Netflow, IP Accounting and RMON [7:62489]
Dear All, Can anyone share some useful links for me to explain the above items? I am quite confused about them. Thanks in advance. rgds, Ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62489t=62489 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT-Netscreen 5xp VPN very slow [7:62461]
William, I just pointed out the one of the possible architecture. VPN gateway I mentioned may be other vendors that can work with netscreen like checkpoint... Any problems on my thought? Ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62559t=62461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT-Netscreen 5xp VPN very slow [7:62461]
Do you think it is the LAN negotiation problem? As 5XP only have 10M interface. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62564t=62461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: QOS Question [7:62351]
Hi, CBWFQ will meet your requirement. If no VPN traffic, the rest will fill the line. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62565t=62351 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT-Netscreen 5xp VPN very slow [7:62461]
Hi, Did you check the NS-5XP log? Also, if you place your PC behind the NS and access internet, what's the path of your traffic? Simply PC- FW- cable modem- Internet OR PC- FW( VPN gateway ) - cable modem - VPN gateway - Internet? BUT you mentioned 3DES, if NS is just using as a Firewall, encryption (3DES and VPN) should not cause your problem. rgds, ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62487t=62461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: QoS suggestion [7:60994]
Hi, I have the following testing setup but it looks like the LLQ does not work. Can you have a look on it? When the 256k link was congested. Why I ping the prec. 5 packet behind the 256k line it only have the same response time with default ping? 128k--- FR 256k Attached 256k router configuration below. class-map match-all voice-traffic match ip precedence 5 ! policy-map voice-policy class voice-traffic priority percent 75 class class-default fair-queue interface Serial0 bandwidth 256 no ip address encapsulation frame-relay IETF load-interval 30 no fair-queue frame-relay traffic-shaping frame-relay lmi-type ansi ! interface Serial0.10 point-to-point bandwidth 256 ip address 10.114.0.6 255.255.255.252 frame-relay interface-dlci 100 class llq ! map-class frame-relay llq frame-relay cir 256000 frame-relay bc 2560 frame-relay be 0 frame-relay mincir 256000 service-policy output voice-policy TIA rgds, ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61074t=60994 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR Low Latency Queuing (LLQ) [7:59820]
Hi, Is it a MUST to configure 'fragmentation' (under 1.5M wan link) when enabling LLQ (for voip over frame-relay)? How about if One side connection is FR but another is just a simply leased line? Thanks. rgds, ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60939t=59820 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
QoS suggestion [7:60994]
Hi, If I want to set the voice traffic have high priority and the rest will use fair queue, which cisco queuing method can achieve it? The hardware is 17xx or 26xx. Thanks. It looks like the LLQ or CBWFQ will have guaranteed bandwidth feature during congestion but seems not the solution I am looking for. TIA. rgds, ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60994t=60994 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR Low Latency Queuing (LLQ) [7:59820]
Hi, I got the following information during debug. 128K_LL#debug priority Priority output queueing debugging is on 128K_LL# 3d01h: now 263877385 tokens 16000 pak_size 12032 max_token_limit 16000 3d01h: now 263877750 tokens 16000 pak_size 12032 max_token_limit 16000 3d01h: now 263877754 tokens 4288 pak_size 12032 max_token_limit 16000 3d01h: WFQ: dropping a packet from the priority queue 1 3d01h: now 263878034 tokens 16000 pak_size 512 max_token_limit 16000 3d01h: now 263878307 tokens 16000 pak_size 12032 max_token_limit 16000 3d01h: now 263878764 tokens 16000 pak_size 12032 max_token_limit 16000 3d01h: now 263879040 tokens 16000 pak_size 512 max_token_limit 16000 3d01h: now 263879132 tokens 16000 pak_size 8096 max_token_limit 16000 3d01h: now 263879653 tokens 16000 pak_size 12032 max_token_limit 16000 3d01h: now 263880046 tokens 16000 pak_size 512 max_token_limit 16000 3d01h: now 263880202 tokens 16000 pak_size 12032 max_token_limit 16000 3d01h: now 263880202 tokens 3968 pak_size 12032 max_token_limit 16000 3d01h: WFQ: dropping a packet from the priority queue 1 . Also, I found there is packet drops on the match ip address. The 'priority 80' is configured but there have a lot of dropped packets but default packet have no drop. Why? 128K_LL#show policy-map interface serial 0/0.1 Serial0/0.1: DLCI 200 - Service-policy output: 1 Class-map: 1 (match-all) 15552 packets, 16947920 bytes 30 second offered rate 3 bps, drop rate 7000 bps Match: access-group 21 Queueing Strict Priority Output Queue: Conversation 24 Bandwidth 80 (kbps) Burst 2000 (Bytes) (pkts matched/bytes matched) 2531/1983899 (total drops/bytes drops) 333/495184 Class-map: class-default (match-any) 18281 packets, 22054542 bytes 30 second offered rate 104000 bps, drop rate 0 bps Match: any 128K_LL#show policy-map 1 Policy Map 1 Class 1 Strict Priority Bandwidth 80 (kbps) Burst 2000 (Bytes) It looks like the guaranteed bandwidth 80 was dropped first instead of the default packet? Why? Thanks again. rgds, ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59936t=59820 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
simple network setup [7:59937]
Hi, I just thinking a simple question for a while... If I have only single router with 2 serial connection to Single ISP and no BGP was configured. Can inbound and outbound traffic be load balanced by only using 2 static routes on both routers? Also, what happen if either link is down? any packet will be lost? TIA. rgds, ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59937t=59937 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR Low Latency Queuing (LLQ) [7:59820]
Hi All, Thanks all information. I am a little bit confused about LLQ. Below is my understanding after digesting some documentation and feedback from others. Please correct me if I'm wrong. 1. LLQ=PQ+CBWFQ and PQ is defined by using 'priority' 2. if using 'bandwidth', then I'm not using LLQ. What I'm using is CBWFQ. 3. PQ (from LLQ) defines the min. and max. guaranteed bandwidth to the traffic I defined during congestion. Also, do I need to define the class-default under policy? eg,policy-map 1 class 1 priority 80 class class-default fair-queue What's the difference if I'm not defining the class-default? Thanks again. rgds, ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59948t=59820 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR Low Latency Queuing (LLQ) [7:59820]
Hi, Thanks your information. My goal is to make sure from certain source ip (eg, voice gateway) to have guaranteed bandwidth under link congestion. Under normal cases, it can up to 128k. Therefore, 'rate-limit' is not my solution. Due to limited resources, pc2 will upload dummy ftp traffic to the server to make the link congested (As the FR is only 128k, so it can be easily get congested). Afterwards, I will upload from PC1 (source ip defined to have LLQ) to test the LLQ. However, the result was not my expected. The traffic from PC1 was not guaranteed. rgds, ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59827t=59820 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FR Low Latency Queuing (LLQ) [7:59820]
Hi, I would like to configure QoS by using FR LLQ. I have the following network test lab. pc1 --| ---router1FR network-router FTP server pc2---| I want to test the LLQ feature, ie, fixed bandwidth allocated to certain taffic. I tested with the following steps 1. upload from pc2 to FTP server to make the FR PVC congested. 2. then upload from pc1 to FTP server If no qos defined, the bandwidth will roughly equally shared. (This was tested and OK) 3. Then I define the LLQ on router1 to guarantee the bandwidth from PC1 by 'bandwidth' or 'priority' and test ftp upload again. Configuration is below: class-map match-all 1 match access-group 20 policy-map 1 class 1 bandwidth 80 or priority 80 (** define 80k to this policy) interface Serial0/0 bandwidth 128 no ip address encapsulation frame-relay IETF load-interval 30 no fair-queue frame-relay traffic-shaping frame-relay lmi-type ansi ! interface Serial0/0.1 point-to-point bandwidth 128 ip address 10.114.0.14 255.255.255.252 frame-relay interface-dlci 200 class llq1 map-class frame-relay llq1 frame-relay traffic-rate 128000 128000 no frame-relay adaptive-shaping frame-relay cir 128000 frame-relay bc 1280 frame-relay be 0 frame-relay mincir 128000 service-policy output 1 access-list 20 permit 192.168.10.2 (ip address of pc1) However, when I use 'bandwidth 80', I found the average throughput from pc1 will have around 80k but the traffic rate is vary from time to time. (somtimes 100k and sometimes 50k). Why? Even worse, if I use 'priority 80', the traffic from pc1 can only have average around 30k during link congestion. Why? Also, the ping delay from pc1 to router2 and pc2 to router2 are almost equal (either bandwidth or priority). I expected that the ping from pc1 will get better response as the bandwidth was guaranteed. Anyone can give me some hints on above questions? Thanks in advance. rgds, ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59820t=59820 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: HSRP and BGP [7:59735]
Dear All, Thanks all useful information. Merry Christmas and Happy New Year!!! rgds, ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59777t=59735 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
HSRP and BGP [7:59735]
Hi, I have 2 routers configured with HSRP and running BGP with single ISP. For outbound traffic, it will go through the Active HSRP router. How about Inbound traffic? Can the Inbound traffic be 'load shared'? (The ISP already make the same preference on our route advertised) Or the Inbound traffic can only route back to active router link? TIA. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59735t=59735 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: HSRP and BGP [7:59735]
Hi All, Thanks all your response. Now two routers adverise same block /24 to the isp. I found that they are 'load shared' in this sense. Only 1 link is the active for Inbound. For example, if I download files from outside, inbound is using say link1 and link2 is idle and no packet coming in. Some time later, I ftp again and this time is using link2 and link1 is idle. Is it normal? TIA. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59740t=59735 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP to ATM QoS [7:58784]
Thanks wanabe, would you mind sending me email address as I have another QoS question (on FR)? I want to have your advice too. [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59263t=58784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP to ATM QoS [7:58784]
Hi, Thanks your details information again. However, is it possible to do QoS based on IP precedence? (Our customer voice-gateway CPE already rewrite the value to 5, so we want to make use of this to implement QoS. Also, we checked that the rest of data traffic will have default precedence value 0) Sample configuration: class-map match-all normal match ip precedence 0 class-map match-all voice match ip precedence 5 ! ! policy-map policy class voice bandwidth percent 50 class normal bandwidth percent 25 interface ATM1/0.100 point-to-point ip address 30.0.0.2 255.255.255.0 pvc 1/100 service-policy output policy If bandwidth is the min. guaranteed bandwidth during congestion. How about the priority command? Also, I checked the documentation the sum of bandwidth allocated cannot exceed 75% of the link. The remaining 25% of total bandwidth is kept reserve for unclassified traffic and routing traffic... Therefore, as above, I can only define 50% to voice and 25% to data. Does it mean I will lost some bandwidth? (I cannot apply max-reserved-bandwidth to sub-interface) Many Thanks again. ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59151t=58784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP to ATM QoS [7:58784]
Hi, Thanks your advice again. I am just trying the method to provide Per-VC QoS based on IP header information (in our case is IP precedence). From cisco documentation, I found WRED, Set-CLP, WFQ/CBWFQ/LLQ will proivde IP-to-ATM CoS. From your comment, you recommend use queueing method to do that. Can you give me more hints about that? Something like the following class-map voice match ip precedence 5 class-map data match ip precedence 0 policy-map policy1 class voice bandwidth/priority percent 60 class data bandwidth percent 20 interface atm1/0.100 point-to-point pvc 1/100 service-policy output policy1 I'm confused the use of bandwidth and priority command. They are guaranteed bandwidht or reserved bandwidth? In the above example, does it mean the data can only have up to 20% of bandwidth even NO voice traffic persent (no link congestion)? TIA. ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59048t=58784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP to ATM QoS [7:58784]
Hi, In fact, the packet classification/marking was made in CPE side. The voice paket will have IP precedence 5 while normal packet will have default value (precedence 0). The network setup is a trial to test the impact of WRED. As I read through cisco documentation about IP-to-ATM CoS, it covers WRED, WFQ or CLP to deploy Per-PVC QoS. However, if I applied WRED, WFQ to the PVC, this will make the PVC performance drops. My target is to deploy PER-ATM PVC QoS. If the ATM PVC was congested, it will let the mission-critical traffic pass through first... Hopefuly if you have any alternative solution? Or any idea how to test this feature? The equipment I got in hand is two 7206 routers. rgds, LoChing Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58961t=58784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FR switch QoS [7:58964]
Hi All, Anyone have experience/idea to deploy QoS on FR switch (Cisco router configured as FR switch)? I have 2 DLCI configured on serial interface and want to have ONE DLCI,eg, DLCI 200 have higher priority when the link congested. Attached the configuration summary for reference. interface Serial6/1/2:0 no ip address encapsulation frame-relay IETF no fair-queue frame-relay traffic-shaping frame-relay interface-dlci 200 switched class shape1536k frame-relay interface-dlci 21 switched class shape1536k frame-relay lmi-type ansi frame-relay intf-type dce frame-relay policing map-class frame-relay shape1536k no frame-relay adaptive-shaping frame-relay cir 1536000 frame-relay bc 1536000 frame-relay be 0 TIA rgds, ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58964t=58964 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IP to ATM QoS [7:58784]
Dear All, I have two Cisco 7206 with IOS 12.2(11)T and connnected them directly through ATM-PA3 Server --- router1--- (ATM PVC)--- router 2 Client ATM PVC will be the bottleneck of the netwok as Server/Client are connected to routers through FE. Before I configured Per-VC WRED, the FTP download throughput can achieve about 120kbps. Once I apply the WRED on router1, the FTP throughput drop sharply and only have about 50kbps. As I checked that the queueing on ATM interface is WRED and there is a lot of packet drop. However, the packet drop also found if no WRED was configured (ie, the queueing in ATM is FIFO) but it will have 120kbps. My question is that why WRED will suffer the performance drop? Or WRED not configured well? Below is router configuration: ! ! random-detect-group testing precedence 0 200 1000 10 precedence 1 300 1000 10 precedence 2 400 1000 10 precedence 3 500 1000 10 precedence 4 600 1000 10 precedence 5 700 1000 10 precedence 6 800 1000 10 precedence 7 900 1000 10 ip subnet-zero ip cef ! ! ! interface FastEthernet0/0 ip address 10.0.0.1 255.255.255.0 duplex full ! interface ATM1/0 no ip address no atm ilmi-keepalive ! interface ATM1/0.100 point-to-point ip address 30.0.0.1 255.255.255.0 pvc 1/100 random-detect attach testing vbr-nrt 256 256 10 encapsulation aal5snap ! ! interface FastEthernet2/0 ip address 20.0.0.1 255.255.255.0 duplex full ! ip classless router1#sh queueing interface atM 1/0 Interface ATM1/0 VC 1/100 Queueing strategy: random early detection (WRED) Exp-weight-constant: 9 (1/512) Mean queue depth: 200 Total output drops per VC: 248 classRandom drop Tail dropMinimum Maximum Mark pkts/bytes pkts/bytesthresh thresh prob 0 248/33818 0/0 2001000 1/10 10/0 0/0 3001000 1/10 20/0 0/0 4001000 1/10 30/0 0/0 5001000 1/10 40/0 0/0 6001000 1/10 50/0 0/0 7001000 1/10 60/0 0/0 8001000 1/10 70/0 0/0 9001000 1/10 rsvp 0/0 0/0 36 40 1/10 router1#sh queueing interface atM 1/0 Interface ATM1/0 VC 1/100 Queueing strategy: random early detection (WRED) Exp-weight-constant: 9 (1/512) Mean queue depth: 204 Total output drops per VC: 403 classRandom drop Tail dropMinimum Maximum Mark pkts/bytes pkts/bytesthresh thresh prob 0 403/54796 0/0 2001000 1/10 10/0 0/0 3001000 1/10 20/0 0/0 4001000 1/10 30/0 0/0 5001000 1/10 40/0 0/0 6001000 1/10 50/0 0/0 7001000 1/10 60/0 0/0 8001000 1/10 70/0 0/0 9001000 1/10 rsvp 0/0 0/0 36 40 1/10 rgds, LoChing Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58784t=58784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Multicast Traffic Question [7:57932]
Hi, Try this http://www-mice.cs.ucl.ac.uk/multimedia/software/ Good Luck Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58863t=57932 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Rip on Pix [7:52723]
Hi all, Can the pix firewall running routing protocol such as RIP? Thanks regards, Ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52723t=52723 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX without NAT. [7:48594]
Hello all, I have simple pix problems, can anyone help me?(Thank you very much) If I have a pix have two interface as the following: inside: 10.10.10.1 / 24 outside : 192.168.1.1 / 24 and without nat (nat 0 0 0), I think that that must can allow inside hosts to access outside, but can I allow the outside PC to access the inside's hosts? e.g. access-list 10 permit tcp any host 10.10.10.2 eq smtp (or any services) Thank you very much for your help Regards, Ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48594t=48594 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX without NAT. [7:48593]
Hello all, I have simple pix problems, can anyone help me?(Thank you very much) If I have a pix have two interface as the following: inside: 10.10.10.1 / 24 outside : 192.168.1.1 / 24 and without nat (nat 0 0 0), I think that that must can allow inside hosts to access outside, but can I allow the outside PC to access the inside's hosts? e.g. access-list 10 permit tcp any host 10.10.10.2 eq smtp (or any services) Thank you very much for your help Regards, Ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48593t=48593 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Token ring Question. [7:44805]
Hi all, I have a interest question, doesn't any one know the answer? A router is being used as a translation bridge between a Token Ring network and an Ethernet network. Host X on the Token ring sends a packet to Host Y on the Ethernet. The soursce MAC address of the packet is 400.a089.0002. How would the MAC address be interpreted in an Ethernet environment? does anyone know the answer? thank you. Ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44805t=44805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Dialout Utility!!Urgent! [7:40923]
Hi all, Does anyone have the Cisco Dialout Utility ? Does anyone can give the software to me?? because I can't download it from cisco now Thanks regards, Ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=40923t=40923 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CDU - 2.0 [7:40462]
Hi All, Does anyone have the software - Cisco DialOut Utility 2.0? becasue I want this software for my customer Thank you very much for your help. Ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=40462t=40462 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
X-windows on PIX!! Urgent [7:38093]
Hi all, I want to allow the user to access the X-Windows service from inside to outside. Does anyone know why to allow the client access the X-windows from inside to ouside on PIX firewall? Please help, Thank you very much. Ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=38093t=38093 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: routing [7:38071]
Hi, I think that is the routing problem of the remote router, if you can ping the remote LAN ip at local router. The remote router need to add the route to access your local LAN(your pc). Ivan kaushalender wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi group , I have cisco 2610 router on which I am using static routing .I have new customer which is directly connected on my 2610 router.I have problem that from router i am able to ping the lan ip of the customers end router but from outside i am not able to ping the customer ip means that from my machine i am not able to trace the lan ip of the customer.Althoug I have put route in the router.Can somebody help me in resolving thip prob. The serial of customer at our end interface Serial0/3 description BACK OFFICE 64-SHARED CIRCUIT bandwidth 64 ip address 216.252.243.9 255.255.255.252 ip access-group 107 in ip access-group 107 out rate-limit input 64000 64000 64000 conform-action transmit exceed-action drop rate-limit output 64000 64000 64000 conform-action transmit exceed-action drop encapsulation ppp The route i have put in router ip route 216.252.243.32 255.255.255.248 216.252.243.10 the output of sh ip route 64.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 64.110.105.76/30 is directly connected, Serial0/0 C 64.110.93.192/28 is directly connected, Ethernet0/0 216.252.243.0/24 is variably subnetted, 10 subnets, 4 masks S 216.252.243.192/28 [1/0] via 216.252.243.6 S 216.252.243.176/28 [1/0] via 216.252.243.2 C 216.252.243.160/28 is directly connected, Ethernet0/0 C 216.252.243.6/32 is directly connected, Serial0/1 C 216.252.243.4/30 is directly connected, Serial0/1 C 216.252.243.2/32 is directly connected, Serial0/2 C 216.252.243.0/30 is directly connected, Serial0/2 C 216.252.243.10/32 is directly connected, Serial0/3 C 216.252.243.8/30 is directly connected, Serial0/3 S 216.252.243.32/29 [1/0] via 216.252.243.10 10.0.0.0/22 is subnetted, 1 subnets C 10.101.0.0 is directly connected, Ethernet0/0 S* 0.0.0.0/0 is directly connected, Serial0/0 Plz help me Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=38094t=38071 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: nter-Vlan routing [7:38088]
Hi, yes, your router need IP Plus to running ISL or dot1q for Inter-vlan routing. You should check out the flash and memory size for IP Plus, that is easy to install it. Ivan colin newman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi In order to do Inter-Vlan routing with a 2620, do I need IP Plus IOS? If the IOS does indeed need to be IP Plus, I will have to add more DRAM to the 2620. Currently the router has a 32M module of DRAM. Can I just add another module into the second slot - is it that easy? Any gotchas I should be aware of? Thanks Colin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=38095t=38088 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX Access-list Problem. [7:37336]
Hi all, I have a problem, does anyone can give me a answer? Which the following access-list is right to allow only telnet? 1. access-list 100 permit tcp 200.200.200.0 255.255.255.0 10.10.0.0 255.255.0.0 23 2. access-list 100 permit tcp 200.200.200.0 255.255.255.0 10.10.0.0 255.255.0.0 eq 23 Thank you very much. Ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37336t=37336 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX PAT Problem!! Urgent [7:37052]
Hi all, That is Very very Urgent!!!Please Help!!! Does anyone know that Can Cisco Pix Pat Ouside address to Inside address? for exampe: |---205.11.1.0---| | | (outside Security L 0) (--PIX--) (-Inside security L100) | | |--10.1.1.0---| can 205.11.1.0 255.255.255.0 PAT to 10.1.1.100?? Thank you very much for your kindly help ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37052t=37052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Supervisor port 1/1 has been disabled. [7:7054]
Hi all, I have a big problem on Catalyst 5505. After I upgrade the Supervisor module form CatOS 4.2 to 5.5.7, the port 1/1 on the supervisor is disabled. I try to replace another Supervisor module and upgarde it's CatOS to 5.5.7 too. the problem occurs again. Does any cisco doc. mention this problem? Does anyone have experience on it? Please help me very very urgent. Thank you very much. Ivan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7054t=7054 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CLNS over DLsw
Hi Guys, 1. Can we do CLNS over DLsw with transparent bridge 2. If not is there any CLNS over IP 3. If not, is there any tunneling mechanism thanks -ivan- _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VoIP ringing tone on Caller not heared
Hiy guys, I have Problem With VoIP, we have installed VoIP between two routers and running. Problem arise is when phone A call to phone B, Phone A side did not hear a ringing tone, but phone B is actually in ringing status. Is there some issue to solve this problem ? Thanks -ivan- _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: AUX Port
Hi All, I suggest first you should make sure that the modem is having S0 register as 1. If the modem have a front panel you can check it by see the setting ANSWER=RING #1 (well, it is in the Motorola Codex 3266). If not, try to connect the modem to a PC and do hyperterminal to COM1 and then type : ats0=1 atw aty And then while in hyperterminal and connect to the modem, dial the modem from another computer, you should see RING on hyperterminal and then connect. Second you must make sure the modem is well connected to router. You can do this by telnet to router port 2001 and then do at atv If there is a response then psysical connection is OK. Third do 'sh users' on router. If you see any aux line appear, then it mean the router is busy trying to find out the modem type and you must clear the line. or you can put 'modem autoconfigure discovery' command. Hope will help -ivan- David Nie wrote: you should configure your modem to "auto answer" ""Austin"" [EMAIL PROTECTED] wrote in message 92ssgt$rg2$[EMAIL PROTECTED]">news:92ssgt$rg2$[EMAIL PROTECTED]... I have a Cisco 2511 Access Server. I want to connect to the 2511 via Modem. I have an old Motorola 14.4 modem. The aux port has the ffg config: line aux 0 login password cisco modem inout transport input all I have the phone line plugged into the Modem (where it says TO WALL) and I have the Parallel connector (Modem) from Cisco's console kit plugged into the Modem Parallel Port. Then I have a regular Cisco console cable running from the modem to the aux port. When I call the number it just rings and rings. The modem does not answer. What am I doing wrong or what am I not doing? All help appreciated. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help reqd !! Appearing for CCNA 2.0 exams
Just Passed CCNA 2.0, as far as I can remember, no ATM question. I used Osborne CCNA study guide. Passing Score is high, from 1000 scale, you must have at least 866. CCNA cover only OSI Stacks, RIP, IGRP, LAN Switch. Good Luck -ivan- Real computer scientists only write specs for languages that might run on future hardware. Nobody trusts them to write specs for anything homo sapiens will ever be able to fit on a single planet. On Sun, 27 Aug 2000, Swapnil M Shah wrote: Dear All I am appearing for CCNA 2.0 examination on 30th August. I have ICND book from Cisco press but is any extra reading required or any extra topics not covered in the ICND course book . Also in Exam outline and Preparation guide on the Cisco site states that ATM is also included . Are there any questions asked on ATM if yes then where can I find appropriate material on ATM Also if somebody can guide on what sort of questions are asked the most or what topics are more critical and more tricky questions are asked Please help me out on the above mentioned issues. --- With Best Regards Swapnil Shah Get your FREE Email and Voicemail at Lycos Communications at http://comm.lycos.com ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: no weighted fair-queue ?
Hi, I had troubles with WFQ in IOS 11.2 connecting with a Frame Relay Switch. The LMI packets timeout because were being sended after the normal traffic. Ivan Centeno Network Manager. David Jones escribió en mensaje 4B91EE6CA935D411AEBD0090279A940B13BEF5@DSM-EXCH... You might also try a command like this: priority-list 1 protocol ip high tcp telnet Dave -Original Message- From: Ole Drews Jensen [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 10, 2000 1:15 PM To: 'Phil Barker'; cisco GroupStudy Subject: RE: "no weighted fair-queue" ? I haven't heard of a WFQ bug, but to my knowledge FIFO is no longer the default queuring. Hth, Ole Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] -Original Message- From: Phil Barker [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 10, 2000 11:17 AM To: cisco GroupStudy Subject: "no weighted fair-queue" ? Hi gang, I just spotted this in one of our configs, set on all the Serial interfaces. I know this will default to FIFO which I could do without, for obvious reasons. i.e I need a good telnet response. Has anyone heard of a BUG in 11.2 series IOS in WFQ whereby switching it off was a better option ? I havn't myself, but I'm curious. Regards, Phil. Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Mica Modem
I would like to use AS5300 as V.110 connect server. I have AS5300 with QUAD-E1 and Modem MICA. We have successfully create the isdn pri link and the modem can connect in and out into analog call type. The problem arise when I want the connection to be a ISDN V.110. With IOS C5300-is-mz.113-9.AA1.bin, the 'show ver' command would display '30 terminal lines' but with IOS 120-4.XI1 120-5.T2, the terminal lines are gone. On 'show logging' command I see the 'MICA-5-UNKNMODEM : Unknown Modem Module ...'. What did I miss ? -ivan- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN PRI on AS5300 and Lucent PBX G3i
I try to connect ISDN PRI from quad Chann E1 AS5300 to DS1 Lucent PBX For Days, I can not make the Signalling up. On PBX they have parameter such as 1. Country Protocol : 1 - 22, or ETSI 2. Protocol Version : a or b 3. Interface Companding : alaw or mulaw 4. Idle Code : 8 bit : 0x00 until 0xFF I try to use isdn switch-type primary-net5, and on PBX ETSI. The question is there is no explanation on Cisco about protocol version, interface companding, idle code of the E1 port on router. Anybody can help me ? thanks -ivan- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
