RE: DHCP Over Wan Link
Yep, that'll work just fine with a couple conditions. First you have to put a ip helper-address command on the ethernet interface of the remote router and the scope you setup for the remote office has to have a higher IP number than the scope you're providing on the local network. Here's a sample that will hopefully make sense: DHCP server: 10.10.10.100 255.255.255.0 E0 address of remote router: 10.10.11.1 255.255.255.0 ip helper address on e0: ip helper-address 10.10.10.100 Two scopes on the DHCP server: 10.10.10.10-10.10.10.50 gateway=10.10.10.1 10.10.11.10-10.10.11.50 gateway=10.10.11.1 A client on the remote network sends a broadcast looking for a DHCP server. The router sees the broadcast and forwards it to 10.10.10.100. The DHCP server sees a broadcast coming from the router with along with info from the router saying the packet came from the 10.10.11.0 network. The DHCP server responds with a 10.10.11.0 address. The reason the remote scopes have to be a higher IP number is because a standard local broadcast doesn't really mention where it's being sent from so the DHCP server blindly sends an address from the lowest numbered scope as a default. If you're using WINS you'll also want to add: no ip forward-protocol udp netbios-ns no ip forward-protocol udp netbios-dgm to your router configotherwise you'll get lots of master broweser elections that'll fill up your event logs. Hope this helps! Daniel -Original Message- From: Vijay Ramcharan [mailto:[EMAIL PROTECTED]] Sent: Friday, August 04, 2000 2:19 PM To: 'Patrick Stiever'; Cisco Groupstudy. com Mailing list (E-mail) Subject: RE: DHCP Over Wan Link No you haven't been doing that thing with the fumes. On Windows NT Server's DHCP Manager I know that you can use a NetBIOS scope ID to assign IP addresses to different subnets/networks. I don't know much about other DHCP management software. Maybe someone else can point you in the right direction. Vijay Ramcharan, CCNP, MCSE -Original Message- From: Patrick Stiever [mailto:[EMAIL PROTECTED]] Sent: Friday, August 04, 2000 2:02 PM To: '[EMAIL PROTECTED]' Subject: DHCP Over Wan Link Ladies and Gents, This would be the first time trying to set this up, I have a remote office with a frame-erlay link between them and the corporate site. The dhcp server is at the corporate site, I would like to it up that the users at the remote site uses a certain dhcp pool on that server. I have heard you can set it up so that a certain address pool will only assign address when the request comes through a certain router(i.e. the remote router). Does this make any sense or have I been inhaling too many paint fumes again? Any help would be great, thanks. Patrick Stiever Communications Engineer 24 Hour Fitness (760) 918 4459 [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco VPN Client (off topic question)
With IPSec being a relatively immature standard there is a chance that it will work that way but a better chance that it won't until the next PIX software upgrade comes out. I believe you'd have a better chance making it work with L2PTPP. It's an interesting experiment thoughlet us know if it works! Daniel -Original Message- From: Travis Gamble [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 26, 2000 11:00 PM To: Marco Rodrigues; [EMAIL PROTECTED] Subject: RE: Cisco VPN Client (off topic question) I haven't tried to install the VPN client on 2000... but the reason for that is because 2000 supports IPSec already. No need for the client, just set it up on the box, no additional software should be required. Travis Gamble -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Marco Rodrigues Sent: July 26, 2000 9:54 AM To: [EMAIL PROTECTED] Subject: Cisco VPN Client (off topic question) I've tried installed it on Windows 2000 , even though the system requirements say it has to be Win9x or WinNT 4.0. I was just curious has anyone got IPsec to work with Windows 2000 connecting to a Cisco PIX Firewall? Any feedback would be appreciated. ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco online testing link->
If you have any smartnet contract you can sign up for it using the contract number. -Original Message- From: Dick Silva [mailto:[EMAIL PROTECTED]] Sent: Sunday, July 16, 2000 12:38 PM To: Hou, Li; [EMAIL PROTECTED] Subject: Re: Cisco online testing link-> / What does one need to get a CCO password? \ -Original Message- From: Hou, Li <[EMAIL PROTECTED]> Newsgroups: groupstudy.cisco To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Date: Sunday, July 16, 2000 5:26 AM Subject: Cisco online testing link-> >You need CCO to use this link: >http://www.cisco.com/cgi-bin/front.x/wwtraining/colt/ColtLogin.pl > > >___ >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html >FAQ, list archives, and subscription info: http://www.groupstudy.com >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: dhcp on router?
The router will act as a DHCP server with little trouble. I think that came out in the 12.0.2 code. If you're comparing it between the router and NT servers then I see little additional benefit either way. Both platforms will allocate the IP's and IP settings with no problems. So really, I guess it would be personal preferencedo you want to mess with an NT server or if the same person does the routers and IP schemes maybe it's easier to keep it all in one place. Neither of these compare to full fledge commercial DHCP servers you can get from Cisco or other companies that have distributed servers, failover and etc...but you're going to pay a premium for all that. Here's an example of one I'm using: ip name-server 172.16.100.29 ip dhcp excluded-address 172.18.0.1 172.18.2.10 ip dhcp pool DHCP1 network 172.18.0.0 255.255.0.0 default-router 172.18.1.1 dns-server 172.18.1.151 172.16.100.29 domain-name yourdomain.com netbios-node-type h-node netbios-name-server 172.18.1.151 lease 3 Daniel -Original Message- From: jeongwoo park [mailto:[EMAIL PROTECTED]] Sent: Sunday, July 16, 2000 5:04 PM To: [EMAIL PROTECTED] Subject: dhcp on router? hi! all. I thought that the router only forwards the DHCP request from clients to DHCP server. So, can router dynamically allocate ip addresses for DHCP requesting clients without reaching to DHCP server? Then the router also should have same stack of all ip addresses on its memory.. How does router get all ip addresses? Does it receive from DHCP server? If the router serves ip addresses, what is the benefit of it? Could somebody answer this? Thanks in adv. jeongwoo __ Do You Yahoo!? Get Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX bootup break key??
I dunno...I've plugged into the console port using Win95 hyperterm and just hit the escape key. It stopped booting and I went on my merry way. -Original Message- From: Aaron Prather [mailto:[EMAIL PROTECTED]] Sent: Friday, July 07, 2000 1:40 PM To: [EMAIL PROTECTED] Subject: PIX bootup break key?? Hi all, I am trying to put in a new 56bit encryption activation key, and i am having problems, CCO does not have good documentation on what to do here, They do say the following: "Upgrading the Activation Key Note The activation key can only be entered after downloading a new image---not from the command line or without first rebooting." they also say this: "Step 4 Press Escape or send the BREAK character to enter the boot ROM monitor. You can send a BREAK on a Windows system with ctrl-break or by pressing the Esc key." i have tried ctrl-break, i have tried "esc" i have tried ctrl-shift-6 im using hyperterminal and i have tried both win95 and win2k please help, Thanks, Aaron ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco 3640 router freezing up
I agree...I put 12.0(7)T on one of mine and I lost the serial ports. -Original Message- From: Charlie Hartwell [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 05, 2000 10:49 AM To: [EMAIL PROTECTED] Subject: Re: Cisco 3640 router freezing up Hang on a mo... if you put 12.0(7)T on there you'll lose any Fast Ethernet interfaces you have. I have found 12.0(7)XK1 to be the most complete/unbuggy IOS for 3640's. To be absolutely sure use the beautifully named "hardware - software compatibility matrix" at http://www.cisco.com/cgi-bin/front.x/Support/HWSWmatrix/hwswmatrix.cgi Cheers Charlie --- Brad Ellis <[EMAIL PROTECTED]> wrote: > 12.0(9) is buggy. try running 12.0(7)t. however make sure you > have enough > DRAM/FLASH to handle this IOS. > > -Brad > "Andrew Larkins" <[EMAIL PROTECTED]> wrote in message > 8F5F72F80EF5D311ADE600A0C9DCF86251E753@UBDCCOMJHBEX">news:8F5F72F80EF5D311ADE600A0C9DCF86251E753@UBDCCOMJHBEX... > > Good day all, > > > > I have another issue here. I have a 3640 router at a client site > which is > > running IOS 12.09 desktop plus. The routing process is EIGRP - > for IP and > > IPX. The problem I have is that this router is occassionally > freezing up. > It > > becomes totally unmanageable, but a reboot will fix this. Our > monitoring > > station (HP Openview) goes totally red. I heard from someone a > while back > > that this may be because of the IPX EIGRP process, but find this > hard to > > believe as a similar router has no problems. I am not able to get > any > > information from the router at the time of crash. > > > > I think the hardware may be suspect. Any idea's?? > > > > Andrew Larkins > > BCom, CCNA > > Usko Communications > > Tel: +2711 800-9300 > > Fax: +2711 800-9495/6/7/8/9 > > Cell: +2783-656-7214 > > Email: [EMAIL PROTECTED] > > OR [EMAIL PROTECTED] > > > > > > "This message may contain information which is confidential and > subject to > > legal privilege. If you are not the intended recipient, you may > not > peruse, > > use, disseminate, distribute or copy this message. If you have > received > > this message in error, please notify the sender immediately by > email, > > facsimile or telephone and return and/or destroy the original > message." > > > > > > > > ___ > > UPDATED Posting Guidelines: > http://www.groupstudy.com/list/guide.html > > FAQ, list archives, and subscription info: > http://www.groupstudy.com > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > --- > > > ___ > UPDATED Posting Guidelines: > http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: > http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Kick off your party with Yahoo! Invites. http://invites.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 7200 local director
The localdirector is a separate box and doesn't really talk to the 7200. I have two of them now and they've been working great. We turned them on, configured them, and forgot about them. That's the upside...they work with little trouble and if you get two of them the failover works very well. The only complaint I have about them is they are based on bridging technology so you can't hide a private network behind them. Rather than setup lots of individual IP's we decided to go with a port-bound setup. 222.222.222.220:8100 and 222.222.222.221:8100 are mapped to 222.222.222.222:80 so when people try to get to 222.222.222.222:80 it will redirect the traffic to one of the other ip/port combinations depending on which algorithm you setup. I would rather have been able to set it up using an address translation so 10.10.10.1 and 10.10.10.2 mapped to 222.222.222.222 on the outside but it wasn't a really big deal. F5's boxes act as routers so you can hide whatever you want behind them. The GUI on the F5 box is a little better as well but I tend to stick to the CLI on the localdirector anyway so I guess that doesn't matter much. Cisco has lots of new options for the localdirector technology which include putting them on blades in the Catalyst 6000's but make sure to check the feature list before you jump into that. Some things that are available in the seperate box are available *yet* in the new blades and software versions. Overall I'd have to give it a 4 star rating.the one star taken off for the GUI, and lack of reporting (outside of the command line 'show' commands) without additional software. However, it works welland thats the important part. Daniel -Original Message- From: Olden Pieterse [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 05, 2000 6:26 AM To: '[EMAIL PROTECTED]' Subject: 7200 local director Hi there gang Can somebody help me with this ? I need info and as to what local director is for the 7200 . I checked Cisco's site but did not become any wiser ! Thx Olden Pieterse MCP , CCNA , BCMSN , BSCN , BCRAN Brainbench Certified CISCO Network Implementation Specialist Technical Consultant Mobile : +27 82 410 8621 ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Slow Speed in 2900 Switches, Pls Help!!
Hey now...take a deep breath and pull back on the caps lock key a bit. Everyone is just doing their best to help. Good advice on starting from the simplest point. Back everything off to 10 meg half/duplex, turn portfast on, set everything on one vlan, and etc. Then turn everything up...one thing at a time, from that point...if you even need to. There is nothing wrong with doing full duplex over cat 5 cables (I dunno where you get the two cable idea from for full-duplex connections but I have to agree that someone saying a full duplex connection runs at 200Mb has been working in marketing too long) but I usually use full-duplex only between switches and routers, everything else I like to leave set for auto (personal preference). Trunking (using more than one cable/nic between devices) is a beautiful thing but you only need to use that if you want redundancy or if the single ports are getting overloaded. Also, Cat5 cabling is good to 100 meters...not 10. Check most any networking white paper for reference. Anyway, to answer Mr. Tong's questions: 1) Hubs: It depends on which way you want to look at your speed question. All ports on the hub have access to the 10Mb half-duplex backplane. So every PC is contending for the 10 megs. I doubt you'd get about 6.5Mb out of it anyway...after that it's primarily just a collision domain. But all the machines together can't go beyond the 10Mb limit so in a way you could say that each PC has the capability of pushing 10 megs but only if none of the other machines are transmitting/receiving at that time. 2) The switch: Each user would have the capability of hitting 100Mb but if you have a 100Mb backbone then no single user will really get that speed (in fact, I'd intentionally leave the users at 10Mb half-duplex unless they REALLY need the speed increase). However, if two PC's on the same switch are talking to each other then they'll assumedly get the full amount of speed without slowing down any other computers. 3) Speed and configuration issues: Feel free to post the interface stats so we can see what is going on. Alternately just do what Stephen said and start with the most basic config possible and go from there. Cisco's web site has many sample configurations that may help you out. Hope this helpsI've found that it's usually one minor little command that got missed or set wrong. Once that is taken care of you just sit back and watch the data fly by. Daniel -Original Message- From: Stephen Skinner [mailto:[EMAIL PROTECTED]] Sent: Monday, July 03, 2000 2:42 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Slow Speed in 2900 Switches, Pls Help!! JEES.you have been given a load of crap advise..!! FIRST lets start at the begininng .you have 5 pc`s which are connected to your switch .they , i take it are 100 meg cards ...make sure they are in HALF DUPLEX(send and recieve on the same cable) NOT... FULL DUPLEX (send and recieve on TWO different CABLES) (THE WAY YOU GET 20/200 MEG IS YOU TRUNK (2 THATS 2) CABLES TOGETHER USING TWO PORTS... ANYONE TELLS YOU OTHER WISE IS A FOOL)in my experience you should make sure the pc cards are set to this ... SECOND...are you connecting to your main link at 100 meg if your using cat 5 cabling and the main router is more than 10 meters away IR-REGARDLES of what the switch says ...you wont be getting it... THIRD...FORGET about spanning tree, trunking and all that crap ...START at the beginning (I`M NO CCIE BUT I HAVE BEEN ROUND LONG ENOUGH TO KNOW THAT YOU DON`T THROW THE CAR AWAY WHEN A CAM BELT GOES) 95% of your problems will be simple you just need to start at the begining...all the info you have been given is from PAPER CCNP/A`S IF THEY KNEW WHAT THEY WERE TALKING ABOUT YOU WOULD HAVE IT FIXED BY NOW! mail me more if you want help steve (IEEE,ITAU commite`s CCNP MCSE PSS ACE SSA Co-contributor to Win200,RIP V2 CCSE JSE CLP ) >From: "Chee Tong Sim" <[EMAIL PROTECTED]> >Reply-To: "Chee Tong Sim" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: Slow Speed in 2900 Switches, Pls Help!! >Date: Mon, 03 Jul 2000 05:51:36 GMT > >Dear friends, > >I have a few questions to ask: > >1) Our company Network are running at 100M speed. Now if I connect a 10M >speed 3com hub to one of the ports in cisco 2900 switches (100M speed) in >the company network, and I connect 5 pc to the 3com hub, so, the network >speed of PC is 10M divided by 5= 2M each or 10M each? > >2) As the users complain about the speed, my boss asked me to use the brand >new 2900 switch (100M speed) to replace the 3com hub. So I connect 2900 >switch to 2900 switch that in company network, and connect 5 Pcs to the >2900 >switch, so the speed of PC should be 100M each or 100M devided by 5= 20M? > >3) But user still complain about the speed, I use the ftp function to check >the speed and found the speed is only 150kb/sec= 0.15M only. I suspect >because the switches that I used is
RE: Rate-limiting
Does it work differently if you take out "access-list 5 deny any"? I know the access-list does an explicit deny anyway but since the rate-limit command is just matching the IP's it sees in the access-list wouldn't it match 'any' at that point? Daniel -Original Message- From: Russ Kreigh [mailto:[EMAIL PROTECTED]] Sent: Monday, July 03, 2000 3:23 PM To: Cisco Group Study Subject: Rate-limiting Hi all I posted a question a while back asking how to limit the maximum speed of an IP address. Well I have kinda got something working that does do that, but it limits everything! access-list 5 permit 10.1.1.2 access-list 5 deny any Ethernet 0 ip address 10.1.1.1 255.255.255.0 ip address 10.1.2.1 255.255.255.0 secondary rate-limit input access-group 5 128000 128000 128000 conform-action transmit exceed-action drop rate-limit output access-group 5 128000 128000 128000 conform-action transmit exceed-action drop I want this configuration to limit the bandwidth of IP address 10.1.1.2 to 128k which it does, but it limits everything else also. Any thoughts on this? ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TFTP server
http://www.cisco.com/cgi-bin/tablebuild.pl/tftp but I think it'll ask you for your CCO login. -Original Message- From: Michel, Robert [mailto:[EMAIL PROTECTED]] Sent: Monday, July 03, 2000 10:23 AM To: Cisco Groupstudy (E-mail) Subject: TFTP server I thought I remembered that Cisco used to provide a free tftp server for win 9x/NT/W2K, but I cannot find it now. Does anyone have the link to it? Thanks! Rob Michel ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP - 1 DS3, 4 backup T1s, 1 ISP
I have a nearly identical setup to what you're proposing except that I use the T1's daily along with the DS3 and I'm multihomed to two providers. It makes for some interesting tweaking but in the end it works quite well. Our average web site load time used to be in the 5-6 second range but now with the addition of the Localdirectors and BGP/multihoming our site load times average close to .5 seconds but occasionally bounce up to 2-3 seconds if we get some high-latency from one of the providers. I'm getting ready to switch to two DS3's here in a few weeks which will simplify things a bit and add much needed bandwidth. Anyway, I'll paste my config in here after I try to answer your questions. My disclaimer is that I still haven't had the time to become 'proficient' with BGP but my config works. :) a. One thing I found was I was much better off to have the ISP send a default route along with everything else and then weight it on my side. I never got what I considered to be a satisfactory solution when I tried to do it with static default routes. If you have the ISP send default routes then you can pretty much guarantee that everything will be dynamic. I had a couple situations where the BGP session went active but the links were fine and data wouldn't switch over to the other links. (dynamic=good) b. This strategy works well for me although you may want to find out where those 4 T1's are homed to. Definately make sure they're not on the same router as the DS3 and, although it'll close some of your load *balancing* prospects I prefer to have the T1's split between different routers as well. (all the redundant links don't do very well if the router that they home to crashesI had the 'opportunity' to learn that one as well) c. Using the T1's for every day traffic is up do you. However, since you'll be using BGP (and I guess even without BGP) any other person who happens to be on the same router that you have a T1 on will always go through the T1 because it's the shortest path. d. You'll have to worry about some of that but maybe not all. Your ISP should be able to help you get through any sticky areas. e. Ummm, I dunno...I'm open to suggestion :) I'm partial to using the route-cache on links with that much bandwidth but I'd welcome a more experienced answer as well. f. Another router shouldn't be required unless you feel the need for hardware redundancy as well. I'm currently using a 4700M for mine which is underpowered but I should be replacing that with a 7206 in a couple weeks. The limitation on the 4700 was memory and backplane speed...it seemed to have plenty leftover horsepower for the situation I put it in. Even with high bandwidth utilization the processor stayed at a very reasonable level. If it'll help, I'll forward a copy of my 7206 config when I get that ready. Here's a stripped version on my confighope it helps! ! interface Hssi0 description SMDS no ip address no ip directed-broadcast encapsulation smds crc 32 ! interface Hssi0.2 multipoint ip address X.X.X.X ip access-group 111 out no ip directed-broadcast bandwidth 32000 smds address c180.4703.1950 smds multicast ARP e180.4703.6039 207.68.0.0 255.255.255.0 smds multicast IP e180.4703.6039 207.68.0.0 255.255.255.0 smds enable-arp ! interface Serial0 ip address X.X.X.X ip access-group 111 out no ip directed-broadcast encapsulation ppp no ip mroute-cache bandwidth 1544 no fair-queue hold-queue 100 out ! interface Serial1 ip address X.X.X.X ip access-group 111 out no ip directed-broadcast bandwidth 1544 no fair-queue hold-queue 100 out ! interface Serial2 ip address X.X.X.X ip access-group 111 out no ip directed-broadcast encapsulation ppp bandwidth 1544 no fair-queue hold-queue 100 out ! interface Serial3 ip address X.X.X.X ip access-group 111 out no ip directed-broadcast encapsulation ppp bandwidth 1544 no fair-queue hold-queue 100 out ! router bgp X no synchronization network X.X.X.X neighbor X.X.X.X remote-as 7018 neighbor X.X.X.X timers 10 30 neighbor X.X.X.X distribute-list 10 out neighbor X.X.X.X route-map attweight in neighbor X.X.X.X route-map addas out neighbor X.X.X.X remote-as 7018 neighbor X.X.X.X timers 10 30 neighbor X.X.X.X distribute-list 10 out neighbor X.X.X.X route-map attweight in neighbor X.X.X.X route-map addas out neighbor X.X.X.X remote-as 7018 neighbor X.X.X.X timers 10 30 neighbor X.X.X.X distribute-list 10 out neighbor X.X.X.X route-map attweight in neighbor X.X.X.X route-map addas out neighbor X.X.X.X remote-as 7018 neighbor X.X.X.X timers 10 30 neighbor X.X.X.X distribute-list 10 out neighbor X.X.X.X route-map attweight in neighbor X.X.X.X route-map addas out neighbor X.X.X.X remote-as 11146 neighbor X.X.X.X timers 10 30 neighbor X.X.X.X distribute-list 10 out neighbor X.X.X.X route-map baisweight in neighbor X.X.X.X remote-as 11146 neighbor X.X.X.X timers 10 30 neighbor X.X.X.X distribute-list 10 out neighbor X.X
RE: Analog Dial Backup
I've had problems with the ip address negotiated setup before...although with ISDN. I could make the connection but my routing tables wouldn't update (EIGRP). You can usually pay the ISP a few dollars per month extra and get them to assign a static IP to your account but I haven't tried it with that exact scenario. Daniel -Original Message- From: News Cisco To: [EMAIL PROTECTED] Sent: 6/29/00 2:56 PM Subject: Re: Analog Dial Backup i've tried that doesnt seem to work,,,! "Tan Choh Koon" <[EMAIL PROTECTED]> wrote in message 008a01bfe173$27a9eec0$[EMAIL PROTECTED]">news:008a01bfe173$27a9eec0$[EMAIL PROTECTED]... > Sorry it should be , ip address negotiated. > > > > - Original Message - > From: Tan Choh Koon <[EMAIL PROTECTED]> > To: Michael Fountain <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; > <[EMAIL PROTECTED]> > Sent: Thursday, June 29, 2000 9:25 AM > Subject: Re: Analog Dial Backup > > > > Hi, > > > > Use this command : > > > > ip address negotiable > > > > > > - Original Message - > > From: Michael Fountain <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > > Sent: Thursday, June 29, 2000 4:34 AM > > Subject: Re: Analog Dial Backup > > > > > > > I haven't this yet, but plan to shortly - > > > > > > Cisco has something called "easy IP". You should be able to find some > > > references to it on their web page. It is also in the IOS Dial > solutions > > > book. Basically it looks like you set up the router for NAT, and then > > also > > > to recieve an IP from a DHCP server and then it will NAT into that > dynamic > > > address. > > > > > > Has anyone worked with this yet? > > > > > > > > > > > > > >this will definitely work, but I had some problems dialing into my ISP > & > > > >getting assigned an IP address dynamicaly, any hints ? > > > >'Bliss' > > > > > > > > > > > >Olden Pieterse <[EMAIL PROTECTED]> wrote in message > > > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > > Hi there > > > > > Here is my shot in the dark on this one . > > > > > First configure yor aux port , I think its line 0 > > > > > so... > > > > > conf t > > > > > line aux 0 > > > > > speed 38500 > > > > > modem inout ( so you can call in & out) > > > > > transport input all (so it'll take anything , but change it to > your > > > >fancy > > > > > ) > > > > > transport preferred telnet (so if you telnet you dont have to wait) > > > > > autoselct ppp > > > > > modem autoconfigure type usr_courier > > > > > flowcontrol hardware > > > > > exec-timeout 0 0 > > > > > exec > > > > > > > > > > logical setup > > > > > interface async 1 (uax 0 === async 1) > > > > > ip unnumbered ethernet 0 > > > > > ip tcp header-compression passive > > > > > encap ppp > > > > > async default ip address x.x.x.x (keep this address in the same > > subnet > > > >as > > > > > your ethernet 0) > > > > > async mode interactive > > > > > > > > > > I got this at www.cisco.com/warp/701/6.html > > > > > > > > > > It explains it really well ! > > > > > Hope it helps > > > > > > > > > > Cheers > > > > > Olden > > > > > > > > > > > > > > > -Original Message- > > > > > From: Atef Rostom [mailto:[EMAIL PROTECTED]] > > > > > Sent: Wednesday, June 28, 2000 12:16 PM > > > > > To: [EMAIL PROTECTED] > > > > > Subject: Analog Dial Backup > > > > > > > > > > > > > > > Hi All, > > > > > > > > > > I am trying to configure a 1720 to use the Aux port as a backup for > > the > > > > > serial port. > > > > > > > > > > I want it to dial using a USRobotics Courier modem. > > > > > > > > > > Please tell me if you tried this before. > > > > > > > > > > Thanks, Atef > > > > > > > > > > ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco VPN Software
err, yeah1.0a and 1.1. :) Sorry about the confusion. However, I did use the 1.1 client with the 5.0.3 firmware with no problems. A few of the problems I had with the 1.0 client were: Slow authentication/tunnel creation times. Inability to connect to more than two subnets at a time. (unfortunately I have many leftover IP ranges in my network that I'm in the process of cleaning up. I'm in the process of switching everything to a 10.x.x.x addressing scheme). Adequate but not speedy encryption which played havoc with WINS every so often. Minor stuff such as logging didn't work on the 1.0 client. The 1.1 client fixed all of these problems. You have to admit that both of them are simple to configure though. I'm getting ready to test the 3030 VPN Access Concentratorlet me know if you have any questions about that one and I'll try to test it out for you. -Original Message- From: Vern Stitt To: [EMAIL PROTECTED] Sent: 6/29/00 3:03 PM Subject: Re: Cisco VPN Software Hey Daniel, I haven't seen the Cisco VPN Client 1.2 version yet. I do know that on a PIX, firmware 5.0.3 and below required version 1.0 and firmware 5.1 and above required version 1.1. I would advise sticking with 5.0.3 and 1.0 on a PIX just because of the PIX firmware stability. I do agree that the 1.1 VPN Client was easier to setup because the defaults were the settings I wanted. In 1.0 I had to adjust almost everything. Vern Stitt CCNA, MCSE, Etc. <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED] ... > Make sure you download the 1.2 version (the latest one). It's much more > refined than the previous one and seems to have taken care of many of the > issues that I used to have. My speed seemed to increased quite a bit with > the new version but it's hard to tell if it was the new client or if I just > happened to get lucky with the bandwidth to my office. > > Has anyone had a chance to compare the Raptor Power VPN server/client with > Cisco's solution yet? > > Daniel > -Original Message- > From: Russell Lusignan [mailto:[EMAIL PROTECTED]] > Sent: Thursday, June 29, 2000 10:53 AM > To: [EMAIL PROTECTED] > Subject: Re: Cisco VPN Software > > > Cisco Secure VPN client is what your looking for > > http://www.cisco.com/kobayashi/sw-center/vpn/vpnclient/ > > Need CCO access to download it > > Hope that helps! > Russ.. > > > ""Dave Santeramo"" <[EMAIL PROTECTED]> wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Does Cisco make a VPN client to go with a VPN capable 2621? Can anyone > > recommend a free one if Cisco does not have one. > > > > > > > > ___ > > To get your own FREE ZDNet Onebox - FREE voicemail, email, and fax, > > all in one place - sign up today at http://www.zdnetonebox.com > > > > ___ > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > > FAQ, list archives, and subscription info: http://www.groupstudy.com > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > --- > > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco VPN Software
Make sure you download the 1.2 version (the latest one). It's much more refined than the previous one and seems to have taken care of many of the issues that I used to have. My speed seemed to increased quite a bit with the new version but it's hard to tell if it was the new client or if I just happened to get lucky with the bandwidth to my office. Has anyone had a chance to compare the Raptor Power VPN server/client with Cisco's solution yet? Daniel -Original Message- From: Russell Lusignan [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 29, 2000 10:53 AM To: [EMAIL PROTECTED] Subject: Re: Cisco VPN Software Cisco Secure VPN client is what your looking for http://www.cisco.com/kobayashi/sw-center/vpn/vpnclient/ Need CCO access to download it Hope that helps! Russ.. ""Dave Santeramo"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Does Cisco make a VPN client to go with a VPN capable 2621? Can anyone > recommend a free one if Cisco does not have one. > > > > ___ > To get your own FREE ZDNet Onebox - FREE voicemail, email, and fax, > all in one place - sign up today at http://www.zdnetonebox.com > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: LAN Monitoring-Help!!!
MRTG should work fine as long as the counters don't roll over too fast. You can tell MRTG to update every 60 seconds instead of the default 300 if you need to. There are others packages out there but I believe they all depend on the same countersplus you just have to love MRTG! Daniel -Original Message- From: kaushik khakhar To: [EMAIL PROTECTED] Sent: 6/27/00 3:17 AM Subject: LAN Monitoring-Help!!! Hi Group, In a LAN environment, we have Cisco Works and few Cisco switches with 10/100 Mbps and Gbps ports. I want to monitor them simultaneously for traffic on each port. I am aware of MRTG too, but dont know whether it will monitor Gbit port? question is: 1. How to monitor Gigabit port? 2. How to monitor Mbps and Gigabit port simultaneously? Kindly extend your help. Do I need to use some other tool?? Thanks and Regards, Kaushik Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]