > http://photos.yahoo.com/ > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Sybex or Cisco Press?
Which book is better for the 2.0 test and will i need to read the ICND book? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Vlan Question
We'll he could be wanting to isolate consultants to their own VLAN but have a need to update files on the server. In our case we have auditors come in from time to time and so we don't want them in with the rest of the world so we isolate them in their own VLAN and then setup an access list. They are only here temporary. So I could see how this is a legit question. ""Howard C. Berkowitz"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > At 08:26 AM 3/22/2001 -0800, you wrote: > >Scenario: > > Got a client who has a person on the network that does not want to > >be on the network but wants access to the server. > > I'm somewhat confused. First, if he is somehow hidden, how does the server > send back to the client? > > Second, if he is on one VLAN/subnet and the server is on another, > sounds like a fairly basic routing application. Another would be to > have a VLAN-aware NIC on the server. > > Without further information, this sounds like a user whim rather than > a real requirement. There's a flavor of the user wanting security > by obscurity. > > >My thought was to install > >a switch, setup to Vlans, one for all the users (10 or so) and the second > >Vlan for the 1 user by himself. This way no one can get to his machine, then > >setup an access list to permit his Vlan to access the first Vlan and deny > >all the other users to his Vlan. Does this sound right? Anything I am > >missing? Seeing if I understand Vlans correctly or not. > > > >Brad Shifflett > >[EMAIL PROTECTED] > >Micromenders, Inc. > > > > > >_ > >FAQ, list archives, and subscription info: > >http://www.groupstudy.com/list/cisco.html > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Teltone's ISDN Demonstrator ?
Do you know where you can buy these used, besides ebay _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: trunking
the catalyst 3548's don't either. ""Rik"" <[EMAIL PROTECTED]> wrote in message 99ftpt$p2n$[EMAIL PROTECTED]">news:99ftpt$p2n$[EMAIL PROTECTED]... > ISL is Cisco proprietary whereas 802.1Q is an open standard. Cisco is > moving away from ISL, however. In fact, some of the newer equipment no > longer supports it, such as the Cat4000 switches. > > Dot1Q adds less bits to the frame, but the way in which it adds them makes > it somewhat less efficient. ISL adds several more bits to ends of the > frame, making it easier to view the trunking info bits, but the higher > number of bits makes the MTU that much higher as well. Dot1Q doesn't have > such a pronounced effect on MTU as does ISL. > > I typically use Dot1Q these days. Knowing that Cisco is moving away from > ISL and the fact that other vendor's equipment supports Dot1Q makes it a > more sensible choice for future compatibility. > > Rik > > > ""Lopez, Robert"" <[EMAIL PROTECTED]> wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > What are the differences between isl and 802.1q trunking. If I'm in a > total > > cisco switched environment, should I always use isl? What would be a > good > > reason to use 802.1q? Which one is more favored over the other? > > > > Robert > > > > > > > > Robert M. Lopez > > Network Planning > > Ann Arbor Data Center > > Pfizer Global Research & Development > > > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Vlan Question
LOL... can you say obsessive compulsive Maybe he was into security but not a DRA plan one without the other doesn't do much good. ""Howard C. Berkowitz"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > At 03:01 PM 3/22/2001 -0800, you wrote: > >The user is a very high political figure who is real cautious about security > >and paranoid. I like the idea of a seperate nic in the server and two > >subnets. The cost of switches could be a deciding factor. Thanks for the > >input guys! > > > >Brad > > It's scary to find someone that's paranoid and demanding about security, > yet doesn't want to pay for it. I'd like to assume that such a person, of > course, > have done everything they should about making their host secure, including > encrypting the sensitive files, rather than just obsessing about the network. > > Of course, I've also had a customer that insisted on being BGP multihomed > to two providers, connected to one provider at two sites and having > redundant SONET local loops at one of the site, yet only had one physical > server. Yes, they had a tape backup on the server. No, they had no spare > machine to which they could restore the tape. > > > >-Original Message- > >From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]] > >Sent: Thursday, March 22, 2001 12:44 PM > >To: [EMAIL PROTECTED] > >Subject: Re: Vlan Question > > > > > >At 02:01 PM 3/22/2001 -0600, you wrote: > > >We'll he could be wanting to isolate consultants to their own VLAN but have > > >a need to update files on the server. In our case we have auditors come in > > >from time to time and so we don't want them in with the rest of the world > >so > > >we isolate them in their own VLAN and then setup an access list. They are > > >only here temporary. So I could see how this is a legit question. > > > >but if the server isn't on the same VLAN, how do they get to it? How does > >it get to them? > > > >Routing between VLANs, and VLAN-aware NICs, are pretty much the > >only alternatives. VLANs were introduced to isolate groups, but there's > >nothing magical about them. > > > >If there is sensitive data around, you also want host-level security. > > > > > > > > > > >""Howard C. Berkowitz"" <[EMAIL PROTECTED]> wrote in message > > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > At 08:26 AM 3/22/2001 -0800, you wrote: > > > > >Scenario: > > > > > Got a client who has a person on the network that does not > >want > > >to > > > > >be on the network but wants access to the server. > > > > > > > > I'm somewhat confused. First, if he is somehow hidden, how does the > >server > > > > send back to the client? > > > > > > > > Second, if he is on one VLAN/subnet and the server is on another, > > > > sounds like a fairly basic routing application. Another would be to > > > > have a VLAN-aware NIC on the server. > > > > > > > > Without further information, this sounds like a user whim rather than > > > > a real requirement. There's a flavor of the user wanting security > > > > by obscurity. > > > > > > > > >My thought was to install > > > > >a switch, setup to Vlans, one for all the users (10 or so) and the > >second > > > > >Vlan for the 1 user by himself. This way no one can get to his machine, > > >then > > > > >setup an access list to permit his Vlan to access the first Vlan and > >deny > > > > >all the other users to his Vlan. Does this sound right? Anything I am > > > > >missing? Seeing if I understand Vlans correctly or not. > > > > > > > > > >Brad Shifflett > > > > >[EMAIL PROTECTED] > > > > >Micromenders, Inc. > > > > > > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: New career(Off-subject)
Scrubbing toilets couldn't have been fun!! ""Buri, Heather H"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > So I gotta ask...What was your job before? :-) > > > Heather Buri > CSC Technology Services - Houston > > Phone: (713)-961-8592 > Fax: (713)-961-8249 > Mobile: > Alpha Page: > > Mailing: 1360 Post Oak Blvd > Suite 500 > Houston, TX 77056 > > > > -Original Message- > From: Doug Snyder [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, March 27, 2001 12:29 PM > To: [EMAIL PROTECTED] > Subject: New career(Off-subject) > > > I just wanted to thank everyone in this group. I was > in a terrible job before, but now I am back with Cisco > Routers and ATM. Hope the tech stocks bounce back > soon. > > Roy Snyder > Network Engineer (Again) > > __ > Do You Yahoo!? > Get email at your own domain with Yahoo! Mail. > http://personal.mail.yahoo.com/?.refer=text > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPN 5001 concentrator
Here's the problem: 2 clients,both sharing a DSL line. both use VPN client for 5001 When one is connected it is fine and if you add another connection off the same dsl while the other computer is connected, the VPN tunnel keeps dropping. Any ideas ? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN 5001 concentrator
Thanks, that was very informative. But let me give you an update... We decided to try another scenario: We tried throwing a Win200 running Internet connection sharing into the mix: Internet > router > Win2K ( workstation dual nic, one to router other to hub)> hub > clients on hub. This seems to somehow bypass any problems that we had with the router. I guess Win2k is able to differentiate the sessions to the corresponding client when multiple tunnels are initiated. We have tried this with 2 different routers and haven't had any problems. <[EMAIL PROTECTED]> wrote in message 3A39CA99.6102.409A2@localhost">news:3A39CA99.6102.409A2@localhost... > Let me guess, the clients are behind a Linksys router doing PAT > (NAPT)? > > PATing devices typically cannot allow more than 1 IPSec session > to pass-thru. The reason for this is that the inbound IPSec SA is > only determined by 3 things: dst addr, protocol (ESP or AH) and > the Security Parameter Index (SPI). The dst addr and protocol will > be the same, only ESP will work, so that only leaves the SPI to > differentiate inbound SA's. > > The SPI is chosen by the destination and given to the sender > during the initial ISAKMP negotiation. The PATing device can't see > this negotiation, so it would be very difficult to allow multiple IPSec > stations to establish connections. i.e. how can the PATing device > determine which internal station the traffic is being sent to? > > One way you could do this would be to make an assumption that > any new inbound SA's belong to the last inside station to initiate a > connection and just keep track of all IPSec initiations from internal > stations and map it to inbound SPI's. This would work in some > cases, but then there are potential problems if you have lots of > internal clients making requests about the same time. > > Bottom line, don't expect anyone to implement this functionality > any time soon, if ever. What is more likely is that vendors will > implement proprietary schemes to allow their VPN clients to talk > through a NAT/PAT gateway to their VPN gateway as Cisco has > done with the VPN 3000. (ala wrapping the IPSec packets with a > UDP header) > > An option would be to terminate the IPSec tunnels on a common > perimeter device for all internal clients, or use an alternative VPN > protocol, like SSL ala the Aventail product. > > HTH, > Kent > > On 29 Mar 2001, at 13:22, The.Rock wrote: > > > Here's the problem: > > > > 2 clients,both sharing a DSL line. both use VPN client for 5001 > > > > When one is connected it is fine and if you add another connection off > > the same dsl while the other computer is connected, the VPN tunnel > > keeps dropping. Any ideas ? > > > > > > _ > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html Report misconduct and > > Nondisclosure violations to [EMAIL PROTECTED] > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IPsec port
If your running radius authentication don't you also have to open up 1812 & 1813 ? Or is this done off of another interface and not the inbound IPsec port ( I don't know, I don't have a Pix) ? ""Kane, Christopher A."" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Actually, you have it backwards. AH = port 51. ESP = port 50. > > Christopher A. Kane, CCNP > Senior Network Control Tech > Router Ops Center/Hilliard NOC > UUNET > (614)723-7877 > > > > -Original Message- > From: Rizzo Damian [mailto:[EMAIL PROTECTED]] > Sent: Friday, March 30, 2001 12:19 PM > To: 'Ruihai An'; [EMAIL PROTECTED] > Subject: RE: IPsec port > > > AH-port 50, ESP-port 51 and ISAKMP-port 500 > > > > -Original Message- > From: Ruihai An [mailto:[EMAIL PROTECTED]] > Sent: Friday, March 30, 2001 12:05 PM > To: [EMAIL PROTECTED] > Subject: IPsec port > > > I configured my PIX as the IPsec VPN terminator to support DES VPN client. > I have an inbound access-list on my perimeter router. Does any one know > the ports I need to open for IPsec VPN traffic on my perimeter router ? > > Ruihai > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN 5001 concentrator
I forgot to add one thing. If we use a Linksys router we can get it to work one way: We have two VPN boxes both at a different location across the US ( site A and site B). As long as one client connects to site A and the other client connects to site B, they work. Its when you try the same site that it eventually fails. <[EMAIL PROTECTED]> wrote in message 3A39CA99.6102.409A2@localhost">news:3A39CA99.6102.409A2@localhost... > Let me guess, the clients are behind a Linksys router doing PAT > (NAPT)? > > PATing devices typically cannot allow more than 1 IPSec session > to pass-thru. The reason for this is that the inbound IPSec SA is > only determined by 3 things: dst addr, protocol (ESP or AH) and > the Security Parameter Index (SPI). The dst addr and protocol will > be the same, only ESP will work, so that only leaves the SPI to > differentiate inbound SA's. > > The SPI is chosen by the destination and given to the sender > during the initial ISAKMP negotiation. The PATing device can't see > this negotiation, so it would be very difficult to allow multiple IPSec > stations to establish connections. i.e. how can the PATing device > determine which internal station the traffic is being sent to? > > One way you could do this would be to make an assumption that > any new inbound SA's belong to the last inside station to initiate a > connection and just keep track of all IPSec initiations from internal > stations and map it to inbound SPI's. This would work in some > cases, but then there are potential problems if you have lots of > internal clients making requests about the same time. > > Bottom line, don't expect anyone to implement this functionality > any time soon, if ever. What is more likely is that vendors will > implement proprietary schemes to allow their VPN clients to talk > through a NAT/PAT gateway to their VPN gateway as Cisco has > done with the VPN 3000. (ala wrapping the IPSec packets with a > UDP header) > > An option would be to terminate the IPSec tunnels on a common > perimeter device for all internal clients, or use an alternative VPN > protocol, like SSL ala the Aventail product. > > HTH, > Kent > > On 29 Mar 2001, at 13:22, The.Rock wrote: > > > Here's the problem: > > > > 2 clients,both sharing a DSL line. both use VPN client for 5001 > > > > When one is connected it is fine and if you add another connection off > > the same dsl while the other computer is connected, the VPN tunnel > > keeps dropping. Any ideas ? > > > > > > _ > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html Report misconduct and > > Nondisclosure violations to [EMAIL PROTECTED] > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Back -to-Back
Just make a crossover cable. You need pins 1 & 2, and also 4 & 5 . Reverse this on the other end of the cable. This is what the links say. I don't know why they couldn't tell ya... ""John Huston"" <[EMAIL PROTECTED]> wrote in message 9a2kr9$a2e$[EMAIL PROTECTED]">news:9a2kr9$a2e$[EMAIL PROTECTED]... > I would appreciate someone's knowledge on how to setup two Cisco 1750's each > having T1 DSU/CSU WIC's. > > Thank you in advance for your assitance. > > > John Huston > [EMAIL PROTECTED] > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ANYBODY HELP ? I cant understand this assigment.....!
I can't find those functions on my calculator... DAMN, I'm getting behind already!!! I'm looking at this and I'm thinking that some of your answers will vary with the type of equipment you have? Am I wrong in thinking this. Also there is a certain amount of variables "assumed" here. I can tell you this, without having to do all the math. The higher the utilization the more traffic generated thus causing more collisions and higher latency. The implications of higher utilization is that your network will bog down and physically, as well as virtually, suck! There's my 2 cents... LOL ""Steiven Poh (Jaring)"" <[EMAIL PROTECTED]> wrote in message 007801c0b947$a1137f40$[EMAIL PROTECTED]">news:007801c0b947$a1137f40$[EMAIL PROTECTED]... > The simulation code you are given treats the Ethernet as a star = > topology LAN with a central repeater and a line to each node. All = > traffic appears on every line. The simulation assumes that the longest = > distance from one station to another across an ethernet is 400m, and the = > signal travels at 80% of the speed of light, which is 300 million metres = > per second. Determine D for this network (D is the propagation delay = > across the network).=20 > Conduct simulations of this network at 10%, 40%, 80%, 95% and 120% = > nominal utilization. Utilization is the proportion of the time that the = > ethernet is carrying successful packets. The nominal utilization is the = > utilization which would be achieved if all packets were successfully = > carried. For example, 40% nominal utilisation will be achieved when = > packets arrive at the rate 0.4 * 10,000,000 / (250*8) =3D 2000 packets = > per second. Some of these factors mean that the actual proportion of = > time during which the network is busy could be greater or less than 40%. = > > In each of these simulations, you should measureor investigate:=20 > > > a.. the effective utilization rate (only count bits successfully = > sent),=20 > b.. the rate at which packets are rejected by the ethernet access = > layer (also known as the packet loss rate),=20 > c.. packet throughput (ie. 1 - the loss rate),=20 > d.. collision rate (collisions per packet),=20 > e.. average number of packets involved in a collision,=20 > f.. the average number of collisions experienced by a packet given = > that it experiences one collision, and=20 > g.. the average delay experienced by a packet.=20 > In addition, repeat the simulations at 40% and 80% for a network with = > 100 times the propagation delay, as might be experienced if the network = > was extended over too wide a physical distance.=20 > > Note that the package length in the program is in bytes, and some = > figures may not be explicitly designed in the program, it requires you = > to investigate from the program execution statistics.=20 > > Submission Requirements=20 > > The submission should be in the form of essay. In the essay, you should=20 > > 1. determine the number of bits which can be transmitted in the time D, = > given that the transmission rate of the network is 10 Mbit/s, the = > average packet length is 250 bytes, and the nominal utilization level of = > the network is 80%.=20 > > 2. tabulate or plot these resultsfor the network of LAN at different = > nominal utilization. Also, you should comment on the significance of the = > results for the successful management of an ethernet LAN.=20 > > 3. tabulate or plot the results for the network (ie, 100 times the = > propagation delays) but only at 40% and 80% of the nominal utilization. = > You shall comment on the implication of these experiments > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: setting up 2500's
your off.. LOL ""Peter Martinez"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Please take me off this list > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Pedro > Quezada > Sent: Friday, March 30, 2001 7:43 PM > To: [EMAIL PROTECTED] > Subject: Re: setting up 2500's > > u can connect with back to back cables but better yet > get arouter with four serial interfaces and configure it as a frame relay > switch > > Luke Everett wrote: > > > I have 3 Cisco 2500 routers that I want to setup to simulate WAN = > > connections. What can I do to simulate this with my wan cables without = > > having to buy a CSU/DSU? Thanks. > > > > Luke Everett > > MCP+I,MCSE,CCNA > Do You Yahoo!? > Get your free @yahoo.com address at http://mail.yahoo.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
T1 Load balance question. [7:1120]
What's the best way to load balance to T1's on a 2621 router? Is there any do's and dont's? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=1120&t=1120 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
