PIX Question on VPNs
Hi everyone, I have a question on the operation of VPNs when using a PIX and connecting via PPTP from a Win2K client. Suppose I have a PIX that is setup to accept PPTP connections and dynamically assign the client an IP address from a LAN subnet after they've been authenticated on the PIX. After the VPN tunnel is established, is it possible to go to a website while the tunnel is active? The NAT (inside) 0 command is used on the PIX. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Question
If you wish you can use native PPTP tunnels in Win2K to the PIX until Cisco gets a client out. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Parris, Brian Sent: Thursday, March 15, 2001 11:20 AM To: '[EMAIL PROTECTED]' Subject: Question Has Cisco come out with a version of Cisco Secure VPN Client software yet, that is compatible with Windows 2000. I can't buy laptops with NT anymore and this is putting me in a real bind. Thanks, Brian _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX problem
Sam, Cisco documentation suggests that there is no workaround for this. I've had the same problem. From what I read on CCO, for a machine with a static global IP address mapped to a LAN address, LAN users use the local IP while outside users use the global IP. If someone has a config where they can use the Global address inside the LAN, I'd like to see how it was done. Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sam Sent: Monday, March 19, 2001 1:28 PM To: [EMAIL PROTECTED] Subject: PIX problem Hello Group, I am having trouble figuring out a small issue with a PIX firewall. It is running ver 4.4(5). After entering the approriate static and conduit (WWW) commands, I tried accessing the host from our internal network using the external address and I was not able to. I then tested from a machine that is outside our firewall and was able to access the host without any problem. Is their a command that I am missing in order to let users on our internal network access hosts using the external IP addresses? Thanks in advance, Sam _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN between 2600 and WIN2K or NT 4.0 box
Try the following link http://www.cisco.com/warp/public/779/largeent/vpne/vpndocs/vpnsw.html#iosdoc set Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Justin Lofton Sent: Monday, March 19, 2001 2:51 PM To: [EMAIL PROTECTED] Subject: VPN between 2600 and WIN2K or NT 4.0 box Can 2600 support PPTP? And does someone have sample config for 2600 ipsec or pptp to WIN2K or NT 4.0 BOX? Not sure how to config Thanks, Justin Lofton Account Executive/CCNA Tredent Data Systems [EMAIL PROTECTED] (818) 222-3770 http://www.tredent.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Multiple T1's
In this scenario, is it possible to use a "backup interface" command along with "backup load" and "backup delay" commands to achieve redundancy and load balancing? Providing that both T1's are correctly configured and are connected to the same router? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Howard C. Berkowitz Sent: Tuesday, March 20, 2001 5:39 PM To: [EMAIL PROTECTED] Subject: RE: Multiple T1's At 02:12 PM 3/20/2001 -0800, you wrote: >If you are running EIGRP as your routing protocol, it will take care of the >load balancing for you without the added complexity and CPU overhead of PPP >multilink. > >There are some great EIGRP config guides on CCO. > >Chris Lemagie I don't understand what advantage EIGRP would give. First, no routing protocol load balances. It is the routing table task that makes the final decision about load balancing, with the mode dependent on the switching modes of the output interfaces. Second, any routing protocol, except standard BGP (i.e., without Cisco extensions) and OSPF externals, can produce equal-cost routes eligible for load balancing. EIGRP and IGRP can produce unequal-cost routes eligible for load balancing, but the media here specifically are equal cost >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of >Brian >Sent: Tuesday, March 20, 2001 1:57 PM >To: [EMAIL PROTECTED] >Subject: Re: Multiple T1's > > >On each end, static route traffic out both interfaces. > > Bri >"Jason Stephens" <[EMAIL PROTECTED]> wrote in message >998ndv$1fh$[EMAIL PROTECTED]">news:998ndv$1fh$[EMAIL PROTECTED]... > > We have a situation where we want to have 2 t1's going to another office. >We > > want these 2 t1's to not > > only provide redundancy in case 1 goes down, but also want them to load > > balance while they are both up. > > So basically, we want the two t1's to be up providing 3 mpbs of bandwidth > > and if one goes down for it > > to automatically send all traffic to the t1 that is still up. We have 3600 > > series routers on both ends. Can > > this be done? If so, please explain how. I looked into the Multilink PPP > > stuff, but it seems to be only for > > async ports. Thanks for any info in advance! > > > > > > _ > > FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Multiple T1's
To revisit this question from yesterday, could the following be done and what does it accomplish, if anything? The question posed is below. "Jason Stephens" <[EMAIL PROTECTED]> wrote in message 998ndv$1fh$[EMAIL PROTECTED]">news:998ndv$1fh$[EMAIL PROTECTED]... We have a situation where we want to have 2 t1's going to another office. We want these 2 t1's to not only provide redundancy in case 1 goes down, but also want them to load balance while they are both up. So basically, we want the two t1's to be up providing 3 mpbs of bandwidth and if one goes down for it to automatically send all traffic to the t1 that is still up. We have 3600 series routers on both ends. Can this be done? If so, please explain how. I looked into the Multilink PPP stuff, but it seems to be only for async ports. Thanks for any info in advance! Is this possible to achieve using the solution below? Use a "backup interface" command along with "backup load" and "backup delay" commands to achieve redundancy and load balancing. Both T1's are correctly configured and are connected to the same router. Static routes are used for each T1 using "ip route 0.0.0.0 0.0.0.0 ". By my reasoning, by using the backup interface command on the primary line, if the primary line goes down the second line is used automatically to route traffic. If the primary line exceeds the load specified by the "backup load" command, the second line is put into use automatically. The "backup delay" command just tells the router to stop using the second line when usage on the primary line drops below the predefined load. Any input would be appreciated. Thanks. Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Vijay Ramcharan Sent: Tuesday, March 20, 2001 6:34 PM To: [EMAIL PROTECTED] Subject: RE: Multiple T1's In this scenario, is it possible to use a "backup interface" command along with "backup load" and "backup delay" commands to achieve redundancy and load balancing? Providing that both T1's are correctly configured and are connected to the same router? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Howard C. Berkowitz Sent: Tuesday, March 20, 2001 5:39 PM To: [EMAIL PROTECTED] Subject: RE: Multiple T1's At 02:12 PM 3/20/2001 -0800, you wrote: >If you are running EIGRP as your routing protocol, it will take care of the >load balancing for you without the added complexity and CPU overhead of PPP >multilink. > >There are some great EIGRP config guides on CCO. > >Chris Lemagie I don't understand what advantage EIGRP would give. First, no routing protocol load balances. It is the routing table task that makes the final decision about load balancing, with the mode dependent on the switching modes of the output interfaces. Second, any routing protocol, except standard BGP (i.e., without Cisco extensions) and OSPF externals, can produce equal-cost routes eligible for load balancing. EIGRP and IGRP can produce unequal-cost routes eligible for load balancing, but the media here specifically are equal cost >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of >Brian >Sent: Tuesday, March 20, 2001 1:57 PM >To: [EMAIL PROTECTED] >Subject: Re: Multiple T1's > > >On each end, static route traffic out both interfaces. > > Bri >"Jason Stephens" <[EMAIL PROTECTED]> wrote in message >998ndv$1fh$[EMAIL PROTECTED]">news:998ndv$1fh$[EMAIL PROTECTED]... > > We have a situation where we want to have 2 t1's going to another office. >We > > want these 2 t1's to not > > only provide redundancy in case 1 goes down, but also want them to load > > balance while they are both up. > > So basically, we want the two t1's to be up providing 3 mpbs of bandwidth > > and if one goes down for it > > to automatically send all traffic to the t1 that is still up. We have 3600 > > series routers on both ends. Can > > this be done? If so, please explain how. I looked into the Multilink PPP > > stuff, but it seems to be only for > > async ports. Thanks for any info in advance! > > > > > > _ > > FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > >_ >FAQ, list archives, and subscrip
Passed CID
Hi all, just wanted to share my elation with the rest of you. I took CID for the second time yesterday and barely passed with a 67% score. The first time I scored 60%. As mentioned many times on this list, the CID is one of the more difficult exams because it requires thinking a bit beyond what you actually learn from the study guide. Quite a few of the questions were really puzzling and it was hard to figure out what answer to choose. I have nothing really to add other than the fact that the exam objectives are a pretty accurate guide of what topics should be known. 100 questions, 65% passing score. I used Cisco Internetwork Design from Cisco Press and CID Study Guide from Sybex. Anyone planning to take this test, be forewarned. Don't be fooled by the apparent simplicity of the material in the study guide. Good luck. Now I'm on to advancing my knowledge by tackling CCIE material and the long hard road to THE lab... Vijay Ramcharan **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Bye
Why is everyone getting so worked up over one email message? If most of you
notice, the more prominent members of this list don't even bother with these
types of messages.
Which goes to show you that I'm not one of the more prominent members.
Anyway, every week or so, someone sends an inflammatory message and people
turn it into one long, disgusting thread. You should all realize that since
this is a public list, anyone will be able to post whatever they feel like.
The sooner you realize that it's just better to ignore these messages than
post a reply, the better off everyone else will be. We wouldn't have to be
assaulted by angry, retaliatory messages.
If some of the people who responded to John's message, bothered to read it
fully, they would have realized that there's no clue as to whether he has no
experience or not. He's just pissed that people keep asking questions that
point to their own laziness and he venting at those people, not anyone else.
I know that it's not my place to give advice, but damn it! Try to keep your
shirts on people. If a message gets your ire up, try ignoring it and spare
us all from your anger.
Thank you for reading the ENTIRE message!!!
Vijay Ramcharan, CCNP, CCDP, MCSE
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 21, 2000 4:05 AM
To: [EMAIL PROTECTED]
Subject: Re: Bye
Here, here!!! I second that notion. Trust me, your problem starting
skills will not be missed. I'm not gonna go on cause there's a rule of
thumb...
Never argue with an idiot. They drag you down to their level then
beat
you with experience... Good luck with your paper skills John, "lol"
In a message dated 9/21/00 2:58:32 AM Eastern Daylight Time, [EMAIL PROTECTED]
writes:
<< You are just a paper,LOL.
On 21 Sep 2000 01:50:12 -0400, [EMAIL PROTECTED] ("John
Kaberna") wrote:
>This is a multi-part message in MIME format.
>
>--=_NextPart_000_0378_01C02354.42A04A80
>Content-Type: text/plain;
>charset="iso-8859-1"
>Content-Transfer-Encoding: quoted-printable
>
>Well the past couple weeks have been fun but reading through over 100 =
>emails a day is too much. I thought this list might have helped me =
>along but mostly it just wasted valuable time. There is never a =
>shortage of stupid questions and people that don't know how to read the =
>archives to get 80% of the questions answered. If I have to read one =
>more question asking what book to read for the CCNA or some other test =
>I'm gonna be sick. =20
>
>In the span of 6 days I read all the books and passed the pathetic CCNP. =
> What a joke that test was. For those of you that asked me about the =
>Foundation test it was terribly easy. Anyone that even reads the =
>material and half understands it will pass. =20
>
>As far as the whiners, snitches, and morons you know what I think of =
>you. People like you allow me to command a higher and higher rate every =
>few months cause no one wants to work with someone like that. Keep it =
>up. I even had one crybaby by the name of Louie Belt tell me he was =
>going to have me removed from this list and have my hotmail account =
>terminated. LOL. Apparently he thought he was so influential that he =
>had the power to terminate my accounts just cause I called him a name. =
>:) Nice try. =20
>
>For those that I've had positive interaction with feel free to email me =
>if you have questions or want to chat. =20
>
>See ya.
>
>John
>
>>
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: SmartCertify CBT software for study
Title: SmartCertify CBT software for study I would strongly advise you to take the salesperson's words with few grains of salt. I've purchased their old MCSE 4.0 cbt ($1000) with all the bells and whistles of hands on exercises. I ended up setting the CBT aside and buying another for $150 from New Riders that helped me through the MS exams. There is just not enough detail on the material that it's supposed to teach you. I also bought the ACRC CBT from them last year (again with all the bells and whistles) and was sorely disappointed and even more upset that I had wasted another grand. I thought that there would have been improvements in the CBT material. Anyway, I've learned my lesson. I use books only now. Way too much clicking (I guess that's what they call it interactive) and very disappointing hands on (I shudder to put that term on their exercises) Vijay Ramcharan CCNP, CCDP, MCSE -Original Message-From: Taylor, Don [mailto:[EMAIL PROTECTED]]Sent: Tuesday, October 10, 2000 1:03 PMTo: '[EMAIL PROTECTED]'Subject: SmartCertify CBT software for study Does anyone out there have experience/opinions on SmartCertify's (www.smartcertify.com) CBT offerings? I'm looking at possibly purchasing their Cisco IMCR package, which, I'm told, leads one through all sorts of theory about routing/switching (to fill in any gaps your current education left), information about the routers themselves (how the backplane operates, etc.), and includes a section that simulates IOS configuration of everything from setting the hostname to configuring BGP and IOS upgrades. Not only that, but the salesman told me they guarantee that you'll be ready for and PASS your CCIE lab (not written - he was specific) once you can work your way through the whole CBT. I was a bit skeptical, but he was insistent, so I'm interested in checking it out. But for such a magical product I was expecting the price to be on the order of $5 - $10K. Turns out it's only $1499. A guarantee like that for the price of a router is just too good to ignore, so I wanted to get some feedback from anyone that knows anything about these. Thanks! - Don
RE: many people are very great in this newsgroup
You can be good at studying and taking exams or have a whole lot of experience or both. Any way you see it, the exams are certainly passable with enough study or experience. Take myself for instance, I started the CCNA back in November of 99 and I hadn't even known what an IOS was. Now I'm all the way to CCIE written and I haven't even worked in an enterprise environment yet. I've set up one router from scratch and even that hasn't been put into production yet. With enough study anything is possible- except the CCIE lab of course. Heh heh. : ) Vijay Ramcharan CCNP, CCDP, MCSE -Original Message- From: Lonnie Paschall [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 12, 2000 1:49 PM To: [EMAIL PROTECTED] Subject: Re: many people are very great in this newsgroup Get access to a router or routers and practice, practice, practice Lonnie ""RANMA"" <[EMAIL PROTECTED]> wrote in message 8s3v77$893$[EMAIL PROTECTED]">news:8s3v77$893$[EMAIL PROTECTED]... > I have already graduated. > and only got CCNA... > > but many people got higher level than me > they study very fast and very clever > > > how can I get higher level much easier ? > any comment!? > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: many people are very great in this newsgroup
That's the $65,000 question. Why 65? That's whereabouts what I make now. I haven't looked for a new job since I obtained the Cisco certifications. (I had a prior commitment with my current job). However, the time on that commitment is just about up, so I'll start looking soon. I have no idea what sort of job I'll be able to get but I'm always optimistic. For those who wish to know, I'll try to post an update to the group when/if something does happen. : ) Vijay Ramcharan CCNP, CCDP, MCSE -Original Message- From: Bharat Suneja [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 20, 2000 1:41 AM To: [EMAIL PROTECTED] Subject: Re: many people are very great in this newsgroup So what kind of positions will you be looking at with all those certs & no experience ? Bharat Suneja "Vijay Ramcharan" <[EMAIL PROTECTED]> wrote in message 6D0C88A4C9E3D311BDE40020AFFA39F51BA290@EXSRVR">news:6D0C88A4C9E3D311BDE40020AFFA39F51BA290@EXSRVR... > You can be good at studying and taking exams or have a whole lot of > experience or both. Any way you see it, the exams are certainly passable > with enough study or experience. Take myself for instance, I started the > CCNA back in November of 99 and I hadn't even known what an IOS was. Now > I'm all the way to CCIE written and I haven't even worked in an enterprise > environment yet. I've set up one router from scratch and even that hasn't > been put into production yet. With enough study anything is possible- > except the CCIE lab of course. Heh heh. : ) > > Vijay Ramcharan > CCNP, CCDP, MCSE > > > -Original Message- > From: Lonnie Paschall [mailto:[EMAIL PROTECTED]] > Sent: Thursday, October 12, 2000 1:49 PM > To: [EMAIL PROTECTED] > Subject: Re: many people are very great in this newsgroup > > > Get access to a router or routers and practice, practice, practice > > Lonnie > > ""RANMA"" <[EMAIL PROTECTED]> wrote in message > 8s3v77$893$[EMAIL PROTECTED]">news:8s3v77$893$[EMAIL PROTECTED]... > > I have already graduated. > > and only got CCNA... > > > > but many people got higher level than me > > they study very fast and very clever > > > > > > how can I get higher level much easier ? > > any comment!? > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/ cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP Subnetting Question
http://www.cisco.com/warp/public/701/3.html This is a pretty good link for brushing up on IP addressing and subnetting. Lot of examples for the beginner. Vijay Ramcharan CCNP, CCDP, MCSE -Original Message-From: Marshal Schoener [mailto:[EMAIL PROTECTED]]Sent: Tuesday, October 17, 2000 1:29 PMTo: 'Robert Cabeca'; cisco group studySubject: RE: IP Subnetting Question /28 = 255.255.255.240 You are correct!!! the /28 just means a 28 bit mask... that is .240 :--) -Original Message-From: Robert Cabeca [mailto:[EMAIL PROTECTED]]Sent: Tuesday, October 17, 2000 10:00 AMTo: cisco group studySubject: IP Subnetting Question I am not understanding the concept of using an IP address followed by /n. Example 10.20.193.20 /28. The way I am looking at it I get a Subnet mask of 255.255.255.240. But I am being told that it is really a mask of 255.255.240.0, however I am not being given an explanation. I thought that 255.255.240.0 has a /20. but it is a /12 instead? Any enlightenment would be appreciated. peace Rob
RE: ATM & CDP
The "show cdp neighbors detail" command will show you the IP address of the neighbors. Vijay Ramcharan CCNP, CCDP, MCSE -Original Message- From: Jake Secrist [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 18, 2000 9:01 AM To: [EMAIL PROTECTED] Subject: ATM & CDP I have a Cisco router connected to a Cisco LightStream 1010 ATM switch. The 'sh int atm 1/0' command shows that the interface and line protocol are up, but I can't ping what I thought was the IP address of the switch's ATM interface(10.11.1.2/24). I know the IP address of the ATM interface on the router (10.11.1.1/24), but I can't figure out the IP address of the switch's ATM interface. Would this address normally show up in the 'show cdp neighbors' command? The output of that command shows nothing for the ATM interface. In the 'sh ip arp' command, there are only Ethernet entries, none for ATM. Also, can you ping over ATM? Obviously I don't know a whole lot about ATM, but I'd appreciate any help anyone can offer. Thanks, Jake __ Do You Yahoo!? Yahoo! Messenger - Talk while you surf! It's FREE. http://im.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco 2600 and PPTP
Check out the link below or do a search on CCO for "PPTP" AND "2600" http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121 t/121t5/dt_pptp.htm Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Justin Lofton Sent: Tuesday, March 27, 2001 12:12 PM To: [EMAIL PROTECTED] Subject: Cisco 2600 and PPTP Does the 2611 support pptp? And does anyone have a sample config of pptp or ipsec? Thanks! Justin Lofton Account Executive/CCNA Tredent Data Systems [EMAIL PROTECTED] (818) 222-3770 http://www.tredent.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP clarification
For the purposes of the exam EIGRP is a DV protocol. Vijay Ramcharan - Original Message - From: "Rizzo Damian" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, March 28, 2001 10:06 PM Subject: EIGRP clarification > > Preparing for my BSCN exam, I have found myself unclear as to whether or > not EIGRP is in fact a Hybrid or Distance-Vector protocol. All the Cisco > classes I've been too have always referred to EIGRP as a Balanced Hybrid > protocol, now studying for my CCNP, I am finding EIGRP referred to as a > Distance-vector protocol???...How is this possible? Thanks... > > > > > > -Rizzo > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: trunking
Another issue to consider is the fact that if IP telephony will ever be implemented (Cisco's anyway), dot1q trunking has to be used, negating the use of ISL. A recent implementation has emerged called MISTP (Multiple Instance STP) that supposedly supports multiple spanning trees over the dot1q protocol. Does it work in an IP telephony environment? I leave that up to someone more qualified to answer. Vijay Ramcharan - Original Message - From: "Erick B." <[EMAIL PROTECTED]> To: "Brant I. Stevens" <[EMAIL PROTECTED]>; "Rik" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, March 29, 2001 3:28 AM Subject: Re: trunking > > 802.1q doesn't support multiple spanning trees, but > many vendors have added their own support which may or > may not interoperate well with other vendors. YMMV. > > 802.1s will which is at draft 9 (march 9 2001). To my > knowledge, I don't know of any vendors with support > for it at this time in it's draft form nor do I know > how different it is from PVST, etc. > > --- "Brant I. Stevens" <[EMAIL PROTECTED]> > wrote: > > This may seem like nit-picking, but it isn't > > actually a revision of > > 802.1Q that supports > > PVST, but rather, the vendor gear that supports PVST > > with the use of > > 802.1Q... Nortel > > Passport (Accelar) switches support this as well... > > > > -Brant > > > > Rik wrote: > > > > > Actually, most newer revisions of Dot1Q support > > PVST as well. > > > > > > Rik > > > > > > ""ciscosis"" <[EMAIL PROTECTED]> wrote in > > message > > > 001301c0b3b7$aba8b000$593d839b@nes2s50667">news:001301c0b3b7$aba8b000$593d839b@nes2s50667... > > > > ISL has a number of advantages over dot1q, for > > example it supports per > > > vlan > > > > spanning tree (PVST) which allows a separate > > spantree instance per Vlan > > > > which makes networks more scalable and more > > stable than dot1q based. > > > > > > > > It is Cisco proprietary but it interoperates > > with dot1q (common spanning > > > > tree) compliant switches (using Cisco protocol > > PVST+) > > > > > > > > If you are building a large cisco switched > > network with alot of Vlans and > > > > are worried about issues such as spanning tree > > convergence/ stability > > > > /reliability .. definately go for ISL > > > __ > Do You Yahoo!? > Get email at your own domain with Yahoo! Mail. > http://personal.mail.yahoo.com/?.refer=text > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: problem with installing vpn 3.0 client for win2000
I've installed 301k9 twice now on Win2K Pro and have never had any problems (apart from the fact that it doesn't work with our PIX and I didn't find that out until I read the documentation). I've also installed or tried to install the VPN 5K client, the VPN 1.1 client and whatever else Cisco has, just to see what they look like. My machine has never once crashed. Vijay Ramcharan - Original Message - From: "Frank Kim" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, March 29, 2001 2:09 AM Subject: problem with installing vpn 3.0 client for win2000 > Hi folks, > Anyone has any success on installing the cisco vpn 3.0 client for win2000 > professional or adv server? My win2000 box kept failing after the > installation; it kept rebooting. Please share your experience. This is > the name of the file which I tried to install: vpnclient-win-3.0.1.Rel-k9 > > Thanks for any input. > > -Frank > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCDP or CVOICE Advice
Since you're in the groove, you could just take your 2 exams and get the CCDP. I did the same and finished CCDP in a couple of months. Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ruddy Cordero Sent: Thursday, March 29, 2001 2:18 PM To: [EMAIL PROTECTED] Subject: CCDP or CVOICE Advice I just finished by CCNP and I would like to go ahead with my CVOICE = specialization. I work for VoIP company and it would help me a bit to = have but CVOICE is going to be eliminated and there is no cert. or ID to = recognized you as having a voice specialization. My question is: Should = I continue with my studies or should I just study for my CCDP? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN 5001 concentrator
I actually have a similar problem. I connect to a PIX firewall which is the VPN server, from home. If I connect through Mindspring or other ISP, I have no problems connecting and authenticating against the PIX. If I dial in to a RAS server which has Internet connectivity via a DSL router (which is doing NAT for about 60 users), I can connect to the PIX, but I can't successfully authenticate. My guess is that something is lost in the translation from local to global IP address. I know this doesn't help but I'm just throwing this out there also. Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of The.Rock Sent: Thursday, March 29, 2001 2:22 PM To: [EMAIL PROTECTED] Subject: VPN 5001 concentrator Here's the problem: 2 clients,both sharing a DSL line. both use VPN client for 5001 When one is connected it is fine and if you add another connection off the same dsl while the other computer is connected, the VPN tunnel keeps dropping. Any ideas ? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Salary humor
1 job(s). I don't think one qualifies as plural. Hehehe Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of EA Louie Sent: Monday, April 09, 2001 2:07 PM To: [EMAIL PROTECTED] Subject: OT: Salary humor who can catch the typo here? ;-) -e- - Original Message - From: "Dice.com JobSeeker Match Notification" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, April 08, 2001 3:00 AM Subject: DICE JobSeeker Match Notification > The following 1 new jobs posted on 04/07/01 matched your search criteria. > If you would like to change your search options, please > go to: > http://jobtools.dice.com/jobtools/ > > If you would like to stop receiving these e-mails, please > go to: > http://jobtools.dice.com/jobtools/ > > Then click on the "Deactivate your job search profile" link. > > > > > Advecta Lisa Fulton > 2100 Main Street Tel: (999) 999- > Suite 102 Fax: > Irvine, CA 92612 > > > POSITION TITLE : Sr. Network Engineer > SKILLS REQUIREMENTS: nt, infrastructure, servers, mcse, web applications, i > > LOCATION : CA 714 Huntington Beach > PAY RATE : $60,000.00 - $70,000.00 per hour > Fulltime > LENGTH : Perm > POSITION ID: advcx.e001060 > > EMAIL: [EMAIL PROTECTED] > > COMMENTS: Regular-hire position in a financial company. Work on the following: NT servers, network engineering, Windows 95/98/2000, IIS, Site Server, web applications, SQL Server, TCP/IP, Network Architecture and connectivity devices, Web Server technology. > Desired Experience > 5 years working experience with the following: > NT server, NT Administration. > IIS, site Server, web applications. > NT Security, Windows 95/98. > SQL Server, TCP/IP, Network Architecture and connectivity devices, Web Server technology. > MCSE preferred. > Excellent communication skills are a must. > Other Desired Skills: nt, infrastructure, servers, mcse, web applications, iis, site server, security, connectivity > Years of Experience Required: More than 5 years > Expected Travel Time: None _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Catalyst 6509 and DHCP [7:408]
priority 16384 7 #vlan 8 set spantree priority 8192 8 #vlan 9 set spantree priority 16384 9 #vlan 11 set spantree priority 16384 11 #vlan 15 set spantree priority 16384 15 ! #set boot command set boot config-register 0x2 set boot system flash bootflash:cat6000-sup.6-1-2.bin set boot system flash bootflash:cat6000-sup.5-5-5.bin set boot system flash bootflash:cat6000-sup.5-5-2.bin set boot system flash bootflash:cat6000-sup.5-3-4-CSX.bin ! #qos set qos enable ! #port channel set port channel 1/1-2 5 ! # default port status is enable ! ! #module 1 : 2-port 1000BaseX Supervisor ! #module 2 empty ! #module 3 : 8-port 1000BaseX Ethernet ! #module 4 : 48-port 10/100BaseTX Ethernet set vlan 24/23-24 set vlan 44/40-48 set port auxiliaryvlan 4/1 4 set port auxiliaryvlan 4/2 4 set port auxiliaryvlan 4/3 4 set port auxiliaryvlan 4/4 4 set port auxiliaryvlan 4/5 4 set port auxiliaryvlan 4/6 4 set port auxiliaryvlan 4/7 4 set port auxiliaryvlan 4/8 4 set port auxiliaryvlan 4/9 4 set port auxiliaryvlan 4/10 4 set port auxiliaryvlan 4/11 4 set port auxiliaryvlan 4/12 4 set port auxiliaryvlan 4/13 4 set port auxiliaryvlan 4/14 4 set port auxiliaryvlan 4/15 4 set port auxiliaryvlan 4/16 4 set port auxiliaryvlan 4/17 4 set port auxiliaryvlan 4/18 4 set port auxiliaryvlan 4/19 4 set port auxiliaryvlan 4/20 4 set port auxiliaryvlan 4/21 4 set port auxiliaryvlan 4/22 4 set port auxiliaryvlan 4/23 4 set port auxiliaryvlan 4/24 4 set port auxiliaryvlan 4/25 4 set port auxiliaryvlan 4/26 4 set port auxiliaryvlan 4/27 4 set port auxiliaryvlan 4/28 4 set port auxiliaryvlan 4/29 4 set port auxiliaryvlan 4/30 4 set port auxiliaryvlan 4/31 4 set port auxiliaryvlan 4/32 4 set port auxiliaryvlan 4/33 4 set port auxiliaryvlan 4/34 4 set port auxiliaryvlan 4/35 4 set port auxiliaryvlan 4/36 4 set port auxiliaryvlan 4/37 4 set port auxiliaryvlan 4/38 4 set port auxiliaryvlan 4/39 4 set port auxiliaryvlan 4/40 4 set port auxiliaryvlan 4/41 4 set port auxiliaryvlan 4/42 4 set port auxiliaryvlan 4/43 4 set port auxiliaryvlan 4/44 4 set port auxiliaryvlan 4/45 4 set port auxiliaryvlan 4/46 4 set port auxiliaryvlan 4/47 4 set port auxiliaryvlan 4/48 4 set trunk 4/1 on dot1q 1-1005,1025-4094 set trunk 4/2 on dot1q 1-1005,1025-4094 set trunk 4/3 on dot1q 1-1005,1025-4094 set trunk 4/4 on dot1q 1-1005,1025-4094 set trunk 4/5 on dot1q 1-1005,1025-4094 set trunk 4/6 on dot1q 1-1005,1025-4094 set trunk 4/7 on dot1q 1-1005,1025-4094 set trunk 4/8 on dot1q 1-1005,1025-4094 set trunk 4/9 on dot1q 1-1005,1025-4094 set trunk 4/10 on dot1q 1-1005,1025-4094 set trunk 4/11 on dot1q 1-1005,1025-4094 set trunk 4/12 on dot1q 1-1005,1025-4094 set trunk 4/13 on dot1q 1-1005,1025-4094 set trunk 4/14 on dot1q 1-1005,1025-4094 set trunk 4/15 on dot1q 1-1005,1025-4094 set trunk 4/16 on dot1q 1-1005,1025-4094 set trunk 4/17 on dot1q 1-1005,1025-4094 set trunk 4/18 on dot1q 1-1005,1025-4094 set trunk 4/19 on dot1q 1-1005,1025-4094 set trunk 4/20 on dot1q 1-1005,1025-4094 set trunk 4/21 on dot1q 1-1005,1025-4094 set trunk 4/22 on dot1q 1-1005,1025-4094 set trunk 4/23 on dot1q 1-1005,1025-4094 set trunk 4/24 on dot1q 1-1005,1025-4094 set trunk 4/25 on dot1q 1-1005,1025-4094 set trunk 4/26 on dot1q 1-1005,1025-4094 set trunk 4/27 on dot1q 1-1005,1025-4094 set trunk 4/28 on dot1q 1-1005,1025-4094 set trunk 4/29 on dot1q 1-1005,1025-4094 set trunk 4/30 on dot1q 1-1005,1025-4094 set trunk 4/31 on dot1q 1-1005,1025-4094 set trunk 4/32 on dot1q 1-1005,1025-4094 set trunk 4/33 on dot1q 1-1005,1025-4094 set trunk 4/34 on dot1q 1-1005,1025-4094 set trunk 4/35 on dot1q 1-1005,1025-4094 set trunk 4/36 on dot1q 1-1005,1025-4094 set trunk 4/37 on dot1q 1-1005,1025-4094 set trunk 4/38 on dot1q 1-1005,1025-4094 set trunk 4/39 on dot1q 1-1005,1025-4094 set trunk 4/40 on dot1q 1-1005,1025-4094 set trunk 4/41 on dot1q 1-1005,1025-4094 set trunk 4/42 on dot1q 1-1005,1025-4094 set trunk 4/43 on dot1q 1-1005,1025-4094 set trunk 4/44 on dot1q 1-1005,1025-4094 set trunk 4/45 on dot1q 1-1005,1025-4094 set trunk 4/46 on dot1q 1-1005,1025-4094 set trunk 4/47 on dot1q 1-1005,1025-4094 set trunk 4/48 on dot1q 1-1005,1025-4094 ! #module 5 empty ! #module 6 empty ! #module 7 empty ! #module 8 : 8-port T1 set port voice interface 8/1 dhcp enable vlan 4 set port voice interface 8/2 dhcp enable vlan 4 set port voice interface 8/3 dhcp enable vlan 4 set port voice interface 8/4 dhcp enable vlan 4 set port voice interface 8/5 dhcp enable vlan 4 set port voice interface 8/6 dhcp enable vlan 4 set port voice interface 8/7 dhcp enable vlan 4 set port voice interface 8/8 dhcp enable vlan 4 ! #module 9 : 0-port FlexWAN Module ! #module 15 : 1-port Multilayer Switch Feature Card ! #module 16 empty end Core_Even (enable) Vijay Ramcharan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=408&t=408 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 6509 and DHCP [7:408]
outer eigrp 10 network 10.0.0.0 no auto-summary ! ip classless no ip http server ! ! ! line con 0 transport input none line vty 0 4 login transport input lat pad mop telnet rlogin udptn nasi ! end Core_Even_MSFC#wr m Building configuration... [OK] Core_Even_MSFC# Vijay Ramcharan -Original Message- From: Traister, Blake (SBCI) [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 12, 2001 5:37 PM To: 'Vijay Ramcharan' Subject: RE: Catalyst 6509 and DHCP [7:408] -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Does your arp table have the hosts in it yet? I may be missing something, but I cant find ip helper address anywhere in either config - -Original Message- From: Vijay Ramcharan [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 12, 2001 2:57 PM To: [EMAIL PROTECTED] Subject: Catalyst 6509 and DHCP [7:408] Hello Group, I'm looking at a particularly irritating problem and I can't quite figure out what's wrong. We have 2 Cat6509s which are suppposed to be configured for IP telephony. I've added a number of VLANs, implemented HSRP on the MSFCs etc. My problem is, I have a DHCP server on VLAN 4 which cannot be seen by a host which is on another VLAN. I tried using the ip helper-address command but was unsuccessful. Any ideas? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=420&t=408 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 6509 and DHCP [7:408]
ARP table of the MSFC below. Core_Even_MSFC#sh arp Protocol Address Age (min) Hardware Addr Type Interface Internet 10.4.10.4 3 00d0.0247.9fff ARPA Vlan1 Internet 10.4.12.2 - 00d0.d33a.0434 ARPA Vlan4 Internet 10.4.15.1 3 0030.7b96.acd0 ARPA Vlan8 Internet 10.4.14.1 3 0030.7b96.acd0 ARPA Vlan6 Internet 10.4.14.2 - 00d0.d33a.0434 ARPA Vlan6 Internet 10.4.12.1 3 0030.7b96.acd0 ARPA Vlan4 Internet 10.4.15.2 - 00d0.d33a.0434 ARPA Vlan8 Internet 10.4.8.5- .0c07.ac02 ARPA Vlan2 Internet 10.4.12.6 3 0050.8bcd.feeb ARPA Vlan4 Internet 10.4.8.2- 00d0.d33a.0434 ARPA Vlan2 Internet 10.4.15.5 - .0c07.ac08 ARPA Vlan8 Internet 10.4.10.1 3 0030.7b96.acd0 ARPA Vlan1 Internet 10.4.14.5 - .0c07.ac06 ARPA Vlan6 Internet 10.4.12.4 - .0c07.ac04 ARPA Vlan4 Internet 10.4.10.2 - 00d0.d33a.0434 ARPA Vlan1 Internet 10.4.12.5 0 0050.8bcd.fe56 ARPA Vlan4 Internet 10.4.8.13 0030.7b96.acd0 ARPA Vlan2 Internet 10.4.10.3 3 00d0.0247.13ff ARPA Vlan1 Internet 10.4.7.13 0030.7b96.acd0 ARPA Vlan15 Internet 10.4.4.2- 00d0.d33a.0434 ARPA Vlan7 Internet 10.4.6.13 0030.7b96.acd0 ARPA Vlan11 Internet 10.4.5.2- 00d0.d33a.0434 ARPA Vlan9 Protocol Address Age (min) Hardware Addr Type Interface Internet 10.4.6.2- 00d0.d33a.0434 ARPA Vlan11 Internet 10.4.5.13 0030.7b96.acd0 ARPA Vlan9 Internet 10.4.7.2- 00d0.d33a.0434 ARPA Vlan15 Internet 10.4.4.13 0030.7b96.acd0 ARPA Vlan7 Internet 10.4.7.53 .0c07.ac0f ARPA Vlan15 Internet 10.4.3.13 0030.7b96.acd0 ARPA Vlan5 Internet 10.4.2.13 0030.7b96.acd0 ARPA Vlan3 Internet 10.4.10.10 3 0002.fde3.4080 ARPA Vlan1 Internet 10.4.2.2- 00d0.d33a.0434 ARPA Vlan3 Internet 10.4.10.11 3 0002.7d70.0980 ARPA Vlan1 Internet 10.4.3.2- 00d0.d33a.0434 ARPA Vlan5 Internet 10.4.12.23 0 00b0.8e87.b2dc ARPA Vlan4 Internet 10.4.12.34 0 0030.94c3.9749 ARPA Vlan4 Internet 10.4.12.38 0 0030.94c3.9b41 ARPA Vlan4 Internet 127.0.0.12 - .2100. ARPA EOBC0/6 Internet 127.0.0.11 - .1100. ARPA EOBC0/6 Core_Even_MSFC# Vijay Ramcharan -Original Message- From: Traister, Blake (SBCI) [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 12, 2001 5:59 PM To: '[EMAIL PROTECTED]'; Traister, Blake (SBCI); Cisco Groupstudy. com Mailing list (E-mail) Subject: RE: Catalyst 6509 and DHCP [7:408] -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 and none of the clients are showing up in your arp cache? - -Original Message----- From: Vijay Ramcharan [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 12, 2001 2:49 PM To: 'Traister, Blake (SBCI)'; Cisco Groupstudy. com Mailing list (E-mail) Subject: RE: Catalyst 6509 and DHCP [7:408] Thanks. I've included the new config below with the IP Helper address command. I've tried with and without the helper address commands but neither seem to work. - From the Cat6509 SC0 int I can ping the DHCP IP server address without any problem. From the MSFC I can ping the DHCP server IP address without any problem. From the DHCP server I can ping any VLAN interface on the MSFC as well as a couple of 3500s that I've connected to the 6509s. Core_Even (enable) sh conf This command shows non-default configurations only. Use 'show config all' to show both default and non-default configurations. .. .. ... .. begin ! # * NON-DEFAULT CONFIGURATION * ! ! #time: Thu Apr 12 2001, 16:51:21 ! #version 6.1(2) ! set prompt Core_Even ! #errordetection set errordetection portcounter enable ! #! #vtp set vtp domain tdnyc set vtp pruning enable set vlan 1 name default type ethernet mtu 1500 said 11 state active set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state activ e stp ieee set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active st p ibm set vlan 2-9,11,15 set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state acti ve mode srb aremaxhop 7 stemaxhop 7 backupcrf off ! #ip set interface sc0 1 10.4.10.4/255.255.254.0 10.4.11.255 set ip route 10.4.2.0/255.255.255.0 10.4.10.2 set ip route 10.4.3.0/255.255.255.0
RE: Catalyst 6509 and DHCP [7:408]
Fix for the problem reported last week with being unable to get an IP address from a DHCP server in another VLAN turned out to be an IOS upgrade. Apparently any IOS release prior to 12.1.3x has a problem with creating the proper MLS entries necessary to support a DHCP server in a VLAN different from the client. A "debug ip dhcp server packet" on the MSFC showed that it was unable to find a route to the specified DHCP server when the old IOS version was used. Now the proper entries are created. Thanks for all the help. Vijay Ramcharan -Original Message- From: Peter Balharek [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 12, 2001 8:06 PM To: Vijay Ramcharan; [EMAIL PROTECTED] Subject: Re: Catalyst 6509 and DHCP [7:408] are you able to run "debug ip dhcp server packet" ? (and i don't mean the capability of the switch, but production as a reason) pls provide capture. off the wall advise: use set port host on the ports for servers and clients, clear cam, restart dhcp server and see. it worked for me a while back. p. - Original Message ----- From: "Vijay Ramcharan" To: Sent: Thursday, April 12, 2001 4:03 PM Subject: RE: Catalyst 6509 and DHCP [7:408] > Thanks. > > I've included the new config below with the IP Helper address command. I've > tried with and without the helper address commands but neither seem to work. > From the Cat6509 SC0 int I can ping the DHCP IP server address without any > problem. From the MSFC I can ping the DHCP server IP address without any > problem. From the DHCP server I can ping any VLAN interface on the MSFC as > well as a couple of 3500s that I've connected to the 6509s. > > Core_Even (enable) sh conf > This command shows non-default configurations only. > Use 'show config all' to show both default and non-default configurations. > .. > .. > > > > > > > ... > > > > .. > > begin > ! > # * NON-DEFAULT CONFIGURATION * > ! > ! > #time: Thu Apr 12 2001, 16:51:21 > ! > #version 6.1(2) > ! > set prompt Core_Even > ! > #errordetection > set errordetection portcounter enable > ! > #! > #vtp > set vtp domain tdnyc > set vtp pruning enable > set vlan 1 name default type ethernet mtu 1500 said 11 state active > set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active > set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state > activ > e stp ieee > set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state > active st > p ibm > set vlan 2-9,11,15 > set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state > acti > ve mode srb aremaxhop 7 stemaxhop 7 backupcrf off > ! > #ip > set interface sc0 1 10.4.10.4/255.255.254.0 10.4.11.255 > > set ip route 10.4.2.0/255.255.255.0 10.4.10.2 > set ip route 10.4.3.0/255.255.255.0 10.4.10.2 > set ip route 10.4.4.0/255.255.255.0 10.4.10.2 > set ip route 10.4.5.0/255.255.255.0 10.4.10.2 > set ip route 10.4.6.0/255.255.255.0 10.4.10.2 > set ip route 10.4.7.0/255.255.255.0 10.4.10.2 > set ip route 10.4.8.0/255.255.254.0 10.4.10.2 > set ip route 10.4.12.0/255.255.254.0 10.4.10.2 > set ip route 10.4.14.0/255.255.255.0 10.4.10.2 > set ip route 10.4.15.0/255.255.255.0 10.4.10.2 > set ip route 0.0.0.0/0.0.0.0 10.4.10.2 > ! > #spantree > #vlan 1 > set spantree priority 16384 1 > #vlan 2 > set spantree priority 8192 2 > #vlan 3 > set spantree priority 16384 3 > #vlan 4 > set spantree priority 8192 4 > #vlan 5 > set spantree priority 16384 5 > #vlan 6 > set spantree priority 8192 6 > #vlan 7 > set spantree priority 16384 7 > #vlan 8 > set spantree priority 8192 8 > #vlan 9 > set spantree priority 16384 9 > #vlan 11 > set spantree priority 16384 11 > #vlan 15 > set spantree priority 16384 15 > ! > #set boot command > set boot config-register 0x2 > set boot system flash bootflash:cat6000-sup.6-1-2.bin > set boot system flash bootflash:cat6000-sup.5-5-5.bin > set boot system flash bootflash:cat6000-sup.5-5-2.bin > set boot system flash bootflash:cat6000-sup.5-3-4-CSX.bin > ! > #qos > set qos enable > ! > #port channel > set port channel 1/1-2 5 > ! > # default port status is enable > ! > ! > #module 1 : 2-port 1000BaseX Supervisor > ! > #module 2 empty > ! > #module 3 : 8-port 1000BaseX Ethernet > ! > #module 4 : 48-port 10/100BaseTX Ethernet > set vlan 24/23-24 > set vlan 44/40-48 > set port auxiliaryvlan 4/1 4 > set port auxiliaryvlan 4/2 4 > set port auxiliaryvlan 4/3 4 > set port auxiliaryvlan 4/4 4 > set port auxi
RE: Catalyst 6509 and DHCP [7:408]
Actually the bug ID is CSCds89040 and it's related to HSRP configs and IOS 12.1(4)E and not specifically related DHCP servers as I incorrectly stated earlier. See below excerpt from CCO. MLS Flows Not Being Created For Devices Using HSRP Standby IP Address As Default Gateway--- When using 12.1(4)E on Sup1/MSFC1, Sup2/MSFC2, or Sup1/MSFC2 while HSRP is enabled, MLS switching may fail. The symptoms are different for each combination: For Sup1/MSFC1 and Sup1/MSFC2, which use Netflow-MLS, you may see that the MLS shortcuts are not being created when traffic is sent to a HSRP MAC address. Any client using the HSRP standby IP address as the default gateway will use HSRP MAC address. For Sup2/MSFC2, which uses Cisco Express Forwarding-MLS (CEF-MLS), you may see that the CEF adjacency table is not being populated correctly on the switch. The bug ID for this caveat is CSCds89040, and the fix available is with 12.1(5a)E for the Hybrid (c6msfc) images, and 12.1(5a)E1 for the Native (c6sup) images. Vijay Ramcharan -Original Message- From: Peter Balharek [mailto:[EMAIL PROTECTED]] Sent: Monday, April 16, 2001 2:27 PM To: Vijay Ramcharan; [EMAIL PROTECTED] Subject: Re: Catalyst 6509 and DHCP [7:408] if you are referring to bug id: CSCds00999 then it is only a cosmetic issue, not functionality issue. p. - Original Message - From: "Vijay Ramcharan" To: Sent: Monday, April 16, 2001 9:28 AM Subject: RE: Catalyst 6509 and DHCP [7:408] > Fix for the problem reported last week with being unable to get an IP > address from a DHCP server in another VLAN turned out to be an IOS upgrade. > Apparently any IOS release prior to 12.1.3x has a problem with creating the > proper MLS entries necessary to support a DHCP server in a VLAN different > from the client. > A "debug ip dhcp server packet" on the MSFC showed that it was unable to > find a route to the specified DHCP server when the old IOS version was used. > Now the proper entries are created. > > Thanks for all the help. > > Vijay Ramcharan > > -Original Message- > From: Peter Balharek [mailto:[EMAIL PROTECTED]] > Sent: Thursday, April 12, 2001 8:06 PM > To: Vijay Ramcharan; [EMAIL PROTECTED] > Subject: Re: Catalyst 6509 and DHCP [7:408] > > > are you able to run "debug ip dhcp server packet" ? > (and i don't mean the capability of the switch, but production > as a reason) > > pls provide capture. > > off the wall advise: use set port host on the ports for servers and clients, > clear cam, restart dhcp server and see. it worked for me a while back. > > p. > - Original Message - > From: "Vijay Ramcharan" > To: > Sent: Thursday, April 12, 2001 4:03 PM > Subject: RE: Catalyst 6509 and DHCP [7:408] > > > > Thanks. > > > > I've included the new config below with the IP Helper address command. > I've > > tried with and without the helper address commands but neither seem to > work. > > From the Cat6509 SC0 int I can ping the DHCP IP server address without any > > problem. From the MSFC I can ping the DHCP server IP address without any > > problem. From the DHCP server I can ping any VLAN interface on the MSFC > as > > well as a couple of 3500s that I've connected to the 6509s. > > > > Core_Even (enable) sh conf > > This command shows non-default configurations only. > > Use 'show config all' to show both default and non-default configurations. > > .. > > .. > > > > > > > > > > > > > > ... > > > > > > > > .. > > > > begin > > ! > > # * NON-DEFAULT CONFIGURATION * > > ! > > ! > > #time: Thu Apr 12 2001, 16:51:21 > > ! > > #version 6.1(2) > > ! > > set prompt Core_Even > > ! > > #errordetection > > set errordetection portcounter enable > > ! > > #! > > #vtp > > set vtp domain tdnyc > > set vtp pruning enable > > set vlan 1 name default type ethernet mtu 1500 said 11 state active > > set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state > active > > set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state > > activ > > e stp ieee > > set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state > > active st > > p ibm > > set vlan 2-9,11,15 > > set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 > state > > acti > > ve mode srb aremaxhop 7 stemaxhop 7 backupcrf off > > ! > > #ip > > set interface sc0 1 10.4.10.4/255.255.254.0 10.4.11.255 >
RE: HSRP? problem [7:811]
Scott, I spent most of last week working on 2 6509s in a similar scenario. Use the link below for a good explanation of HSRP configs on the 6500s. http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sft_6_1/configgd /redund.htm Vijay Ramcharan, CCNP,CCDP,MCSE Network Manager The Deal, L.L.C. http://www.thedeal.com mailto:[EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Davis, Scott [ISE/RAC] Sent: Monday, April 16, 2001 3:48 PM To: [EMAIL PROTECTED] Subject: HSRP? problem [7:811] I just added a VLAN to my Cat6509s. The interfaces for the vlan are configured on both MSFCs in both of my 6509s. We are using HSRP. both interfaces show up/up the VLAN shows active in the VTP server(a) and client(b) 6509. I set the standby priority on the vlan int config on the MSFC to 100 on 6509a and 95 on 6509b. The ip addresses are configured correctly on both (x.x.7.0/24 range 6509a int x.x.7.1 255.255.255.0 6509b int x.x.7.2 255.255.255.0) the standby ip address is pingable from both switches. When I "no shut" the ints on the MSFCs 6509a comes up normally and shows state change to active and is pingable, 6509B shows state change to active then a few minutes later to standby and the ip address is not pingable even though the interface shows up/up. If I shutdown 6509a VLAN int, x.x.7.2 is pingable and the state change is to active until a is brought back up. I am sure I am missing something but apparently I can't see it. Any ideas? thanks Scott FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=817&t=811 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Upgrade Catalyst 6509 MSFC problem [7:949]
Upgrading a Catalyst 6509 is actually pretty much the same as upgrading a lower end router like a 2600 with a couple of variations. Use below commands at your own risk. Start up your TFTP server and make sure you can ping it from the MSFC prompt. Be sure your image is located in the appropriate TFTP directory. Use the "dir" command to see the images in flash and how much space you have on your flash. Use the "copy flash tftp" command to copy backups of your images in flash in case you need to recover. Use the "copy run flash" command to get a backup of your config. Use the "delete bootflash:" command to delete the IOS image file from flash. Don't delete the image with "boot" in the filename because that image is used to load a minimal version of the IOS software in the event that the normal IOS can't be loaded. Use the "squeeze bootflash:" command to permanently delete the file from flash. Example: MSFC#dir Directory of bootflash:/ 1 -rw- 1644336 Jan 01 2000 01:41:17 c6msfc-boot-mz.121-2.E.bin 3 -rw-11602828 Jan 01 2000 00:11:57 c6msfc-jsv-mz.121-6.E1 15990784 bytes total (2521184 bytes free) MSFC#delete bootflash: ? MSFC#delete bootflash:c6msfc-jsv-mz.121-6.E1 Delete filename [c6msfc-jsv-mz.121-6.E1]? y Delete bootflash:n? [confirm]y Use "copy tftp flash" command to copy your new image over to the flash. Use the command "boot system flash bootflash:" to tell the MSFC which image to load. Issue a "dir" and "show run" and make sure that your image names match. Make sure that you have a command similar to below in your "show run" output to boot your restricted IOS in case something happens. boot bootldr bootflash:c6msfc-boot-mz.121-2.E.bin Save your config. Reset the MSFC and cross your fingers. Take your time and make sure that you can go back to your previous config if the upgrade doesn't work. Oh, and if you happen to mess up, read the link below. http://www.cisco.com/warp/customer/473/14.html Vijay Ramcharan, CCNP,CCDP,MCSE Network Manager The Deal, L.L.C. http://www.thedeal.com mailto:[EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Kim Seng Sent: Tuesday, April 17, 2001 1:54 PM To: [EMAIL PROTECTED] Subject: Upgrade Catalyst 6509 MSFC problem [7:949] I am trying to upgrade my Catalyst 6509 MFSC to version 12.1.5. When I issued the cmd: copy tftp flash at the router prompt. It failed and told me that there are not enough space to upgrade the new image. Can someone help me with this. I am digging cisco web site for reading right now. Sorry this is my first time with this. Kim. __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=964&t=949 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: Upgrade Catalyst 6509 MSFC problem [7:949]
Slight typo in the "copy run" command. I meant to say "copy run tftp". I'm slightly jaded from sitting between two nice warm servers for a few hours now. Sorry. Vijay Ramcharan, CCNP,CCDP,MCSE Network Manager The Deal, L.L.C. http://www.thedeal.com mailto:[EMAIL PROTECTED] -Original Message----- From: Vijay Ramcharan [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 17, 2001 3:48 PM To: 'Kim Seng'; '[EMAIL PROTECTED]' Subject: RE: Upgrade Catalyst 6509 MSFC problem [7:949] Upgrading a Catalyst 6509 is actually pretty much the same as upgrading a lower end router like a 2600 with a couple of variations. Use below commands at your own risk. Start up your TFTP server and make sure you can ping it from the MSFC prompt. Be sure your image is located in the appropriate TFTP directory. Use the "dir" command to see the images in flash and how much space you have on your flash. Use the "copy flash tftp" command to copy backups of your images in flash in case you need to recover. Use the "copy run flash" command to get a backup of your config. Use the "delete bootflash:" command to delete the IOS image file from flash. Don't delete the image with "boot" in the filename because that image is used to load a minimal version of the IOS software in the event that the normal IOS can't be loaded. Use the "squeeze bootflash:" command to permanently delete the file from flash. Example: MSFC#dir Directory of bootflash:/ 1 -rw- 1644336 Jan 01 2000 01:41:17 c6msfc-boot-mz.121-2.E.bin 3 -rw-11602828 Jan 01 2000 00:11:57 c6msfc-jsv-mz.121-6.E1 15990784 bytes total (2521184 bytes free) MSFC#delete bootflash: ? MSFC#delete bootflash:c6msfc-jsv-mz.121-6.E1 Delete filename [c6msfc-jsv-mz.121-6.E1]? y Delete bootflash:n? [confirm]y Use "copy tftp flash" command to copy your new image over to the flash. Use the command "boot system flash bootflash:" to tell the MSFC which image to load. Issue a "dir" and "show run" and make sure that your image names match. Make sure that you have a command similar to below in your "show run" output to boot your restricted IOS in case something happens. boot bootldr bootflash:c6msfc-boot-mz.121-2.E.bin Save your config. Reset the MSFC and cross your fingers. Take your time and make sure that you can go back to your previous config if the upgrade doesn't work. Oh, and if you happen to mess up, read the link below. http://www.cisco.com/warp/customer/473/14.html Vijay Ramcharan, CCNP,CCDP,MCSE Network Manager The Deal, L.L.C. http://www.thedeal.com mailto:[EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Kim Seng Sent: Tuesday, April 17, 2001 1:54 PM To: [EMAIL PROTECTED] Subject: Upgrade Catalyst 6509 MSFC problem [7:949] I am trying to upgrade my Catalyst 6509 MFSC to version 12.1.5. When I issued the cmd: copy tftp flash at the router prompt. It failed and told me that there are not enough space to upgrade the new image. Can someone help me with this. I am digging cisco web site for reading right now. Sorry this is my first time with this. Kim. __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=969&t=949 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Question on VPNs [7:2134]
Man, you just blew my mind. Works fine except that I can't browse using domain names. However if I use the IP address of the web server, I can get to the site. Weird, since I can do nslookup and get the domain resolved to an IP address. Thanks. Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jim McCoy Sent: Thursday, April 26, 2001 12:55 PM To: [EMAIL PROTECTED] Subject: Re: PIX Question on VPNs [7:2134] Turn off use remote gateway on the client vpn connection. ""Vijay Ramcharan"" wrote in message 000601c0ad6d$9d22d4c0$9865fea9@VRAMCHARRAN">news:000601c0ad6d$9d22d4c0$9865fea9@VRAMCHARRAN... > Hi everyone, > I have a question on the operation of VPNs when using a PIX and connecting > via PPTP from a Win2K client. > > Suppose I have a PIX that is setup to accept PPTP connections and > dynamically assign the client an IP address from a LAN subnet after they've > been authenticated on the PIX. > After the VPN tunnel is established, is it possible to go to a website while > the tunnel is active? > The NAT (inside) 0 command is used on the PIX. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=2144&t=2134 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Locate IP Address on Internet [7:3611]
I realize this may not be exactly what you're looking for but it's a step in the right direction. At least you may be able to find out some details about this person. http://www.itp-journals.com/sasample/T1304.pdf Depending on which mail server software you use, you could probably configure it to reject all messages from that person. Of course, nothing will stop them from creating another account and restarting the entire process. I'm not sure that even reporting the abuse to Hotmail will stop them, since all they have to do is create a new account with a different name. How about configuring your mail server software to accept all messages from that person and then dump them in a temp mailbox for review or trash? Eventually they'll just give up if they don't get any responses back from their efforts. I could be wrong though. You don't need me to tell you that there are really twisted and determined "people" out there. Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Kevin Wigle Sent: Tuesday, May 08, 2001 10:53 AM To: [EMAIL PROTECTED] Subject: OT: Locate IP Address on Internet [7:3611] Dear Group, I've seen this talked about now and then but I haven't had a need to use it - until now. Say, 212.181.157.94 - a user on hotmail is starting to get abusive and the headers indicate the email originated from that address. What tools are available to get a handle on an IP address that is causing problems? Kevin Wigle FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3618&t=3611 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX Software V6.0 [7:5969]
If anyone wasn't aware, V6.0 of the PIX software is now available. And as I just found out, to use the VPN 3.0 client, "isakmp policy ? group 2" must be used to enable successful authentication. Vijay Ramcharan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=5969&t=5969 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX Software V6.0 [7:5969]
Whoever you spoke to at TAC was misinformed. I'm using the free 56bit DES key on our PIX and I can authenticate using the VPN 3.0 client. You sure don't need any 3DES key. And in response to an earlier question posed regarding Diffie-Hellman Group 2 usage. I originally had the isakmp policy using Group 1 but the VPN 3.0 client bombed out on attempting to authenticate. As soon as I changed the statement on the PIX to group 2, voila!, it worked right away. I guess the VPN3.0 client is using group 2 by default so the PIX must also use group 2. I can't find any settings where you can change to group 1 on the VPN client software. Vijay Ramcharan - Original Message - From: "Alex Lee" To: Sent: Friday, May 25, 2001 7:38 PM Subject: Re: PIX Software V6.0 [7:5969] > No more DES. > > I was told by TAC that if you want to use VPN 3.0 client, your PIX must have > 3 DES activated. A pre-sale told me that this costs $1,000.00 plus license > for VPN clients. > > Can someone confirm this ? > > Alex Lee > > > "Carroll Kong" wrote in message ... > >At 05:17 PM 5/25/01 -0400, Vijay Ramcharan wrote: > >>If anyone wasn't aware, V6.0 of the PIX software is now available. > >>And as I just found out, to use the VPN 3.0 client, "isakmp policy ? > >>group 2" must be used to enable successful authentication. > >> > >>Vijay Ramcharan > > > >Are you sure this is not user configurable? Group 2 refers to the > >Diffie-Hellman group used. I suppose unless they made it a standard to not > >allow you to use Group 1 (weaker), but sheesh, if they made that the > >requirement, how dare they let people use DES. > > > > > > > >-Carroll Kong > >FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=6045&t=5969 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Remove me.... [7:6102]
Here's a hint on how to remove yourself. If you can bother sending an email every few days begging to be removed, you can take the time out and go to www.groupstudy.com and there's a box in the lower right hand corner of the screen. Type in your email address and click on the Unsubscribe radio button and then click on the Submit button. That's it. You're done. No more email messages. If you can't figure out how to do it please ask someone to help you. Thanks for listening. - Original Message - From: "babatope ojo" To: Sent: Monday, May 28, 2001 5:44 AM Subject: Remove me [7:6102] > Could you pls. remove my e-mail address from the list?.. > > Thanx. > > -- > babatope ojo > [EMAIL PROTECTED] - email > (202) 777-2641 ext. 8015 - voicemail/fax > > > > "Arun" wrote: > > Hi > > Thanks for the information ..i will try this when i find time cause > > the > > router is on live network i cann't do tthat they will kill me ..can > > u pls tell about > > I have 3600 router coonfigured as x25 i have 2 slots each having > > 4 > > serial interfaces in it ... > > i have to configure this with 2 serial ports on slot one for x25 > > encapsulation and on slot 2 i have to configure 2 serial ports which > > need to > > act as redundant in case there is problem with slot 1 ports .. > > i have ver 11.3 runing on it > > i added the entries like ... > > x25 route 010104 int ser 1/2 > > x25 route 010104 int ser 1/3 > > x25 route 010103 int ser 2/2 > > x25 route 010103 int ser 2/3 > > > > First thing will this do the job the machines on the other end has > > 2 serial > > port for each machine one is active and one is standy .machine > > switch > > over to standy if it sees error i link so i need to route the packets > > to > > this standby machine with interface ser 2/2 and ser 2/3 . > > > > Now i read somewhere like x25 retry command and backup interface command > > ... > > how can i use them can anybody send me the configuration and also will > > this > > work on ver 11.3 > > i tried it on ver11.3 but i think it doesn';t support it > > > > Pls suggest something . > > > > Regards > > Arun Sharma > > > > > > > > > > > > ""Bishara, Anan"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > If u delete any subinterface u need to reboot the router to remove > > it. It > > > will stay in that case until u reboot the router. > > > Regards, > > > Anan > > > > > > -Original Message- > > > From: Arun [mailto:[EMAIL PROTECTED]] > > > Sent: Mon, May 28, 2001 10:41 AM > > > To: [EMAIL PROTECTED] > > > Subject: Re: Serial1/3.1 is deleted, line protocol is down [7:6090] > > > > > > > > > Hi > > > let me explain what i mean to ask > > > i try to configured a serial interface(sub interface) on ser1/3 i > > could > > n't > > > achieve what i was trying to do (i was trying to configure a backup > > > interface) so i removed the sub interface using > > > command > > > no int ser1/3.1 > > > but now even after removing the interface i see the following thing > > when i > > > use show int .. > > > i think it should not be there ...right or i am wrong > > > so why it still show this > > > Serial1/3.1 is deleted, line protocol is down > > > Hardware is M4T > > > MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, > > > reliability 255/255, txload 1/255, rxload 1/255 > > > Encapsulation X25 > > > Serial2/0 is down, line protocol is down > > > Hardware is M4T > > > Description: BGW 1.1 > > > MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, > > > reliability 255/255, txload 1/255, rxload 1/255 > > > Encapsulation X25, loopback not set > > > X.25 DCE, address , state R/Inactive, modulo 8, timer 0 > > > > > > > > > Regards > > > Arun Sharma > > > > > > > > > ""ElephantChild"" wrote in message > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > On Mon, 28 May 2001, Arun wrote: > > > > > > > > > Hi > > > > > i am getting this message when i run > > > > > show int command on 3600 series router with x25 on it > > > > > i tried configuring it but i removed whats wrong can u pls help > > > > > > > > If you didn't do so already, read what the cisco docs say on "show > > > > interface", then tell us what specific part you still don't understand, > > > > and what you think it could mean. Also tell us what other steps > > you took > > > > to answer your question, and how and why you think they failed. > > > > > > > > Or, if your question isn't "what does a deleted/down status mean?", > > > > you'll have to tell us what it is. > > > > > > > > > Regards > > > > > Arun Sharma > > > > > > > > > > Serial1/3.1 is deleted, line protocol is down > > > > > Hardware is M4T > > > > > MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, > > > > > reliability 255/255, txload 1/255, rxload 1/255 > > > > > Encapsulation X25 > > > > > Serial2/0 is down, line protocol is down > > > > > Hardware is M4T > > > > > Description: BGW 1.1 > > > > > MTU 1500 byte
elementary? [7:6359]
Forgive me if this sounds a little bit basic but this is what happens when you rush into things without understanding the fundamentals. Suppose a 24 port 100Mbit switch called A is uplinked to another 24 port 100Mb switch called B via a 1Gb connnection. Suppose hosts D through N are on switch A and hosts M through X are on Switch B. Would conversations between the hosts from Switch A to Switch B occur one at a time or are multiple conversations multiplexed over the 1Gb uplink? I'm just trying to find out if and how that 1Gb uplink is used up. Thanks in advance. I'd put TIA but I hate those little acronyms. No flames please. Vijay Ramcharan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=6359&t=6359 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: elementary? [7:6359]
Thanks everyone for their replies. As I now understand it, the 1Gb uplink just moves data faster than... say, a 100Mb uplink. Correct? Conversations between hosts on each switch still take place one at a time, thereby obeying Ethernet rules of one station transmitting at a time. Correct? Okay my next question. Is there any point at which this 1Gb uplink can become saturated, since it's only handling station to station sessions- one at a time. If a number of stations on each switch were doing large file transfers to each other via the uplink, would there be some point at which the uplink would be maxed out- in terms of bandwidth? Or is the only limiting factor, the workstations inability to pump data out fast enough to max out the uplink when they're only running 100Mb? I'm thinking that it's really not possible to max out a 1Gb uplink when stations are only running 100Mb. If this is correct then I lay this question to rest. Thanks. Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Vijay Ramcharan Sent: Wednesday, May 30, 2001 12:06 AM To: [EMAIL PROTECTED] Subject: elementary? [7:6359] Forgive me if this sounds a little bit basic but this is what happens when you rush into things without understanding the fundamentals. Suppose a 24 port 100Mbit switch called A is uplinked to another 24 port 100Mb switch called B via a 1Gb connnection. Suppose hosts D through N are on switch A and hosts M through X are on Switch B. Would conversations between the hosts from Switch A to Switch B occur one at a time or are multiple conversations multiplexed over the 1Gb uplink? I'm just trying to find out if and how that 1Gb uplink is used up. Thanks in advance. I'd put TIA but I hate those little acronyms. No flames please. Vijay Ramcharan FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=6425&t=6359 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: elementary? [7:6359]
It's interesting to see how things that we take for granted (ie. A switch allows for multiple conversations while a hub can't) turn out to be so complicated when you try to understand what's taking place "behind the scenes". To sum up what has been uncovered thus far (and maybe put an end to this thread)- The issue in question was whether/how a 1 gig uplink can be filled by 100 meg attached stations on two switches. I think that since the uplink is serial by nature (but full duplex) only packets from one station can be sent and at the same point in time only packets from one station can be received. The packets sent and received may or may not be from the same station. Essentially, as Chuck said only one packet is on the wire per direction at any given time. The switch will buffer all packets and treat each session between any two stations individually. Multiple data streams between different stations in the same direction cannot exist at the same point in time on the wire. (think of a twisted pair cable which has 4 pairs encased in the same sheath /pipe). Data from multiple stations (represented by the pairs)cannot travel over the uplink (represented by the sheath) at the same time, resulting in 4 concurrent flows. Instead, one conversation occurs per direction at any point in time. Now about filling up that 1 gig link even though only two conversations can exist on the wire at any given time- I guess that the switch can switch between conversations fast enough and send packets over the uplink at a much greater rate than what any attached client can send. Put enough busy clients together sending requests out the uplink and I can see how that 1gig uplink could become saturated. The switch just increases the rate at which packets are sent out of the Gb uplink. Does this make sense? Vijay Ramcharan Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Chuck Larrieu Sent: Wednesday, May 30, 2001 3:51 PM To: [EMAIL PROTECTED] Subject: RE: elementary? [7:6359] I concur. I should have been a bit more clear in that I was addressing the issue of a gig link between two switches. For traffic that remains within a single switch, different things can be done with the switch fabric, thus increasing the number of packets handled. But a single gig link between two switches, operating at full duplex, can have only one packet per direct on the "wire" at one time. Also, I still think that on any link between any end station and the switch port, the transmitting end station still waits until it senses nothing on the wire fore putting the next packet out that interface. The end station, after all, does not know to what it is connected. Rules of the game. Listen. If wire is empty, place packet onto wire, listen, if wire is busy, wait. Perhaps some of the newer layer two drivers do things a bit differently if they detect full duplex? I'm not so sure, but then I'm just an old dog. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Gareth Hinton Sent: Wednesday, May 30, 2001 10:14 AM To: [EMAIL PROTECTED] Subject:Re: elementary? [7:6359] I think everybody might be right here but arguing about different parts of the process, or confusing the meaning of the previous post , so just to add more confusion: Peter said that all every station could send as much as they want, which I think he was referring to their own ethernet segment/(switch port). On the Gig link, buffering will obviously have to take place. Statistical multiplexing seems a good summary of what's happening. I'm not sure exactly what you were saying in the last post Alan, about the buffering. Full duplex operation will allow another station to send to you while you are sending to it, so no buffering required in that case. As usual, open (prone) to correction, Gaz ""W. Alan Robertson"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Chuck, > > It's pretty much an issue of semantics... Another station could send > to you, but the frame would be buffered by the switch until the > current frame had finished sending. It would be transmitted to you > afterward. > > Also, to confirm Peter's statement that he's never seen a full-duplex > hub... Such an animal does not/can not exist. This is one of the key > differences between hubs and switches. A hub, by it's very nature, > cannot provide full-duplex operation. It has no means of bufferring > frames, nor of providing segmentation on a per node basis. A hub is > layer 1 device, and the network is provides is a shared medium. > > Vijay, chances are that if it has a 1Gbps uplink, it is a switch, and > depending on the number of connected 100Mbps stations, and your > network traffic patterns, you very well
RE: Weird DHCP/VLAN solution suggestions wanted!! [7:6579]
There's a bug in Cat IOS code 12.1.4 (I think) which can cause the problems you're mentioning. Did you try an upgrade? The bug ID is CSCds89040 and it's related to HSRP configs and IOS 12.1(4)E. The bug prevents the correct MLS flows from being created. An IOS upgrade fixed my similar problem right away. Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jeroen Timmer Sent: Thursday, May 31, 2001 6:15 AM To: [EMAIL PROTECTED] Subject: RE: Weird DHCP/VLAN solution suggestions wanted!! [7:6579] We did everything you described below .. We sniffered the network, we saw that the client didn't get a reply from the DHCP server. But what the cause is that the client doesn't get a reply .. We couldn't find out. We also tried to release the client's ip address by ipconfig /release etc. etc. This also didn't work, I had to delete the client in the DHCP scope of NetID (where I found that client with his old ip address and sometimes had to remove it several times) to let the client get a new ip address by releasing his old ip address. We used the NetID server for DHCP, even changed to a WinNT server to do DHCP, but the problem still remains. The thing we have configured in the router is only an ip-helper address on each VLAN interface. What about the ip dhcp-server command ... Do you have to configure that one to ? With kind regards, Jeroen Timmer -Original Message- From: Charles Manafa [mailto:[EMAIL PROTECTED]] Sent: donderdag 31 mei 2001 11:47 To: [EMAIL PROTECTED] Subject: RE: Weird DHCP/VLAN solution suggestions wanted!! [7:6579] Try using DHCPLOC to monitor DHCP requests/replies traffic. This will give you an indication as to why clients can not lease IP addresses. I believe the reason why clients that move from one VLAN to another keep getting the same IP address is because they are trying to renew the existing IP address. Those clients need to release their IP addresses before attempting to obtain a new one: IPCONFIG /RELEASE; IPCONFIG /RENEW CM > -Original Message- > From: Jeroen Timmer [mailto:[EMAIL PROTECTED]] > Sent: 31 May 2001 10:03 > To: [EMAIL PROTECTED] > Subject: RE: Weird DHCP/VLAN solution suggestions wanted!! [7:6579] > > > We have a configuration at our company that has the same configuration > as you just described. > But somewhere along the line .. This doesn't seem to work that well. > > We got about 4 vlans, all vlan interfaces have an ip helper address to > our DHCP server. Problem is that 8 out of 10 times, a DHCP client > doesn't get an > ip address. We used an Windows NT server as DHCP but also > Nortel's NetID. > Both systems give the same problems. > Some times a user moves from one vlan to the other but gets > an ip address > from the old vlan he was in before he did a DHCP request for > his new VLAN. > > We have been trying to find the solution but didn't succeed sofar, > maybe somebody had this before and is willing to share it with me. > > We use a Cisco cat 6500 to handle to forwarding to the DHCP server and > the VLAN routing, as access switches we have Cisco cat 3500. > > > Thnx in advance, > > JT > > -Original Message- > From: Pawel Sikora [mailto:[EMAIL PROTECTED]] > Sent: donderdag 31 mei 2001 10:49 > To: [EMAIL PROTECTED] > Subject: Re: Weird DHCP/VLAN solution suggestions wanted!! [7:6579] > > > - Original Message - > From: "Sam Deckert" > > > The problem is the client wants to use DHCP, so that people in the > > offices can simply plug in and away they go. But how would you go > > about implementing a DHCP server in this situation?? In order to > > allocate an address from the appropriate range, the DHCP > server needs > > to be aware of > the > > VLAN that the client DHCP request came from. I have not > been able to > > find > a > > DHCP server that has this capability whatsoever. I am sure > this has > > been done before - does anyone know how or have any suggestions?? > > At the edge of each VLAN, an instance > of router subinterface is obviously needed. > You can configure at each subinterface > ip helper address pointing to a real dhcp > server located anywhere. > Router then forwards any dhcp requests > broadcasted by stations in vlans with > apopriate subnet info, that dhcp server can > use a defined scope for each vlan. > Server than answers with lease data to the > requestor via directed broadcast. > (im not sure if such way) > > For example NT dhcp server service > works flawlessy with such topology, > with many different scopes. > > Pawel/ > FAQ, list archives, and subscription info: > http://www
RE: MS exhcnage Security over PIX [7:7046]
There's a way to prevent relaying on Exchange 5.5 and it's posted on MS Technet. The link is http://www.microsoft.com/TechNet/exchange/relay.asp and it has nothing to do with the Pix. If you're allowing traffic from the Internet to your Exchg server, then you should only permit access to the ports required for mail traffic. I think the "fixup protocol smtp" could help in preventing certain attacks by only allowing specific commands to be sent to your mail server but you still need to limit access to the server. Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, June 04, 2001 7:39 AM To: [EMAIL PROTECTED] Subject: MS exhcnage Security over PIX [7:7046] Dear fellows, How we could secure MS exchange over PIX firewall, we do not want any unknown user to access Exchange Server5.5 for relaying, is there any way that we can protect that thru PIX firewall or thru the external Router??? Immidiate respond will appericiated. Regards. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=7070&t=7046 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: QDM 2.0 (QOS device manager enhancement for IOS) [7:7079]
Would this be what you're seeking? http://www-1.cisco.com/cgi-bin/tablebuild.pl/qdm Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Tony Medeiros Sent: Monday, June 04, 2001 10:48 AM To: [EMAIL PROTECTED] Subject: QDM 2.0 (QOS device manager enhancement for IOS) [7:7079] I have looked and searched and looked all over the software center and CCO for the place to download this damn thing!!! Can anyone send me a link of where the hell the download page is for this so I can try it out?? Thanks a ton!! Tony M. #6172 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=7083&t=7079 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: backup plan for a campus [7:7052]
Ahh, don't we all get those wonderfully exorbitant design requirements with multiple tiers of redundancy and so very often a budget to barely implement the base network with no redundancy? Management always expect the network and design guys to come up with some "hoodoo" design for a kickass network that will never fail. I'm in a similar situation right now. I see all the fanciful notions of 5 nines reliability slowly getting thrown out one by one because of budget constraints. Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Stephen Skinner Sent: Monday, June 04, 2001 10:58 AM To: [EMAIL PROTECTED] Subject: Re: backup plan for a campus [7:7052] yes they did cut my budget.yes i told them it was a bad idea and yes they made me do it . all it took was a UPS brownout to show them i was right.for my troubles .. i was blamed by the customer and shunned by my employer... all in all a good days work.. steve (once buggered twice shy) >From: "Carroll Kong" >Reply-To: "Carroll Kong" >To: [EMAIL PROTECTED] >Subject: Re: backup plan for a campus [7:7052] >Date: Mon, 4 Jun 2001 09:56:28 -0400 > >At 09:33 AM 6/4/01 -0400, Stephen Skinner wrote: > > >once apon a time there was a man who was given a spec to build a > >network with full redundency...the spec he put togother cost WAY > >to much and need severly cutting down...he told them not to do it > >but they >ordered > >him to .so he did it the network fell over and the > >company >sued > >for designing a crap network ...who got the blame..the man > >with >his > >NAME on the design doc. > > > > > >have fun > > > >steve > >1) I am confused. So, if the man who built the "over priced" network >made a fully redundant network, and it still failed, did he not fail >his job miserably? > >2) Or did you mean, they cut his budget, and STILL told him to make >the fully redundant network, despite his warnings? > >I am going to assume #2, since #1 does not make sense. > > > >-Carroll Kong _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=7086&t=7052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Transparent Bridging ? [7:7126]
Indeed. Bridging using two 2500s as mentioned makes the routers operate strictly at layer 2. They will not forward packets of any kind using layer 3 methodology. In effect, they will not use any layer 3 forwarding mechanism so you cannot point a PC's def. gtwy to their local interface. Your PC will operate just fine without any gateway if all you need to do is establish connectivity to the other PC across the bridge. Both PCs should be in the same network of course. If they aren't then you know that you need to route and not bridge. Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Charles Manafa Sent: Monday, June 04, 2001 4:17 PM To: [EMAIL PROTECTED] Subject: RE: Transparent Bridging ? [7:7126] Check your addressing. Both PCs should be on the same subnet, and do not require a default gateway. A PC should not be configured with the IP address of a bridge as the default gateway. CM -Original Message- From: Philip Barker To: [EMAIL PROTECTED] Sent: 04/06/01 20:22 Subject: Transparent Bridging ? [7:7126] Hi Group, I vill say ziss only vonce. Okay, its my second attempt at trying to work out how I can bridge IP across to 2500's. I have 2 2500's configured with "no ip routing". 2 PC's are connected at either end, i.e one to bridge 1 and one to bridge 2. I have a sniffer on both PC's. I am attempting to ping from one PC to the other. IEEE spanning tree is applied on both bridges. The bridges are connected via a serial cable and the serial ports of the bridges as well as the Ethernet ports are in bridge group 1. I have verified spanning tree operation and one of the serial ports has been elected root port on bridge 1, the other bridge is the designated bridge. Ref : Radia Perlman, Interconnections p.83. So far so good. I have configured the PC's with a default gateway to the IP address of each of the bridges. When I attempt to ping from one PC to the other, I can see from my Sniffer trace that the PC ARP's for the MAC Address of the bridge, this ARP is successful and the PC then sends out an ICMP echo request. This echo request appears to be my problem since the destination MAC address of this packet contains the Ethernet Mac address of the local bridge and the local bridge consequently disregards the packet. Should the PC have an ARP entry installed for the destination IP address that I am pinging ? Has anyone achieved this scenario ? or am I way off mark with my thinking here. The reason I set this LAB up was because so many questions appear to be being asked at CCIE written level akin to this setup i.e can PC 1 ping PC 2 in similar arrangement using (RSRB/DLSW+/SRB etc) Any comments welcome. Regards, Phil. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=7151&t=7126 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP for 2 T1's to one LAN [7:7511]
I believe what you're looking for is a way to load balance traffic to your web servers. You also wish to achieve a degree of fault tolerance in case one server goes down. If both servers have the same content and the content is static, you could use a feature called DNS round-robin which basically returns a list of IP addresses to a querying client for any single hostname. If one server becomes unavailable the client can use the other IP addresses given by the DNS server to access the same site. There's no routing protocol involved here and I don't think it's possible to do what you need using a routing protocol. The good thing about DNS round-robin is that the IP addresses of the web servers could be totally unrelated. This seems to be more of an application specific need for fault tolerance. If this is possible using a routing protocol I'd be happy if someone pointed out the error of my ways. I'm always open to suggestions. Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Daniel Wilson Sent: Thursday, June 07, 2001 9:39 AM To: [EMAIL PROTECTED] Subject: BGP for 2 T1's to one LAN [7:7511] We are trying to have the web servers in our LAN accessible to the internet via 2 T1's from different providers -- more for redundancy than load sharing, though that matters too. Currently we have 2 T1's, each giving us a different set of IP addresses. That just lets us put some sites on each T1 -- doesn't give us an ounce of redundancy. I've been told that if we get a router with 2 WIC's that can speak BGP (Cisco 2600 or better) that may solve our problem. I'm very new to routing, so can someone answer some basic questions? Is the idea with this solution that we will be running just one set of IP addresses? And that, because of BGP on our router, either ISP will be able to route traffic to that set of IPs on the T1 it provides? Thanks in advance. -- Daniel Wilson, BSCS, MCP Application Developer http://www.compusoftsolutions.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=7520&t=7511 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP for 2 T1's to one LAN [7:7511]
Since you're running an e-commerce site then users probably establish sessions which are dynamic in nature, passwords, logins etc. If you need failover capabilities you need to consider that if a failover did occur, you'd want active, open sessions statefully failed over to the backup server. I'd be pretty pissed if I was in the midst of a high dollar transaction and my session died on me. Things could get pretty complicated there. The only way I know of achieving that sort of capability is by doing clustering. Since your application is already installed and running, then a cluster solution is more difficult to engineer. Anyway this is way out of my league. I respectfully bow my way out of this thread to make way for someone more versed in this arena. :-) Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Daniel Wilson Sent: Thursday, June 07, 2001 10:42 AM To: [EMAIL PROTECTED] Subject: Re: BGP for 2 T1's to one LAN [7:7511] The quick responses on this group are great! Thanks for the help so far. The content is not static. The sites in question run e-commerce. We could look at setting up access from both servers to the same DB server over an internal network ... so that would answer that objection to the solution you offered. I started by asking questions on a different group about round-robin DNS. What I was told was that since we don't control anyone else's DNS caching settings (our TTL entries etc. are really only suggestions) that when one T1 goes down & we change the DNS settings to point to only the other line clients & other DNS servers would still try to access the downed T1. Is this accurate as far as you know? If round robin DNS will provide fault-tolerance, that's great. If not ... we need to look elsewhere. Thanks! -- Daniel Wilson, BSCS, MCP Application Developer http://www.compusoftsolutions.com/ Vijay Ramcharan wrote: > I believe what you're looking for is a way to load balance traffic to > your web servers. You also wish to achieve a degree of fault > tolerance in case one server goes down. If both servers have the same > content and the content is static, you could use a feature called DNS > round-robin which basically returns a list of IP addresses to a > querying client for any single hostname. If one server becomes > unavailable the client can use the other IP addresses given by the DNS > server to access the same site. There's no routing protocol involved > here and I don't think it's possible to do what you need using a > routing protocol. The good thing about DNS round-robin is that the IP > addresses of the web servers could be totally unrelated. This seems to > be more of an application specific need for fault tolerance. If this > is possible using a routing protocol I'd be happy if someone pointed > out the error of my ways. I'm always open to suggestions. > > Vijay Ramcharan > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf > Of Daniel Wilson > Sent: Thursday, June 07, 2001 9:39 AM > To: [EMAIL PROTECTED] > Subject: BGP for 2 T1's to one LAN [7:7511] > > We are trying to have the web servers in our LAN accessible to the > internet via 2 T1's from different providers -- more for redundancy > than > > load sharing, though that matters too. Currently we have 2 T1's, each > giving us a different set of IP addresses. That just lets us put some > sites on each T1 -- doesn't give us an ounce of redundancy. > > I've been told that if we get a router with 2 WIC's that can speak BGP > (Cisco 2600 or better) that may solve our problem. I'm very new to > routing, so can someone answer some basic questions? > > Is the idea with this solution that we will be running just one set of > IP addresses? And that, because of BGP on our router, either ISP will > be able to route traffic to that set of IPs on the T1 it provides? > > Thanks in advance. > > -- > Daniel Wilson, BSCS, MCP > Application Developer > http://www.compusoftsolutions.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=7532&t=7511 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: generally,in a vlan,how many workstaions are in is better? [7:7764]
We also use floors for separating VLANs. Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jeff Bunch Sent: Friday, June 08, 2001 1:28 PM To: [EMAIL PROTECTED] Subject: RE: generally,in a vlan,how many workstaions are in is better? [7:7761] We use Geography, One for each switch, two switches per floor. One at each end of floor. >>> "Chuck Larrieu" 06/07/01 10:21PM >>> Not meant to be sarcastic, but how many hosts in any network, VLAN or otherwise? Answer is "it depends" ;-> I have a question for you folks who use VLAN's extensively. Do you establish membership by geography ( floors, parts of floors, buildings, etc ) or by function ( accounting, sales, engineering? ) I ask because most of the orgs that I interact with that use VLANs tend to do it by geography. Chuck -Original Message- From:[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Leo Shen Sent:Thursday, June 07, 2001 7:38 PM To:[EMAIL PROTECTED] Subject:generally,in a vlan,how many workstaions are in is better? [7:7660] 50?100?200? We use Geography, One for each switch, two switches per floor. One at each end of floor. >>> "Chuck Larrieu" 06/07/01 10:21PM >>> Not meant to be sarcastic, but how many hosts in any network, VLAN or otherwise? Answer is "it depends" ;-> I have a question for you folks who use VLAN's extensively. Do you establish membership by geography ( floors, parts of floors, buildings, etc ) or by function ( accounting, sales, engineering? ) I ask because most of the orgs that I interact with that use VLANs tend to do it by geography. Chuck -Original Message- From:[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Leo Shen Sent:Thursday, June 07, 2001 7:38 PM To:[EMAIL PROTECTED] Subject:generally,in a vlan,how many workstaions are in is better? [7:7660] 50?100?200? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=7764&t=7764 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Internet traffic in a VLAN environment [7:9318]
Could someone enlighten me on some of the best practices for directing traffic destined for the Internet from a VLAN based environment? I mean, is it best to create a separate VLAN and direct all unknown traffic out through that VLAN and then out to the Internet? OR Do you just choose one preexisting VLAN and have that one connected to your Internet router? I'm a bit confused. (lot confused?) Vijay Ramcharan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=9318&t=9318 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Internet traffic in a VLAN environment [7:9318]
Thanks but not quite. I was just wondering about the actual placement of the Internet router. Is it in it's own VLAN or is it part of another VLAN with hosts, servers etc. In terms of security, wouldn't best practice dictate that a router that is directly connected to the Internet, be segregated in its own VLAN? Am I right or wrong? I know how to make it work either way, but I'd just like to get an idea of what the better ways are of separating Internet bound traffic from LAN based traffic? Vijay Ramcharan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Karen E Young Sent: Saturday, June 23, 2001 2:23 AM To: [EMAIL PROTECTED] Subject: Re: Internet traffic in a VLAN environment [7:9318] Vijay, All you need is a default gateway on the router that points to the internet. When an Internet destined packet from a workstation on a VLAN hits the switch it gets dumped off on the router or MSFC since it doesn't have a destination MAC address of a device on that VLAN. The router takes a look at the IP and sees if it has a route. If it doesn't recognize the destination network then it dumps it out the default gateway. Any return traffic will have a destination IP and MAC address that the router and switch will recognize. Hope this helps. Karen *** REPLY SEPARATOR *** On 6/21/2001 at 10:27 AM Vijay Ramcharan wrote: >Could someone enlighten me on some of the best practices for directing >traffic destined for the Internet from a VLAN based environment? I >mean, is it best to create a separate VLAN and direct all unknown >traffic out through that VLAN and then out to the Internet? OR >Do you just choose one preexisting VLAN and have that one connected to >your Internet router? > >I'm a bit confused. (lot confused?) > >Vijay Ramcharan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=9778&t=9318 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CIT next week
Hey congrats Mike. I also achieved CCNP recently- last Friday to be exact. I wrote Support 2.0 instead of CIT but it seems that you pretty much summarized the Support test also. Much of the same is in Support. Vijay Ramcharan, CCNP, MCSE -Original Message- From: Michael Fountain [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 18, 2000 9:45 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: CIT next week I just finished it yesterday. Out of all the tests I think CLSC was the most poorly written, but CIT comes in a close second. The questions are very vague, and you often have to guess what they are looking for. They aren't extremely hard though, and if you are familiar with the topics you should be able to work it out. There are some fill in the blank questions for commands, and I even had one of those "move the boxes to the correct place" type questions. Don't stress too much over the packet trace questions. You do need to have a general idea of what a packet trace output looks like, and what does what. But, they decode the packet for you, so as long as you can understand what the decode written out to the side means you'll be ok. You don't have to memorize which hex means what in a packet. There was more appletalk on this test then any I've had before, but even still that was only a few questions. I'm not sure if this test is adaptive or not, but they sure beat the crap out of me with ISDN questions. Make sure you know the show/debug/troubleshooting stuff for ISDN. There were a fair number of Cisco web-site questions. Know the URL, the basic areas (marketplace, software center, etc) and a basic idea of what is in each There were a few questions on troubleshooting tools, but they were fairly basic as long as you have an idea of what the common tools are and what they are used for. hope that helps, Mike CCNP as of yesterday :) > >All, > >I am taking CIT next week and need some advice from people that have taken >this exam recently. Are there any fill-in-the-blanks like on ACRC? I am >having a lot of trouble the Boson "packet trace" questions. Are the many of >these type on the test? Are there a lot of IPX and AppleTalk questions? >token Ring? Is there a main area of troubleshooting that is focused on? > >Thanks, >Glenn > >Glenn FloodMCSE, MCP+I, MCT, CCNA, CNA, A+ > > > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE:
Not so. Assign an IP address to an interface and they're perfectly pingable. -Original Message- From: Roger Wang [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 19, 2000 5:24 PM To: Sameh Badros; [EMAIL PROTECTED] Subject: RE: Bridge is a layer 2 device. They will not show up as a "hop" when doing a traceroute, hence they can't be ping'ed. Same with ATM switches, or LAN switches like a Cat5. HTH, Rog > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Sameh Badros > Sent: Wednesday, July 19, 2000 2:19 PM > To: [EMAIL PROTECTED] > Subject: > > > > > > I am using Bridging between 2 routers connected through T1 but I am unable > to ping from either side..any ideas ? > > > Thanks in advance, > > Sameh > > > > > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Token Ring MAC Comm.
If anyone has a good link(s) to detailed info on Token Ring MAC communications, could you please forward them to me? Thanks. Vijay Ramcharan, CCNP, MCSE ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CBT Training Options (CCNP)
I don't know of any good CBTs for CCNP but I can tell you- Don't go with anything from Forefront. I bought their ACRC course for a lousy thousand bucks and I ended up passing the exam from Cisco's ACRC study guide. Their so-called hands on exercises suck and I'm still trying to find out what they were talking about when they said hands on. Vijay Ramcharan, CCNP, MCSE -Original Message- From: Montgomery, Robert WARCOM Contractor [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 03, 2000 4:02 PM To: CiscoGroupstudy Subject: CBT Training Options (CCNP) I've been battling it out with a local company here in San Diego to begin night classes geared towards CCNP. But thus far they're sticking to their day only schedule. They've instituted that e-learning program but still, if you can't get the time off to go to their site, you also can't get the time to sit at work and do it. This leads me to ask if anyone knows about good CBT training that covers the tests for CCNP? ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP Over Wan Link
No you haven't been doing that thing with the fumes. On Windows NT Server's DHCP Manager I know that you can use a NetBIOS scope ID to assign IP addresses to different subnets/networks. I don't know much about other DHCP management software. Maybe someone else can point you in the right direction. Vijay Ramcharan, CCNP, MCSE -Original Message- From: Patrick Stiever [mailto:[EMAIL PROTECTED]] Sent: Friday, August 04, 2000 2:02 PM To: '[EMAIL PROTECTED]' Subject: DHCP Over Wan Link Ladies and Gents, This would be the first time trying to set this up, I have a remote office with a frame-erlay link between them and the corporate site. The dhcp server is at the corporate site, I would like to it up that the users at the remote site uses a certain dhcp pool on that server. I have heard you can set it up so that a certain address pool will only assign address when the request comes through a certain router(i.e. the remote router). Does this make any sense or have I been inhaling too many paint fumes again? Any help would be great, thanks. Patrick Stiever Communications Engineer 24 Hour Fitness (760) 918 4459 [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: hexdecimal has got me stumped
The easiest way that I know of to convert hex to decimal and vice versa is by converting both to binary first. With hex, every 4 bits of binary is equal to 1 number or letter in hex. And of course, converting from decimal to binary is a piece of cake. So using the table below shouldn't pose a problem. Decimal Binary Hexadecimal 0 0 1 00011 2 00102 3 00113 4 01004 5 01015 6 01106 7 01117 8 10008 9 10019 10 1010A 11 1011B 12 1100C 13 1101D 14 1110E 15 F Now for an example. Convert 172.16.1.1 to Hexadecimal. In binary that looks like 10101100 0001 0001 0001 Now if every 4 bits of binary = 1 Hex character then the IP address above in hex would be AC100101 Please, someone correct me if I'm wrong. Vijay Ramcharan, CCNP, MCSE -Original Message- From: Tayo Dada [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 09, 2000 7:46 PM To: '[EMAIL PROTECTED]' Subject: hexdecimal has got me stumped is there any good documents on calculating hexdecimal figures into decimal figures, tayo --- "This email and any files transmitted with it are confidential, may be privileged or otherwise protected from disclosure, and are intended solely for the use of the individual or entity to whom they are addressed. Any unauthorised disclosure, use or dissemination, either whole or partial, is prohibited. If you have received this communication in error, please contact the sender by telephone on +44 (0)20 7292 1900 or by replying to this email and delete this message and any attachment from your system. If you are not the intended recipent you must not copy this message or attachment or disclose the contents to any other person. Opinions expressed are those of the sender and not necessarily those of Trizechahn Europe." --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: accesslists outbounds?
There is another advantage to placing access lists outbound. Traffic won't have to travel across the network only to be dropped on the other side. Less bandwidth consumption across your WAN. That's why it is recommended that access lists be placed as close as possible to the traffic source. My 2 cents. Vijay Ramcharan CCNP, CCDA, MCSE -Original Message- From: Atif Awan [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 23, 2000 11:28 PM To: Dale Holmes; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: accesslists outbounds? they say that outbound access lists are less processor intensive because the router has only to process those packets destined for the destination you are trying to affect. When you apply it inbound then the router has to match each packet coming into that interface even though that packet might not be relevant to the access list. The scenario presented is just a simple one and in this case it does not matter where you place the access list but think of two more serial interfaces in addition to S3. if you apply the access list inbound then packets destined for S4 and S5 will also have to be processed through the list even though they have nothing to do with the S3 interface. So the conclusion is that "Outbound access lists are IN GENERAL less processor intensive than in bound access lists" ... remember IN GENERAL ... there can be exceptions Regards Atif -Original Message- From: Dale Holmes <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>; [EMAIL PROTECTED] <[EMAIL PROTECTED]> Date: Wednesday, August 23, 2000 8:04 PM Subject: Re: accesslists outbounds? >Hard to imagine that it would be more efficient outbound on s3 rather than >inbound on s2. The router would have to go to all the trouble of determining >the path for the packet, only to drop it... seems kinda foolish. > >The process of reading the header and running down the access list entries >for a match is processor intensive, but it should not be more or less >intensive in any one direction... the process is still the same, isn't it? > >Dale >[=`) > > >>From: "Martin Eriksson" <[EMAIL PROTECTED]> >>Reply-To: "Martin Eriksson" <[EMAIL PROTECTED]> >>To: <[EMAIL PROTECTED]> >>Subject: accesslists outbounds? >>Date: Wed, 23 Aug 2000 13:01:27 +0200 >> >>Hi! >> >>Found a little something in the CCNA Router and Switching Study Guide >>(http://www.rkingma.com/cisco/TestHome.htm). >>that I can't really recall reading anywhere else.. >> >>A simple scenario... >> >>s1 10.10.10.102 >> | >> |---routerA-s3 10.10.20.1 >> | >>s2 10.10.10.101 >> >>Access-list 1 permit 10.10.10.101 >>Access-list 1 deny 10.10.10.0 0.0.0.255 >> >>According to the text: " We could apply it as an inbound filter on Router >>A's interface to network 10.10.10.0, or as an outbound filter on Router A's >>interface to network 10.10.20.0. Outbound filters are less processor >>intensive for the router, so let's apply it outbound.". >> >>It's the last part I get confused with, "outbound filters are less >>processor intensive". >>I thought it was the opposite that it's better to stop the packets at the >>entry instead of the exit. >> >>I'm sure someone can sort things up for me.. >> >>best regards! >>Martin, E >> >> > > >Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com > >___ >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html >FAQ, list archives, and subscription info: http://www.groupstudy.com >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Reverse telnet definition
How about this? A regular telnet session is initiated by a client to a host. A reverse telnet session is initiated by the host to a client. The host in this case would be the router calling a modem that's connected to an async interface. That's how I look at it anyway. Anyone care to comment? Vijay Ramcharan CCNP, CCDA, MCSE -Original Message- From: Dale Holmes [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 23, 2000 3:14 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Reverse telnet definition >From the DOC CD: "Performing a reverse Telnet means that you are initiating a Telnet session out the asynchronous line, instead of accepting a connection into the line (called a forward connection)." Does that help? Dale [=`) >From: RD <[EMAIL PROTECTED]> >Reply-To: RD <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: Reverse telnet definition >Date: Wed, 23 Aug 2000 11:28:31 -0700 (PDT) > >After the recent "what's in an IP packet" and "How do you pronounce " >threads, I hesitate to ask a simple question, but here goes... > >...can anyone explain to me why Cisco insists on calling it "Reverse >Telnet"??? Telnet is telnet right? What am I missing? > >- Rich > > > > > >___ >Say Bye to Slow Internet! >http://www.home.com/xinbox/signup.html > >___ >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html >FAQ, list archives, and subscription info: http://www.groupstudy.com >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCDA Study Materials
I haven't read that book but I can recommend the CCDA Study Guide from Cisco Press. I used that to pass the exam a couple of weeks ago. Someone mentioned that they had 4 case studies- if I remember correctly I had 5! The Study Guide has quite a few case studies- but I didn't go through any of them and I didn't answer any of the questions at the end of the chapter. Seriously though, the exam is not that difficult if you have a firm grasp of the basic issues of networking- Congestion, applications (Web servers, email servers, NT servers etc.), bandwidth requirements, network topologies, cabling, etc. I found the material in the Study Guide more than adequate for the exam. Hope this helps. Oh and by the way, if you ever get down to studying for the CID exam don't buy the Cisco Internetwork Design guide from Cisco Press. I used it to study for the CID exam and was unpleasantly surprised to find way different material on the exam. Surprise, surprise- I failed the exam by a measly few points. Good luck to you. Vijay Ramcharan CCNP, CCDA, MCSE -Original Message- From: Len Krol [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 29, 2000 8:21 AM To: [EMAIL PROTECTED] Subject: CCDA Study Materials Hello, Does anyone have any suggestions for books to read for the CCDA exam. I am currently reading Cisco Press "Designing Cisco Networks", but it kind of sucks. Thanx. len CCNA -- - Click here for Free Video!! http://www.gohip.com/free_video/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Hello
I'm located in Jamaica, NY. I've been pondering whether to inquire about any study groups in the Queens, LI area. If there are any study groups in this area, I would be happy to be a part of it. I've recently completed the ACRC exam and I'm preparing for BCRAN. If anyone is interested in forming a study group in this area, please let me know. Thanks. Vijay Ramcharan, MCSE, CCNA mailto:[EMAIL PROTECTED] -Original Message- From: Jeffrey Klein [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 09, 2000 7:45 AM To: '[EMAIL PROTECTED]' Subject: Hello Is there a study group on Long Island I could be a part of? ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: notebook PC as console
Belkin has serial to USB converters available. USB to Ethernet is also available (in case you're interested). I'm pretty sure though that all notebooks do come with a serial port. Vijay Ramcharan, MCSE, CCNA mailto:[EMAIL PROTECTED] -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 25, 2000 12:53 PM To: [EMAIL PROTECTED] Subject: notebook PC as console Sorry if this topic is way out of line and too stupid for most people, but I'm really a Mac user, so I have an excuse. Because I will be teaching Sniffer Pro classes, I have to buy a new notebook PC for taking on the road. (Can't buy a Mac ;-() My question: I want the PC to also act as a console port to Cisco routers and switches. It seems from my cursory investigation that a lot of the notebook PCs don't have a serial port anymore?? Or am I just not looking hard enough at the spec sheets? Many of them have a USB port. But does Cisco use USB for its console ports yet? I don't think so!? What do you all use for your PC console for a Cisco router or switch? Once the router or switch is configured, of course I'll use Telnet to an Ethernet port, but I'm worried about that initial config. Thanks Priscilla __ Priscilla Oppenheimer Phone 541-482-5685 Fax 541-488-1708 Web http://www.priscilla.com ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: notebook PC as console
Belkin part numbers: USB Serial adapter for PC is F5U103 USB 10BaseT adapater is F5U111 Use the link below to get a full list of part numbers as well as some info on other cool USB hardware. They have one that allows you to use PS/2 keyboard and mouse thru one USB port. http://catalog.belkin.com/IWCatSectionView.process?IWAction=Load&Merchant_Id =1&Section_Id=36 Vijay Ramcharan, MCSE, CCNA mailto:[EMAIL PROTECTED] -Original Message- From: Bharat Suneja [mailto:[EMAIL PROTECTED]] Sent: Friday, May 26, 2000 2:50 AM To: [EMAIL PROTECTED] Subject: Re: notebook PC as console This question was posted by me to the newsgroup earlier - what if you are buying one of those new legacy-free PCs that has only USB ports ? I searched on the Belkin web site but did not find the USB-to-Serial converter. Let me know the part number if you know it. Thanks, Bharat Suneja "Vijay Ramcharan" <[EMAIL PROTECTED]> wrote in message 6D0C88A4C9E3D311BDE40020AFFA39F5066626@EXSRVR">news:6D0C88A4C9E3D311BDE40020AFFA39F5066626@EXSRVR... > Belkin has serial to USB converters available. USB to Ethernet is also > available (in case you're interested). > I'm pretty sure though that all notebooks do come with a serial port. > > Vijay Ramcharan, MCSE, CCNA > mailto:[EMAIL PROTECTED] > > > -Original Message- > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] > Sent: Thursday, May 25, 2000 12:53 PM > To: [EMAIL PROTECTED] > Subject: notebook PC as console > > > Sorry if this topic is way out of line and too stupid for most people, but > I'm really a Mac user, so I have an excuse. Because I will be teaching > Sniffer Pro classes, I have to buy a new notebook PC for taking on the > road. (Can't buy a Mac ;-() > > My question: I want the PC to also act as a console port to Cisco routers > and switches. It seems from my cursory investigation that a lot of the > notebook PCs don't have a serial port anymore?? Or am I just not looking > hard enough at the spec sheets? > > Many of them have a USB port. But does Cisco use USB for its console ports > yet? I don't think so!? > > What do you all use for your PC console for a Cisco router or switch? > > Once the router or switch is configured, of course I'll use Telnet to an > Ethernet port, but I'm worried about that initial config. > > Thanks > > Priscilla > > __ > Priscilla Oppenheimer > Phone 541-482-5685 > Fax 541-488-1708 > Web http://www.priscilla.com > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Isolation
You are not alone. I'm in the same spot as you are. I have virtually zero hands on with Cisco equipt. My current position is slowly squeezing my enthusiasm. In a couple of months, I'm am gone from here and hopefully I'll find something that will allow me to work with Cisco equipment (nice to have other types thrown in as well) even though I may have to start at the lower end. I've already started on the CCNP track and I find it damn difficult to get through the study material without hands on. I'm hoping to get a couple of routers on my own because I think classes are just too expensive. Good luck on your journey. Vijay Ramcharan, MCSE, CCNA -Original Message- From: Michael Linehan [mailto:[EMAIL PROTECTED]] Sent: Monday, June 05, 2000 4:16 PM To: CiscoStudyGroup Subject: Isolation Although this group is great for collabarating...I feel the need for some human interaction. My current job environment entails me as the only network proffessional on staff. Is any member of the list a current member of the NPA? If so, what do they think? Is this worth the $175.00 per year? Are there any other options in the Twin Cites (Minnesota) area?? Also I have a philosophical question. Would it be better to find a position that peripherally allows some Cisco WAN experience before embarking on CCNP/CCIE? I have my CCNA. Or should one just go for it anyway? ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNA badge
http://www.galton.com/~cisco/ Login or create a login and you'll find a link somewhere. Vijay Ramcharan, MCSE, CCNA -Original Message- From: Ole Drews Jensen [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 08, 2000 3:23 PM To: '[EMAIL PROTECTED]' Subject: CCNA badge > As with Microsoft, I think that one of the hardest things about Cisco is > to find something on their website. > > I have now tried to follow two different directions from Cisco, but I am > still not able to find the CCNA badge (logo) information/download > anywhere. > > Does anyone have a valid link? > > Thanks, > > Ole > > ~ > Ole Drews Jensen > Systems Network Manager > CCNA, MCSE, MCP+I > RWR Enterprises, Inc. > [EMAIL PROTECTED] > ~ > ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
No Subject
Groupstudy has been unusually quiet. Either everyone is on vacation or the filters are acting up again. ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NAT Pool
If you only need Internet access for browsing use PAT, it's more efficient in conserving your global IP addresses. You only need one global IP address to use PAT and there should no noticeable latency in the translations for 150 PCs. Vijay Ramcharan, MCSE, CCNA -Original Message- From: Paco García [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 13, 2000 7:27 AM To: [EMAIL PROTECTED] Subject: NAT Pool Hi all: I have 150 computers for connect to internet, I have to configure a nat pool to this connection, How many addresses I have to configure into the pool, for more efficient translation? Thanks ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP Exam Order
Makes sense. The CIT/Support exams are supposed to draw upon the material learned from the previous exams. I plan on taking the Support exam last also. Only got Switching and Support left to take before I get the CCNP. Vijay Ramcharan, MCSE, CCNA -Original Message- From: Montgomery, Robert WARCOM Contractor [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 20, 2000 11:14 AM To: Cisco Subject: CCNP Exam Order Just read a couple of articles that recommended putting the CIT exam at the end of the list when taking the tests for CCNP. Anyone think differently, the same? Rob Montgomery CCNA MCP IA Systems Analyst Sytex, Inc./ Naval Special Warfare Command ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How far by self study?
I'm going to disagree with you on your last point. CCNP and CCDP are absolutely attainable through self study and no lab.Around Feb of this year I started on the CCNP track and I've gotten through 3 of the 4 exams needed for CCNP, all I have left is Support (which I plan on taking when Barnes & Noble decides to send my Study Guide). No, I don't have a lab. No, I've never configured a Cisco router out of the box and I don't really work with them everyday or anyday for that matter. I'm no genius either. Before last December, I hardly knew of the IOS and I damn sure didn't know what OSPF was. A lot of reading and study time really pays off. I do have access to a couple of 2610s that I can use for show commands on the standard IP feature pack but that's about it. Do you need experience to pass the exams? No. It would help a lot I can tell you, but it's not necessary. Now, should one consider oneself a highly skilled CCNP just by merely passing the exams? Heck no! There's no way of beating actual hands on experience with equipment and that's what would qualify you as possessing the skills of a CCNP. Until I get my hands-on, I'm not going to consider myself a "professional" even though the cert says I am. It sure feels good though, to get the cert out of the way so I can focus on getting real experience and then move on to CCIE. HAPPY STUDYING!!! Vijay Ramcharan -Original Message- From: Russell Lusignan [mailto:[EMAIL PROTECTED]] Sent: Friday, June 23, 2000 3:35 PM To: [EMAIL PROTECTED] Subject: Re: How far by self study? I have my CCNP and I never attended any Cisco or related training. I bought Cisco Press books and other related books and since I work with the products full time it helped quite a bit. If your going to do self study for your certification, make sure you have a lab readily available to you. CCNA was passable without actually using a router/switch, but CCNP requires experience Hope that helps Russ.. "Patrick Duggan" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi one and all, > I am curious to know how many people have got to CCDP/CCNP > by self study alone. the difficulty of this is a like the length of string, > given enouh time most things are possible. Realistically, without attending > training courses is it so difficult to get through these exams. I did the > course for CCNA (really good) but self studied CCDA. This i reckon took me > aboout a week of solid study but it came across as a "study friendly topic". > I am now looking at the CCDP path and the CID first, it looks really bloody > difficult! But don't all new topics? So can anybody give advice on the > reality of CCDP self study? > thanks > Pat Duggan ccna ccda mcse blah blah > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Access Lists
Why don't you just use one access list on the 192.168.x.x network router to deny it from seeing any traffic from the 10 network? eg. #access-list 101 deny ip 192.168.0.0 0.0.255.255 10.0.0.0 0.255.255.255 #access-list 101 permit any any Apply this outbound to the 192.168.x.x interface and you should be set. This will allow traffic from the 10 netwk to get to the 192.168 netwk but will deny 192.168 from getting to 10. Vijay Ramcharan, MCSE, CCNA -Original Message- From: Asad Jafari [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 05, 2000 12:27 PM To: [EMAIL PROTECTED] Subject: Access Lists Hello All, I've configured a 2611 for routing in between two different LAN's. One is a 10.0.0.0 and the other is 192.168.0.0. I have configured access lists for this. I want the 10.0.0.0 network to see the 192.168.0.0 network. I don't want the 192.168.0.0 network to see the 10.0.0.0 network. I have been playing with it but can't get it to work. Either it will block both sides or open both. Any help will be really appreciated. Thanks in advance, Asad Jafari. ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Questions on CCNP exams
Well, it's like this. The CCNP certification has 2 versions. Version 1 is basically made up of the old exams, namely ACRC, CLSC, CMTD and CIT. Version 2 is made up of BSCN, BCRAN, BCMSN and Support. All of the old exams will be retired on July 31 of this year. You may write any exam from the old track and continue with the rest of the exams from the new track to finish your CCNP. If you write any exam from the old track you will be considered as having been certified under CCNP version 1. What does this mean? A post about a month ago said that Cisco doesn't consider either version better than the other. You'll still have to recertify after a certain period, no matter if you're version 1 or 2. Just like the MCSE certification where you have to recertify after 2 years. What is the recertification procedure for CCNP? I don't know but I'm checking CCO right now... Cisco has no info on recertification. They said that you should check at a later date. Good luck on your CCNP studies and exams. Vijay Ramcharan, MCSE, CCNA -Original Message- From: Bob Edmonds [mailto:[EMAIL PROTECTED]] Sent: Monday, July 10, 2000 5:54 PM To: [EMAIL PROTECTED] Subject: Questions on CCNP exams I was enrolled in the cisco networking academy for 2 years at my highschool and have just graduated this year. While in the academy I was using a CCNA practice exam program that ciscopress put out. While using this program I noticed many errors, you know wrong questions/answers. I sent and email to ciscopress notifying them of this problem, and they responed by asking me to do a review of the 850 questions and let them know which ones were bad, and in return they said that they would pay me. I wrote them back saying that I would gladly do the review and as far as payment went all I wanted was some free books. The executive editor of ciscopress wrote back saying just send me a list of the books you want and you'll have them. I sent a list that consisted of 9 books and sure enough, once I completed the review, he sent me the books as well as a check (the check was much unexpected and much appreciated!!!). Now begins the questions. I've read that the CCNP exams' format has been changed and new material will be covered in order to reach the level of CCNP. I was wondering if the books that I got: which are the CCNP preperation library, BCMSN, ACRC (Laura Chappell), as well as DCN (for the CCDA), CCDA, and the CID book: will these books be "outdated" due to the change? And if so, what will I need to supplement this change in the exams? Basically what I'm asking is , where can I get the knowlege need to pass the exams? I've been reading the posts on this news group for a 2 days now and it seems to me that this place is awesome!!! Everyone here is soo helpful and knowlegable of cisco equipment. Ohhh, and by the way I just passed the CCNA exam on July 8th, I only whish I would have found this group before I did. I found it the night before the test and spent hours reading the posts. Well this is getting rather lengthy so I'll be stopping now. Any information be helpful. Thank you, Bob ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE Written preparation [7:69384]
I took the CCIE Written yesterday just to see how difficult it was. It is the most difficult exam that I've ever seen except maybe for the MCSE 2000 Accelerated. I would advise anyone planning to take this exam not to take it lightly. It is difficult, much more difficult than the old one. I've taken and passed both the CCNP and CCDP recertification exams recently and they are easy compared to this. Don't waste your $300 if you don't know ALL the topics listed in the blueprint. I saw questions in the exam from every topic listed in the blueprint. I congratulate the exam designers/writers for making it this difficult. You really have to know a lot and be able to understand the topics in depth in order to pass. Vijay Ramcharan -Original Message- From: Weaselboy [mailto:[EMAIL PROTECTED] Sent: Thursday, May 22, 2003 11:53 AM To: [EMAIL PROTECTED] Subject: Re: CCIE Written preparation [7:69384] There is a good reading list at: http://home.attbi.com/~blaga/Written.htm On Wed, 2003-05-21 at 16:49, Sam Deckert wrote: > Hi everyone, > > Just a quick one - what books would you recommend in preparing for the > current CCIE written examination? > > My employer has given me the go ahead, and would like to know what > books I require for my self study. Any suggestions of books you have > found helpful would be appreciated. > > Cheers! > > Sam. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=69760&t=69384 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Firewall --- DMZ to Inside Access [7:69877]
Define static(s) to translate inside host address(es) to DMZ address(es) like so: static (inside,DMZ) 192.168.10.222 10.2.5.222 netmask 255.255.255.255 0 0 static (inside,DMZ) 192.168.10.230 10.2.5.230 netmask 255.255.255.255 0 0 Configure an access list to permit traffic to the tranlated inside address(es) like so: access-list acl_dmz permit tcp host 192.168.10.15 host 192.168.10.230 eq 143 access-list acl_dmz permit tcp host 192.168.10.15 host 192.168.10.230 eq pop3 Apply your access-list: access-group acl_dmz in interface DMZ Vijay Ramcharan -Original Message- From: Curious [mailto:[EMAIL PROTECTED] Sent: Friday, May 30, 2003 11:26 AM To: [EMAIL PROTECTED] Subject: PIX Firewall --- DMZ to Inside Access [7:69877] Fellows - I have a senario here, I have a PIX firewall with 3 Interfaces , Inside, Outside and DMZ. Machines on the Inside Interface can access Server on DMZ Zone, no problem, I have to facilitate limited access from DMZ zone Servers to Host on Inside Interface. Let take an example, I have a Server on DMZ zone 10.1.1.1 and i need to alow TCP Port 7000 from this Server to a host on Inside zone whoes IP address is 192.168.20.10 I have a raw configuration in my mind since i dont a PIX with 3 Interfaces in my LAB i can not test it. I know i have put an Access List / NAT to do this. Any config welcome. thanks -- Curious MCSE, CCNP Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=69885&t=69877 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Win32Tools [7:71017]
Does anyone know of any documentation for the freeware SNMP package "Win32Tools.exe". I can use "get" and "getnext" but I can't figure out the syntax used by the "set" command. I'm trying to develop a few simple Windows scripts that can run scheduled router configuration collection but the only tools that are working cost a bit much. I'm not interested in any GUI based products like Kiwi CatTools. Scripted collection is so much more flexible. http://www.wtcs.org/snmp4tpc/redirect.htm#Win32tools Thanks. Vijay Ramcharan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71017&t=71017 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NAT translation table [7:61553]
uot;Microsoft Internet Explorer"
WScript.Sleep 2000
objCmdShell.SendKeys "{TAB}"
WScript.Sleep 500
objCmdShell.SendKeys "+" & strURL
WScript.Sleep 500
objCmdShell.SendKeys "{ENTER}"
Wscript.Sleep 15000
': Send CTRL+A
objCmdShell.SendKeys "^a"
Wscript.Sleep 2000
objCmdShell.SendKeys "^c"
Wscript.Sleep 2000
objCmdShell.SendKeys "%(fc)"
Wscript.Sleep 2000
If objFSO.FileExists(strFileName) Then
objFSO.DeleteFile(strFileName)
End If
objCmdShell.Run "notepad"
objCmdShell.AppActivate "notepad"
WScript.Sleep 2000
objCmdShell.SendKeys "^v"
Wscript.Sleep 2000
objCmdShell.SendKeys "%(fs)"
Wscript.Sleep 2000
objCmdShell.SendKeys "+" & strFileName
Wscript.Sleep 2000
objCmdShell.SendKeys "{ENTER}"
Wscript.Sleep 2000
objCmdShell.SendKeys "%(fx)"
Dim objAllNumbersFile
Set objAllNumbersFile =
objFSO.OpenTextFile(strAllEarthLinkNumbers, 8, True)
Dim objFile, strLine, numTest, strTelNumber,
strCityState, numTelLength
Dim strLineLen, strCSVFileLine
Set objFile = objFSO.OpenTextFile(strFileName, 1)
Do While NOT objFile.AtEndOfStream
strLine = Trim(objFile.ReadLine)
strLineLen = Len(strLine)
strPattern = "(\d+)"
RegEx.Pattern = strPattern
numTest = RegEx.Test(strLine)
If numTest Then
strPattern = "(^\d+\s+\d+\s+\d+)"
RegEx.Pattern = strPattern
Set strMatches = RegEx.Execute(strLine)
For Each strMatch in strMatches
strTelNumber = Trim(strMatch)
strPattern = "(\s)"
RegEx.Pattern = strPattern
strRepl = "-"
strTelNumber =
RegEx.Replace(strTelNumber, strRepl)
numTelLength =
Len(Trim(strTelNumber))
strCityState =
Trim(Right(strLine, (strLineLen - numTelLength)))
strCSVFileLine = strTelNumber &
"," & strCityState
Wscript.Echo "Writing line " &
strCSVFileLine
objAllNumbersFile.WriteLine(strCSVFileLine)
Next
Else
Wscript.Echo "THIS IS NOT AN ACCESS
NUMBER LINE"
End If
Loop
objFile.Close
objAllNumbersFile.Close
Next
End Sub
':==
===
Set objFSO = Nothing
Set objCmdShell = Nothing
Wscript.Echo vbCrLf & "End of Script" & vbCrLf
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
Vijay Ramcharan
-Original Message-
From: Gabriele [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 22, 2003 5:33 AM
To: [EMAIL PROTECTED]
Subject: NAT translation table [7:61553]
hi!
Does anyone knows if it's possible to export the cached NAT translation
table (the one you get with "sh ip nat trans") somehow? The export
should occur in a specified time range (e.g every 10 seconds). I need
the information for a software project about accounting of ip traffic.
the software itself cannot access the router by a console session
the cisco in use is a 3640 with IOS 12.1T.
thx a lot in advance
gabriele
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61579&t=61553
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Need simple network management tool [7:72132]
Since I'm sure that quite a few people could use something like this, I've created a fairly simple VBScript that will ping a list of hosts specified in a text file and send an email with hosts which are not responding. The script should work on any Windows 2000 or XP system. You'll need to be logged in as an administrator since the ping implementation uses raw sockets. You'll need to download and register the following components. http://www.ostrosoft.com/smtp_component.asp Download the zip and extract the SMTP.OCX file to your Windows System32 directory Run the following command: Regsvr32 %systemroot%System32SMTP.ocx http://www.netal.com/download.htm#SSR Download the zip and extract the SSCrRun.dll file to your Windows System32 directory. Run the following command: Regsvr32 %systemroot%System32SSCrRun.dll Create a text file called C:PingHosts.txt In PingHosts.txt, add the following lines exactly as they appear and fill in the appropriate information within the brackets []: SMTPServer: [SMTP_SERVER_IP_ADDRESS] SENDER Email: [SENDER_EMAIL_ADDRESS] RECIPIENTS: [EMAIL_ADDRESS_OF_RECIPIENT, SEPARATE WITH COMMAS IF > 1] Host: [IP_ADDRESS_OF_HOST] Host: [IP_ADDRESS_OF_HOST] Host: [IP_ADDRESS_OF_HOST] Etc... Download the script and sample text file via FTP from: 66.192.203.23 Directory: Netscripts User, Pass: netscript Run the script by launching a command prompt and running the command: Cscript C:PingHosts.vbs You should see the output from a ping to each host echoed onscreen. Any non-responsive host will be sent in an email to the list of email addresses specified for RECIPIENTS in C:PingHosts.txt You'll need an SMTP server which does not require authentication. Add as many hosts as you need and you can schedule the script to run using Task Scheduler or run it manually, whatever... Email me with any problems at [EMAIL PROTECTED] Vijay Ramcharan, MCSE, CCNP/DP -Original Message- From: Mossburg, Geoff (MAN-Corporate) [mailto:[EMAIL PROTECTED] Sent: Thursday, July 10, 2003 7:32 PM To: [EMAIL PROTECTED] Subject: Need simple network management tool [7:72132] Does anyone know of a freeware or shareware tool that will take a list of IP addresses (like all of my router's loopback addresses) and will ping each address once every x seconds/minutes? This sounds simple enough to make with just scripting, but I unfortunately don't know scripting... Please help! Thanks! Geoff Mossburg Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72152&t=72132 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Need simple network management tool [7:72132]
Since I'm sure that quite a few people could use something like this, I've created a fairly simple VBScript that will ping a list of hosts specified in a text file and send an email with hosts which are not responding. The script should work on any Windows 2000 or XP system. You'll need to be logged in as an administrator since the ping implementation uses raw sockets. You'll need to download and register the following freeware components. http://www.ostrosoft.com/smtp_component.asp Download the zip and extract the SMTP.OCX file to your Windows System32 directory Run the following command: Regsvr32 %systemroot%System32SMTP.ocx http://www.netal.com/download.htm#SSR Download the zip and extract the SSCrRun.dll file to your Windows System32 directory. Run the following command: Regsvr32 %systemroot%System32SSCrRun.dll Create a text file called C:PingHosts.txt In PingHosts.txt, add the following lines exactly as they appear and fill in the appropriate information within the brackets []: SMTPServer: [SMTP_SERVER_IP_ADDRESS] SENDER Email: [SENDER_EMAIL_ADDRESS] RECIPIENTS: [EMAIL_ADDRESS_OF_RECIPIENT, SEPARATE WITH COMMAS IF > 1] Host: [IP_ADDRESS_OF_HOST] Host: [IP_ADDRESS_OF_HOST] Host: [IP_ADDRESS_OF_HOST] Etc... Download the script and sample text file via FTP from: 66.192.203.23 Directory: Netscripts User, Pass: netscript Run the script by launching a command prompt and running the command: Cscript C:PingHosts.vbs You should see the output from a ping to each host echoed onscreen. Any non-responsive host will be sent in an email to the list of email addresses specified for RECIPIENTS in C:PingHosts.txt You'll need an SMTP server which does not require authentication. Add as many hosts as you need and you can schedule the script to run using Task Scheduler or run it manually, whatever... Email me with any problems at [EMAIL PROTECTED] Vijay Ramcharan, MCSE, CCNP/DP -Original Message- From: Mossburg, Geoff (MAN-Corporate) [mailto:[EMAIL PROTECTED] Sent: Thursday, July 10, 2003 7:32 PM To: [EMAIL PROTECTED] Subject: Need simple network management tool [7:72132] Does anyone know of a freeware or shareware tool that will take a list of IP addresses (like all of my router's loopback addresses) and will ping each address once every x seconds/minutes? This sounds simple enough to make with just scripting, but I unfortunately don't know scripting... Please help! Thanks! Geoff Mossburg Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72158&t=72132 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Lab Kit [7:72241]
I'm shopping around for a CCIE lab kit. I've put down 3 sites as likely candidates where I'll be buying from; www.chipsettech.com www.optsys.com www.layer7labs.com Any advice on which one I should choose to get the best bang for the buck? Any sort of feedback would be welcome. Thanks. Vijay Ramcharan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72241&t=72241 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: SPAM Filtering [7:72265]
I've spent quite a bit of time implementing a spam filtering solution on Windows 2000 and Exchange 2000 in our company. I now have a filter that's about 98% accurate and extremely easy to manage. In fact, I don't touch the spam filter for management purposes at all. Just check it every once in a couple of days to make sure everything's working okay. I use Vircom's Anti-Spam Gate for trapping spam on Windows 2000 and 3 VBScripts I developed myself for allowing users to release their own messages whenever and however many times they want. It's been working flawlessly for a number of months now and I've had very few complaints about false positives. It is possible to use an entirely free VBScript based spam filter using Windows 2000 SMTP "OnArrival" event but it would require an extensive bit of scripting to get it off the ground. One good aspect of Vircom is that their software and service is quite reasonable and the spam filter database is automatically updated every couple of days. ---Original Message- From: Joseph R. Taylor [mailto:[EMAIL PROTECTED] Sent: Mon 7/14/2003 4:47 PM To: [EMAIL PROTECTED] Cc: Subject: OT: SPAM Filtering [7:72265] Team, Our company is being bothered by SPAM. We only have about fifty employees. I need to look into SPAM filtering. I don't know if we'd benefit from an hardware appliance along with a content filter. Perhaps, WebSense and applications of this nature would be good. I'd appreciate hearing from anyone that has working knowledge of these applications. Thank you, JoeT CCNP Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72282&t=72265 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Slightly OT: Corrupted Emails on POP Server [7:72397]
I once had a similar problem that was being caused by version 3.0x of Symantec's Antivirus/Filtering software which ran on Exchange. Our Windows users had no problems receiving mail but our Mac users ran into a problem where a message that was flagged as spam and had its body replaced was incorrectly being terminated. The user would get all messages up to the offending one but couldn't get past it. The only solution at the time was to delete the offending message using Outlook Web Access or log in using MAPI on a PC. Symantec has since corrected the problem. --- Excerpt from Symantec's Knowledge Base POP3 session hangs while retrieving mail Symptom: A POP3 mail client (for example, Outlook Express) stops responding while retrieving one or more messages that were modified by Symantec AntiVirus/Filtering for Microsoft Exchange with a text substitution. This problem only affects single-part MIME messages formatted as HTML or RTF. Microsoft Outlook and Outlook Express cannot send messages in this format, so the problem is only seen in mail sent with other mail clients. Solution: POP3 messages must end with a period (.) on a new line. When Symantec AntiVirus/Filtering for Microsoft Exchange replaces an attachment or message body, it appends a carriage return (CR) to the substituted text. However, if the source format of the message was HTML or RTF, Symantec AntiVirus/Filtering for Microsoft Exchange was converting the CR to for HTML or /par for RTF. This caused the message to hang when retrieved with a POP3 mail client, because the final period (.) was no longer on a new line. The code was fixed to add the CR after the message is converted to HTML or RTF. This ensures that the final period (.) is on a new line. Vijay Ramcharan, MCSE, CCNP/DP -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 16, 2003 11:19 AM To: [EMAIL PROTECTED] Subject: Slightly OT: Corrupted Emails on POP Server [7:72397] I ran into this problem a couple of days ago and I'm interested if anyone else has experienced something similar. I opened up my email client at home the other day and noticed that it was continually downloading the same messages over and over again. It would get to the same message each time and the POP server would stop responding and those messages were not removed from the server. So, several minutes later the cycle would repeat. I called Comcast tech support and they said that I must have a corrupted email on the server. The solution was to login with the web-based mail utility and delete the offending message. I never did figure out which message was the culprit so I deleted all of them. This has resolved the problem but I can't figure out what would have caused the problem to begin with. What sort of 'corruption' could occur to an email that would cause this sort of behavior? Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72405&t=72397 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE Lab Setup [7:73612]
Not exactly related to this but... Are there any drawbacks to using (2) 2610s for a lab instead of a 2600 and a 3640 router? Vijay Ramcharan -Original Message- From: Natchaya Radhikulkaralak [mailto:[EMAIL PROTECTED] Sent: Thursday, August 07, 2003 7:44 PM To: [EMAIL PROTECTED] Subject: Re: CCIE Lab Setup [7:73612] Doesnt the vConsole ISDN simulator able to use SPIDs? Even though it is 525 dollars... I thought it did use spids. When you state to use a "backbone" router... what do you mean? Thomas Larus wrote: > > With $1,000 dollars, I would first buy a 4 port frame switch router, > perhaps a 2520. I say 2520, not 2521 (Token ring), because the > ethernet port on the > 2520 allows it to serve as an additional router-- perhaps a > "backbone" > router that you would connect to using ethernet. $200-$300, if > you are > lucky. > > A 4500 with a NP-4T might be even better (but loud!!) This will take > perhaps 300 dollars or so. You could add another 4 serial ints > and/or a > bunch of ethernet ints, and this could definitely serve as a > full-fledged > lab router as well as a frame switch. > > If you can find a cheap ISDN simulator (vConsole or Euro ISDN PBX > gizmo that only does Basic-Net3 and no spids) for $400-500, you > probably ought to buy > it, since you already have two ISDN capable routers. Then a > 1900 or 2820 > switch for $100 to $200 so you have a VLAN-capable switch. If > you have > enough money left over, you could pick up one more 2501. > (Always buy a 2503 > or 2514 if you can get it for a little more than a 2501, of > course.) > > It's not a first-rate lab, but it is enough of you to learn a lot of > the most difficult lessons. You could go for more routers and no > ISDN sim, but > ISDN can be such a tricky technology it is worth spending a lot > of time on. > This is a close call, though. > > Tom Larus, CCIE #10,014 > > > ""David Power"" wrote in message > news:[EMAIL PROTECTED] > > Hello, > > I have three 2500 routers (2x2503 and 1x2514) with the budget > of 1000$ I > am > > planning to buy some more routers for my CCIE home lab. Which > routers or > > switches I must have ( with in my $ limits or couple hundred > more). > > Every suggestion will be appreciated > > David > > > > > _ > > Protect your PC - get McAfee.com VirusScan Online > > http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 > > **Please support GroupStudy by purchasing from the GroupStudy > Store: > > http://shop.groupstudy.com > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73746&t=73612 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: 2x2610 vs 2600 + 3640: WAS Re: CCIE Lab Setup [7:73612]
On this same thread... What are the recommendations for ATM lab hardware? Can ATM be practiced with ATM ports connected back-to-back or is it necessary to get an ATM switch also? Thanks. Vijay Ramcharan -Original Message- From: "Chuck Whose Road is Ever Shorter" [mailto:[EMAIL PROTECTED] Sent: Sunday, August 10, 2003 11:21 PM To: [EMAIL PROTECTED] Subject: 2x2610 vs 2600 + 3640: WAS Re: CCIE Lab Setup [7:73612] ""Vijay Ramcharan"" wrote in message news:[EMAIL PROTECTED] > Not exactly related to this but... > Are there any drawbacks to using (2) 2610s for a lab instead of a 2600 > and a 3640 router? JMHO, what you should be looking for is sufficient ports to run complex practice scenarios and routers capable of running the IOS version that is current in the Lab. \specific models may or may not be of importance. ( as an aside, I laugh my ass off every time I read a post from someone expressing worry about the announced changes in IOS and addition of a 3725 to the Lab. At least when the 3550 switch was introduced there was reason for some apprehension, ans nono of the rental racks had a 3550 in them ). after all, a router is a router, and the routing protocol commands will work exactly the same on a 25xx, 26xx, 36xx, etc. I'm currently focusing on 12.2.something.Tsomething 12.2.15(T5) maybe -everything is off at the moment. I don't know about the 2610, but the 2611 is capable of running dot1q and ISL trunks, plus if you use the enterprise basic image you can do IS-IS, BGP, and MPLS. > > > Vijay Ramcharan > > > -Original Message- > From: Natchaya Radhikulkaralak [mailto:[EMAIL PROTECTED] > Sent: Thursday, August 07, 2003 7:44 PM > To: [EMAIL PROTECTED] > Subject: Re: CCIE Lab Setup [7:73612] > > > Doesnt the vConsole ISDN simulator able to use SPIDs? Even though it > is 525 dollars... I thought it did use spids. When you state to use a > "backbone" router... what do you mean? > > Thomas Larus wrote: > > > > With $1,000 dollars, I would first buy a 4 port frame switch router, > > perhaps a 2520. I say 2520, not 2521 (Token ring), because the > > ethernet port on the 2520 allows it to serve as an additional > > router-- perhaps a "backbone" > > router that you would connect to using ethernet. $200-$300, if > > you are > > lucky. > > > > A 4500 with a NP-4T might be even better (but loud!!) This will > > take perhaps 300 dollars or so. You could add another 4 serial ints > > and/or a bunch of ethernet ints, and this could definitely serve as > > a full-fledged > > lab router as well as a frame switch. > > > > If you can find a cheap ISDN simulator (vConsole or Euro ISDN PBX > > gizmo that only does Basic-Net3 and no spids) for $400-500, you > > probably ought to buy it, since you already have two ISDN capable > > routers. Then a 1900 or 2820 > > switch for $100 to $200 so you have a VLAN-capable switch. If > > you have > > enough money left over, you could pick up one more 2501. > > (Always buy a 2503 > > or 2514 if you can get it for a little more than a 2501, of > > course.) > > > > It's not a first-rate lab, but it is enough of you to learn a lot of > > the most difficult lessons. You could go for more routers and no > > ISDN sim, but ISDN can be such a tricky technology it is worth > > spending a lot of time on. > > This is a close call, though. > > > > Tom Larus, CCIE #10,014 > > > > > > ""David Power"" wrote in message > > news:[EMAIL PROTECTED] > > > Hello, > > > I have three 2500 routers (2x2503 and 1x2514) with the budget > > of 1000$ I > > am > > > planning to buy some more routers for my CCIE home lab. Which > > routers or > > > switches I must have ( with in my $ limits or couple hundred > > more). > > > Every suggestion will be appreciated > > > David > > > > > > > > _ > > > Protect your PC - get McAfee.com VirusScan Online > > > http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 > > > **Please support GroupStudy by purchasing from the GroupStudy > > Store: > > > http://shop.groupstudy.com > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > **Please support GroupStudy by purchasing from the GroupStudy Stor
RE: how does firewall & switch port block Blaster virus? [7:74102]
The Blaster worm exploits a vulnerability in the DCOM RPC component in Windows. RPC is used for accepting requests from remote computers. RPC/DCOM listens on TCP 135 and other ports. Successfully compromising an unpatched Windows box requires that TCP 135 or other ports be accessible. I've seen RPC ports other than 135 being probed, eg. TCP/UDP 593. In a default PIX configuration, any unrequested incoming traffic is denied by default. If you've mapped a global address to an unpatched/unprotected box and have allowed TCP 135 into it then that box is vulnerable from the Internet. On the LAN any unpatched Windows box is vulnerable if a mobile user plugs an infected machine into the network. To mitigate chances of infection you could use updated AV software or the ICF if you're using XP or if you're using Windows 2000 you can use TCP/IP filtering. See http://support.microsoft.com/default.aspx?kbid=826955 Vijay Ramcharan -Original Message- From: Richard Campbell [mailto:[EMAIL PROTECTED] Sent: Monday, August 18, 2003 3:47 AM To: [EMAIL PROTECTED] Subject: how does firewall & switch port block Blaster virus? [7:74092] Hi.. My friends told me other than the microsoft patches can prevent Blaster virus , a firewall and blocking switch ports can block the virus too. Is there any configuration need to be added in my PIX and Cisco switch ports in order to block them? If yes, is there any example?? But I don't understand the concept, can you explain to me the concept? How can a firewall and switch port block Virus??? For example, my PIX disallow every incoming traffic except the ping reply, doesn't it mean it block the virus too?? _ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74102&t=74102 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: OT Gibberish in email [7:74740]
It's an effort by the spammer to change the signature (checksum) of the spam email by inserting random characters. It gets around spam filters which use a signature/checksum technique. I believe the open source Vipul's Razor uses signatures. Vijay Ramcharan -Original Message- From: DeVoe, Charles (PKI) [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 03, 2003 3:50 PM To: [EMAIL PROTECTED] Subject: OT Gibberish in email [7:74740] Often in SPAM emails I get some sort of text that looks like this lmlbjot- qribr^jin(nezl(zvy -temwvnj Can anyone explain what this is? **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74746&t=74740 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
