RE: PIX site-to-site VPN question... [7:57648]
I think you might be wrong. I never had to do this outside of the lab on two VPN routers and 2 pixes in between doing NAT but you should be able to establish an ESP in tunnel mode between two devices using private addresses with NAT happening somewhere in between. Remember, ESP only cares about the payload, not the header. Therefore as long as the payload is intact - this is valid. Of course, both VPN devices would have to know each other by NATed or in your case public IP addresses. I can show you the config, if you like Thanks -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Mark W. Odette II Sent: Tuesday, November 19, 2002 12:19 AM To: [EMAIL PROTECTED] Subject: RE: PIX site-to-site VPN question... [7:57648] The only way that you could put private addresses on the OUTSIDE interface of the PIX (Site A), and still successfully set up a Tunnel to another PIX across the internet that is behind an edge router of your own control (Site B), is to build a GRE Tunnel between the Edge Routers. EX: Public Addresses PIX1(outside)(e0)R1(e1)-INTERNET(e1)R2(e0)-(outside)PIX2 Pvt. Addresses G R E Tunnel Pvt. Addresses If you tried to set up NAT on the two Edge Routers to Static Translate for the PIX Hosts on their outside interfaces, the Tunnel would never establish. Even though you would define the Crypto Peer as a public address, when the packet arrives at the far side, it would have the private address headers, and thus the tunnel would never come up, and is why you would need a GRE Tunnel between the two routers to use private addresses between the two PIXen end-points. I have set up the scenario you speak of in production, but the ISP assigned a /30 for the routers connecting to the ISP, AND they assigned /27's for the customer's own use. So, with this, I configured the S0 interfaces of each router as part of the /30's, and configured the Fa0 interfaces of the Routers and the Pix Outside interfaces as hosts in the /27 blocks that were assigned to each site, while creating a PAT pool and NAT statics for appropriate hosts behind the PIX. The Inside/DMZ side of the PIXen were configured with RFC1918 addresses. Site to Site VPN's were established using the Public IP addresses on the Outside interface of each PIX. HTH's Mark -Original Message- From: Edward Sohn [mailto:[EMAIL PROTECTED]] Sent: Monday, November 18, 2002 10:13 PM To: [EMAIL PROTECTED] Subject: RE: PIX site-to-site VPN question... [7:57648] thanks for your help, elijah...however, i think are still missing the full point of my question...i am looking for a complete solution rather than just 'what's possible' at different points in the network. i did mean to use a /29 in my example. i used that b/c if i was only given one IP address from my ISP, and used it for the outside interface of the PIX (as you suggested), then how do i configure the perimeter router? what IP addresses does that use? let's go with this example to answer my question for now--with using public addresses. just fyi, however, here is a diagram on CCO which uses private addressing on the outside interface of the PIX in a VPN solution (doesn't show the perimeter routers, though)... thanks, ed -Original Message- From: Elijah Savage III [mailto:[EMAIL PROTECTED]] Sent: Monday, November 18, 2002 8:13 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: PIX site-to-site VPN question... [7:57648] You have to use the public ip addresses as I stated in my last email private is non routeable on the net, though I have seen sprint route private by mistake from time to time :) But that is not what confused me, what is confusing me is your ip addressing problem do you have one? A /29 is a 255.255.255.248 subnet mask which will give you 6 usable addresses. So I am not sure I see a problem unless you want to use private on the outside then yes you have a problem. -Original Message- From: Edward Sohn [mailto:[EMAIL PROTECTED]] Sent: Monday, November 18, 2002 10:50 PM To: Elijah Savage III; [EMAIL PROTECTED] Subject: RE: PIX site-to-site VPN question... [7:57648] okay, i should have explained better...sorry let's break my point down to a digestable limit... at this point i want to know how to set up the site-to-site VPN tunnel between the two PIX's, if i use private addressing on the outside interfaces of the PIX's. if both of the outside interfaces of the PIX's use 192.168.x.x addresses, then what is the address i would use in the 'crypto map peer' statement? if it's the 192.168.x.x address of the other PIX's outside interface, how does the PIX know how to get there? you follow? the perimeter router doesn't route private addresses, so how would it know how to get to the other PIX? that's why i'm assuming that the public addressing has to include to the PIX outside interfaces, but if this is so, how do you configure the
How to measure the amount of traffic on a router? [7:56385]
Folks, I am looking for some kind of inexpensive software package that could be programmed to graph the traffic volume going through a router. Thanks -- Vitaliy Vishnevskiy System Engineer, CCDP, CCNP, Cisco Security Specialist 1, MCSE ShoreGroup, Inc 460 West 35th Street New York, NY 10001 Phone: (212) 736-2915 Mobile: (917) 816-0753 Fax: (425) 955-1485 E-mail: [EMAIL PROTECTED] [GroupStudy.com removed an attachment of type text/x-vcard which had a name of Vitaliy Vishnevskiy ([EMAIL PROTECTED]).vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56385t=56385 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Multiple IP addresses [7:56393]
Same thing as secondary ip address on a router. Let's say you have 2 ip subnets within the same LAN. All you are doing is creating an IP presence on an IP subnet. You could also be migrating to a new IP scheme, you may want the same server to host multiple applications and you may want to filter certain traffic by destination IP address on the upstream firewall. The possibilities are really endless. -Original Message- From: [EMAIL PROTECTED] [mailto:nobody;groupstudy.com] On Behalf Of Azhar Teza Sent: Sunday, October 27, 2002 10:11 PM To: [EMAIL PROTECTED] Subject: Multiple IP addresses [7:56393] In Windows 2000/NT, it allows to assign multiple IP addresses to a single NIC Card. Whether you can assign multiple ip addresses from the same subnet orfrom the different Subnets. My question is what is the advantage of assigning (2) IP addresses to the same NIC card. If we do that with (2)NIC cards, then it is understandable that you are making your Server Multihomed/Router, but what is the advantage of assigning (2) ip addresses to the same card besides in Web Servers to run multiple websites through Server. I know somebody is doing that to connect (2) subnets to Cisco routers. The guy has assignedan ip address 192.168.10.10/24 to a W2K's NIC Card, and in the same NIC card he has assigned a logical IPaddress 192.168.40.5/24. ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56394t=56393 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX CCO question [7:56162]
6.2 supports groups now -Original Message- From: [EMAIL PROTECTED] [mailto:nobody;groupstudy.com] On Behalf Of Symon Thurlow Sent: Friday, October 25, 2002 6:46 PM To: [EMAIL PROTECTED] Subject: RE: PIX CCO question [7:56162] No, but I recently purchased 2 x 515's and they arrived with 6.1. I migrated the customer from Checkpoint to these two PIX's. In Checkpoint (a much easier product to configure IMHO) I had about 13 rules in the ruleset, utilising lots of groups. 6.1 doesn't support groups, so I was faced with having to create hundreds of rules. I called the reseller, and they emailed me 6.22 and PDM 2.02 on the same day! The also said that next time, specify the desired OS and they will pre-install. This is in London, where, hmm, customer service is not a priority...!!! So you should be able to get it done where you are. Symon -Original Message- From: sam sneed [mailto:vristevski;hotmail.com] Sent: 24 October 2002 16:57 To: [EMAIL PROTECTED] Subject: Re: PIX CCO question [7:56162] Thats really good to hear. My main concern is that I want the OS to support PPP over ethernet which I believe is only avaible on newer versions. Anyone know the exact version that supports this? wrote in message news:200210241459.OAA14364;groupstudy.com... I ran into this recently, but the PIX was running 6.1. You usually have a standard one year equipment warranty; that should cover something like that Be really really nice when you open a case. They usually are willing to help out. Another great thing about Cisco!!! -Original Message- From: sam sneed [mailto:vristevski;hotmail.com] Sent: Thursday, October 24, 2002 9:21 AM To: [EMAIL PROTECTED] Subject: Re: PIX CCO question [7:56162] My question only pertains to new equipment. For example, lets say I buy a brand new PIX online. The place I buy from has one in stock thats been sitting around for a year and they ship me that one. It has an older OS , lets say 5.4 with a few significant bugs. What do I do then? I'm basically left with a piece of brand new equipment that doesn't work right. I figured Cisco had a 90 day warranty or soemhting that would cover getting the new OS? Anyone know about this for sure? Loken, Bjorn wrote in message news:200210241200.MAA01818;groupstudy.com... I was looking into getting a PIX and had a question. If cdw.com (for instance) ships one over with an older OS and I want the current OS loaded on it what happens if I don't have a CCO support contract. Is there a grace period once you buy the product to be able to download the latest OS and the instructions to upgrade? Hi there, in the price list there is an option for PIX Firewall Relicensing for Used Equipment. A brief comparison of the prices shows no difference between the relicensing prices, and the price for a regular licence. I'm not aware of any option from Cisco where they let you download new software for free when buying used equipment. -Bjorn This message contains information that may be privileged or confidential and is the property of the Cap Gemini Ernst Young Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. = This email has been content filtered and subject to spam filtering. If you consider this email is unsolicited please forward the email to [EMAIL PROTECTED] and request that the sender's domain be blocked from sending any further emails. = Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56349t=56162 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Native VLAN 1 [7:55743]
I disagree with that. If native vlan is changed on only one end of the link, you will get native vlan mismatch which can be bad. There are some cases when changing native vlans is needed by design. Case in point. A PC is plugged into an IP phone, the configuration of Cat 3524 is below: interface FastEthernet0/1 switchport trunk encapsulation dot1q switchport trunk native vlan 4 switchport mode trunk switchport voice vlan 12 spanning-tree portfast as you can see, the native vlan is changed. The PC will be on vlan 4, the IP phone will be on VL 12. A native vlan is merely a vlan that the port will belong to when in access mode. With 802.1q frames belonging to native vlan are sent non-encapuslated. Hope it helps -Original Message- From: [EMAIL PROTECTED] [mailto:nobody;groupstudy.com] Sent: Wednesday, October 16, 2002 6:49 PM To: [EMAIL PROTECTED] Subject: RE: Native VLAN 1 [7:55743] Larry Letterman wrote: vlan mismatches and major spanning tree recalcs.. Why? Thanks for any more detail you can give. Priscilla Larry Letterman Network Engineer Cisco Systems Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:nobody;groupstudy.com]On Behalf Of Azhar Teza Sent: Wednesday, October 16, 2002 3:21 PM To: [EMAIL PROTECTED] Subject: Native VLAN 1 [7:55743] When Ports are configured as trunk in Catalyst switches, they still belong to VLAN 1 in native column eventhough the ports can span all VLANs. What's the drawback of changing the port from Native VLAN 1 to some other VLANs? Regards, Teza ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55792t=55743 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VoIP Clarification. [7:55682]
Yes, call manager cares a great deal about mac addresses. When a phone boots, it pulls its config from a TFTP server (learned through dhcp or statically). The phone configuration file is generated when the phone mac address (along with other stuff) is entered into call manager database. The phone can be anywhere and have any ip address. The mac address flows the phone and so does the directory number. -Original Message- From: [EMAIL PROTECTED] [mailto:nobody;groupstudy.com] Sent: Wednesday, October 16, 2002 7:03 PM To: [EMAIL PROTECTED] Subject: Re: VoIP Clarification. [7:55682] Great answer. Finally an explanation that makes sense for the marketing babble about IP Telephony making Moves, Adds, and Changes easier. ;-) One quesiton though, does CallManager really care about MAC addresses? Unless the receiving phone is on the same network segment as the calling phone, the MAC address won't help matters. ARP would take care of getting the MAC when it's needed. Priscilla Bruce Enders wrote: B. J. The only trick here is to remember that the User phone number is mapped to the MAC address and IP address of the ethernet interface associated with the hard phone, or the laptop in the case of Softphone. (Both are PCs running specific applications software). Whenever either is disconnected from the network long enough for link to drop, they have to check in with DHCP when they are re-connected to the network. Both also have to check in with their CallManager. During that process, they identify themselves using their MAC address, and announce their current IP address. After that, the CM can simply forward based on the IP address. This capability is one of the primary reasons that Moves, Adds, and Changes in an IP Telephony system are far more simple than in a legacy PBX environment. (The logic behind your response sounds like it comes from the legacy telephone world, which is very used to working in a very static addressing environment). Bruce B.J. Wilson wrote: Hi Vance - I too am studying All Things VoIP, and I'm curious how this would work. Say you have User A trying to call User B. User B is currently in the office. So User A dials '' which is User B's phone number (or route pattern if you want to be specific). CallManager picks up the route pattern, looks up User B's location, and forwards the call on. All is good. Now, say User B is telecommuting. How does CallManager know this? How does your RAS (remote access) server notify CM that User B's geographical location has moved? Is there something in User B's RAS (Registration, Admission and Status) setup that alerts CM to the fact that they're dialing in from home? Thanks, BJ - Original Message - From: Vance Krier To: Sent: Wednesday, October 16, 2002 4:08 AM Subject: Re: VoIP Clarification. [7:55682] Hey Stu, In simple terms, yes you are correct. However, as I'm sure you know, you need to take this type of setup with a grain of salt. If you have a decent bandwidth, low latency, consistent connection between the phone and CM, it works fine. There's absolutely no guarantees for QoS on the Internet. Now, FWIW, I use softphone on my laptop when I travel and I've gotten satisfactory results (IMO) better than 75% of the time. I always pitch this as being a *kewl* feature, but never as a selling point. I'm very, very cautious with customers over this. As long as the user using it is understanding and realizes there will be times when it doesn't work or the quality is really crappy, then typically they stay happy. Not something I'd give to Internet/computer/technology illiterate executive. I love it, by the way. Good luck, Vance Stuart Pittwood wrote in message news:200210160746.HAA10542;groupstudy.com... Good Morning all, I am just starting to look into VoIP as I have been asked by my manager to do some research and find out if there are any benifits from VoIP for our firm. Am I right in saying that if we had a solution based on Cat 6000 (or similar) switches, with a cisco VPN solution for the home workers, that users who use their laptop at home with cisco softphone or hardware phone could have their telephone extenstion follow them? Please forgive the simplicity of my question, just making sure I am thinking along the right lines. Thanks Stu -- Bruce Enders Email: [EMAIL PROTECTED] Chesapeake NetCraftsmen o:(410)-280-6927, c:(443)-994-0678 1290 Bay Dale Drive, Suite 312 WWW: http://www.netcraftsmen.net Arnold, MD 21012-2325
FW: With PIX unable to reach DMZ from LAN [7:55608]
Nothing Are you trying to test with ping? The you need an acl applied to the perimeter interface to allow the echo-replies. If you have no acl applied to inside and perimeter interfaces, tcp sessions should be flowing - try to telnet from inside to the perimeter for instance -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Guruprasad Sanjeevi Sent: Monday, October 14, 2002 11:30 PM To: [EMAIL PROTECTED] Subject: With PIX unable to reach DMZ from LAN [7:55608] Hi group, I am trying to configure PIX .It has 3 Ethernet Interface and three networks are used. LAN (inside) : 192.168.11.0 DMZ (perimeter)) : 192.168.23.0 Outside:66.x.x.x Problem : users from Inside and Perimeter network are able to browse, but the inside and Perimeter network cannot talk to each other. I have given the static command like this Static(inside, perimeter) 192.168.23.0 192.168.11.0 0 0 What other command is required on the PIX to enable communication from INSIDE network to DMZ(perimeter) and vice-versa. Please help Thanks Guruprasad [GroupStudy.com removed an attachment of type application/ms-tnef which had a name of winmail.dat] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55614t=55608 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: Ping and traceroute throught pix [7:55470]
Is icmp deny comand used? Do show icmp to see You may need to use icmp permit. See manual for full syntax -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Elijah Savage III Sent: Sunday, October 13, 2002 10:37 AM To: [EMAIL PROTECTED] Subject: RE: Ping and traceroute throught pix [7:55470] This did not work for me could there be something wrong with my pix? -Original Message- From: Silju Pillai [mailto:[EMAIL PROTECTED]] Sent: Sunday, October 13, 2002 8:35 AM To: [EMAIL PROTECTED] Subject: RE: Ping and traceroute throught pix [7:55470] just give the following commands... access-list acl-in permit icmp any any access-list acl-out permit icmp any any access-group acl-in in interface inside access-group acl-out in interface outside I gave two access-lists to distinguish between inside and outside traffic. This will allow ping and traceroute in both directions. But remember PIX interfaces will not showup in the traceroute. Hope this helps regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55493t=55470 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: URGENT: WRONG IOS-Problem booting a 3662 [7:55504]
3660 uses different ios then the rest of 3600 family. Seem like you have ios for the wrong platform -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Hamid Ali Asgari Sent: Sunday, October 13, 2002 5:04 PM To: [EMAIL PROTECTED] Subject: URGENT: WRONG IOS-Problem booting a 3662 [7:55504] Hi group, I have a Cisco 3662 router with 128 of RAM and 16 Mb of flash memory. The problem is that I cannot make the router boot !!!. Each time I boot the router I get the folowing error. I don't know why this error is displayed. I have tried replacing the IOS several times. I have repleaced the flash memory but still it doesn't work. Does it have anything to do with Smart Init? I don't know what it is and how it can be disabled Any input would be welcome, Thanks, Hamid PS: The IOS that I have tested are currently running on other 3662s. * System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. C3660 processor with 131072 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled program load complete, entry point: 0x80008000, size: 0xc26c18 Self decompressing the image : ###! ### [OK] Smart Init is enabled smart init is sizing iomem IDMEMORY_REQ TYPE B3 0X0009FC00 Dual Port Fast Ethernet 6F 0X00012580 Sixteen port A/D Modem 6F 0X00012580 Sixteen port A/D Modem 0X0028 OIR memory 0X0010A6F8 public buffer pools 0X00211000 public particle pools TOTAL: 0X0065FDF8 If any of the above Memory Requirements are UNKNOWN, you may be using an unsupported configuration or there is a software problem and system operation may be compromised. Rounded IOMEM up to: 7Mb. Using 5 percent iomem. [7Mb/128Mb] Wrong system software for this hardware * System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. C3660 processor with 131072 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled PCMCIA Slot0: No Card Present System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. C3660 processor with 131072 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled PCMCIA Slot1: No Card Present System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. C3660 processor with 131072 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55508t=55504 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IS-IS [7:55526]
Has anyone taken the CCIE written recently? How much stress there was on IS-IS? Thanks -- Vitaliy Vishnevskiy System Engineer, CCDP, CCNP, Cisco Security Specialist 1, MCSE ShoreGroup, Inc 460 West 35th Street New York, NY 10001 Phone: (212) 736-2915 Mobile: (917) 816-0753 Fax: (425) 955-1485 E-mail: [EMAIL PROTECTED] [GroupStudy.com removed an attachment of type text/x-vcard which had a name of Vitaliy Vishnevskiy ([EMAIL PROTECTED]).vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55526t=55526 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: Laptops used for diagnostics (with DB9 Serial ports) [7:55421]
You could use the USB to serial converter -Original Message- From: [EMAIL PROTECTED] [mailto:nobody;groupstudy.com] On Behalf Of Symon Thurlow Sent: Friday, October 11, 2002 2:33 PM To: [EMAIL PROTECTED] Subject: OT: Laptops used for diagnostics (with DB9 Serial ports) [7:55398] Hi Guys, This is quite off topic, so please forgive the post. I have replaced my Notebook with a desktop, but need to have a Notebook for consoling into routers etc. I am looking for a second hand ultra portable, and the only model I have found with a DB9 serial port is the IBM 570. Anyone have a preference or know of other light notebooks with serial ports? Cheers, Symon Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55421t=55421 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: automated config retrieve - router log server - windows [7:55333]
See http://www.kiwisyslog.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jerry Deer Sent: Thursday, October 10, 2002 5:52 PM To: [EMAIL PROTECTED] Subject: automated config retrieve - router log server - windows based [7:55316] Hello All , I am looking into two litte projects 1. automatically retrieving the config of a 7500 router on a daily basis - is there a windows based solution anyone knows about for this? If so i would be interested in purchasing software. If not , any suggestions? 2. setting up a router log server ( not linux based) - same thing is there a windows based solution for this? Thank for ANY help!!! JD Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55333t=55333 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: interface vlan 1 amdin up, line prot down [7:55327]
On all catalyst switches the vlan interface will not come up until there are ports assigned to the vlan and the ports are up. It will also come up if there is an operating trunk -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of John Brandis Sent: Thursday, October 10, 2002 10:26 PM To: [EMAIL PROTECTED] Subject: interface vlan 1 amdin up, line prot down [7:55327] Hi, Took delivery of my new 4006 just today, with a sup III, 48 port 10/100, 20 port GBIC blade. and 2 other 10/100 blades. My issue at the moment is that when int vlan 2 ip address 192.168.2.1 255.255.255.0 no shut int vlan 3 ip address 192.168.3.1 255.255.255.0 no shut and so on I see the vlan interfaces as still down. I thought I was doing something wrog, so I went back and tried it via vlan database vlan 2 name servers vlan 3 name people Still I dont see the VLAN INterfaces as up. I know I am missing something very simple here, can some one point it out ? Thanks John Sydney, Australia ** visit http://www.solution6.com UK Customers - http://www.solution6.co.uk * This email message (and attachments) may contain information that is confidential to Solution 6. If you are not the intended recipient you cannot use, distribute or copy the message or attachments. In such a case, please notify the sender by return email immediately and erase all copies of the message and attachments. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of Solution 6 are neither given nor endorsed by it. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55335t=55327 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: Cisco Module help!!! [7:55336]
To see the interface you need to define a chanel group or pri group under controller e1 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of L Sent: Friday, October 11, 2002 12:04 AM To: [EMAIL PROTECTED] Subject: Cisco Module help!!! [7:55336] Can anybody recommend whether the NM-1CE1B module is worthwhile to keep for the CCIE Lab Study?? I got one with the purchase of my Cisco router. Interesting enough, after I plugged it in, it shows up under show version as E1/PR1, but when I do a show ip int brief, nothing comes up apart from my other router interfaces. TIA, Hunt Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55339t=55336 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]