2501 VPN [7:73977]

2003-08-14 Thread Henry Volentine 
I need assistance configuring VPN between a Cisco 2501 and a Cisco 827H. 
Both routers have IOS that supports VPN.  The 2501 is connected to the ISP
via a 768kb fractional T1 and the 827H has an ADSL connection to the same
ISP.  If anyone could please send sample configurations for either router, I
would appreciate it.  [EMAIL PROTECTED]


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=73977&t=73977
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

VOIP Class Recommendation [7:73480]

2003-08-04 Thread Henry D. 
Does anyone have any recommendations for taking a class/training on the VOIP
stuff ?
I'm looking for something Cisco oriented, but if someone has something good
to
recommend on more general implementation options, and design for different
protocols like SIP/H.323/MGCP, etc, that would be good too. Basically I'm
looking
to get more familiar with the AS53xx series, the interconnections with PSTN,
gatekeeper, SIP proxies, added value services, etc. Not looking for CIPT
stuff,
but rather gateway type solutions.

Thanks so much !




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=73480&t=73480
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Why I can't get ciscoMemoryPoolUtilization1Min? [7:72889]

2003-07-24 Thread henry bb 
$ snmpget -c public -v1 10.1.200.2 1.3.6.1.4.1.9.9.48.1.2.1.1.0 
Error in packet 
Reason: (noSuchName) There is no such variable name in this MIB. 
Failed object: SNMPv2-SMI::enterprises.9.9.48.1.2.1.1.0 
$ snmpget -c public -v1 10.1.200.2 1.3.6.1.4.1.9.9.48.1.1.1.6.0 
SNMPv2-SMI::enterprises.9.9.48.1.1.1.6.1 = Gauge32: 16313376 
$ 

the router's ios is c3660-js-mz.122-5d.bin. 
Why I can't get ciscoMemoryPoolUtilization1Min ? From SNMP Object Navigator
,I know the ios support ciscoMemoryPoolMIB .Do I need any another config or
something ?

thanks for your help 

Henry


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=72889&t=72889
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: question about proxy-arp [7:71113]

2003-06-23 Thread henry bb 
today I already know why 2500 can ping 88.1.77.1 because proxy-arp doesn't
function on serial interface.
so what's the real function of proxy-arp on serial interface ? 
Does it work when bridge on the serial interface ? 
If bridge on serial interface,how ios transfer arp ? I think there isn't mac
address on serial interface . Is there some encapusation to packet the mac
and transfer the lan frame through serial interface ?

regards 
Henry 


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=71120&t=71113
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

question about proxy-arp [7:71113]

2003-06-22 Thread henry bb 
2500-s0-88.1.201.1/16--88.1.201.2/24-s1/0--2611--e0/0--88.1.77.2/24---88.1.77.1/24-f0/42-3550
 

I can ping from router 2500 to 88.1.77.1 even if I disable proxy-arp of
2611's s1/0.
There isn't any dynamic or static routing except a default route on 3550 to
2611.
I can't understand this. Does I misunderstand the function of proxy-arp ? 

another related question, 
what's the real function of proxy-arp on serial interface ? 
thanks! 

Regards 
Henry 


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=71113&t=71113
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: netbios [7:71084]

2003-06-22 Thread Henry D. 
Since your question already assumes these port ranges, it would
mean your question is really whether NetBIOS over TCP/IP can
be routed. And as such, it can, just like any other IP traffic.

""koh jef""  wrote in message
news:[EMAIL PROTECTED]
> hi guys,
>
> can netbios,using port 137, 138 and 139 be routed thru WAN ???




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=71105&t=71084
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco Beta exams [7:70659]

2003-06-15 Thread Henry D. 
To be honest, I don't like them :-(

I took few beta exams and never got to pass any of them. When I went for
the final version once available, I had no problems clearing any of them.
And I don't think the problem was with my preparations either. The few exams
I took were rather poorly structured, with many questions having multiple
right answers.
Literally, you could have a question and 4 answers, with 2 of the answers
being
exactly the same, how do they score that beats me.

So, my advice, if you get it for free, go ahead and test yourself but if you
have to pay
anything, save yourself the few bucks and time and prepare for the final
thing.


""Rodrigo Baldez""  wrote in message
news:[EMAIL PROTECTED]
> Just a curiosity..
> What are the most diferences between the normal cisco exams and the
> temporary beta ones? Besides the price, are they more difficult? More
> questions? I heard that you don4t receive a grade when you finishes any
> beta,  and so you can only know few weeks ahead is that true?
>
> Regars,
> rodrigo




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=70682&t=70659
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Help with Cisco 3745 configuration [7:69765]

2003-05-30 Thread Henry D. 
hmm, let's not forget we're not routing just for the routing sake. There is
much
more then just setting up these few routers to make them talk to each other.
What will be routed data wise, what type of connectivity, applications,
topology, protocols, business requirements, etc, etc.
If you understand all that, and have some prior Cisco experience you might
be able to pull
it off without sepending too much time on the project. But if not, and your
skills
are lacking (whether router or design) then $5500 might be the way to go.
Unless
of course that fee doesn't cover the planning/investigaiton/design steps
then you might
be better off spending time on it yourself and re-learning/refreshing your
skills.

How much is your day's work actually worth ? :-) Add it all up and see
what's better for you
or your employer :-)



""J B""  wrote in message
news:[EMAIL PROTECTED]
> Hi, Everyone
> I just been awarded the responsibility of installing 4 3745 Cisco routers.
> The local phone company wanted $5500 dollars for the installation and my
> employer thinks is to much.  I was looking at the Cisco website for sample
> configurations but I couldn't find them.  I need to share the T1 channels
> link for voice and data.  I haven't done Cisco for like 2 years.  Can
> someone help me with some guidance to find some information in how to do
that.
>
> Thanks
> JBary




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=69791&t=69765
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

GRE OR IPSEC? [7:66980]

2003-04-06 Thread henry bb 
I have following topo:
lan a---router a---router b--lan brouter crouter d---lan c
lan a will communicate with lan c with ip protocol.But I don't want lan c
can communicate with lan b.How could I do ?
I setup gre tunnel between lan a and lan c,but lan c can also visit lan b.
any comment are apprecatied,thanks!


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66980&t=66980
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: A career in MPLS..... [7:66609]

2003-04-01 Thread Henry D. 
I don't mean to start any type of argument here, especially with someone
who obviously has more experience than I do. Yes, you've been
contributing to this study group many times. But also many times
your contributions are rather rethorical than practical and at the same
time you seem to draw attention to what your opinion is rather than to
give an educated and objective view backed by any type of real life
examples. So yes, I'm saying that some times you don't quite stick
to the subject at hand. I don't see how your view on Cisco's curriculum
in re to MPLS can be taken seriously without you putting actual examples
of how you came to that conclusion. Even if the knowledge required for
achieving
Cisco's recognition in re to MPLS was not as advanced as one would hope,
shouldn't we look at positives of the whole process ? There are still things
to be learnt, and emphasising them rather than the weaknesses would be a
better idea. You won't become an expert just by passing the test or taking a
trainig
class, but at the same token, you can still learn a lot while achieving
those CCXX
goals.

Anyway, I'm sure there will be a good response coming, so let me be done
with this subject. I had an early start today and I'm tired now.

Good night !


""nrf""  wrote in message
news:[EMAIL PROTECTED]
> ""Henry D.""  wrote in message
> news:[EMAIL PROTECTED]
> > Let me say up front, I don't have much experience in MPLS, I have
> > only played with it in the lab and not all that extensively either.
> > But CN is simply trying to get an idea of what to expect to go that
road.
>
> I believe that was precisely what I answered.
>
> > Is "nrf" saying not to advance in this field by studying Cisco's way of
> > emphasising MPLS ?
>
> What I said is that if you want to advance in that field, you will need
> substantially more than what Cisco wants you to know about it.  Read my
post
> again.
>
> >You know, we all have our doubts, he's brave enough
> > to come to this group and ask questions. As far as L3VPN's, why not
> > concentrate
> > on that at least to start with.
>
> I never said not to learn L3VPN's.  Read my post again.  What I said is
that
> study of L3VPN's shouldn't be emphasized to the degree that Cisco seems to
> emphasize it.
>
> > It's still one reason to do the MPLS thing.
> > By just
> > doing that he'll need to touch on many aspects of MPLS anyway. He will
> still
> > use either LDP or RSVP, he still will use the LSP establishment, he
might
> as
> > well
> > learn the TE options available for establishment of those LSP's. He'll
> need
> > to learn
> > how to use the LSP's for pushing traffic over them. He'll learn what and
> how
> > the
> > labels get pushed/popped. Then why not study it that way. He's not
> advancing
> > his
> > MPLS skills, he might not have any yet. He's simply trying to see if he
> will
> > be able to utilize any of the skills he will have to learn to make it
> worth
> > it his while.
>
> No doubt all learning is good.  Again, read my post again.  I never said
> that he shouldn't learn it.  What I said is that he shouldn't necessarily
> learn it "the Cisco way".
>
> >
> > Well, maybe someone else with more experience in MPLS arena and someone
> more
> > objective can give a better insight as to whether there is a demand for
> > these skills.
>
> Are you implying that I'm not objective - that I have some kind of agenda?
>
> >
> >
> >
> > ""nrf""  wrote in message
> > news:[EMAIL PROTECTED]
> > > ""Cisco Nuts""  wrote in message
> > > news:[EMAIL PROTECTED]
> > > > Hello group, How does one feel about a career in MPLS...I mean doing
> > MPLS
> > > > as part of your core job day in and out.Is it worth it? Since
our
> > > > network does not use MPLS (maybe never will) inspite of being one of
> the
> > > > Big Four Tier 1 SP's
> > >
> > > Let me guess.  Do you work for Sprint?
> > >
> > > >are there other SP's that use MPLS in their
> > > > backbone??
> > >
> > > Yeah, there are some.
> > >
> > > >I have just given myself a month or so break from my CCIE Lab
> > > > Prep.(yeah!yeah! most would consider me stupid on this)  to study
MPLS
> > > > for the CCIP  and am thinking if I should pursue this subject just
> like
> > I
> > > > did for BGP.know

Re: A career in MPLS..... [7:66609]

2003-04-01 Thread Henry D. 
Let me say up front, I don't have much experience in MPLS, I have
only played with it in the lab and not all that extensively either.
But CN is simply trying to get an idea of what to expect to go that road.
Is "nrf" saying not to advance in this field by studying Cisco's way of
emphasising MPLS ? You know, we all have our doubts, he's brave enough
to come to this group and ask questions. As far as L3VPN's, why not
concentrate
on that at least to start with. It's still one reason to do the MPLS thing.
By just
doing that he'll need to touch on many aspects of MPLS anyway. He will still
use either LDP or RSVP, he still will use the LSP establishment, he might as
well
learn the TE options available for establishment of those LSP's. He'll need
to learn
how to use the LSP's for pushing traffic over them. He'll learn what and how
the
labels get pushed/popped. Then why not study it that way. He's not advancing
his
MPLS skills, he might not have any yet. He's simply trying to see if he will
be able to utilize any of the skills he will have to learn to make it worth
it his while.

Well, maybe someone else with more experience in MPLS arena and someone more
objective can give a better insight as to whether there is a demand for
these skills.



""nrf""  wrote in message
news:[EMAIL PROTECTED]
> ""Cisco Nuts""  wrote in message
> news:[EMAIL PROTECTED]
> > Hello group, How does one feel about a career in MPLS...I mean doing
MPLS
> > as part of your core job day in and out.Is it worth it? Since our
> > network does not use MPLS (maybe never will) inspite of being one of the
> > Big Four Tier 1 SP's
>
> Let me guess.  Do you work for Sprint?
>
> >are there other SP's that use MPLS in their
> > backbone??
>
> Yeah, there are some.
>
> >I have just given myself a month or so break from my CCIE Lab
> > Prep.(yeah!yeah! most would consider me stupid on this)  to study MPLS
> > for the CCIP  and am thinking if I should pursue this subject just like
I
> > did for BGP.know it inside out cold.and maybe consider a new
> > career/job in MPLS (obviously along with BGP, MBGP, MCast etc...) Does
> > anyone know of how MPLS is viewed out there?   I mean, in terms of
> > implementation, popularity and last but not the least , $$$ ???
;->Which
> > of the Big SP's or Enterprise networks have implemented MPLS? Has it
been
> > worth the advantages that MPLS proposes??Thank you.Sincerely,CN
>
> The way I see it is this.  MPLS is potentially powerful technology for it
> can be used as a lingua-franca among a carrier's network and transport
layer
> and also as a way to impose circuit-switching discipline upon IP and
> therefore offer circuit-switching services with a pure IP network.
>
> But MPLS is by no means a slam-dunk.   Certain carriers, most notably
> Sprint, have elected not to go down the MPLS path because they believe the
> technology is immature (and they are correct) and also because they
believe
> that they can garner the benefits of MPLS by other means (also correct).
> The point is that while MPLS offers great potential, it also presents
> problems, so implementing it is not a no-brainer.
>
> And furthermore, I don't particularly like the way that Cisco is pushing
> MPLS, particularly in its cert program.  In my opinion, I think Cisco's
cert
> programs emphasize the least useful parts of MPLS while neglecting the
more
> useful parts.  For example, I don't understand why Cisco pushes LDP the
way
> it does, for LDP merely builds LSP's that correspond to the route table,
but
> what's so useful about having LDP's that look like the route table?  It is
> far more useful to build LSP's that differ from the route table, but the
> methods of doing that are not really covered very much (if at all) in the
> Cisco curricula.  Also, I don't understand why Cisco places such an
emphasis
> on L3VPN's, as if L3VPNs were the only important service that MPLS
enables.
> L3VPN's are only one of the new services that you can enable, and in my
> opinion, one of the less important ones.  Far more important are the L2VPN
> capabilities and the ability to unify IP, ATM, and optical into a single
> management plane.The point I'm making is that if you merely study MPLS
> according to the Cisco curricula, you really haven't learned much about it
> that's actually useful.
>
> >
> > 
> >
> > Add photos to your messages with MSN 8. Get 2 months FREE*.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66628&t=66609
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: What tools can tell u r using lease line or IS [7:66561]

2003-03-31 Thread henry bb 
or syslog server


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66582&t=66561
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: why I can't download IOS to router via ftp? [7:66528]

2003-03-31 Thread henry bb 
I got it.it's a bug CSCdv70284.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66583&t=66528
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: why I can't download IOS to router via ftp? [7:66528]

2003-03-30 Thread henry bb 
If I use sniffer to trace,there are not any ftp packet from router to my pc.
So I think maybe there are some problem on router when execute the command.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66541&t=66528
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: why I can't download IOS to router via ftp? [7:66528]

2003-03-30 Thread henry bb 
26t02#copy ftp://test:[EMAIL PROTECTED]/c2600-is-mz.120-21.bin flash:
Destination filename [c2600-is-mz.120-21.bin]?  

problem is same


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66539&t=66528
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: This is even better - RIP / OSPF redistribution [7:66057]

2003-03-24 Thread Henry D. 
hmm, don't know the whole story, but once you redistribute ospf into rip and
you mess up filtering on the interface, wouldn't that allow you to see the
redistributed routes on the router connecting to that interface ?
It's just another way to see whether what you implemented actually does
work...


""The Long and Winding Road""  wrote in
message news:[EMAIL PROTECTED]
> Again, a CCIE practice lab -
>
> R5 - the task calls for mutual redistribution of OSPF and RIP
>
> The next task says that no routes are to be advertised out the RIP
> interface - only in.
>
> So tell me, why are we even bothering with the OSPF into RIP
redistribution?
>
> I'm not sure I can fall asleep tonight, I'm laughing so hard.
>
> Goodnight.
>
> --
> TANSTAAFL
> "there ain't no such thing as a free lunch"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66084&t=66057
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Getting out of hand?? [7:65676]

2003-03-19 Thread Henry D. 
Peter,

I have many times come to the similar conclusion in regards to Cisco's
ways of screwing up the whole certification recognition. It's no more
one of the ways to validate individual's knowledge of technologies and
Cisco products...However, as hard as I have worked to get the #
I don't think I can afford to simply not recertify. Sure, there may be no
reson right now as I'm still employed, but I might need it later on.
The cert is still one of the things people look at before deciding to invite
you for the interview, I don't necessarily say this is good, but that's what
it is
and at least for that one reason it makes it worth it to recertify for me.

Well, don't get too discouraged..


""Peter van Oene""  wrote in message
news:[EMAIL PROTECTED]
> At 07:31 PM 3/18/2003 +, Priscilla Oppenheimer wrote:
> >Maccubbin, Duncan wrote:
> > >
> > > How is the industry supposed to keep up with this??
> >
> >What's the issue? Not sure I'm seeing your point. What's wrong with Cisco
> >announcing that their product received some sort of certificaton?
>
> Exactly.. I think the poster mistook the possibly ambiguous announcement
as
> yet another CCXX cert.
>
> >Now, if you were concerned that Cisco has too many ways for people to get
> >certified and that the situation is getting out of hand, I might agree.
>
> I really am surprised at how many folks pour their heart/money into
getting
> one after another.   I'm also amazed at how many folks will try and devote
> a good portion of interview time to showing me their various certificates.
> After the first couple I pretty much grasp that you have enough short term
> memory to get through a multiple choice exam and we should really get back
> to talking about technologies.
>
> Cisco makes big bucks on these certifications.  The recert requirements
> create a beautiful residual revenue stream making this business unit very
> attractive internally to Cisco.  Since they doubled the cost of the CCIE
> recert, purely for profit, I have decided to let my certification lapse vs
> give in to this obvious cash grab.  Kudos to Cisco for making their VAR
> channels one of their more lucrative revenue sources.
>
> >Priscilla
> >
> >
> > >
> > > "Cisco also announced today highly prestigious certification
> > > support across
> > > the entire PIX Family of security appliances. Certifications
> > > earned include
> > > the Common Criteria Evaluation Assurance Level 4 (EAL4)
> > > certification, and
> > > both ICSA Labs firewall and IPSec certifications. These
> > > certifications
> > > provide customers with independent and objective validation
> > > that a company's
> > > product meets certain levels of quality and reliability, and
> > > are among the
> > > industry's most respected and stringent criteria for
> > > certification.
> > > Providing customers broad certification support across the
> > > Cisco PIX family
> > > within a common operating system increases operational
> > > efficiencies and
> > > lowers support and management costs."
> > >
> > >
> > > Duncan Maccubbin
> > > US Network Support, Cable and Wireless
> > > CCNA, CCNP, CSS1, MCSE4
> > > Work (703)287-6975
> > > [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=65744&t=65676
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: I see Cisco still hasn't fixed that bug [7:64813]

2003-03-09 Thread Henry D. 
Chuck, you might want to read up on classful properties of
this command...here's a tip:

http://www.cisco.com/en/US/customer/tech/tk648/tk365/technologies_tech_note0
9186a0080094374.shtml#ipnetwork



""The Long and Winding Road""  wrote in
message news:[EMAIL PROTECTED]
> you know the one. you're working with subnets of a classful network. let's
> say 10.0.0.0. you enter the command ip default-network 10.1.1.0 and what
> shows up in the running config is ip route 10.0.0.0 255.0.0.0 10.1.1.0.
>
> Then try as you might, the command no ip route 10.0.0.0 255.0.0.0 10.1.1.0
> does not work. The error message states there is no matching route. Have
to
> reload before you can get the command to take.
>
> This one has been the bane of many a poor CCIE Lab candidate. Maybe that's
> why Cisco leaves it in there.
>
> --
> TANSTAAFL
> "there ain't no such thing as a free lunch"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64869&t=64813
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Best Book/DOCs on MPLS [7:64257]

2003-03-03 Thread Henry D. 
I dunno about "best" but there are some titles published by Cisco Press
www.ciscopress.com , also www.juniper.net has some good papers.
Besides that, there are many web sites out there that cover the subject
and the nitty-griddy RFC's :-)

 wrote in message news:[EMAIL PROTECTED]
> Hi All,
>
> Dose anyone recommend a good book on MPLS or dose anyone know a good
> link.
>
> Thanks
> Tarry




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64303&t=64257
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Who likes BGP? [7:64132]

2003-03-01 Thread Henry D. 
I agree with the part that there are many human related problems
with BGP configs and policies implementations. But that's the case
with other protocols as well. In BGP's case it's probably showing more
of people's carelesness or misunderstanding of the working of the protocol
since as you mentioned there are rare instances of protocol implementations
besides the Internet. All the things you can implement facing the customer
are fine and dandy, you can protect yourself and the customer has to adhere
to certain policies as well. I think there is a problem with the scope of
some
networks, if you have to deal with filtering and such of hundreds or
thousands
of prefixes then you will see there is a good chance for mistakes. This is
probably even more a case with inter-provider peerings, where you are really
limited to what you can do as the work load on you would be quite
substantial.
Even if you did the proper work, there are cases for updates and revisiting
where
you can run into additional problems.

All in all, I don't think the problem is with the protocol,
it's the diveristy of the networks that need to be supported,
lack of consistent information and obviously the human factor.


""Logan, Harold""  wrote in message
news:[EMAIL PROTECTED]
> In my uneducated opinion, it seems to me like there are much larger
concerns
> out there than BGP security. I say uneducated because I haven't worked for
> an ISP, nor have I worked for any other organization that would run BGP.
My
> BGP experience consists of reading and lab work, that's it. I'm a Cisco
> Network Academy instructor, and the majority of my experience is from lab
> work and consulting. I'm teaching my first CCNP Routing class starting
next
> week, so any input from those in the know would be appreciated. Hell, I'll
> appreciate input from those not in the know, I'm not picky... just don't
> expect me to take it as gospel truth.
>
> When I tell a router to peer with another BGP speaker, I can put
> restrictions on it. I can tell it what AS paths I'll accept from that
peer,
> and what prefixes I'll accept from that peer. If I'm an ISP peering with a
> customer who has the class C network 210.5.5.0 assigned to them, do I not
> have a responsibility to configure my BGP router to ignore any BGP
> advertisements from that customer that are not advertising 210.5.5.0? I
know
> that no one is going to hold me to it, it's not like the IETF has a squad
of
> mercenaries who are going to kick the door in and check my configs, but
> doesn't that responsibility fall to both the customer and the ISP?
>
> Sorry if I'm off base here, but that's my basic understanding of how
things
> work; the customer has a responsibility to only advertise their networks,
> and the ISP has a responsibility to only accept advertisements for that
> customer's networks. Does the same relationship exist among ISPs, or do
> things get too complex to filter updates at that point?
>
> It seems like the "security hole" in BGP is the human that configures a
BGP
> router to accept any route it gets. Thoughts?
>
> Hal Logan CCAI, CCDP, CCNP: Voice
> Network Specialist / Adjunct Faculty
> Computing & Engineering Technology
> Manatee Community College
>
>
> > -Original Message-
> > From: Edwin R. Gonzalez [mailto:[EMAIL PROTECTED]
> > Sent: Friday, February 28, 2003 11:39 PM
> > To: [EMAIL PROTECTED]
> > Subject: Who likes BGP? [7:64132]
> >
> >
> > Hey,
> >
> > It's your friendly neighborhood CISCO MAN!
> > Sorry, it's Friday night, I'm still at work with a coffee
> > buzz that might last me until the morning.
> >
> > I came across this article that might be of interest to
> > some people, check it out;
> > http://news.com.com/2100-1009-990608.html?tag=fd_lede1_hed
> >
> >
> >
> > --
> > _
> > The harder you work, the luckier you get!
> > _
> > The only place success comes before
> > work is in the dictionary!!!
> > _




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64167&t=64132
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Can you claim Cisco Tests as a tax exemption? [7:64042]

2003-02-28 Thread Henry D. 
I suppose if you're able to itemize deductions there should be no problem,
I do it all the time, that also includes books, any travel expenses related
to
taking the exams or improving my professional skills, buying the equipment,
etc.
As long as you have a prove, such as credit crad statements you should be
good to go.

""Mossburg, Geoff (MAN-Corporate)""  wrote in
message news:[EMAIL PROTECTED]
> Does anyone know if it's legal to claim the price of a Cisco test and/or
> Cisco class as an exemption on your Federal taxes? From what I'm reading
in
> the IRS's Publication 529, "Miscellaneous Deductions", it sure seems like
> it!
> Geoff Mossburg




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64102&t=64042
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MBGP/MPLS VPN question [7:64036]

2003-02-27 Thread Henry D. 
I don't think they should have a problem. The VRF should be created just for
you so there should be no conflict. I never used this service from any of my
providers so I cannot be certain. But as far as I'm concerned they shouldn't
even care what addressing you're using between the sites. They provide the
tunnel
and shouldn't care much for your addressing scheme unless you ask them too,
and as long as your contract is properly setup I think it would be no big
deal.


""Lo Ching""  wrote in message
news:[EMAIL PROTECTED]
> Dear All,
>
> We have some ip address that use internally,eg, 30.x or 40.x but it is not
> in private address range. Can I still use this range when connect to the
> IP-VPN provider that using MPLS technology? I know that MPLS can allow
> overlapping of customer address by using VRF and RD. I wonder any
technical
> conflict issue on Normal BGP in this case.
>
> Thanks in advance.
>
> rgds,
> Lo Ching




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64041&t=64036
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Loopback Testing [7:63515]

2003-02-21 Thread Henry D. 
Actually, Frame Relay switches don't forward the loop messages received on
local
port to the remote port. You can only loop between each end router and it's
local
Frame Relay switch. So, unless this is a cross-over simulation, you won't be
able to achieve end-to-end loop. So, you can do loopback tests between each
end router and it's Frame Switch. As long as those tests show fine - and
your
configuration is correct :-)  - and you still have issues it might simply be
the telco
problem. But most often than not, you gotta prove it to them by running
these tests.


""Curious""  wrote in message
news:[EMAIL PROTECTED]
> I want to do a loopback testing between my router and a remote router over
a
> Frame Circuit.
> Tell me what i need to configure
> Both routers are Cisco 2600 and running 12.0 IOS.
>
> thanks,
>
>
> --
> Curious
>
> MCSE, CCNP




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63526&t=63515
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco CWDM Experiences [7:62841]

2003-02-12 Thread Henry D. 
Actually, this CWDM seems to be Cisco specific and is incompatible with
DWDM,
looks like mostly because of the wavelengths used in this solution. Cisco
has a 2-slot
chassis that pretty much you populate with OADM or MUX cards. These cards in
turn
are crossconnected to switches by SMF and you use special CWDM GBIC's
for that. The GBIC's are what provides different lambda. These GBIC's seem
to be supported
on multiple platforms with proper IOS/CatOS ranging from 2900 to 6500
series.

Here's the link:

http://www.cisco.com/en/US/customer/netsol/ns110/ns112/ns113/ns197/networkin
g_solutions_package.html

Looks like mostly plug-n-play as long as proper attenuation is considered
and you get the correct modules/GBIC's mix in there.

""Henry D.""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi everyone,
>
> I'm looking at some of the CWDM docs and this solution seems
> to be a really good (read easy) way to increase the bandwidth between
> sites with existing SMF. I don't have any DWDM experience, but looking
> at this solution it would seem you don't need to do much in order
> to achieve pretty substantial bandwidth increase.
>
> Does anyone have any experience with this technology ?
> Pretty much just looking to see how well this stuff really works
> in the field. It doesn't seem like you can do much to monitor/manage
> this solution which kind of makes me skeptical.
>
> Any inputs welcomed !




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62865&t=62841
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco CWDM Experiences [7:62841]

2003-02-11 Thread Henry D. 
Hi everyone,

I'm looking at some of the CWDM docs and this solution seems
to be a really good (read easy) way to increase the bandwidth between
sites with existing SMF. I don't have any DWDM experience, but looking
at this solution it would seem you don't need to do much in order
to achieve pretty substantial bandwidth increase.

Does anyone have any experience with this technology ?
Pretty much just looking to see how well this stuff really works
in the field. It doesn't seem like you can do much to monitor/manage
this solution which kind of makes me skeptical.

Any inputs welcomed !




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=62841&t=62841
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Enterprise Design Probelm / Study [7:61351]

2003-01-20 Thread Henry D. 
Consider yourself lucky, that's a great thing you get to work on a project
of
that scale, especially if you get to be one of the major players in putting
the puzzle
together. I wish I could be part of it as well. Good luck !

""The Long and Winding Road""  wrote in
message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Have I got a good one!
>
> Just got through reading an RFP for a large organization. Over 30 sites,
> 12,000 ports, and 2000 phones. Complete rebuild of the network LAN and WAN
> infrastructure. Add to that throwing out all their old PBX and key systems
> and building for VoIP and video, in addition to current data traffic. New
> switches, new routers, client asking for generous redundancy. L3 switching
> up the wazoo ( that's a technical term meaning lotsa money to spend )
>
> The thrill of the design is something else. Customer wants a centralized
> Call Manager, but also wants certainty in case of failure at any of the
> usual places.
>
> This oughta keep me out of trouble for a few weeks.
>
> TTFN
>
> Chuck
>
> --
> TANSTAAFL
> "there ain't no such thing as a free lunch"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61401&t=61351
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE Written Study Material [7:61026]

2003-01-14 Thread Bob Henry 
All,

What is a good Book to use as a basis for studying for
the CCIE written exam 350-001. I see this one on
Amazon. 

1) NLI's Study Guide for The CCIE R&S Written Exam

Please Advise,
Bob 

__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61026&t=61026
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: catalyst 6513 conversion from cos to ios [7:60388]

2003-01-05 Thread Henry D. 
I did this a little while back, all worked out pretty well during the
process.
As long as you follow the doc describing this on CCO you should be ok
(I know it's not all that clear but read it few times and you'll get it).

I think the problem with this upgrade could be rather poor documentation.
You have to make sure you get the right images for your particular
platform, making sure you apply proper images in regards to your
SUP1/SUP2 and MSFC1/MSFC2 and any other requirements, like the
boot image requirement of 12.0.7XE (I think, don't remember now) on MSFC.

The setup I used it with had rather simple L2/L3 implementation so I had no
major issues
with config convertion but I could see that as a problem if your setup is
more
convulted (if possible, testing it in your lab should be required).
Besides, maybe anyone here knows of any such tool to convert a
config from CatOS to IOS for 6000 series ???

Good luck !

""Thomas""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Has anyone ever converted a catalyst 6513 from COS to IOS.  If so did
anyone
> encounter any problems.  Any issues I should be aware of.  Thanks in
> advance.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=60391&t=60388
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Off Topic but interesting - R&S networking future? [7:59261]

2002-12-15 Thread Henry D. 
Since we're just throwing out our thoughts here...

I tend to disagree, following your logic, if the IP network
becomes such a commodity, I think this would just create more
jobs for people like us, I mean R/S guys. You seem to think that once the IP
network
is used for the services such as Voice, the Voice people
will have taken the jobs. This may be so to some degree. But from the
last few years of my experience, I doubt there will be a data network
acting as reliably as PSTN any time soon - as you mention about
broadband. For this reason, I think R/S folks with few extra skills
will still be in demand for the telcos, someone has to keep on making
this thing work, fixing, upgrading, estimating, reporting, understanding
data networks, etc.

I agree that VOIP on the Net will not change how the telcos work.
It's one thing to have a customer use the Internet for placing calls,
the customer's expectations are already set low, knowing the Quality will
not be as great. But when you pick up the receiver at home, you expect
current quality, no delays, no noise, no whatever. Internet is simply too
unpredictable for Carrier class Voice.



""nrf""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> ""The Long and Winding Road""  wrote in
> message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > right up NRF's alley. Certainly for those considering their futures,
> > something worth considering as part of the mix.
> >
> > http://cookreport.com/11.10.shtml
> >
> > Can't afford the un-snipped version right now, but since I work for a
> telco,
> > and I recognize the issues described, and have read all the top
corporate
> > executive e-mails that are doled out to us worker bees, I enjoyed the
> > counter arguments presented here.
>
> There are two parts to this report that I think bear mentioning.  One is
the
> future of VoIP.  The other is the value (or lack thereof) of present
> broadband rollouts.
>
> VoIP is certainly transforming the way that the PSTN will operate, if
slowly
> (very very slowly).  Note, I didn't say voice over the Internet, but
rather
> voice over IP.  I believe, for numerous reasons, telcos will choose not to
> merge their phone services to the Internet, but will rather build out an
IP
> network through which they will deliver services.  Stick a telephony
feature
> server on top of a functioning IP network (again, not the Internet, but a
> private IP network), and you now have a phone system.
>
> But that further speaks to the commoditization of IP skills in general and
> R/S skills specifically.  IP networks will simply become a utility, like
> electric power.  How many electric power engineers does a typical company
> have?  Unless you're the electric company, probably zero - electricity is
> just something that reliably comes out of the wall socket and you use it
to
> plug in your refrigerator.  The value-add (ergo the jobs) will go to the
> people who understand the services that can be layered on top.  That's not
> to say that there will be no jobs for people who know R/S (and only R/S),
> only that there will be less of them and they will be less pay for them.
I
> do not see a bright future for R/S skills as the IP network becomes more
and
> more commoditized.
>
> About broadband - it is absolutely true that the telcos have basically
> provided something that consumers do not want.  Yet I disagree with the
idea
> that the telcos simply need to provide a more symmetric offering to entice
> consumers.  In my experience, consumers do not want broadband regardless
of
> whether it is assymetric or symmetric or whatever.  The 2 problems with
> broadband?  Price and reliability.  Let's face it, dial is reliable,
whereas
> broadband can and does goes down for weeks at a time (happened to me a
bunch
> of times).  Furthermore, the Hart/Winston study showed that most people
> think that $40-50 a month is too much money to pay.  No wonder that
despite
> the fact that broadband is now available at over 80% of households,  the
> take rate for broadband is less than 15% where it is available.
>
> Here is the Hart/Winston study.  Yes, it's a year old, but not a whole lot
> has changed in a year.  The most damning quote:  "Forty-eight percent have
> no interest regardless of price and another 21 percent are willing to pay
at
> most $20 per month..."
>
> http://www.comptel.org/press/nov29_2001_voices.html
>
> The biggest problem with broadband?  Simple.  There is no mass-market app
> that actually requires broadband.  Most people are perfectly happy with
> dial.  After all, what do they do on the Internet - surf a few pages, send
a
> few emails, do some instant messaging - all low-impact apps.  Most regular
> people (who are mostly nontechnical) simply don't see why they should pay
> more and put up with a less reliable technology in order to do the things
> they do a little faster.  And again, it's not because they don't know what
> it means to have a fast connection.  A lot of these people wo

Re: Last Minute Thought - OSPF authentication issue? [7:58352]

2002-11-30 Thread Henry D. 
It would seem you wanted to use md5 authentication but you used
plain text authentication keys. In this situation - when there are no md5
authentication keys specified - I think the routers will use null key,
meaning
no authentication will take place...


""The Long and Winding Road""  wrote in
message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> check this out.
>
> R10
> --
> Neighbor ID Pri   State   Dead Time   Address
Interface
> 222.222.222.7 1   FULL/DR 00:01:58149.22.4.7  Serial0
> 222.222.222.111   FULL/DR 00:00:38149.22.252.2
Ethernet0
> Router_10#
>
> interface Serial0
>  ip address 149.22.4.10 255.255.255.0
>  encapsulation frame-relay
>  no ip route-cache
>  ip ospf authentication message-digest
>  ip ospf authentication-key 7 qwertyzzyzx
>
> R7
> -
> Neighbor ID Pri   State   Dead Time   Address
Interface
> 222.222.222.101   FULL/BDR00:01:57149.22.4.10 Serial1
> Router_7#
>
> interface Serial1
>  ip address 149.22.4.7 255.255.255.0
>  encapsulation frame-relay
>  no ip route-cache
>  ip ospf authentication message-digest
>  ip ospf authentication-key 7 cisco
>
> By my reckoning, the adjacency should NOT form because of the mismatched
> passwords. Both routers have the area 0 authentication message-digest
> command under the ospf process.
>
> This is exactly what I don't want to know at this point in my life :-)
>
> --
> TANSTAAFL
> "there ain't no such thing as a free lunch"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=58353&t=58352
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

carrier transitions: [7:57401]

2002-11-13 Thread Henry Tiao 
Hello,

   Can someone tell what carrier transitions are, and if they cause routers
to bounce...thanks


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=57401&t=57401
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: time needs to be spent on CCIE study [7:55803]

2002-10-17 Thread Henry D. 
It all depends on many factors. Your learning capabilities, work experience,
access to equipment, personal life, etc. You should test yourself and be
honest
with yourself in your studies. There are materials available on the net in
regards
to different lab scenarios, some are free and some will cost you money - and
you need to
spend money. Once you do them and you feel confident with all the
technologies as well as
the methodology used in figuring out not only technical stuff but also the
way the questions
are being asked , you'll know you're ready.

As you're looking for some more specific time frames, to give you an idea I
myself
went from very light networking/cisco skills to CCNP/CCDP within 7 months of
study.
Then another 2 months to CCIE written test. To pass the lab it took more
than one try,
over 1 year after the written I became CCIE certified. Also, during all this
time I was working
with Cisco gear in networking field.

Some people do it quicker some take longer, I think my time frame would be
about average
you'd need, but it's just one man's opinion.

""Paul So""  wrote in message
news:200210171322.NAA10361@;groupstudy.com...
> Hi all,
>
> Would like some experience sharing from those who passed their written or
> lab exam.
>
> How long did you prepare before the written exam and how much long before
> your first lab attempt?
> How many hours did you study every day and during the weekend?
> How did you plan your study strategies?
>
> I gained my CCNP a year ago and am considering to take on this hardwork
> towards CCIE. It seems to be difficult to start all over again after a
year
> break. I have read the blueprint and have a list of recommended books and
> reference, also a list of equipment which should have as home lab. All I
> need to do now  is to create a good study strategy and time allocation
plan.
>
> I would appreciate any experience you ever had during your studying, they
> would be absolutely valuable for me.
>
> Thanks in advance
>
> Paul




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=55818&t=55803
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: traceroute blocked port [7:53657]

2002-09-20 Thread Henry D. 

Well if that's the case then you'll have a hard time finding where it's
blocked.
Ususally, transit providers don't do this, so it should be the ISP/Provider
on either
end of the connection. However, there are some transit providers, especially
in countries where VOIP is prohibited or highly regulated (Middle East for
example)
that don't allow this type of traffic. Looks like you have more work to do
on your hands...:-(

""Osama Kamal""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am having a problem with a blocked port somewhere on the internet down
to
> my router, my ISP is denying any blocking from their side, is there is any
> way to know where exactly the port is blocked?
>
> Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=53722&t=53657
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: traceroute blocked port [7:53657]

2002-09-19 Thread Henry D. 

I guess you'd need to have someone from outside claiming that the traceroute
is blocked
to actually send you the output of the trace, it should show there :-)

On the other hand, you might want to try it yourself from other networks.
Go to www.traceroute.org, pick a route server/looking glass and try from
there.

""Osama Kamal""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am having a problem with a blocked port somewhere on the internet down
to
> my router, my ISP is denying any blocking from their side, is there is any
> way to know where exactly the port is blocked?
>
> Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=53659&t=53657
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX Failover [7:51491]

2002-08-16 Thread Henry D. 

Whenever you type a command on the active unit it's being replicated to the
standby
unit. So yes, it will automatically update standby unit but it's not written
to memory
unless you write to memory on the active first.

""Steven A. Ridder""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Speaking of stateful PIX's, if I make a change on 1 PIX, and it has
failover
> on, will it automatically make a change on the other PIX?
>
>
> ""Gaz""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > In article , [EMAIL PROTECTED]
> > says...
> > > Hi,
> > >
> > > In a Stataful configuration, and two PIX are interconnected via a
> > > dedicated Failover Fastethernet, in case of the Active unit's Internal
> > > interface fails, is there any method to shift traffic to the Standby
> > > unit's Internal interface to maintain connectivity, thanks.
> > >
> > > Leo
> > > Best Regards.
> > Not sure what you mean there. That's what failover does unless I'm
> > misunderstanding your question.
> >
> > You configure the main IP address for the interface and you configure a
> > failover address. If the Pix's decide that the active one has a problem
> > (power,interface down etc) the secondary pix takes over the main IP
> > address.
> > If the primary is still contactable it will have the failover IP address
> > on its inside interface.
> >
> > That's why it's safe to telnet to the main IP address and you know that
> > you're on the active Pix, but by console you need to do a show fail to
> > make sure the device you're on is primary active or secondary active
> > before you make changes.
> >
> > Regards,
> >
> > Gaz




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=51521&t=51491
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSPFA Beta Exams [7:50984]

2002-08-09 Thread Henry D. 

I just came back from taking the first out of 3, MCNS beta.
I have no comparison to the 2.0 version, never really was
planning to take these tests but since they're free then why not...

Anyway, I studied for the test using the MCNS 2.0 Ciscopress book
for the last 4 evenings. I can say there is not all that much different on
this
new exam than what you get from the "old" book. Just follow the blueprint,
I think it really represents the scope of what you need to know for the
test.

And finally, I think with a little bit of luck I passed this test. Out of 97
questions,
there were maybe 5 that didn't make any sense. There were few that I just
didn't know
answers to, but overall the exam wasn't bad at all.

Worth noting again is that there was no options for comments at all.

Good luck everyone.



""Roberts, Larry""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Just curious if anyone else has taken this exam yet?
> Wanted to see if your opinion of it is the same as mine! This being the
> first beta I have taken for Cisco, I can only hope the other 2 are better!
>
>
> Thanks
>
> Larry




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=51056&t=50984
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Serial Interface Bandwidth [7:50381]

2002-08-01 Thread Henry D. 

That would work if you have integrated CSU, the timeslots would be there.
If you connect say with V.35 to an external CSU/DSU then you won't get the
timeslot information. The only way to figure out the bandwidth then would be
to stress-test the circuit and see how far you can get the bandwidth
utilization
on this interface.

""Turpin, Mark""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> A show interface serial 'x'
> where x = the serial interface's number will tell you
> a couple things that are important.
>
> 1) the 5 minute load average for input/output
> 2) the timeslots used
>
> You can use the timeslots to determine the bandwidth
> that is technically available, and the load average
> to get an idea of what is currently being used.
>
> hth,
> -mark
>
> -Original Message-
> From: Curious [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, August 01, 2002 9:43 AM
> To: [EMAIL PROTECTED]
> Subject: Serial Interface Bandwidth [7:50381]
>
>
> I want to know the current bandwidth of my serial Interface of Router.
Lets
> say i have a fractional T1, how would i know what bandwidth i have for my
> serial interface.
>
> thanks,
>  "The information transmitted is intended only for the person or entity to
> which it is addressed and may contain confidential and/or privileged
> material. Any review, retransmission, dissemination or other use of, or
> taking of any action in reliance upon, this information by persons or
> entities other than the intended recipient is prohibited. If you received
> this in error, please contact the sender and delete the material from all
> computers."




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=50400&t=50381
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Recertification [7:50372]

2002-08-01 Thread Henry D. 

Just the written, thank God !

:-)

""Reza""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello Group,
> I know that CCIE,s have to recertify every 2 years. For recertification do
> you have to take the Lab or the Written?
>
> Thanks
> Reza




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=50374&t=50372
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Experiences? My Road Ahead... [7:50139]

2002-07-30 Thread Henry D. 

Robert,

In 1999 when I started looking into CCNA cert I didn't know much about
switching, routing or Cisco equipment all together. I decided to go thru
CCNP/CCDP
tracks, as my experience was very limited. By late 2001 and after few tries
at the lab
I got my number. It doesn't require all those years of experience. Having
few
years of working with the gear and some protocols already,
should really help you out. With some dedication and support you can achieve
CCIE status within a year or so if you got what it takes :-)

And as others have mentioned, this is just a beginning..

""Robert D. Cluett""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> All (CCIE's and CCIE Written)
>
> I was wondering if you could help me understand what it is I am in for.  I
> have 3 years of experience at tier 3 IP support with Verizon.  OSPF
mostly.
> I have experience with various Cisco and Nortel routers and switches.  My
> question is this, knowing OSPF and circuit troublshooting is excellent
> knowledge, but I know that is only a fraction of what the CCIE demands.  I
> recently passed the CCNA, and have jumped into the studying for the
routing
> exam.  The only thing which seems tough is the BGP (I have not touched it
> before).  So, my question is, what can I expect from this road ahead.  Is
it
> feasable to eventually obtain my CCIE or is the CCIE for those people who
> have the 10 years of experience working for an ISP?  Any advice would
help!
>
> Rob Cluett, CCNA




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=50159&t=50139
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Source quench from network element. [7:49990]

2002-07-29 Thread Henry D. 

Priscilla,

Isn't there statement in the RFC's that Source Quench message should be sent
if the host is overwhelmed with data ? Is that really being used in the real
world
applications ?

On the other note, I have seen HP-UX machines keep on responding with these
messages
to ICMP Echo requests, solution was to apply certain patch.

""Priscilla Oppenheimer""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> LIM Chin Chye wrote:
> >
> > How can I eliminate a source quench generate by a network
> > element? This
> > element is directly connected to the Cisco 7200 series router,
> > but it
> > replies a error, "Source Quench received." when ICMP attempt.
>
> The network element replies with Source Quench Received? That doesn't make
> sense unless you SENT it a Source Quench. You're probably seeing the
result
> of what it sent which was a Source Quench, not Source Quench Received.
>
> > Appreciate for
> > advices, thanks!
> >
> >
>
> What is the network element??
>
> There's probably no easy way to get it to stop sending a Source Quench
other
> than to stop bugging it with your ICMP messages. It's probably built into
> the operating system on the "network element" to send "source quench" when
> too many messages of a certain type are received. Mac OS used to do this.
I
> don't know what other OSs do it, but if you tell us the OS maybe there's a
> registry change or something.
>
> Per RFC 1821, routers should not send source quench, but end hosts still
can
> per RFC 1122. It's not anything to worry about. You should probably just
> ignore it.
>
> Priscilla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=50062&t=49990
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Can't Disable Spanning Tree on 2980G [7:50009]

2002-07-29 Thread Henry D. 

John,

It might be just a display issue on the switch, I just checked couple of my
6500's and for the VLAN's that have the STP disabled with active ports
I see the same results. I think when you plug in a laptop to any available
port
on the same VLAN you'll see that it doesn't go thru STP phases and
automatically
goes into forwarding...

""John Neiberger""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have an interesting problem that I'm not able to resolve.  On a
> particular 2980G I need to completely disable spanning tree.  After
> issuing the command 'set spantree disable all' I would expect not to see
> any ports participating in STP.  However, look at this:
>
> SCORP0201-A> (enable) show spantree
> VLAN 1
> Spanning tree disabled
>
> Bridge ID MAC ADDR  00-08-e2-b3-8c-00
> Bridge ID Priority  32768
> Bridge Max Age 20 sec   Hello Time 2  sec   Forward Delay 15 sec
>
> Port Vlan Port-StateCost  Prio Portfast
> Channel_id
>   - -  
> --
>  3/1 1not-connected   100   32 disabled 0
>
>  3/2 1not-connected   100   32 disabled 0
>
>  3/3 1forwarding  100   32 disabled 0
>
>  3/4 1forwarding  100   32 disabled 0
>
>  3/5 1not-connected   100   32 disabled 0
>
>  3/6 1not-connected   100   32 disabled 0
>
>  3/7 1not-connected   100   32 disabled 0
>
>  3/8 1not-connected   100   32 disabled 0
>
>  3/9 1forwarding  100   32 disabled 0
>
>  3/101forwarding  100   32 disabled 0
>
>  3/111not-connected   100   32 disabled 0
>
>  3/121not-connected   100   32 disabled 0
>
>  3/131not-connected   100   32 disabled 0
>
>  3/141not-connected   100   32 disabled 0
>
> --More--
>
> Initially it says that STP on VLAN1 is disabled, but then goes on to
> show several ports in VLAN 1 that are still running spanning tree.  STP
> was successfully disabled on the other VLANs but I just can't get this
> to go away and we really need to get this done thanks to another
> annoying issue that no one has resolved yet.
>
> We have certain Dell machines that will BSOD if the network isn't
> immediately available.  STP portfast isn't fast enough so I've been
> disabling STP altogether.
>
> Any thoughts on this?  Am I missing something very obvious?  I've
> checked CCO and there appears to be no STP-related bugs on the 2948.
> Unfortunately, they don't have separate info for the 2980G.
>
> Thanks,
> John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=50025&t=50009
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Here we go again ( Pix 515) [7:49492]

2002-07-25 Thread Henry D. 

sorry, just couldn't resist - hahaha

besides, if you're capable of doing all these multiple things with and on
the networks,
you're not just an NT guy even though your work title might say that :-)

""Kevin O'Gilvie""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hey,
>
> No flames aginst NT admins.
> In these tuff times Network Admins need to know all
> FW's, Servers, PC's, Mac's, Switches, Routers, even Cabling..
> In order to survive.
> Like myself!!
>
>
> >From: Juan Blanco
> >Reply-To: [EMAIL PROTECTED]
> >To: 'Kevin O'Gilvie' , [EMAIL PROTECTED]
> >Subject: RE: Here we go again ( Pix 515) [7:49492]
> >Date: Thu, 25 Jul 2002 11:14:08 -0400
> >
> >Team,
> >The way I see it, dhcp on the firewall is only for small number of users,
> >when it comes to mid-size-up network you don't want to use a firewall for
a
> >DHCPCan you see an NT administrator making changes in your firewall
> >because he/she is having problems with DHCP(This network will be
> >available to hackers in the Theater near You)
> >
> >My two cents.
> >
> >-Original Message-
> >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> >Kevin O'Gilvie
> >Sent: Thursday, July 25, 2002 10:27 AM
> >To: [EMAIL PROTECTED]
> >Subject: Re: Here we go again ( Pix 515) [7:49492]
> >
> >
> >I wouldnt put dhcp on the firewall for 300 users.
> >But for 10 or 15 I would.
> >
> >Thanks,
> >
> >-Kevin
> >
> >
> > >From: "Gaz"
> > >Reply-To: "Gaz"
> > >To: [EMAIL PROTECTED]
> > >Subject: Re: Here we go again ( Pix 515) [7:49492]
> > >Date: Wed, 24 Jul 2002 22:37:12 GMT
> > >
> > >What's everybody's view on using the Pix as a DHCP server?
> > >
> > >I used it once, only because after arriving on site to install the Pix
> >the
> > >customer mentioned that his old Firewall was doing DHCP and he had no
> >plans
> > >to do it on anything else.
> > >Seemed to go fine, but would like to know if people have come across
> > >limitations/issues.
> > >
> > >I tend to agree with the view "Right box for the job", i.e. don't make
> >the
> > >Pix do things it's not made for, but if pushed into the situation, how
> >does
> > >it compare.
> > >
> > >Cheers,
> > >
> > >Gaz
> > >
> > >""Kevin O'Gilvie""  wrote in message
> > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > Hi Kelly,
> > > >
> > > > You are absolutely right, and I love your strategy.
> > > > That is the way I did it 2 years ago, but the only thing now is
> >finding
> > >a
> > > > vpn solution for the Macs. I used Pix for the PC's last time round
but
> > >never
> > > > had to do this for the Mac's. Any ideas?
> > > >
> > > >
> > > > >From: "Kelly Cobean"
> > > > >Reply-To: "Kelly Cobean"
> > > > >To: [EMAIL PROTECTED]
> > > > >Subject: RE: Here we go again ( Pix 515) [7:49492]
> > > > >Date: Wed, 24 Jul 2002 02:18:38 GMT
> > > > >
> > > > >Man, you aren't asking much, are you? ;-)
> > > > >
> > > > >Ok, here's the order I'd do things in...
> > > > >
> > > > >First things first, get that firewall in place.  You don't list
what
> > >their
> > > > >internet connectivity is, but if they bought a PIX, it's safe to
> >assume
> > > > >that
> > > > >they have a persistent connection, and that being true, they're
> >really
> > > > >hanging it out there for someone to cut off, so to speak.  Network
> > >security
> > > > >is always a primary concern, and the firewall won't take alot of
time
> > >to
> > > > >set
> > > > >up.  Not setting it up could be very costly.  If they already have
a
> > > > >light(er)-weight firewall like a Linux host running IP chains or IP
> > >tables,
> > > > >replacing this first will save your users down-time later because
you
> > >can
> > > > >pre-configure your internet rulebase/access in preparation for your
> > >private
> > > > >addressing.
> > > > >
> > > > >Next, I'd do the DHCP and Private Addressing.  These go hand in
hand,
> > >and
> > > > >since your firewall is now in place, you can do the NAT/PAT
> > >translations
> > >as
> > > > >needed and not have to rethink these later.
> > > > >
> > > > >Third, get Exchange up and running.  If it's going on a different
> > >system
> > > > >than Quick mail is running on, great!  Now you can get them running
> >in
> > > > >parallel, and move users accounts over one at a time or in batches.
> > >There
> > > > >are probably tools out there to do the mailbox format conversion.
> >Now
> > >that
> > > > >your network is secure at layer3/4, you can focus on the
nitty-gritty
> > >of
> > > > >the
> > > > >user data. (Oh yeah, don't forget that backup!!!)
> > > > >
> > > > >It's a 10,000 foot view, but that's how I'd do it.  I'm not really
a
> > >MAC
> > > > >guy, but I'd venture a guess that most or all of your MAC's run
> >TCP/IP
> > >and
> > > > >support DHCP, so from an L3/4 standpoint, they're really no
different
> > >than
> > > > >your PC's.
> > > > >
> > > > >When doing multiple projects like this, I tend to work along the
OSI
> > >model.
> > > > >If the wiring is horrible, or the NIC's are al

Re: Here we go again ( Pix 515) [7:49492]

2002-07-24 Thread Henry D. 

I haven't used DHCP server on the PIX, reading the documentation
it seems you gotta be careful with how many Active Hosts you'll have.
Looks like some low end PIX's do only 32 Active Hosts. On the other
hand, I suppose the only reason for having PIX do DHCP would be
for small offices, where some of these number limitations should be no
problem.
There are obviously other drawbacks besides any scalability, I wouldn't want
my LAN Windows Administrator touch the PIX just because he needs to
check/clear the DHCP assignments :-(



""Gaz""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> What's everybody's view on using the Pix as a DHCP server?
>
> I used it once, only because after arriving on site to install the Pix the
> customer mentioned that his old Firewall was doing DHCP and he had no
plans
> to do it on anything else.
> Seemed to go fine, but would like to know if people have come across
> limitations/issues.
>
> I tend to agree with the view "Right box for the job", i.e. don't make the
> Pix do things it's not made for, but if pushed into the situation, how
does
> it compare.
>
> Cheers,
>
> Gaz
>
> ""Kevin O'Gilvie""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Hi Kelly,
> >
> > You are absolutely right, and I love your strategy.
> > That is the way I did it 2 years ago, but the only thing now is finding
a
> > vpn solution for the Macs. I used Pix for the PC's last time round but
> never
> > had to do this for the Mac's. Any ideas?
> >
> >
> > >From: "Kelly Cobean"
> > >Reply-To: "Kelly Cobean"
> > >To: [EMAIL PROTECTED]
> > >Subject: RE: Here we go again ( Pix 515) [7:49492]
> > >Date: Wed, 24 Jul 2002 02:18:38 GMT
> > >
> > >Man, you aren't asking much, are you? ;-)
> > >
> > >Ok, here's the order I'd do things in...
> > >
> > >First things first, get that firewall in place.  You don't list what
> their
> > >internet connectivity is, but if they bought a PIX, it's safe to assume
> > >that
> > >they have a persistent connection, and that being true, they're really
> > >hanging it out there for someone to cut off, so to speak.  Network
> security
> > >is always a primary concern, and the firewall won't take alot of time
to
> > >set
> > >up.  Not setting it up could be very costly.  If they already have a
> > >light(er)-weight firewall like a Linux host running IP chains or IP
> tables,
> > >replacing this first will save your users down-time later because you
can
> > >pre-configure your internet rulebase/access in preparation for your
> private
> > >addressing.
> > >
> > >Next, I'd do the DHCP and Private Addressing.  These go hand in hand,
and
> > >since your firewall is now in place, you can do the NAT/PAT
translations
> as
> > >needed and not have to rethink these later.
> > >
> > >Third, get Exchange up and running.  If it's going on a different
system
> > >than Quick mail is running on, great!  Now you can get them running in
> > >parallel, and move users accounts over one at a time or in batches.
> There
> > >are probably tools out there to do the mailbox format conversion.  Now
> that
> > >your network is secure at layer3/4, you can focus on the nitty-gritty
of
> > >the
> > >user data. (Oh yeah, don't forget that backup!!!)
> > >
> > >It's a 10,000 foot view, but that's how I'd do it.  I'm not really a
MAC
> > >guy, but I'd venture a guess that most or all of your MAC's run TCP/IP
> and
> > >support DHCP, so from an L3/4 standpoint, they're really no different
> than
> > >your PC's.
> > >
> > >When doing multiple projects like this, I tend to work along the OSI
> model.
> > >If the wiring is horrible, or the NIC's are all old 10Base2 nics and
have
> > >transceivers to hook them to your BaseT network, take care of the layer
1
> > >stuff first.  Next, if the network is all unmanaged hubs, and your
> network
> > >is one gigantic broadcast domain, start installing switches to quiet
down
> > >the network.  Next, get VLANs/routing/security in place for Layer3/4.
> > >Next,
> > >work on the "upper layers" where all of your apps and data live and
talk.
> > >Just my $0.02 worth.
> > >
> > >HTH,
> > >Kelly Cobean, CCNP, CCSA, ACSA, MCSE, MCP+I
> > >Network Engineer
> > >AT&T Government Solutions, Inc.
> > >
> > >-Original Message-
> > >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> > >Kevin O'Gilvie
> > >Sent: Tuesday, July 23, 2002 9:07 PM
> > >To: [EMAIL PROTECTED]
> > >Subject: Here we go again ( Pix 515) [7:49492]
> > >
> > >
> > >Dear All,
> > >
> > >I am jumping into a similar mess as when I started at my current
company,
> > >but this time the Macs out number the PC's. Well here is the scoop:
> > >180 Macs
> > >50 PC's
> > >Static Ip's
> > >No DHCP
> > >No FW
> > >Quick Mail Server
> > >and a whole bunch of other nasty things..
> > >- They just purchases a Pix 515
> > >- They just bought Exchange 5.5
> > >
> > >My projects are:
> > >Set up DHCP
> > >Set up Pix
> > >Set up Private Addressing
> > >Set up Exchange
> > >Migrate them f

Re: Catalyst Switches and CDP [7:48603]

2002-07-11 Thread Henry D. 

This appears to be a code version issue. I have the same symptoms
on the 6509 running 5.5(3)CatOS while another 6509 running
6.3(5) CatOS is showing the neighors by their system names/hostnames.
Even though they're not running IOS I think it still relates.
It appears to be just a display/cosmetic issue. Or maybe they're trying
to force you to go for "detail" option and all the other good info :-)

""John Neiberger""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> When displaying cdp neighbors on a switch -- specifically, our new 6513
> -- instead of a helpful device name I get a completely worthless device
> ID.  In some cases the hostname of the device is appended to this ID but
> I'd really like to get rid of it entirely and I haven't figured out how
> to do this by checking CCO.
>
> Is there a way to get the remote device's hostname to show up without
> the meaningless device ID?
>
> Thanks,
> John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48631&t=48603
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ATM IMA interface problems [7:47849]

2002-07-01 Thread Henry D. 

This is going to be of no help to you but when we used these
cards to bundle multiple T1's we had nothing good
to say about the way it worked. There were multiple issues, i.e
looping one T1 would cause the whole bundle to go down. Clearing
groups like removing one T1 from the bundle was causing problems
as well. After a while we simply trashed the whole thing and went with
the actual telco solution from a vendor specializing in this type of setup.
I was hoping the issue was the premature realease of the code supporting the
feature
but hearing it now from you just proves that Cisco doesn't really cut it
when it comes
to the telco equipment or equivalent :(

 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello all, I'm having a problem with my IMA interface on a 7206 running
> 12.2(5) (c7200-ds-mz.122-5.bin).  When I switched from UBR to VBR-NRT the
> pvc I was working on disappeared from the running config and no data will
> pass through that circuit.  I tried to add the pvc back into the config
but
> all I get is this in the log:
>
> %ATM-3-FAILCREATEVC: ATM failed to create VC(VCD=39, VPI=1, VCI=140) on
> Interface ATM4/ima0, (Cause of the failure: vpi/vci pair already in use)
>
> I tried removing the interface and adding it back in with the same
results.
> I've done a 'clear interface' on many frame relay links before with no ill
> effects but I'm hesistant to do the same thing here since, at times, the
IMA
> interface is another beast altogether from your standard interface.  The
> only other option I'm aware of is to reboot the router which is very
> difficult because it's right at the core.
>
> Has anyone tried the 'clear interface atm4/ima0' command without causing
> problems or is there another way to clear the vpi/vci config from memory
so
> it will accept the pvc correctly again without rebooting?
>
> Thanks!!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47881&t=47849
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 802.11a [7:47628]

2002-06-27 Thread Henry Chou 

IMHO, 2.4GHz frequency is a relatively "congested" RF band, and the most you 
can only have is 3 non-overlapping channels, and that will be a limiting 
factor in an enterprise environment regardless b or g.  My Panasonic 2.4GHz 
cordless phone, my home theatre wireless control, my microwave oven...  all 
compete for the 2.4GHz range.

802.11a uses 5.4GHz RF, UNII-1 and UNII-2 offer 8 non-overlapping channels 
and the air is relatively "quiet" compared to the 2.4GHz band.  In 2-3 
years, maybe there will be many devices running in this frequency range,... 
who knows.  So, I still believe .11a will have its advantage over b and g.

Henryh





Reply-To: "Chris Young" 
To: "'Dennis Laganiere'" 
Subject: RE: 802.11a
Date: Thu, 27 Jun 2002 20:09:40 -0400

Dennis,

It looks like you are doing your homework on the wireless.  Make sure
that you don't discount .11g.  IMHO .11g will have a far greater market
impact than .11a for WLAN applications.  It offers backward
compatability with .11b and offers the higher data rate of 11.a.

Just my $.02
Chris


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Dennis Laganiere
Sent: Thursday, June 27, 2002 6:32 PM
To: Dennis Laganiere
Cc: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]';
'[EMAIL PROTECTED]'
Subject: RE: 802.11a

Several people sent me some excellent links.  Thank you all...

Here's what I ended up with...

Cisco - The Aironet 1200 access point can be configured to support any
of
the standards, but they only have 802.11b available right now.
NetGear - They have 802.11b and 802.11a access points, but nothing that
will
do both, which means losing all my current investment in NICs.
D-Link - They have an access point that does both.

I went ahead and ordered the D-link access point and a couple of NICs so
I
could start to play right away; and I'll "upgrade" to the Cisco unit
once
they have a real product offering...

Thanks all, you guys are great...

By the way, if there are any Cisco people on the list who would like to
put
me on a beta list, I'm open to it... :)

--- Dennis

-Original Message-
From: Dennis Laganiere
Sent: Thursday, June 27, 2002 3:06 PM
To: 'Harish DV/peakxv'; Dennis Laganiere
Cc: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]';
[EMAIL PROTECTED]
Subject: RE: 802.11a

There are several good write-ups on the technology on the CCO, so I knew
that; but I was looking for an actual product to play with to determine
if
the 5 MGHz traffic interferes with other systems in my manufacturing
group
(a major concern).  Cisco's Aironet 1200 access point has the
capability,
but it looks the antennas and NICs aren't out yet.  D-Link has a fully
functioning set-up I can use for my initial testing.

--- Dennis

-Original Message-
From: Harish DV/peakxv [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 27, 2002 2:20 PM
To: Dennis Laganiere
Cc: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]';
[EMAIL PROTECTED]
Subject: Re: 802.11a


802.11a works at 5GHz and can support upto 54mbps as compared to
2.4GHz/11mbps of 802.11b

This link might help

http://www.wlana.org/pdf/highspeed.pdf

Harish





   Dennis Laganiere

   ,
"'[EMAIL PROTECTED]'"
   ionics.com>


   Sent by:  cc:

   nobody@groupstudy.Subject:  802.11a

   com





   06/27/2002 01:39

   PM

   Please respond to

   Dennis Laganiere









I've been reading about the new, faster wireless solutions.  Is
anybody's
802.11a technology ready-for-prime time?  I'm ordering a Aironet 1200
access
point to play with, and it should be capable (with the right antenna),
but
I
understand Cisco's product is not out yet...  Anybody know anything
about
the new "a" standard?

Thanks...

--- Dennis
_
Commercial lab list: http://www.groupstudy.com/list/commercial.html
Please discuss commercial lab solutions on this list.
_
Commercial lab list: http://www.groupstudy.com/list/commercial.html
Please discuss commercial lab solutions on this list.
_
Commercial lab list: http://www.groupstudy.com/list/commercial.html
Please discuss commercial lab solutions on this list.
_
Send and receive Hotmail on your mobile device: http://mobile.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47628&t=47628
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP NLRI [7:47337]

2002-06-25 Thread Henry D. 

Think of it as a route with additional info. BGP uses such things as AS
number,
MED value, communities, etc. NLRI consists of the prefix plus that extra
info.

""rick""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am having some trouble understanding NLRI as opposed to
> straight network routing updates.
> Anyone got a pointer to information that might clear up NLRI
> some?
>
> Thanks
>
> --
> --Rick




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47368&t=47337
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco pakage delivery. [7:46903]

2002-06-18 Thread D'souza, Henry (MED, TCS) 

Hi ,

I have a cisco 2621 with IOS 12.0 (3) T3 , I am trying to upgrade the
IOS to IOS 12.0 (4) T using the Cisco works 2000 .
How do I make a package of this IOS and how do I deliver this package to
this router whose IP is 3.20.79.221.


Henry.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46903&t=46903
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Question about the 350 series AP [7:45971]

2002-06-07 Thread Henry D. 

Mine included everything.

""Roberts, Larry""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> OK,
>
> Can someone confirm/deny that the 350 will only accept in-line power?
> Does it come with the in-line power injector, or is this a separate item?
> I have read everything I can and all points say it only has in-line power,
> but none say whether this is included ( I can't image it wouldn't be )
>
>
> Thanks
>
> Larry




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46040&t=45971
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX + VPN Router or Just VPN Router? [7:45315]

2002-05-28 Thread Henry D. 

What you are describing doesn't really make sense. You say
you have connections back to the core site from all remotes.
If that was the case there would be no reason for the pix at remote
sites or an obvious reason for vpn tunnels between remotes and the core
site.
In that case, you could just put the core pix in front of the core site and
the remotes,
terminate the remotes before the core pix, and no need for all the other
mess.

But I have a feeling there is more involved than we know at the
moment.:(


""Jeffrey Reed""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am curious about recommendations on remote office connections when VPNs
> are involved. Today, in two separate occasions I ran into designs that
> showed remote sites with a small 1720 router and a PIX 506. The 506
> terminated one end of a tunnel back to the core PIX and the 1720
facilitated
> the frame connection. All traffic will be going back to the core, then if
> needed, to the Internet through the central sites main connection.
>
> Why cant you just use the 1720s ability to terminate a tunnel and drop
all
> non-encrypted traffic and eliminate the need for the PIX? This would
reduce
> the costs of both the initial purchase as well as ongoing support. What
are
> the downsides to a design without a PIX at the remote site?
>
> Thanks!!
>
> Jeff




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=45316&t=45315
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP's neighbor advertisement-interval command [7:44521]

2002-05-20 Thread Henry D. 

I'm not certain on this one but assuming the same logic I'd say
that the advertisement for the prefix with the metric of next-hop changing
would
take place once, it would trigger a 10 minute countdown, and if there is
another
change in the metric within the countdown it would send new advertisement
with the new metric at the
end of the 10 minute interval.

>From BGP Command reference:
This command will cause BGP to advertise a MED that corresponds to the IGP
metric associated with the next hop of the route. This command applies to
generated, IBGP-, and EBGP-derived routes.If this command is used, multiple
BGP speakers in a common autonomous system (AS) can advertise different MEDs
for a particular prefix. Also, note that if the IGP metric changes, BGP will
readvertise the route every 10 minutes.


""cebuano""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Henry,
> Thanks for the verification. Although I'd like to add another command
> to the picture --- "set metric-type internal".
> The documentation says "if the IGP metric changes, BGP will readvertise
> the route every 10 minutes".
> There is no mention how long BGP will readvertise the affected
> routes. Any ideas?
>
> Thanks.
> Elmer
> - Original Message -
> From: "Henry D."
> To:
> Sent: Monday, May 20, 2002 12:04 PM
> Subject: Re: BGP's neighbor advertisement-interval command [7:44521]
>
>
> > You're correct, however if there are route changes happening constantly
> > you don't want the router to keep sending updates as it might exhaust
the
> > peers.
> > The interval is used so there is a limit of how often the updates are
sent
> > regardless
> > of how often the routes actually change.
> >
> > ""cebuano""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Hi ,all.
> > > Can someone give a better explanation about this BGP command
> > > "neighbor advertisement-interval"? I know you can change the default
> > > values of 30 sec for external and 5 sec for internal peers.
> > > But I always thought that BGP sends routing updates ONLY when
> > > something about the route changes, either an UPDATE or WITHDRAWN
> > > message. Any explanation better than CCO or Parkhurst's is greatly
> > > appreciated.
> > >
> > > Elmer




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=44551&t=44521
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP's neighbor advertisement-interval command [7:44521]

2002-05-20 Thread Henry D. 

You're correct, however if there are route changes happening constantly
you don't want the router to keep sending updates as it might exhaust the
peers.
The interval is used so there is a limit of how often the updates are sent
regardless
of how often the routes actually change.

""cebuano""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi ,all.
> Can someone give a better explanation about this BGP command
> "neighbor advertisement-interval"? I know you can change the default
> values of 30 sec for external and 5 sec for internal peers.
> But I always thought that BGP sends routing updates ONLY when
> something about the route changes, either an UPDATE or WITHDRAWN
> message. Any explanation better than CCO or Parkhurst's is greatly
> appreciated.
>
> Elmer




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=44531&t=44521
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE in 3-6 Months from cisco Interesting [7:43306]

2002-05-05 Thread Henry D. 

I agree with all of the people that because of the economy
most CCIE's won't see big salaries from few years back.
I also agree that "paper" CCIE doesn't really compare to
a "paper" MCSE, SCSA or whatever else. A CCIE needs
to have some hands-on. The problem is that lab testing has little
to do with real life environment. On top of that, there is so much
info out there on what's being tested on the lab that people have much
work cut down for them to pass the tests. This creates a limit of what
you really need to know for the lab and how you get to that level,
this limit however is not how a CCIE will be judged in real life
environment.
So, yes the salaries are gone, and yes there are some CCIE's who will have
trouble designing a "simple" network. I think as long as people don't cheat
themselves they will know whether they are worthy of this certification.
You need to take a look at yourself and forget about the little paper you
put on the wall or on your cubicle. The paper means nothing, it's what's in
you what really counts. And as far as that goes you can still make a
great living being a CCIE !

CCIE #8472


""Johnzaggat""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Join Cisco and get CCIE in 3-6 months. Must be a typo.
>
>
http://www.cisco.com/pcgi-bin/jobs/JobAgent?rm=jobdetail&req_id=703608&keywo
> rds=+




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43336&t=43306
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: passed MCAST/QOS exam [7:40345]

2002-04-03 Thread Henry D. 

Congrats !

""Reinhold Fischer""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> hi all,
>
> today i took the multicast and qos exam (640-905). In my opinion it is the
> hardest of the three exams to achieve the CCIP/MPLS cert.
>
> For preparation i have used the Ciscopress 'developing ip multicast
> networks' book and read up the relevant sections of the Quality of Service
> Solutions Configuration Guide and the Multicast section of the IP Routing
> and IP Confguration Config Guide. If i had to take the exam again i would
> try to get my hands on the original course documentation as there were
loads
> of questions that probably best would be answered with knowledge of the
> original course text.
>
> good luck to you in all your studies !
>
> Cheers
>
> Reinhold




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=40367&t=40345
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Re: MPLS in the Enterprise [7:36670]

2002-03-10 Thread Henry D. 

Interesting, let me also bring few things up here, not that
I have much experience in MPLS/VPN but who does ? :-)

I suppose one of the problems with this particular service is that
not all SP's or Enterprises fully understand the potential, or technology
in general. First, SP's might not be able to provide overall cheaper
connectivity
for the Ent's if their network doesn't span around the existing Ent's POP's.
I suppose when considering the service, one needs to realize all the
advantages
of it and compare it to what they have now. As with any technology, there
are many
ways to implement it. One might be able to just start the service for
interconnecting
the HUB locations for example. Another advantage could be the Internet
traffic which no more
has to travel thru dedicated lines which are shared thru the whole
Enterprise.

Referring to John's original post, the CE equipment doesn't have to
participate
in the MPLS, so the MPLS looks like any other connection to the rest of your
network.
Now, it's a choice or not, depending on the service and possibly other
customer requirements,
whether CE participates in MPLS. In general, SP would take care of the
routing between
the sites, the routing would be totally independent of their other
MPLS/VPN's or Internet
routing which gives the Enterprise traffic protection in the form of
invisibility to other SP
customers or Internet users when required.

It all depends, the best thing is to study the technology and the the
details of offerings.
I personally have no real time experience in this whole new area but I hope
in theory
I should be pretty close to what one needs to be aware of.


""John Neiberger""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> To make things even more interesting...
>
> While discussing this with a few different vendors I decided
> that this particular solution is smoke-and-mirrors, at least in
> our area.  We'd have to buy new point-to-point circuits that
> all point to a _single_ POP.
>
> MPLS isn't even needed in this case because every location
> would be hitting the same POP!  Unless, of course, they have a
> whole bunch of routers at the POP but then we're really using
> MPLS to get from one side of the room to the other.
>
> We'd be better off simply buying a couple of frame DS3 circuits
> for our hub and repointing all the branch PVCs to those
> circuits.  Cheaper and we accomplish the same thing without
> using another vendor and without buying a whole bunch of new
> circuits.
>
> In fact, one vendor that I asked about this proposed this very
> solution, except he was suggesting we use their facilities.
> They offered to set up a couple of routers exclusively for our
> company to connect to.  Again, we don't really accomplish much
> with that solution since we can do that at our own facility if
> we want to.
>
> John
>
>
>
>  On Sat, 9 Mar 2002, Kent Yu ([EMAIL PROTECTED]) wrote:
>
> > John,
> >
> > I think you brought an interesting topic.
> >
> > With all these pitches about Layer 3 VPN, the question has
> been
> > bothering me
> > for a while, how many enterprises out there really need to
> have an
> > any-to-any solution? Less than 0.5% is my guess. Most of the
> enterprise
> > client/server  applications fit into the hub-spoke topology
> pretty well,
> > really have no reasons to get direct connections among their
> branches.
> >
> >
> >
> > Theoretically, MPLS should give the service providers the
> ability to
> > provide
> > more scalable and cheaper fully meshed VPN solution, as the
> SPs do not
> > have
> > to manage those hundreds of thousands PVCs, ect. From the
> enterprises'
> > perspective, if this gives them a reliable and affordable
> alternative to
> > the
> > traditional hub-spoke frame relay network, it sounds
> attractive, but
> > seems
> > to me all the current implementations are even more
> expensive, not to
> > mention their reliability probably is no where near the
> legacy frame
> > network, at least not for a while.
> >
> >
> >
> > The vendors want to sell their MPLS VPN solutions to SPs, the
> SPs who
> > built
> > the network want to sell it enterprises , but my guess is
> that 99%
> > enterprises will not buy it, not till...
> >
> >
> >
> > My .02
> >
> > Kent
> >
> > ""John Neiberger""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Okay, I'm about to show how clueless I am when it comes to
> MPLS
> > >
> > > I've been getting calls from multiple providers lately all
> trying to
> > > suggest that I migrate our 100-site frame relay network to
> their MPLS
> > > network, suggesting that we'll have any-to-any connectivity
> and the
> > > ability to prioritize traffic classes within the MPLS
> network.
> > >
> > > Are any of you doing something like this?  I'm going to
> read up on it
> > > but I'm having trouble visualizing it.  Does this basically
> turn our
> > > network into a giant multipoint network?  Do our branch
> routers need
> > to
> > > be aware

Re: Visual switch manager gone after upgrade TFTP. [7:35716]

2002-02-18 Thread Henry D'souza 

Hi Sim ,

Have you enabled the http server on the switch ?.

Henry D'souza,
Infrastructure Development & Management
TATA CONSULTANCY SERVICES
Seepz, Mumbai  - 400096.
Hello # 8291680 ext 1208.
Direct line 8292406



   
 
"Sim, CT (Chee
Tong)"
  
cc:
Sent by: Subject: Visual switch
manager gone after upgrade TFTP. [7:35716]
   
[EMAIL PROTECTED]
   
 
   
 
02/18/2002 03:13
PM
Please respond
to
"Sim, CT (Chee
Tong)"
   
 
   
 




I was doing a TFTP upgrade procedure on the XL switch. There is a procedure
to delete the HTML files: delete flash:html/* before copying the new flash
and I have done that. After I upgraded the IOS and reload it.  The IOS was
successfully upgraded but when I go to web based (Visual switch manager) ,
there is no page shown.  Then I go to my flash:html/ , it is empty



%
SwitchA#dir flash:html/
Directory of flash:html/

190  d--x   0   Mar 01 1993 00:09:40  Snmp

3612672 bytes total (1850880 bytes free)


%%

I went to other switch (B), I found there are a lot of files on the html
folder, what should I do to make the Visual Switch manager working again?
Should I copy all the file to switch A?


SwitchB#dir flash:html/
Directory of flash:html/

  5  -rwx 965   Mar 01 1993 00:09:55  Detective.html.gz
  6  -rwx 671   Mar 01 1993 00:09:55  GraphFrame.html.gz
  7  -rwx 675   Mar 01 1993 00:09:55  GraphFrameIE.html.gz
  8  -rwx1182   Mar 01 1993 00:09:55  ethhelp.html.gz
  9  -rwx1499   Mar 01 1993 00:09:55  fddihelp.html.gz
 10  -rwx1538   Mar 01 1993 00:09:56  fdnethlp.html.gz
 11  -rwx 538   Mar 01 1993 00:09:56  ieGraph.html.gz
 12  -rwx 524   Mar 01 1993 00:09:56  ieLink.html.gz
 13  -rwx 959   Mar 01 1993 00:09:56  LinkFetch.html.gz
 14  -rwx 960   Mar 01 1993 00:09:56  LinkFetchIE.html.gz
 15  -rwx 796   Mar 01 1993 00:09:56  LinkReport.html.gz
 16  -rwx3346   Mar 01 1993 00:09:56  TopoMain.html.gz
 17  -rwx5154   Mar 01 1993 00:09:57  address.html.gz
 18  -rwx3332   Mar 01 1993 00:09:57  addrhelp.html.gz
 19  -rwx2573   Mar 01 1993 00:09:57  amether.html.gz
 20  -rwx2706   Mar 01 1993 00:09:57  amfddi.html.gz
 21  -rwx2907   Mar 01 1993 00:09:58  amfdnet.html.gz
 22  -rwx3291   Mar 01 1993 00:09:58  amtr.html.gz
 23  -rwx3018   Mar 01 1993 00:09:58  amtrnet.html.gz
 24  -rwx3071   Mar 01 1993 00:09:58  arp.html.gz
 25  -rwx1147   Mar 01 1993 00:09:58  arphelp.html.gz
 26  -rwx 210   Mar 01 1993 00:09:59  back.html.gz
 27  -rwx4975   Mar 01 1993 00:09:59  balboa.html.gz
 28  -rwx3171   Mar 01 1993 00:09:59  basichlp.html.gz
 29  -rwx 171   Mar 01 1993 00:09:59  blank.html.gz
 30  -rwx 527   Mar 01 1993 00:09:59  bottom.html.gz
 31  -rwx3861   Mar 01 1993 00:10:00  cdp.html.gz
 32  -rwx1562   Mar 01 1993 00:10:00  cdphelp.html.gz
 33  -rwx3926   Mar 01 1993 00:10:00  cgmp.html.gz
 34  -rwx1790   Mar 01 1993 00:10:00  cgmphelp.html.gz

==
De informatie opgenomen in dit bericht kan vertrouwelijk zijn en
is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht
onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en
de afzender direct te informeren door het bericht te retourneren.
==
The information contained in this message may be confidential
and is intended to be exclusively for the addressee. Should you
receive this message unintentionally, please do not use the contents
herein and notify the sender immediately by return e-mail.


==




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35724&t=35716
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct a

Re: PVC status don't go down [7:35389]

2002-02-15 Thread Henry D'souza 

Makes sense to me ! But is that the real cause ?.


   

   
"eric.lange@u
sbank.com"   To:
[EMAIL PROTECTED]
http://www.groupstudy.com/form/read.php?f=7&i=35483&t=35389
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Malformed Packet... [7:35436]

2002-02-15 Thread Henry D'souza 

Rahul ,
CIAC has information that there have been an ongoing series of denial-of-
service attacks directed at whole blocks of IP addresses. The attack uses
UDP
fragmentation to exploit a known vulnerability on unpatched Windows NT and
Windows 95 systems.  The attack is a sequence of two UDP packets, the first

being the setup packet, and the second, a malformed UDP packet. Because of
the
way Microsoft implements the TCP/IP stack, processing these UDP packets
places
the TCP/IP stack in an unstable state. Unprotected Windows NT machines
crash
and display the "blue screen of death" during or soon after the attack.
Windows NT boxes with only SP1 applied seem to reboot. Windows 95 machines
hang.  The attack is not intentionally damaging to the machines, but as
with
all such issues can do damage if the machine is accessing the hard drive at

the moment the attack occurs.

Microsoft has tested these malformed packets and believes the teardrop2
hotfix
solves this problem. We suggest patching all machines with this hotfix and
the
smb/cifs (srv hotfix) which protects against a similar attack.

See CIAC Bulletin I-19 for more information on this type of attack and the
machines that are vulnerable. Note also that Microsoft has updated and
combined the patches for the Teardrop and Land attacks on Windows NT. This
patch is now the teardrop2 fix.  The teardrop2 hotfix should be used
instead
of the patches listed in the I-19 Bulletin.

We have noted that Windows NT and Windows95 machines that were located
behind
firewalls did not fail during these attacks.  We believe this is due to the

fact that most firewalls automatically drop malformed UDP packets.


   

   
"Rahul
Kachalia"To:
[EMAIL PROTECTED]
  Subject: Malformed Packet...
[7:35436]
Sent
by:
   
nobody@groups
   
tudy.com
   

   

   
02/15/2002
02:38
AM
   
Please
respond
to
   
"Rahul
   
Kachalia"
   

   





Hi All,

I am not sure what "Malformed Pkt" by some sniffer or OS means, but
assuming either the expected information is missing or didnt matched. While
sending fragmented pkt on network I am seeing such messages on sniffer, can
some one provide more info on it..

thanks,
rahul.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35480&t=35436
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cat5k Reboots sporadically [7:35477]

2002-02-15 Thread Henry D'souza 

Sean,
Looks like the power supply problem here !
The power supply must be going down and coming on again !
Plug off the power supply and bring the  device on the standby power supply
only.

Henry D'souza,
Infrastructure development & Management,(IDM),
TATA CONSULTANCY SERVICES
Seepz, Mumbai , 400096.
Hello # 8291680 ext 1208.
Direct line 8292406
@ Pager  9624 - 370346.


   

"Sean
Knox"
 
cc:
Sent by: Subject: Cat5k Reboots
sporadically [7:35477]
   
nobody@groups
   
tudy.com
   

   

   
02/15/2002
12:52
PM
   
Please
respond
to
"Sean
Knox"
   

   





I have a old Catalyst 5500 that is continually resetting. A show log
displays:

Console> (enable) show log

Network Management Processor (ACTIVE NMP) Log:
  Reset count:   538
  Re-boot History:   Feb 15 2002 01:46:06 0, Feb 15 2002 00:10:24 0
 Feb 15 2002 00:03:35 0, Feb 14 2002 14:13:25 0
 Feb 14 2002 14:07:15 0, Feb 14 2002 14:05:16 0
 Feb 14 2002 13:12:20 0, Feb 14 2002 11:29:54 0
 Feb 14 2002 11:05:38 0, Feb 14 2002 10:35:35 0
  Bootrom Checksum Failures:  0   UART Failures:  0
  Flash Checksum Failures:0   Flash Program Failures: 0
  Power Supply 1 Failures:   65   Power Supply 2 Failures:0
  Swapped to CLKA:0   Swapped to CLKB:0
  Swapped to Processor 1: 0   Swapped to Processor 2: 0
  DRAM Failures:  0

  Exceptions: 0

  Loaded NMP version:4.5(12)
  Reload same NMP version count: 176

  Last software reset by user: 2/15/2002,00:10:13
 output omitted 

I'm assuming the 65 power supply 1 failures is a possible cause? Does this
indicate a dying power supply and the source of the resets, or is something
else to blame?


- Sean




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35479&t=35477
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Checking ! [7:35476]

2002-02-14 Thread Henry D'souza 

This is a frist time I am writing !
If you can recieve this mail , pls respond !

Henry D'souza,
Infrastructure development & Management,(IDM),
TATA CONSULTANCY SERVICES
Seepz, Mumbai , 400096.
Hello # 8291680 ext 1208.
Direct line 8292406
@ Pager  9624 - 370346.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=35476&t=35476
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MD5 encrypting vty passords [7:33533]

2002-01-29 Thread Henry D. 

That specifies type 7 encryption, you can enable it before or after
you configured your vty's. "enable secret " is used to enter
password which will be encrypted with MD5. If using MD5 don't use it in
conjunction with "enable password " command as that would create
another enable password and would make your MD5 password as prone
to discoveries as type 7.

""bergenpeak""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Is the MD5 encryption used when one enables the "service
> password-encryption"
> before entering the vty password?
>
> What encryption mechanism is used when a password is entered as type 7?
>
> Thanks
>
>
> "Henry D." wrote:
> >
> > It's not possible to use MD5 on vty's.
> > I suppose the reason would be that MD5 enable
> > password is not all that much more secure than type
> > 7 passwords. When you type them they both are being
> > sent over the network in clear text anyway. The only reason
> > for using MD5 would be so anyone who sees your config
> > wouldn't be able to crack the MD5 password as easily as type 7.
> > But on the other hand, if you have access to the config, you're either
> > already in enabled mode or you store it in insecure place. If insecure
> place
> > then there may be other ways to break into or your equipment anyways.
> > You see, there is no perfect simple solution, you got to rely on many
steps
> > to protect what needs to be protected.
> >
> > ""Charlie Wehner""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Is there any way to MD5 encrypt vty passords?
> > >
> > > If so, how?
> > >
> > > If not, why not?
> > >
> > > Thanks,
> > > Charlie




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33564&t=33533
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: More Confused!!! Re: Neighbor commands...Yes or No?? [7:33560]

2002-01-29 Thread Henry D. 

I think you're still confused. Both physical frame interface
and multipoint sub-interface are by default OSPF Non_Broadcast type.
This means for OSPF to function you'd need to configure neighbor command
in either scenario.

With the config you showed on RTA (the HUB router) you wouldn't even be able
to ping both spokes as there are no maps defined (aside from missing
netmask), and if relying only on inverse-arp,
it would map only one spoke and no more. The rule is that inverse-arp will
map
only one Layer3 to the same Layer2, i.e one IP to DLCI X, one IPX to DLCI X,
one IP to DLCI Y, etc.

You're showing routes in the spokes, but we really don't know all of the
configs
when these routes show up in the routing table.

What's the configs, output of "sh frame-relay pvc", "sh frame-relay map" ?


""Cisco Nuts""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> OK, I have finally found out this and concluded that:
>
> Neighbor commands are ONLY required in an OSPF point-to-multipoint
> Non-Broadcast mode in a FR hub-and-spoke topology.
>
> Not required in a NBMA mode or any other modefor that matter.
>
>
>
> >From: "Cisco Nuts" >Reply-To: "Cisco Nuts" >To: [EMAIL PROTECTED]
> >Subject: More Confused!!! Re: Neighbor commands...Yes or No?? [7:33547]
> >Date: Tue, 29 Jan 2002 01:38:45 -0500 > >Hello!! > >I am even more
> confused now! :-( > >Just finished configuring 3 routers in a FR
> hub-and-spoke topology with >OSPF in the default non-broadcast mode with
> NO neighbor commands on the >hub router and FR map commands on both the
> spokes to get to one another. >It works!! I mean without the neighbor
> commands on the hub router, the >spoke routers are learning about the
> networks on the other spoke, that >too in a different area. Why?? >
> >Thanks! > >Here is some output: BTW: RTA is the hub and RTB and RTC the
> spokes. FR >configed. on physical interfaces: > >RTB routing table: > >O
> IA 192.168.10.192/27 [110/70] via 192.168.10.243, 00:01:20, Serial0 >O IA
> 192.168.10.128/26 [110/74] via 192.168.10.243, 00:01:20, Serial0 > >RTA
> config: > >RTA#sh ru int s0 >Building configuration... > >Current
> configuration : 214 bytes >! >interface Serial0 > bandwidth 1544 > ip
> address 192.168.10.241 255.255 > encapsulation frame-relay > ip ospf
> priority 10 > logging event subif-link-status > logging event
> dlci-status-change > no fair-queue >end > >RTC routing table: > >O IA
> 192.168.10.64/26 [110/74] via 192.168.10.241, 00:17:50, Serial0 >O IA
> 192.168.10.0/26 [110/74] via 192.168.10.242, 00:17:50, Serial0 > > >From:
> "Henry Dziewa" >To: "Cisco Nuts" >Subject: Re: Neighbor >commands...Yes
> or No?? [7:33486] >Date: Mon, 28 Jan 2002 20:11:07 -0500 > > >Well, it's
> your loss:) > >Hub and spoke, in order for the spoke to >talk to
> another spoke you >need to map the remote spoke's IP to the same >DLCI
> used for >mapping to HUB router on both spokes. >The HUB router >already
> has the mapping to both so >it knows where everyone is. > >By >default,
> physical frame interfaces are ospf non-broadcast, this means > >that
> you'd need to configure neighbor statement, preferably >on the HUB
> >router. > > >- Original Message - >From: "Cisco Nuts" >To:
> >Sent: >Monday, January 28, 2002 3:42 PM >Subject: Re: Neighbor
> commands...Yes or >No?? [7:33486] > > > > And that's exactly what I am
> asking my friend. > > >First, it's the layer 2 issue..that of fr map
> statements to get from one > > > spoke to another via the hubaka Mr.
> Caslow. > > > > And there is >the ospf issue of either issuing the
> neighbor commands or not > > in the >default non-broadcast mode when
> using physical fr intfs. > > > > Is it >one of both? And that is the
> confusing issue for me. > > > > :-) Can you >help? > > > > > > >From:
> "Henry D." > > >Reply-To: "Henry D." > > >To: >[EMAIL PROTECTED] > >
> >Subject: Re: Neighbor commands...Yes or No?? >[7:33486] > > >Date: Mon,
> 28 Jan 2002 14:38:06 -0500 > > > > > >There are >2 different issues. > >
> > > > >1. Layer 2 to Layer 3 mapping. > > >2. >Routing > > > > > >You
> need to separate these 2 in order to understand >how it all works. > >
> >If I gave you all the

Re: Can ping from one side only!! why? [7:33527]

2002-01-28 Thread Henry D. 

Can you post the relevant configs then ?

""Cisco Nuts""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello,
> I have router RTA connected to router BBR running ospf 100. Router BBR has
a
> static route of 0.0.0.0 to router TS. Router BBR also has a redistribute
> static command under ospf.
>
> Router TS is connected to router Remote both running Rip. Static routes
are
> configured on TS for RTA's and BBR's networks. This is redistributed under
> Rip with a default metric of 2. Also, the router TS has a defult-network
> command to inject a default route to router Remote.
>
> On router Remote, I see the networks of routers RTA and BBR discovered via
> RIP
> R4.0.0.0/8 [120/2] via 10.10.1.2, 00:00:18, Ethernet0
> R5.0.0.0/8 [120/2] via 10.10.1.2, 00:00:18, Ethernet0
>
> I can ping these addresses successfully.
>
> But I cannot ping these same addresses from the TS. Why?? The packet from
> Remote goes thru TS to get to routers RTA and BBR. Then how come I cannot
> ping these same addresses from TS?? Also, I cannot ping any networks on
> Remote from RTA
>
> The solution I came up with was:
> 1.) Configure a default-information originate command on the router BBR
> which then injects a default route on RTA which allows me to ping networks
> on router Remote. This works!
>
> 2.) Configure on router BBR the serial network address between router BBR
> and TS under OSPF. This allows me to ping the networks of RTA from the TS.
> This works!
>
> So the question is more of a packet flow from router Remote from where
pings
> work to RTA and BBR but not from router TS.
>
> Can someone help me understand this?
> Thank you.
>
>
>
>
>
>
>
> _
> Send and receive Hotmail on your mobile device: http://mobile.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33540&t=33527
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MD5 encrypting vty passords [7:33533]

2002-01-28 Thread Henry D. 

It's not possible to use MD5 on vty's.
I suppose the reason would be that MD5 enable
password is not all that much more secure than type
7 passwords. When you type them they both are being
sent over the network in clear text anyway. The only reason
for using MD5 would be so anyone who sees your config
wouldn't be able to crack the MD5 password as easily as type 7.
But on the other hand, if you have access to the config, you're either
already in enabled mode or you store it in insecure place. If insecure place
then there may be other ways to break into or your equipment anyways.
You see, there is no perfect simple solution, you got to rely on many steps
to protect what needs to be protected.

""Charlie Wehner""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Is there any way to MD5 encrypt vty passords?
>
> If so, how?
>
> If not, why not?
>
> Thanks,
> Charlie




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33539&t=33533
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Can ping from one side only!! why? [7:33527]

2002-01-28 Thread Henry D. 

In your scenario, packet originates on router Remote
with destination of router RTA - with IP address of the network
connecting RTA to BBR. Remote knows to use TS because
of the RIP information and sends packet to TS, TS knows how to get
there because it has statics so it forwards the packet to
BBR, BBR is directly connected to the network so it
knows where RTA is and forwards it out to RTA. RTA
gets the packets but it doesn't know where Remote router is
so the packet gets dropped. Now, if Remote was for example
pinging IP of BBR on the same subnet as RTA this would work
because BBR knows thru static default how to get back to Remote.
In case of RTA, it has no default route information even though you
used redistribution under OSPF. The problem is that OSPF will
not start advertising default route unless specifically configured to do
so with "default-information originate" command.

The same goes when trying from TS router, RTA has no information
on how to get back to the network you have configured between
BBR and TS.

Hope it helps.


""Cisco Nuts""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello,
> I have router RTA connected to router BBR running ospf 100. Router BBR has
a
> static route of 0.0.0.0 to router TS. Router BBR also has a redistribute
> static command under ospf.
>
> Router TS is connected to router Remote both running Rip. Static routes
are
> configured on TS for RTA's and BBR's networks. This is redistributed under
> Rip with a default metric of 2. Also, the router TS has a defult-network
> command to inject a default route to router Remote.
>
> On router Remote, I see the networks of routers RTA and BBR discovered via
> RIP
> R4.0.0.0/8 [120/2] via 10.10.1.2, 00:00:18, Ethernet0
> R5.0.0.0/8 [120/2] via 10.10.1.2, 00:00:18, Ethernet0
>
> I can ping these addresses successfully.
>
> But I cannot ping these same addresses from the TS. Why?? The packet from
> Remote goes thru TS to get to routers RTA and BBR. Then how come I cannot
> ping these same addresses from TS?? Also, I cannot ping any networks on
> Remote from RTA
>
> The solution I came up with was:
> 1.) Configure a default-information originate command on the router BBR
> which then injects a default route on RTA which allows me to ping networks
> on router Remote. This works!
>
> 2.) Configure on router BBR the serial network address between router BBR
> and TS under OSPF. This allows me to ping the networks of RTA from the TS.
> This works!
>
> So the question is more of a packet flow from router Remote from where
pings
> work to RTA and BBR but not from router TS.
>
> Can someone help me understand this?
> Thank you.
>
>
>
>
>
>
>
> _
> Send and receive Hotmail on your mobile device: http://mobile.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33529&t=33527
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Lab Kit.... [7:33412]

2002-01-28 Thread Henry D. 

It could be possible to only use 4 routers and still be able
to do some complicated labs. But what real CCIE lab is about is
to put a lot of stuff in one physical topology, mixing all of this
together, confusing you which protocol or interface you still
need to get to, what and how the redistribution will play in this whole
mess, making all of it depend on many other things you might
have configured earlier and being able to keep on going without
breaking later what worked before. From my own experience
as well as most of the "real" preparation labs you'll find will
require more routers. I used 9 routers and 1 switch.
This allowed me to do most labs from all the resources I was
able to find on the web.

Good Luck !

And yeah, it worked for me !

""Joel Satterley""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Can anyone advise on the base set of equipment for running test labs as a
> prep
> for the CCIE lab ?
>
> I'm thinking -
>
> 4 x eth + tok routers (3 with at least one serial + 1 with three or more)
> 2 x Cat switches (2900 + 4000)
> 1 x Token ring switch.
> 3 x PC's
>
> Anything else (apart from modems + ISDN, got plenty of that).




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33526&t=33412
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Neighbor commands...Yes or No?? [7:33486]

2002-01-28 Thread Henry D. 

There are 2 different issues.

1. Layer 2 to Layer 3 mapping.
2. Routing

You need to separate these 2 in order to understand how it all works.
If I gave you all the answers then it wouldn't be fair to you as you need
to grasp it for yourself, especially if planning to gor for CCIE.

""Cisco Nuts""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello,
> Would someone clarify this for me as I am getting very confused :-(
> In a Frame-Relay hub-and-spoke config. using physical interfaces and
> frame-relay map statements at the spokes and using OSPF, do we need to
> configure neighbor commands? Yes or No?
> From what I understand, OSPF works in a Non-Broadcast mode by default and
> neighbor commands are only needed if not a full-mesh. In this case, will
the
> frame-relay map commands suffice to get from one spoke to another thru the
> hub router?
> Thank you.
>
>
> _
> MSN Photos is the easiest way to share and print your photos:
> http://photos.msn.com/support/worldwide.aspx




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33490&t=33486
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP Backdoor! Lab on Friday, Please HELP! [7:33423]

2002-01-28 Thread Henry D. 

I suspect your ISIS between Glori and Bilbo is either not working
or this specific route is not exchanged with ISIS. Can we see the whole
config for these bad boys ? Also, what happens when you shut the BGP
session between Bilbo and Elrand, do you get the ISIS route then ?

You don't need backdoor command on Erland either.

"Wilson, Christian""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am struggling with BGP backdoor.  I seem to get the more complicated
> aspects of BGP, but this backdoor command is really getting me down.  I
test
> on Friday and would appreciate any help.  In the configs below, BILBO and
> GLORI have EBGP connections to ELROND.  BILBO and GLORI have a ISIS
> connection between each other.  ISIS is actually running on all the
routers
> as an IGP.  All the routers know about the network 3.0.0.0 from ISIS.
GLORI
> injects 3.0.0.0 into BGP using the network command and the update is sent
> across the EBGP connection to ELROND, who in turn passes the update across
> his EBGP connection to BILBO.  BILBO has the "network 3.0.0.0 backdoor"
> added to his configuration, but the BGP route still appears in the routing
> table instead of the ISIS route.  I have omitted a lot of the config files
> because they are huge and harsh to read through, but I tried to include
all
> relevant text.  I have tried this so many ways and times that I am
beginning
> to have doubts about myself since such a seemingly simple task is stumping
> me.  Please help!!
>
> hostname Bilbo
>
> interface Serial0/0
>  no ip address
>  encapsulation frame-relay
> !
> interface Serial0/0.1 multipoint
>  ip address 150.150.10.1 255.255.255.0
>  ip router isis
>  ip ospf network point-to-multipoint
> !
> interface Serial0/0.2 point-to-point
>  ip address 150.150.20.1 255.255.255.0
>  ip router isis
>  ipx network 200
>  ipx nlsp a1 enable
>  frame-relay interface-dlci 940
> !
> router bgp 100
>  network 3.0.0.0 backdoor
>  neighbor 150.150.20.2 remote-as 200
>
> Bilbo#b
> BGP table version is 2, local router ID is 200.200.9.1
> Status codes: s suppressed, d damped, h history, * valid, > best, i -
> internal
> Origin codes: i - IGP, e - EGP, ? - incomplete
>
>Network  Next HopMetric LocPrf Weight Path
> *> 3.0.0.0  150.150.20.2   0 200 300 i
>
> Bilbo#i
> i L2 1.0.0.0/8 [115/20] via 150.150.20.2, Serial0/0.2
> C2.0.0.0/8 is directly connected, Virtual-TokenRing2
> B3.0.0.0/8 [20/0] via 150.150.20.2, 00:26:45
> i L2 4.0.0.0/8 [115/20] via 150.150.10.2, Serial0/0.1
> O E1 5.0.0.0/8 [110/128] via 150.150.10.3, 00:29:29, Serial0/0.1
> O E1 200.200.220.0/24 [110/128] via 150.150.10.3, 00:29:29, Serial0/0.1
>
>
>
> hostname Elrond
>
> interface Serial0/0.1 point-to-point
>  ip address 150.150.20.2 255.255.255.0
>  no ip directed-broadcast
>  ip router isis
>  ipx network 200
>
> interface Serial0/0.3 point-to-point
>  ip address 150.150.21.1 255.255.255.0
>  no ip directed-broadcast
>  ip router isis
>  ipx network 21
>
> router bgp 200
>  network 3.0.0.0 backdoor
>  neighbor 150.150.20.1 remote-as 100
>  neighbor 150.150.21.2 remote-as 300
>
> Elrond#b
> BGP table version is 2, local router ID is 200.200.240.1
> Status codes: s suppressed, d damped, h history, * valid, > best, i -
> internal
> Origin codes: i - IGP, e - EGP, ? - incomplete
>
>Network  Next HopMetric LocPrf Weight Path
> *> 3.0.0.0  150.150.21.2 0 0 300 i
>
>
> hostname GLORI
>
> interface Serial0/0
>  ip address 150.150.10.2 255.255.255.0
>  no ip directed-broadcast
>  ip router isis
>  encapsulation frame-relay
>
> interface Serial0/0.2 point-to-point
>  ip address 150.150.21.2 255.255.255.0
>  no ip directed-broadcast
>  ip router isis
>  ipx network 21
>
> router bgp 300
>  network 3.0.0.0
>  neighbor 150.150.21.1 remote-as 200
>
> GLORI#b
> BGP table version is 2, local router ID is 200.200.230.1
> Status codes: s suppressed, d damped, h history, * valid, > best, i -
> internal
> Origin codes: i - IGP, e - EGP, ? - incomplete
>
>Network  Next HopMetric LocPrf Weight Path
> *> 3.0.0.0  0.0.0.0  0 32768 i
>
> GLORI#i
> i L2 1.0.0.0/8 [115/30] via 150.150.10.1, Serial0/0
> C3.0.0.0/8 is directly connected, Virtual-TokenRing3
> C4.0.0.0/8 is directly connected, Virtual-TokenRing4
> i L2 5.0.0.0/8 [115/84] via 150.150.10.1, Serial0/0
> i L2 200.200.220.0/24 [115/84] via 150.150.10.1, Serial0/0
> i L2 6.0.0.0/8 [115/84] via 150.150.10.1, Serial0/0
> i L2 200.200.241.0/24 [115/84] via 150.150.10.1, Serial0/0




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33435&t=33423
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: tunneling with previously undefined endpoint? [7:32057]

2002-01-15 Thread Henry D. 

If I get this correctly you can use dynamic-map feature
as seen in the example here:

http://www.cisco.com/warp/customer/707/ios_804.html

""the-other-jason""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Help, I can't think of a way to do this . :-(
>
> We have two IPSec "appliances" at work that require known, routable
> addresses on their "non-secure" ethernet interfaces.
>
> We want to create a kit engineers can take home for remote IPSec access
> into the network from personal cable/dsl connections. Our typical home
> networks have a cheapo router running NAT. The router is getting a real
> "outside" address from a service provider via DHCP (point "C" in the
> drawing). On the inside, we use private addressing (point "B").
>
> The problem is to configure an IPSec appliance with a real address but
> connect it via the private address LAN at home. The obvious way to do
> this is with a tunnel, so we've managed to scavenge a couple of old
> 2500s for this purpose...
>
>
> IPSec   cheapo  IPSec
> appliance -->2500-->router-->ISP-->Internet-->3660-->2500-->appliance
>   A B   C D
>
> Ideally, we want a tunnel from the left side of the left 2500 to either
> the 3660 or the right 2500  so that we can give the left IPSec
> appliance some of our address space.  With GRE, however, you have to
> specify the endpoint addresses in advance, and of course we don't know
> what address the ISP will give one via DHCP 
>
> After some reading, I _think_ PPPoE, L2F, PPTP, and L2TP won't help us
much
>
> Does anyone have any ideas?
>
> Jason




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=32059&t=32057
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Kindly assist. (IPSEC over ISDN + HSRP) [7:31116]

2002-01-07 Thread Henry D. 

With the mix of dial profiles and correct crypto maps there shouldn't be a
problem.

""Pius""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...> Hi,
>
> I am using ISDN routers to connect to 2 remote sites, the headquarter has
2
> router which will be running HSRP.
>
> The primary router and the remote sites' router are using IPSEC
> tunnel.however, the backup router is not using IPSEC.
>
> The primary router has 2 BRI interface running 128k connecting to the 2
> remote sites router, however, the backup router has only 1 BRI interface.
>
> Is this configuration possible? i.e. when the primary fail, can the backup
> router connected to the remote sites without using IPSEC using 1 channel
> each?
>
> Thanks,
> Pius




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31194&t=31116
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Regarding E1 controllers [7:31126]

2002-01-07 Thread Henry D. 

It wouldn't work at all if framing was incorrect. You may be encountering
a bug of some sort. I 'd make sure you have the lates IOS installed and that
you PA revision is not too old. Some of these bad boys caused us problems
when we first started using them but not any more.

""K.RAMESH BABU""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi ,
>
> Having cisco7206 with Multichannel E1/PRI cards at service provider
> environment .Terminated different 2Mbps customers on these cards.
> Sometimes I find some customer ckt goes down and when I go for
> checking "sh controller e1 " ,I find LOSS OF FRAME alarm.
> By changing framing settings under controller configuration and again
> revert back for the same framing settings once or twice, ckt is coming
> up.Why this is happening so ? Is it related to some buffers problem
> or some thing else?
>
> Pls write me back if anyone has similar problem or anyone knows the
> reason.
>
> Thanks & regards
> Ramesh




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=31189&t=31126
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Activating VPN slows connection drastically, Why? [7:30043]

2001-12-24 Thread Henry D. 

I don't know much about CheckPoint's VPN solutions but the logical
things that could cause degradation in performance could be either
client PC's that now with VPN are required to encrypt/decrypt data,
the end point machine that has to do the same things, some issues within
the infrastructure beyond the VPN Checkpoint machine, all or some
of the above issues could cause problems. Simply more information
is required for better analysis.


""Chuck Larrieu""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> can you clarify for me?
>
> HQinternet827bunch of PC's
>
> PC's are running the Checkpoint VPN client. VPN tunnels go from PC to HQ
> Checkpoint device, with the 827 doing only routing/bridging ( depending on
> how the ISP is set up )
>
> Is this correct?
>
> When you say "the connection slows down" does that mean that prior to
using
> the VPN client, connection to HQ was fast? Or were you gauging by internet
> access, as the PC's cannot access HQ without the client?
>
> You will want to differentiate what is slow and what is fast. Then it will
> be easier to focus in on a cause.
>
> Chuck
>
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Bruce Williams
> Sent: Monday, December 24, 2001 12:38 PM
> To: [EMAIL PROTECTED]
> Subject: Activating VPN slows connnection drastically, Why? [7:30043]
>
>
> We have a DSL line connected through a Cisco 800 series router. The
> connection is very fast until the checkpoint client software is activated
to
> access a checkpoint firewall vpn in the corporate office. This slows down
> the connection drastically. What in the VPN could cause this? I just want
to
> get an idea where to start troubleshooting?
>
> Bruce Williams
> Verizon
> mailto:[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=30068&t=30043
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Lab Swap 01/11/2002 [7:27455]

2001-11-27 Thread Bob Henry 

All,

I curently have 1/11/2002 scheduled to take the ccie
lab in RTP. I cannot attend due to an unscheduled
business trip. I would like to swap with a date
between 3/1/2002 and 3/28/2002. Please email me back
if you have a date in the range above and are willing
to swap. 

Thanks,

__
Do You Yahoo!?
Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month.
http://geocities.yahoo.com/ps/info1




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=27455&t=27455
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Help with Voice over IP over ATM [7:25163]

2001-11-03 Thread Henry D. 

You need to have VAD disabled in your dial-peers.

""William Lijewski""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have been looking for what is probably a one line command for about 2
days
> now.
>
> In the lab I am working on you are to do Voice over IP over ATM SVC's.
They
> want it so if no one is talking it still sends empty voice packets.  Right
> now if no one is talking you can hear it go dead silent until someone
speeks
> again.  How do you get the empty voice packets to be transmitted so the
line
> is constantly active even if no one is talking?
>
> I have looked in the Caslow book, searched the Cisco documentation CD, and
> I'm just having no luck.  Any help would be great.
>
> Thanks,
> Bill L.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=25184&t=25163
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP Confederations [7:24940]

2001-11-01 Thread Henry D. 

Disregard my last post, I got it all messed up..
In confed cluster you peer over IBGP using a different
AS than the confed ID, or real AS number.

""Henry D.""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> If you think about it, in the config you specify bgp process
> as confed id, which means if you need to peer over IBGP
> you actually peer with confed ID and not the real AS number.
> So, yes you do need confed id specified on each BGP in confed cluster.
>
> ""McCallum, Robert""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Hi,
> >
> > If you have 4 routers within an confederation r1,r2,r3&r4.  R1 has and
> EBGP
> > connection to another As so therefore has the bgp confederation id and
> > confed peer statements on it.  My question is do all of the IBGP router
> > (r2,r3&r4) require the confed statements on them even if they are only
> IBGP
> > routers??
> >
> > 14 days to go!! Starting to have some fun !!
> >
> > Robert McCallum




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24948&t=24940
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP Confederations [7:24940]

2001-11-01 Thread Henry D. 

If you think about it, in the config you specify bgp process
as confed id, which means if you need to peer over IBGP
you actually peer with confed ID and not the real AS number.
So, yes you do need confed id specified on each BGP in confed cluster.

""McCallum, Robert""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi,
>
> If you have 4 routers within an confederation r1,r2,r3&r4.  R1 has and
EBGP
> connection to another As so therefore has the bgp confederation id and
> confed peer statements on it.  My question is do all of the IBGP router
> (r2,r3&r4) require the confed statements on them even if they are only
IBGP
> routers??
>
> 14 days to go!! Starting to have some fun !!
>
> Robert McCallum




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24945&t=24940
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: To Passive or Not to Passive [7:24771]

2001-10-31 Thread Henry D. 


In regards to Q number one. I think it would be much better not to
specify passive interface under OSPF as long as your network statement
does not include the IP of the interface in question. The reason for that,
at least
in my head, is that if I were a proctor I might think you don't understand
how
OSPF works.
For question 2, passive should be a norm on interfaces you don't want to
form
neighboorship or sending routing updates. Make sure you understand that
passive
works differenty for RIP than for EIGRP.

""McCallum, Robert"" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Dear all,
>
> Before I take the leap into the lab (2 weeks to go now), I have a question
> which has dogged me for a while now.  Scenario below.
>
>
> Router 1  has the following interfaces, Lo0, Eth0/0, S0/0, S0/1 and say
> Fast0/1.
>
> Router 2 has the following interfaces Lo0, Lo1, Eth 0/1, S0/0.
>
> Between Router 1 (s0/0) and Router 2 (s0/0) we are running say OSPF.  On
> router 1 (e0/0 and s0/1) we are running RIP.
> On Router 2 (e0/1 and lo1) we are also running Rip.
>
> Router 1 (lo0, s0/1) and Router 2 (lo0) are running Eigrp.
>
> Now for the questions
>
> 1. On router 1 OSPF process is running  Q: should I put lo0,e0/0, fast0/1
> and s0/1 as passive interface ???  This worries me quite a bit as the
> argument of if you dont put the network command under ospf then ospf will
> not run on that interface...BUT I have been told that you should ALWAYS
put
> every
> "in use" interface into passive if it is not being used under the routing
> process.
>
> 2.  This is not a question but a sanity check that for EIGRP and RIP then
> the "norm" rules of passive interfaces apply.
>
> Thanks for anyones help in clearing this annoying matter up.
>
> Robert McCallum
> Ext 730 3448
> DDI : 01415663448
> Mobile : 07818002241
>
>
>
>
> Message Posted at:
> http://www.groupstudy.com/form/read.php?f=7&i=24771&t=24771
> --
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

Re: Questions about PIX firewall [7:24634]

2001-10-30 Thread Henry D. 

Yeah, there is a GUI but you'll be better off just trying to get used
to the CLI. It's just better, trust me.
By HA I suppose you mean High Availability, there is a good link
describing how failover works:

http://www.cisco.com/warp/customer/110/failover.html

We've had good experience with failover, I think it rocks !

""dovelet""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi all,
>
> Our company wants to use PIX 515 firewall but I never use it before. I
have
> some questions and I hope someone can help me.
>
> 1. To configure a PIX, is there any GUI interface or need to use Command
> Line Interface? If it has GUI interface, is it bundle with a PIX or need
to
> purchase separately?
> 2. We plan to use 2 PIX for HA solution. Is it stable?
> 3. Is there any materials to describe the PIX failover?
>
> Regards,
> Dovelet




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24675&t=24634
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Slow wan link. TCP traffic "ok", UDP not okay. Please help! [7:24074]

2001-10-24 Thread Henry D. 

And yes, you need to have anonymous login allowed if you don't
want to specify a specific username:

r2#debug ip ftp
FTP transactions debugging is on
r2#term mon
r2#copy startup-config ftp:
Address or name of remote host []? 192.168.168.101
Destination filename [startup-config]?
Writing startup-config !
1543 bytes copied in 0.300 secs
r2#
00:52:04: FTP: 220 3Com 3CDaemon FTP Server Version 2.0
00:52:04: FTP: ---> USER anonymous
00:52:04: FTP: 331 User name ok, need password
00:52:04: FTP: ---> PASS [EMAIL PROTECTED]
00:52:04: FTP: 230 User logged in
00:52:04: FTP: ---> TYPE I
00:52:04: FTP: 200 Type set to I.
00:52:04: FTP: ---> PASV
00:52:04: FTP: 227 Entering passive mode (192,168,168,101,4,70)
00:52:04: FTP: ---> STOR startup-config
00:52:04: FTP: 125 Using existing data connection
00:52:04: FTP: 226 Closing data connection; File transfer successful.
00:52:04: FTP: ---> QUIT
00:52:04: FTP: 221 Service closing control connection

""Ouellette, Tim""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Yeah, try copying a 12 meg msfc .bin over a WAN link that has latency of
> 125ms.  So I only get to send 8 packets per seccond each as 512 bytes.
> (1000ms/125ms = 8)
>
> tftp at the application layer is the one who sends the acks.  For some
> reason I can't do a a "copy flash ftp".  I'm guessing because I don't have
> anonymous login allowed on my ftp? Does that sound right?
>
> Tim
>
>
> > -Original Message-
> > From: Chuck Larrieu [SMTP:[EMAIL PROTECTED]]
> > Sent: Tuesday, October 23, 2001 12:44 AM
> > To: [EMAIL PROTECTED]
> > Subject: Re: Slow wan link. TCP traffic "ok", UDP not okay. Please
> > help! [7:23853]
> >
> > validating this thought, I have had reason to upgrade my router pod IOS
> > images of late. Cisco's router Software Loader uses TFTP to copy new
> > images
> > into flash via a direct ehternet to ethernet connection. copying 16 meg
> > images takes an inordinate amount of time, especially considering there
> > are
> > only two devices on the network involved.
> >
> > it would appear, then, that the router writes each packet to flash
before
> > requesting the next packet. at least that goes a long way towards
> > explaining
> > why the copies take several minutes on a 10baseT link with just the two
> > devices connected via a crossover cable.
> >
> > thanks for the insight
> >
> > Chuck
> >
> >
> > ""Priscilla Oppenheimer""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > One more (serious!) comment. I asked a protocol guru about the
question
> > of
> > > TFTP being so slow. He agreed with the poster that the TFTP throughput
> > > seems awfully low, but he agreed with me too that TFTP is not
optimized
> > for
> > > throughput. He also mentioned one other stupidity with TFTP
> > > implementations. He said that some actually write the 512-byte block
of
> > > data to the hard disk before ACKing and asking for the next block. So
a
> > > slow hard disk would cause problems.
> > >
> > > TFTP and UDP don't have a PSH bit like TCP has. With TCP, the sender
> > would
> > > output a bunch of data and then perhaps set the PSH bit which would
tell
> > > TCP to give the data (in RAM) to the application. At that point, you
> > might
> > > see a short hiccup as FTP wrote the data to the hard drive (not
> > necessarily
> > > because FTP could still keep the data in memory until the session is
> > > closed; it's implementation-dependent.)
> > >
> > > TFTP is also implementation-dependent, but with some implementations,
> > it's
> > > one block at a time that is written to storage and then ACKed before
> > more
> > > data is sent.
> > >
> > > Since FTP works well, you have proof that the problem isn't with the
> > > network. Can't you pass this onto the server or application people!?
;-)
> > >
> > > Priscilla
> > >
> > > At 02:34 PM 10/18/01, Priscilla Oppenheimer wrote:
> > > >At 02:23 PM 10/18/01, Ouellette, Tim wrote:
> > > > >Priscilla,
> > >
> > >
> > >
> > > > >
> > > > >Thanks for the response.   Any idea as to why the TFTP protcol over
> > our
> > > WAN
> > > > >will run at 4k/sec and FTP at 165k/sec.  I just figured that the
> > smaller
> > > > >packet size of UDP would help.
> > > >
> > > >Nope. That would not help. It would make the throughput worse.
> > > >
> > > > >  I also thought that UDP is connectionless and
> > > > >thefor requires no ACKS.
> > > >
> > > >TFTP has ACKs.
> > > >
> > > > >   Other sites on our WAN I can transfer large files
> > > > >via TFTP and they run at very good speeds.
> > > >
> > > >Have you done the same sort of comparison  of FTP versus TFTP at
those
> > > >sites. I bet FTP has much better throughput.
> > > >
> > > > >I'm just concerned about this one
> > > > >site. Any other ideas?
> > > >
> > > >See the message from Phil Barker. It made some good points about TFTP
> > and
> > > >UDP in general not being tuned for WANs. The next step would be to
put
> > a
> > > >Sniffer on it and see what's really happening. But there m

Re: IPsec question!!! [7:24020]

2001-10-24 Thread Henry D. 

The good book to read for (in my opinion) great IPSec
coverage is "Enhanced IP Services For Cisco Networks"
by Donald C. Lee - ISBN 1-57870-106-6

""Hussam Adili""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Dear All,
>
> I have a question about IPsec tunnel mode. As I understood that it will
> encrypt  the original  packet with its IP header and it will use another
> IP header (the o/p interface address header) to route the packet over
> the Internet (any open network).
>
> Does this mean that the source address can be a non-routerable IP
> address and it can reach the destination address (which is also
> non-routable) through the IPsec tunnel ? Or, for such senario we need to
> use GRE tunnel first between the non-routable network addresses , then
> encrypt using IPsec?
>
> Your help is appreciated
> -
> Regards
> Hussam




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24069&t=24020
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Route Reflectors and Peer Groups [7:23765]

2001-10-22 Thread Henry D. 

Hi there,

Did you ever get an answer, or figured this out ?

I can't quite get a clearer understanding of what they're talking about in
the
excerpt you submitted either. I was looking at the BGP case studies on
cisco's
web site and I still can't get it.

Thanks
""Lupi, Guy""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Below is an excerpt from a Cisco case study on multiple route reflectors
> within a cluster:
>
> An important thing to note, is that peer-groups were not used in the above
> configuration. If the clients inside a cluster do not have direct IBGP
peers
> among one another and they exchange updates through the RR, peer-goups
> should not be used. If peer groups were to be configured, then a potential
> withdrawal to the source of a route on the RR would be sent to all clients
> inside the cluster and could cause problems.
>
> The router sub-command bgp client-to-client reflection is enabled by
default
> on the RR. If BGP client-to-client reflection were turned off on the RR
and
> redundant BGP peering was made between the clients, then using peer groups
> would be alright.
>
> Does anyone know what they mean? I know in IOS versions 12.0 and lower
there
> were issues with route reflection using peer groups, but I am trying to
> figure out what they are trying to say here. What do they mean by a
> potential withdrawal to the source of a route on the RR? Any help would be
> appreciated.
>
> Guy H. Lupi
> NOC Engineer
> Eureka GGN
> 270 Madison Avenue, 5th Floor
> NY, NY 10016




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=23823&t=23765
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Design Question - Spanning-tree Protocol. [7:23614]

2001-10-20 Thread Henry D. 

Hmm, I think your STP/EtherChannel might be misconfigured. EtherChannel
should be
treated as a single logical link. With an STP running on top of it your both
links
should be forwarding. So in case one of the physical links fails, there is
no
need to re-calculate anything with STP.
Are you sure they are configured for etherchannel and not just trunking ?


""Urooj's Hi-speed Internet""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi Folks,
> I have a design in which Cisco 3548 XL's are GBIC-stacked on various
floors
> of a campus and are uplinked to a core Cat 6509 switch. The uplink from
> every floor stack is ether-channeled to the core via two parallel
equal-cost
> paths. One uplink path starts "forwarding" and the other goes into
> "blocking" mode from each floor stack.
>
> Here is my confusion... If only one link of a 400 MBps full-duplex
> ether-channel fails from the forwarding path , will it invoke
spanning-tree
> recalculation ??? Or will the 'now' sub-optimal path still remain in
> forwarding mode and the now more-bandwidth path remain in blocking mode
???
>
> Since spanning-tree recalculation causes a lot of ripples throughout the
> switched network, I would assume that the latter were true. However, I
would
> like to hear views from people who would think that the former scenario is
> more probable.
>
> Thanks very much.
>
> Aziz




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=23637&t=23614
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IPX transport control [7:23389]

2001-10-19 Thread Henry D. 

My wife works for a pretty big Enterprise company. They have about
300 sites, all of them have IPX running. All WAN stuff is IPX EIGRP in
addition to IP and some SNA. To me it would suggest that bigger Enterprise
companies are still in need for network people with good IPX understanding,
especially those who know how to control it :)
This may be considered by some a legacy stuff, but legacy is what makes
those
who know it even more valuable...


""Priscilla Oppenheimer""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Thanks. That sounds right to me. By default the router discards a packet
if
> the IPX hop count reaches 16. But I discovered that you can configure the
> number of hops with the "ipx maximum-hops" command. There wouldn't be any
> need in a RIP network, because RIP can't learn about a network with 16 or
> more hops. (16 means infinity.) But routers running EIGRP and NLSP can
> learn about paths that are more than 15 hops away, so it might make sense
> in those cases.
>
> Does anyone care about IPX anymore? IPX RIP? EIGRP for IPX? NLSP for IPX?
>
> Any feedback would be appreciated. Thanks.
>
> Priscilla
>
> At 09:50 PM 10/18/01, Henry D. wrote:
> >I'm no expert at this but from I was able to get from cisco's web site is
> >that the router discards the packet if the control field is set to 16 or
up
> >for ipx rip.
> >In mixed environment, with both NLSP and RIP running, the router might
> >have routes of greater than 16 if it learnt those routes using NLSP,the
> >important thing
> >would be the servers' configuration. If the server supports only RIP,
then
> >obviously
> >the hop count would still be an issue and the server would discard the
RIP
> >update
> >with 16 and up. To take the full benefit from NLSP and its hop count
> >enhancement
> >I'd think one would have to run NLSP in the whole network, including the
> >servers.
> >
> >Again, i'm not experienced with IPX...
> >""Priscilla Oppenheimer""  wrote in message
> >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > The IPX header has a "transport control" field which is really a "hop
> > > count." The sender sets it to zero. Each router adds one to it.
> > >
> > > Novell documentation used to show it as a 4-bit field with 4 bits
> reserved
> > > before it. Recent documentation shows it as an 8-bit field. Older
> document
> > > ion said a router would trash a frame if it arrived with a transport
> > > control field already at 15 (0x). Recently I read this weird thing
on
> > > Novell's site:
> > >
> > > A RIP router discards the packet if the value in this field is greater
> >than
> > > 15.
> > >
> > > An NLSP router discards the packet if the value in this field is
greater
> > > than the value of the Hop Count Limit parameter, which is 127 by
default.
> > >
> > > Is this believable? From what we know about the router having two
> separate
> > > tasks (forwarding and learning the topology), I think the hop-count
> limits
> > > happen when installing routes. I could believe that RIP and NLSP are
> > > different. But when a router goes to forward a frame, is it really
going
> >to
> > > behave differently with respect to hop count if it's running NLSP
versus
> > > RIP? Does it even care which protocol installed the route. The FIB
> >probably
> > > wouldn't even say which protocol installed the route?
> > >
> > > Chuck likes to remind us about these differences so maybe he has some
> > > comments.
> > >
> > > Thanks
> > >
> > > Priscilla
> > >
> > >
> > >
> > >
> > >
> > > 
> > >
> > > Priscilla Oppenheimer
> > > http://www.priscilla.com
> 
>
> Priscilla Oppenheimer
> http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=23517&t=23389
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IPX transport control [7:23389]

2001-10-18 Thread Henry D. 

I'm no expert at this but from I was able to get from cisco's web site is
that the router discards the packet if the control field is set to 16 or up
for ipx rip.
In mixed environment, with both NLSP and RIP running, the router might
have routes of greater than 16 if it learnt those routes using NLSP,the
important thing
would be the servers' configuration. If the server supports only RIP, then
obviously
the hop count would still be an issue and the server would discard the RIP
update
with 16 and up. To take the full benefit from NLSP and its hop count
enhancement
I'd think one would have to run NLSP in the whole network, including the
servers.

Again, i'm not experienced with IPX...
""Priscilla Oppenheimer""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> The IPX header has a "transport control" field which is really a "hop
> count." The sender sets it to zero. Each router adds one to it.
>
> Novell documentation used to show it as a 4-bit field with 4 bits reserved
> before it. Recent documentation shows it as an 8-bit field. Older document
> ion said a router would trash a frame if it arrived with a transport
> control field already at 15 (0x). Recently I read this weird thing on
> Novell's site:
>
> A RIP router discards the packet if the value in this field is greater
than
> 15.
>
> An NLSP router discards the packet if the value in this field is greater
> than the value of the Hop Count Limit parameter, which is 127 by default.
>
> Is this believable? From what we know about the router having two separate
> tasks (forwarding and learning the topology), I think the hop-count limits
> happen when installing routes. I could believe that RIP and NLSP are
> different. But when a router goes to forward a frame, is it really going
to
> behave differently with respect to hop count if it's running NLSP versus
> RIP? Does it even care which protocol installed the route. The FIB
probably
> wouldn't even say which protocol installed the route?
>
> Chuck likes to remind us about these differences so maybe he has some
> comments.
>
> Thanks
>
> Priscilla
>
>
>
>
>
> 
>
> Priscilla Oppenheimer
> http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=23466&t=23389
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Linux Syslogd and multiple device question [7:21910]

2001-10-03 Thread Henry D. 

Install syslog-ng, much better for handling what you're describing.

""Telemachus Luu""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi,
>
> I have multiple nodes and have set up logging to a syslog server.
> Currently, in my /etc/syslog.conf, I have local0.debug through
local7.debug
> being used writing to separate log files.  On the first 8 devices, I have
> set logging facility local0 throught local7 for each device accordingly.
> However, how can I setup logging for the device beyond the 8th?  I know I
> can setup the same facility and parse out the info by IP, but I would
prefer
> to have separate files for each device.  Any suggestions?
>
> Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=21928&t=21910
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Passed CIT! CCNP At Last! [7:21919]

2001-10-03 Thread Marcus A. Henry 

I would like to thank everyone on the list for posting and answering
questions
that helped me to understand various topics. CCDA is next.

Thanks,
Marcus  CCNP, MCSE, MCP+I




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=21919&t=21919
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Some questions about Cheetsheets 504 [7:20768]

2001-09-23 Thread ou henry 

Sorry, to all disturbed.
I realized that I am doing this in a wrong way.
I am new to the forum, how to take this back? Can i delete it? Or the
administrator delete it.



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20861&t=20768
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Some questions about Cheetsheets 504 [7:20768]

2001-09-22 Thread ou henry 

Yes, they were just from my 504 exam last Friday.
John, and I just got 923. Why should I post them here?
Very simple, I read cheetsheets before the exam, and 
I think the answer from cheetsheet is wrong, and they all
happened to my exam. I want to get the reasonable explanation,
no matter I am right or wrong. I don't think I am just 
studying the answer, I have already passed, I want reasonable
explanation.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20811&t=20768
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Some questions about Cheetsheets 504 [7:20768]

2001-09-22 Thread ou henry 

Although I have passed 504, score 923. But I still want to make this clear.

1.  With VLAN routing, a switched VLAN corresponds to a(n) __
a.  Bridge group
b.  Media interface
c.  ISI trunk interface
d.  Single routed subnet
e.  Spanning-tree branch
why is c, not d?

2.  In which transmission method are frames replicated as needed?
a.  Unicast
b.  Multicast
c.  Simulcast
d.  Broadcast
The answer is b, but I think a is also right.

3.  Applying an outgoing access list to an interface __. 
a.  Results in no action taken by the MLS-SE
b.  Generates an MLSP message from the MLS-RP to the MLS-SE
c.  Purges any entries for flows on that interface and records no new entries
d.  Records enable packets only if the administrator sets the MLS RP IP ACL
command on the interface
e.  Causes the MLS-SE to retain the MLS cache entries until they age out and
no longer record any new entries
Cheetsheets answer: C.
but I think C is just right on its first statement, the last
statment("records no new entries") is wrong, because just input ACL will
lead all flow come to Router processer by default, not output ACL.

4.  Which two statements about VLANs are true? (choose two)
a.  A trunk link does not have a native VLAN.
b.  A trunk link does not belong to a specific VLAN.
c.  All VLANs can be transported on a single trunk link.
d.  There are four identification techniques to determine which VLAN a frame
belongs to when it is received on a trunk link.
Cheetsheets answer: bc
my choice: cd
Why d is not right?

5.  The router creates a CGMP frame __.
a.  And forwards it to a well-known address, 224.0.0.1
b.  And forwards it to a well-known address to which all CGMP switches listen.
c.  And forwards it to the rendezvous point to ensure consistent
configurations.
d.  And assigns it a TTL equal to or less than the TTL assigned to the
forwarding instance.
e.  Containing the request type, the multicast group address, and the actual
MAC addresses of the destination devices.
Cheetsheets answer: b
my answer: e
cgmp message is sent to a well-know address all the switch can receive, but
just the CGMP enable process the frame. Do u agree with me?



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20768&t=20768
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

I want some help about this 504 questions [7:20767]

2001-09-22 Thread ou henry 

1.  In a switch internetwork, which two situations would cause broadcast
traffic to be contained within the physical segment?
a.  Host interface is constantly sending IGMP requests.
b.  Host interface is constantly sending frame fragments.
c.  Host interface is constantly sending IP echo requests.
d.  Host interface is constantly sending broadcast frames.
e.  Host interface is constantly sending frames with CRC errors.
Cheetsheet's answer: be
my choise: cd

2.  In which two situations would cause broadcast traffic NOT be contained
within the VLAN boundries?
a.  Host interface is constantly sending IGMP requests.
b.  Host interface is constantly sending frame fragments.
c.  Host interface is constantly sending IP echo requests.
d.  Host interface is constantly sending broadcast frames.
e.  Host interface is constantly sending frames with CRC errors.
I still choose: cd





Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20767&t=20767
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Looking for CISCO newsgroups [7:17352]

2001-08-26 Thread Henry Stock 

Hi.  This is my first post on this news group.  I am working in an
environment where I need to learn as much as possible about CISCO routers
and switches, so I am looking for newsgroups as well as books and classes to
take.

My boss also wants me to evaluate a CISCO enterprise level routable switch
that we have an opportunity to buy.  He wants me  to give him an assessment
of what it is worth.  Do any of you know some good sources to check on this?

Are there other public news groups that you use for CISCO info?

Please reply also to: [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17352&t=17352
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

IP ROUTING PRODUCT [7:12423]

2001-07-15 Thread Marcus A. Henry 

Hi all: I need help with a training product I purchased called Cisco
Interactive Mentor, IP Routing version 1.0.
When finished configuring Router 1, the program instructs you to switch to
Router 5 using the command
Ctrl+Shift+6, X.  This command is not working.  What am I doing wrong?
Thanks in advance.
 
Marcus




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=12423&t=12423
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CIM IP Routing [7:12422]

2001-07-15 Thread Marcus A. Henry 

Hi all: I need help with a training product I purchased called Cisco
Interactive Mentor, IP Routing version 1.0.
When finished configuring Router 1, the program instructs you to switch to
Router 5 using the command
Ctrl+Shift+6, X.  This command is not working.  What am I doing wrong?
Thanks in advance.

Marcus




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=12422&t=12422
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ´ð¸´: IOS upgrade, failure [7:3591]

2001-05-08 Thread henry 

It's very easy.
You can use Unix tools gzip to compress the IOS file .
Then change IOS file from *.bin to *.Z
Final you should have 4MB plus IOS file size(uncompress)  RAM

Then you can play IOS 12.03 with 4MB flash and 18MB(16+2)RAM
Good Luck


"[EMAIL PROTECTED]" wrote:

> You can't do that upgrade,I have also a 2503 with 4MB flash, i want IOS
> 12.0??!!
>
> "John Brandis"
> 7" 2001-05-08 09:04
> Gk4p84 8x "John Brandis"
>
>
> JU 3-KM#:
> 4+UfVB#:
> VwLb#:  IOS upgrade, failure [7:3513]
>
> Hey all, I am back on for the day,
> Have a 2503 router with suspected 4MB flash. I need to upgrade from IOS
> 10.2
> to at least 11.3. Problem is that IOS 11.3 is 5MB.
> What can I do besides upgrade the flash.??
>
> John Brandis
> Network Engineer
> GoWireless Communications
> 155 George Street Sydney
> +61 2 9251 5000
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3591&t=3591
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ´ð¸´: IOS upgrade, failure [7:3592]

2001-05-08 Thread henry 

It's very easy.
You can use Unix tools gzip to compress the IOS file .
Then change IOS file from *.bin to *.Z
Final you should have 4MB plus IOS file size(uncompress)  RAM

Then you can play IOS 12.03 with 4MB flash and 18MB(16+2)RAM
Good Luck


"[EMAIL PROTECTED]" wrote:

> You can't do that upgrade,I have also a 2503 with 4MB flash, i want IOS
> 12.0??!!
>
> "John Brandis"
> 7" 2001-05-08 09:04
> Gk4p84 8x "John Brandis"
>
>
> JU 3-KM#:
> 4+UfVB#:
> VwLb#:  IOS upgrade, failure [7:3513]
>
> Hey all, I am back on for the day,
> Have a 2503 router with suspected 4MB flash. I need to upgrade from IOS
> 10.2
> to at least 11.3. Problem is that IOS 11.3 is 5MB.
> What can I do besides upgrade the flash.??
>
> John Brandis
> Network Engineer
> GoWireless Communications
> 155 George Street Sydney
> +61 2 9251 5000
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3592&t=3592
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ´ð¸´: IOS upgrade, failure [7:3590]

2001-05-08 Thread henry 

It's very easy.
You can use Unix tools gzip to compress the IOS file .
Then change IOS file from *.bin to *.Z
Final you should have 4MB plus IOS file size(uncompress)  RAM

Then you can play IOS 12.03 with 4MB flash and 18MB(16+2)RAM
Good Luck


"[EMAIL PROTECTED]" wrote:

> You can't do that upgrade,I have also a 2503 with 4MB flash, i want IOS
> 12.0??!!
>
> "John Brandis"
> 7" 2001-05-08 09:04
> Gk4p84 8x "John Brandis"
>
>
> JU 3-KM#:
> 4+UfVB#:
> VwLb#:  IOS upgrade, failure [7:3513]
>
> Hey all, I am back on for the day,
> Have a 2503 router with suspected 4MB flash. I need to upgrade from IOS
> 10.2
> to at least 11.3. Problem is that IOS 11.3 is 5MB.
> What can I do besides upgrade the flash.??
>
> John Brandis
> Network Engineer
> GoWireless Communications
> 155 George Street Sydney
> +61 2 9251 5000
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3590&t=3590
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ´ð¸´: IOS upgrade, failure [7:3593]

2001-05-08 Thread henry 

It's very easy.
You can use Unix tools gzip to compress the IOS file .
Then change IOS file from *.bin to *.Z
Final you should have 4MB plus IOS file size(uncompress)  RAM

Then you can play IOS 12.03 with 4MB flash and 18MB(16+2)RAM
Good Luck


"[EMAIL PROTECTED]" wrote:

> You can't do that upgrade,I have also a 2503 with 4MB flash, i want IOS
> 12.0??!!
>
> "John Brandis"
> 7" 2001-05-08 09:04
> Gk4p84 8x "John Brandis"
>
>
> JU 3-KM#:
> 4+UfVB#:
> VwLb#:  IOS upgrade, failure [7:3513]
>
> Hey all, I am back on for the day,
> Have a 2503 router with suspected 4MB flash. I need to upgrade from IOS
> 10.2
> to at least 11.3. Problem is that IOS 11.3 is 5MB.
> What can I do besides upgrade the flash.??
>
> John Brandis
> Network Engineer
> GoWireless Communications
> 155 George Street Sydney
> +61 2 9251 5000
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3593&t=3593
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Tacacs [7:2602]

2001-04-30 Thread Henry D. 

I'm not an expert in TACACS but I know you can have more than 1 server
specified in the routers. I mainly used it just for authentication, in which
case there was no problem whatsoever with this setup. If first specified
server is not reachable, the other is being used.
I don't think there would be an issue if I used authorization/accounting
features either. There would simply be no need to try to fall back to the
main server in case it came up while using the backup server on the current
session.

BTW, what do you mean by "terminating L2F tunnels" ?
Do you just authenticate, or you also use the authorization/accounting
features on the tunnel ?
If so, could you elaborate a bit more on this topic ?


""Kevin Wigle""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Dear Group,
>
> A Tacacs question.
>
> Is it possible to configure Tacacs+ to use 2 different home gateways?
>
> Specifically, gate1 to be used to terminate L2F tunnels.
>
> If that fails, use gate2.
>
> And, another question if that is possible..
>
> When gate1 is reachable again, will the users on gate2 be disconnected or
> stay
> there until they disconnect while "new" connections go to gate1 again?
>
> tia
>
> Kevin Wigle
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=2630&t=2602
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Qual...Off-topic [7:1185]

2001-04-19 Thread Henry Rollins 

You can't gather a mere $60 to help you pursue a $1550 exam (with lab) 
with some hint of legitimacy? That is very sad.

Of course MAYBE I'm overreacting and you simply lost your codes for the 
referenced exams which you have already purchased, and you wish to study 
RIGHT THIS MINUTE and the B O S O N offices are not open yet for you to 
get the codes again.  Yeah...that's probably it.  

Shame on me for thinking such bad thoughts initially --- now where's my 
crack pipe ;-] 


Quoting "[EMAIL PROTECTED]" :

> Could somebody provide me the signature files of CCIE Qual 1 & 2, for
> converting the trial versions of Boson tests ?
> 
> If you want to take it offline, reply.
> 
> -a CCNP
> 
> -
> Get free personalized email at http://email.lycos.com
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 


--
FREE ANONYMOUS EMAIL!  Sign up now.
http://www.subdimension.com/freemail




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=1186&t=1185
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Fwd: Re: sharing a Juniper exam experience [7:991]

2001-04-17 Thread Henry Rollins 

C'mon Sean, do yourself some credit,  I was sitting next to you and you 
finished in just under 15 minutes and got a 99%.  I would say the 
Juniper exam is more like a gillion, zillion times more difficult than 
the CCIE exam.  If anyone doubts any of this, you can check with the 
easterbunny, he was in seat #3, or elvis, in seat #4.  I must admit 
being a bit shocked when John Chambers ran in and put a gold star on 
Sean's score report and offered to hire him away from his job at 
Juniper's Marketing Department.  

All in good fun.

Quoting Sean Young :

> Hi everyone,
> 
> I took the Juniper exam yesterday and passed the exam with a score of
> 80% (the passing score is 80%).  In restropect, I have to say that the
> materials are really difficult, the questions are very tricky but fair.
> One thing I like about Juniper is that the exam is that even though the
> questions are tricky, they are very interesting and challenging.  The
> exam lasted 90 minutes and I actually used the whole 90 minutes. When I
> took the CCIE written 2 months ago, I don't remember the CCIE to be 
that
> difficult.  I remembered finishing the CCIE exam in about 30 minutes.
> My score on the CCIE written was 95% so I think I got the concept down
> very well.  However, if anyone think that if you have a easy time with
> the CCIE written, you should also have an easy with the Juniper exam,
> then you are DEAD wrong (if I am wrong, please correct me on this one).
> The juniper exam will make Cisco exam looks like child's play.  If you
> don't have hand-on experience with Juniper, you will have a very
> difficult time with Juniper exam.   Attending Juniper training will 
help
> you somewhat for the exam, but it will not totally prepare for the 
exam.
> With Juniper exam, if you don't have BGP, OSPF and MPLS down cold, and
> I really mean it, you can just forget about taking the exam.  Between
> CCIE and Juniper, I would have to say that Juniper is about 5 times 
more
> difficult than CCIE exam because I don't think any of us has that much
> experience with traffic engineering.  After taking the exam, I really
> have an appreciation for Juniper Engineers.  They REALLY know their
> stuffs.  There is just no f***ing at the core.  If you are working with
> Juniper product, you are at the major league.
> 
> Anyone who did take the Juniper exam or about to and would like to 
share
> your experience, I would like to hear from you.
> 
> Sean
> _
> Get your FREE download of MSN Explorer at http://explorer.msn.com
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 


--
FREE ANONYMOUS EMAIL!  Sign up now.
http://www.subdimension.com/freemail

- End forwarded message -


--
FREE ANONYMOUS EMAIL!  Sign up now.
http://www.subdimension.com/freemail




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=996&t=991
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

  1   2   >