from:"lee"

Re: Cisco Secure VPN 642-511 [7:73919]

2003-08-19 Thread Alex Lee

Just received e-mail from Cisco that they would send me the INFOSEC letter
of recognition after I signed the Cisco Certification Agreement.

I am spending time on other interesting stuffs which is not Cisco and not
sure if I would sit for recert.



Kevin Wigle  wrote in message
news:[EMAIL PROTECTED]

 
 on the same page is an INFOSEC Professional link.  Cisco has been granted
 rights to award this cert.  It is NOT a Cisco cert.  Which is cool because
 once it is awarded there is no need to recertify, it is permanent.

 Which is opposite to everything Cisco does - especially CCSP - to recert
 CCSP you have to take all 5 exams again.  Hopefully by the time people get
3
 years in CCSP Cisco will have a single recert exam like they do for
 CCIE/CCDP/CCNP

 I might do the security exams once to get the INFOSEC cert and then forget
 the recert on the Cisco stuff.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74180t=73919
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Len Lee/CHI/NTRS is out of the office. [7:73712]

2003-08-14 Thread Len Lee

I will be out of the office starting  August 8, 2003 and will not return
until August 18, 2003.

I will not be checking my messages periodically .  If this is a firecall,
please reference the firecall list.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73712t=73712
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re:Information Systems Security (INFOSEC) Professional [7:73514]

2003-08-09 Thread Alex Lee

I received a e-mail from Cisco on July 1, 2003 about a new cert. :

On July 1, 2003, candidates in the Cisco Career Certifications Tracking
System who meet the above requirements will be recognized as an Information
Systems Security (INFOSEC) Professional and will receive a letter of
recognition from Cisco.
++

Has anyone received this said letter of recognition from Cisco yet ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73514t=73514
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Re:Information Systems Security (INFOSEC) Professi [7:73606]

2003-08-06 Thread Alex Lee

Alan Ho  wrote in message
news:[EMAIL PROTECTED]
 No. What are the above requirements?

 Thanks

 Alan


Content of e-mail from Cisco:-
+
Cisco Security Training Leads to Information Systems Security (INFOSEC)
Professional Certificate
In April 2003, the National Security Agency (NSA) and the Committee on
National Security Systems (CNSS) awarded Cisco formal certification
recognizing that Cisco security courseware meets the 4011 training standard.
This standard is intended for Information Systems Security (INFOSEC)
Professionals responsible for the security oversight or management of
critical networks. This formal NSA and CNSS certification gives Cisco the
authority to recognize those candidates who have demonstrated that they have
met this training standard.

To be eligible for the INFOSEC Professional certificate, candidates must be
CCNA certified and pass these security exams:

  a.. SECUR-Securing Cisco IOS Networks (or MCNS)
  b.. CSPFA-Cisco Secure PIX Firewall Advanced
  c.. CSVPN-Cisco Secure Virtual Private Networks
  d.. CSIDS-Cisco Secure Intrusion Detection System (or IDSPM)
This certificate indicates confidence in the competency of your skills. The
4011 standard for INFOSEC Professionals applies to all U.S. Government
departments and agencies, as well as to its contractors. Therefore, this
certificate will help you meet current or future Federal employment
requirements. In environments where these requirements do not apply, you can
use this certificate to demonstrate that you possess the knowledge and
skills needed to oversee and protect critical information infrastructures
and networks.

On July 1, 2003, candidates in the Cisco Career Certifications Tracking
System who meet the above requirements will be recognized as an Information
Systems Security (INFOSEC) Professional and will receive a letter of
recognition from Cisco. Candidates who partially meet these requirements can
track their progress using the online tracking system as with all Cisco
certifications at www.cisco.com/go/certifications/login. To learn more about
this and other training standards set forth by the CNSS, go to
www.nstissc.gov. Additional information about this INFOSEC certificate can
be found on the Certifications Online Support page at
www.cisco.com/go/certsupport.

+++

Alex Lee




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73606t=73606
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

BCMSN [7:72144]

2003-07-10 Thread FUNG LEE

Dear all,
I am new. My CCNA will expire in August.
I will take the BCMSN beta test in 20 Jul.  Would you please give me the
advice and if possible, any sample questions to my email address :
[EMAIL PROTECTED]

thanks in advance


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72144t=72144
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Router question [7:71191]

2003-06-23 Thread Lee

Hello Group,

I want to beef up my 4500M+ to 16MB Flash so I can run 12.2 code on it...

Under the show version (as below), I see 2 different flash:

4096K bytes of processor board System flash (Read/Write)
4096K bytes of processor board Boot flash (Read/Write)

How does the 4500M+ works? Does it mean that I will need to have both the
System Flash  Boot Flash up to 16MB? If so, does anyone where I can find
some?

And if I need to find them, are they just called?

4500M System Flash

AND
4500M Boot Flash

Thanks so much for the help in advance,

Regards,

Hunt



Router#sh ver
Cisco Internetwork Operating System Software
IOS (tm) 4500 Software (C4500-I-M), Version 11.1(5), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-1996 by cisco Systems, Inc.
Compiled Mon 05-Aug-96 13:40 by mkamson
Image text-base: 0x600088A0, data-base: 0x6042A000

ROM: System Bootstrap, Version 5.3(16) [richardd 16], RELEASE SOFTWARE (fc1)
ROM: 4500 Software (C4500-BOOT-M), Version 11.1(7), RELEASE SOFTWARE (fc2)

Router uptime is 1 minute
System restarted by reload
System image file is flash:c4500-i-mz.111-5, booted via flash

cisco 4500 (R4K) processor (revision D) with 16384K/4096K bytes of memory.
Processor board ID 05795949
R4700 processor, Implementation 33, Revision 1.0
G.703/E1 software, Version 1.0.
Bridging software.
X.25 software, Version 2.0, NET2, BFE and GOSIP compliant.
128K bytes of non-volatile configuration memory.
4096K bytes of processor board System flash (Read/Write)
4096K bytes of processor board Boot flash (Read/Write)

Configuration register is 0x2102

Router#




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=71191t=71191
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Email access over the Internet [7:70753]

2003-06-16 Thread Carter, Lee

Robert,

Your security client is using IPSEC with is a layer-3 protocol IP 50/51.
This does not play well is NAT due to the fact that you would need a 1:1
static nat from your pc to the NET. Chances are your Hotel's are using
1:Many Nat or Cisco... PAT. (Port Address Translation). IPSEC will not work
with PAT because it has NO TCP/UDP Port numbers. There are newer version of
NAT Traversal or IPSEC that are starting to use port numbers but that is not
a standard as of yet. 

I would suggest looking into Netilla it's more or less a terminal server
used over HTTPS and can be integrated with RSA Secure ID for authentication.

Hope this helps.

-Original Message-
From: McCallum, Robert [mailto:[EMAIL PROTECTED]
Sent: Monday, June 16, 2003 2:51 PM
To: 'Ccielab' (E-mail); [EMAIL PROTECTED] Com (E-mail); Comserv
(E-mail); '[EMAIL PROTECTED]'
Subject: Email access over the Internet


Folks,

I have a problem in my work where for some strange reason I cant access my
email over the internet from a hotel.  The reason for me not being able to
access email is because, oddly enough, the hotel uses NAT.  We use
checkpoint firewalls and I use securemote software.  Now I believe its
something to
do with the secure ID token that I use and when I type this in there is some
form of checksum which is checked at the server end.  This of course has
changed due to the Nat going on.

has anybody out there experience this as well and know what the simple
solution is.  I'm sure there is a simple solution and its just my company
politics which is causing me the problems.

Any help will be much appreciated.

Robert McCallum CCIE #8757
01415663448
07818002241 


___
You are subscribed to the GroupStudy.com CCIE RS Discussion Group.

Subscription information may be found at: 
http://www.groupstudy.com/list/CCIELab.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70753t=70753
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Len Lee/CHI/NTRS is out of the office. [7:70388]

2003-06-09 Thread Len Lee

I will be out of the office starting  June 9, 2003 and will not return
until June 20, 2003.

I will be checking my messages periodically . If this is an emergency,
Please contact Joe Pappalardo at extention. 312-444-5365. If this is a
firecall, please reference the firecall list.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70388t=70388
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Please help!!!! [7:70369]

2003-06-08 Thread Lee

Hi,

Does anyone knows how can i differentiate a router between Cisco 4000 
Cisco 4000M?

Also, for a 4000M, what is the max amount of flash it can handle? (I want to
load at least IOS 12.1 on it).

-

Cisco Internetwork Operating System Software

IOS (tm) 4000 Software (C4000-DS-M), Version 12.0(23), RELEASE SOFTWARE
(fc1)

Copyright (c) 1986-2002 by cisco Systems, Inc.

Compiled Mon 01-Jul-02 22:19 by srani

Image text-base: 0x00012000, data-base: 0x0083DF10

ROM: System Bootstrap, Version 4.14(7), SOFTWARE

R6 uptime is 1 minute

System restarted by power-on

System image file is flash:c4000-ds-mz.120-23.bin

cisco 4000 (68030) processor (revision 0xB0) with 16384K/4096K bytes of
memory.

Processor board ID 5039132

G.703/E1 software, Version 1.0.

Bridging software.

X.25 software, Version 3.0.0.

1 Token Ring/IEEE 802.5 interface(s)

128K bytes of non-volatile configuration memory.

4096K bytes of processor board System flash (Read/Write)

Configuration register is 0x2102





Thanks in advance,
Lee




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70369t=70369
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Question about Cisco's routers [7:70252]

2003-06-06 Thread Lee

Hello Team,

A quick question for you guys

Just by looking at the show ver, how can i differentiate a router between
Cisco 4000  Cisco 4000M?

Also, for a 4000M, what is the max amount of flash it can handle? (I want to
load at least IOS 12.1 on it).

-

Cisco Internetwork Operating System Software

IOS (tm) 4000 Software (C4000-DS-M), Version 12.0(23), RELEASE SOFTWARE
(fc1)

Copyright (c) 1986-2002 by cisco Systems, Inc.

Compiled Mon 01-Jul-02 22:19 by srani

Image text-base: 0x00012000, data-base: 0x0083DF10

ROM: System Bootstrap, Version 4.14(7), SOFTWARE

R6 uptime is 1 minute

System restarted by power-on

System image file is flash:c4000-ds-mz.120-23.bin

cisco 4000 (68030) processor (revision 0xB0) with 16384K/4096K bytes of
memory.

Processor board ID 5039132

G.703/E1 software, Version 1.0.

Bridging software.

X.25 software, Version 3.0.0.

1 Token Ring/IEEE 802.5 interface(s)

128K bytes of non-volatile configuration memory.

4096K bytes of processor board System flash (Read/Write)

Configuration register is 0x2102





Thanks in advance,

H.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70252t=70252
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PAT AFTER NAT...IS IT POSSIBLE??? [7:66672]

2003-04-02 Thread Lee Carter

Yes you can just take your nat statement (ip nat inside source list 1...)
and add the word overload on the end of the command.

You will use a 1:1 NAT for the first set of users. Once your IP's are used
up you will use PAT. It is important to note that some issues arise with PAT
versus NAT like IPSEC or DLSW.

just an fyi.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=66685t=66672
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DNS Proxy [7:64339]

2003-03-04 Thread Lee Messenger

hi,

I have a 2621 router connected to a DSL line.  I have seen on some small
Cisco routers they have he ability to do DNS proxy, I can't ind any commands
on how to configure this though.  Is this possible to do on a 2621, also if
someone could point me in the direction of sample configs then that would be
great

Thanks

Lee


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64339t=64339
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Novell SAP question [7:63340]

2003-02-19 Thread lee wooi keat

All,
I have a question on Novell SAP and need your help:
A cisco router is receiving a specific SAP advertisement but the server 
isnt showing up in the server table. Why are the possible reason for that?

Thanks in advance.

Cheers,
Lee




_
Add photos to your e-mail with MSN 8. Get 2 months FREE*. 
http://join.msn.com/?page=features/featuredemail




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63340t=63340
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE written exercise question-Voice Quality [7:63349]

2003-02-19 Thread lee wooi keat

All,

I was searching through internet (include Ciso website)and I can't really 
find a good source in Padding-Gain terminology for managing voice call 
quality. Can anyone recommend a good website?

I have a question regarding Voice quality...
Question: Site B and site C are connected to Site A. Site A complains B and 
C is too loud. Where as, site C compains the received signal is too 
low/soft.
Option: (Pick 2)
a) padding input A, output B,
b) gain on C
c) padding output at A

Thanks,
Lee




_
Tired of spam? Get advanced junk mail protection with MSN 8. 
http://join.msn.com/?page=features/junkmail




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63349t=63349
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE written exercise question [7:63247]

2003-02-18 Thread lee wooi keat

All,

I'm preparing CCIE written exam and encounter some tricky questions in 
exercise. Would like to ask for help for those who can solve it:
1) Which one is NOT Well-known attribute for BGP ?
-   local preference
-   origin
-   weight
-   community
-   cluster-id

You can only choose one out of 5.






_
Protect your PC - get McAfee.com VirusScan Online 
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63247t=63247
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: History of the PIX Firewall [7:62512]

2003-02-05 Thread Alex Lee

Cool.

Richard Deal  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62540t=62512
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Len Lee/CHI/NTRS is out of the office. [7:61968]

2003-01-27 Thread Len Lee

I will be out of the office starting  January 27, 2003 and will not return
until February 3, 2003.

I will respond to your message when I return. If this is an emergency,
Please contact Joe Pappalardo at extention. 312-444-5365




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61968t=61968
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: calling sydney [7:60055]

2003-01-01 Thread Hunt Lee

Hello Amer,

I'm in Brisbane.

Let me know if you are still interested  ;-)

Best Regards,
Hunt Lee


amer kulaif  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 i am preparing myself for the CCIE exam. any one in sydney wants to study
 togather.

 please respond to
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60060t=60055
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ISDN over DLSW [7:59967]

2002-12-30 Thread Hunt Lee

Hi Group,

I am very very confused about DLSW over ISDN.  I tried to simulate the CCO
example
at:-

http://www.cisco.com/en/US/customer/tech/tk331/tk336/technologies_tech_note0
9186a0080093ecb.shtml

Firstly, by following the example exactly, I managed to get everything to
work.
However, according to Solie (p923),  I have also read up lots of GroupStudy
posts,
in order for ISDN to work with DLSW, one would need these keywords on both
ISDN
routers:-

keeplive 0 on Local-peer statement
Timeout 90 on Remote-peer statement

Yet on this CCO e.g., neither of these are used.  Why

Second Question, to make matter worse, after I have tried to put these two
keywords
on the 2 ISDN routers, RTA don't even dial to RTC anymore...

Any ideas would be greatly appreciated.

On RTA - Tatiasaurus (Loopback int - 1.1.1.1 for simplicity)

dlsw local-peer peer-id 1.1.1.1 keepalive 0
dlsw remote-peer 0 tcp 2.2.2.2 timeout 90
dlsw remote-peer 0 tcp 3.3.3.3 backup-peer 2.2.2.2 timeout 90
dlsw bridge-group 1


RTB - Diplodocus (Loopback int - 2.2.2.2)

dlsw local-peer peer-id 2.2.2.2
dlsw remote-peer 0 tcp 1.1.1.1
dlsw bridge-group 1

RTC - Tanius (Loopback int - 3.3.3.3)

dlsw local-peer peer-id 3.3.3.3 keepalive 0 promiscuous
dlsw remote-peer 0 tcp 1.1.1.1 timeout 90
dlsw bridge-group 1


Thanks.

H.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59967t=59967
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Len Lee/CHI/NTRS is out of the office. [7:59774]

2002-12-23 Thread Len Lee

I will be out of the office starting  December 23, 2002 and will not return
until December 31, 2002.

I will respond to your message when I return. If this is an emergency,
Please contact Bill Jarrett at extention. 312-557-0390




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=59774t=59774
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP addressing..i think i understand but i am not sure [7:57569]

2002-11-16 Thread ken lee

- Original Message -
From: Peter van Oene 
To: 
Sent: Wednesday, May 29, 2002 1:11 AM
Subject: Re: BGP addressing..i think i understand but i am not sure
[7:45235]

 Hey Nigel,

 I'm not sure where to point you.  All I can tell you is that it is
 commonplace and likely will continue to be so.  I'm currently not aware of
 any routing issues that this behavior would induce.

 Pete

 At 08:04 PM 5/27/2002 -0400, Nigel Taylor wrote:
 Peter,
   It would seem that CableWireless and Above along with RIPE are
 the
 main culprits.

 It would seem to me that this inconsistent route issue would present
 problems, what I'm I missing? It maybe that I'm not totally
 clear on what constitutes an inconsistent route.  RFC 1930 clearly
states
 that one-prefix, one originating AS. I know it's been
 mentioned in this thread and I see it noted that the RSNG Project will
 notify peers of inconsistent policies registered in the IRR.
 So, how effective is this initiative if most of the community feels it's
not
 something to be worried about.

 Anyone care to point me in a specific direction.

 thanks
 Nigel

 - Original Message -
 From: Peter van Oene
 To:
 Sent: Monday, May 27, 2002 6:31 PM
 Subject: Re: BGP addressing..i think i understand but i am not sure
 [7:45169]

   quick comment in line.

   At 04:53 PM 5/27/2002 -0400, Chuck wrote:
   I have a question, Howard - in line:

   Howard C. Berkowitz  wrote in message
   [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 This is one of those posts where the attributions have gotten very
 confused. Comments inline.

   snip for brevity

 It can be done, if both ISPs agree to it and coordinate their
routing
 policies. A public AS, however, is justified in this circumstance.

 While doesn't quite describe this situation, look at RFC 2270 for
the
 general strategy. Both ISPs have to remove private AS.  This will
 also cause more than one ISP to appear to originate the route,
which
 is a technical violation of BGP (i.e., it's an inconsistent
route),
 but that isn't that uncommon and doesn't seem to break anything.

   Question: in an ideal world, what would happen when an inconsistant
 route
   shows up? idealy, would that route be black holed?
   Since it is common and since it doesn't seem to break anything in
 ral
   terms, what happens? BGP advertises reachability to other BGP
routers,
 be
   they internal or external. But in terms of a packet traveling from my
 house
   to a destination that is inconsistant what happens? What matters?
My
   packet continues to be passed from here to there until some directly
   connected router receives it. I'm assuming that inconsistant does
not
   imply loop

   thanks.

   You are correct in that inconsistent advertisements do not represent
 looped
   routes. In the case of a prefix seemingly existing in two AS's, a
remote
   router simply passes that prefix through the basic BGP path selection
   algorithm and selects the more preferable of the two for export to the
 main
   routing table.   Once a route hits the routing table, transiting
packets
   are forwarded as usual.

   Any potential concern lies in the handling of routes that show up as
   inconsistent.  I have seen discussions from various communities (RIPE
 comes
   first to mind) about specifying a globally accepted behavior for such
   routes, but haven't seen a consensus on this issue other than to leave
it
   alone.  Howard probably has somewhat more detailed insight here.  At
   present, inconsistent advertisements are accepted and many feel are
valid
   and should not be handled differently from normal announcements.

   Customers who think that connecting to two providers is generally
better
   than two pops from a single provider and providers who are too about
   nervous about losing customer revenue to force customers to properly
   multi-home (PI space/ASN) or not multi-home to different providers at
all
   are likely the cause of this situation.   So long as this continues to
be
   the norm, we'll likely see more and more of these type announcements
and
   the likelihood of routers dealing with them differently (dropping for
   example) will similarly decrease.

   Hit a route server (say route-server.exodus.net) and do a show ip bgp
 incon
   and you'll see just how many of these routes we are dealing with.

   Pete

snip for brevity

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=57569t=57569
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Single Point Route Redistribution Question [7:57350]

2002-11-13 Thread Meng Lee

Hello everyone,

I tried searching the archives for some explaination on how route feedbacks
occur during redistribution. The search kept timing out so here I am asking
you guys about this. For example, a scenario concerning RIP and OSPF
redistributing thru a single router. 'Routing TCP/IP Vol I' explains that
distribute lists should be configured to prevent redistributed RIP routes to
be injected back into the RIP domain and vice versa.

OK, if split horizon is disabled in the RIP domain then maybe OSPF routes
may have a chance of being redistributed back to OSPF. However, I cannot
understand how OSPF can redistribute RIP learnt routes back into RIP.
Considering a scenario where the ASBR is in area 0 and redistributing the
RIP routes into OSPF. The ASBR would originate Type 5 LSAs and send them
throughout area 0 which eventually would reach the ABRs. Unless the ABRs are
able to send an update back to the ASBR indicating that RIP routes are
reachable via the ABRs, I don't see how route feedback would occur from
OSPF. I must be missing something here. I would really appreciate it if
someone can point this out. Thanks In Advance.



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=57350t=57350
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Friday Follies On Wednesday - what's the problem? [7:55218]

2002-10-09 Thread Alex Lee


I guess you suddenly remembered that this company must be the one which has
filed bankruptcy and has let all their BGP gurus to greener pastures.

The Long and Winding Road  wrote in
message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Saw this one today. It caused me to scratch my head in puzzlement for a
 moment, until I remembered something.

 Today's puzzle - why was I scratching my head in puzzlement, and what was
it
 I remembered?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55221t=55218
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: slightly OT: Pingflood [7:54334]

2002-09-27 Thread Alex Lee


This is man ping under OBSD 3.2 -stable, i386 arch

+++
 -f  Flood ping.  Outputs packets as fast as they come back or one
 hundred times per second, whichever is more.  For every
 ECHO_REQUEST sent a period ``.'' is printed, while for every
 ECHO_REPLY received a backspace is printed.  This provides a
 rapid display of how many packets are being dropped.  Only the
 superuser may use this option.  This can be very hard on a net-
 work and should be used with caution.


OBSD can be downloaded from www.openbsd.org


sam sneed  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Does anyone know where I can get a copy of this or something similiar for
 Linux. I found a windoze version but I need linux or UNIX.
 My ping versions of linux and SunOS do not have the -f option. The only
 version of pingflood I found on google is crap, the source code reads:




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=54348t=54334
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PPPoE on Cisco 2500 [7:54139]

2002-09-26 Thread Alex Lee


Rahul,

I looked at the features listed for this ios image at the feature navigator
also but could not find anything which says 'pppoe client'. Have I missed
anything ? Thanks.

Alex Lee


Rahul Kachalia  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Yes it does.

 thanks,
 rahul.
 lab#
 lab#s ver
 Cisco Internetwork Operating System Software
 IOS (tm) 2500 Software (C2500-IS-L), Version 12.2(8)T,  RELEASE SOFTWARE
 (fc2)
 TAC Support: http://www.cisco.com/tac
 Copyright (c) 1986-2002 by cisco Systems, Inc.
 Compiled Wed 13-Feb-02 21:11 by ccai
 Image text-base: 0x0306DA78, data-base: 0x1000

 ROM: System Bootstrap, Version 11.0(10c)XB1, PLATFORM SPECIFIC RELEASE
 SOFTWARE
 (fc1)
 BOOTLDR: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c)XB1,
 PLATFORM SP
 ECIFIC RELEASE SOFTWARE (fc1)

 lab uptime is 18 weeks, 5 days, 4 hours, 50 minutes
 System returned to ROM by reload
 System image file is flash:c2500-is-l.122-8.T

 cisco AS2511-RJ (68030) processor (revision K) with 14336K/2048K bytes of
 memory
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
 Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=54250t=54139
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Token Ring [7:53774]

2002-09-21 Thread adam lee


What kind of cable are you using?  DC to rj-45?

dump your mau and buy a cabletron hub like a sthi.  They are dirt cheap on
ebay. You won't have to worry about media filters anymore.


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Juan Blanco
Sent: Friday, September 20, 2002 9:22 PM
To: [EMAIL PROTECTED]
Subject: RE: Token Ring [7:53774]


This is what I am getting
r3#
00:10:17: %LINK-3-UPDOWN: Interface TokenRing0, changed state to up
00:10:18: %LINEPROTO-5-UPDOWN: Line protocol on Interface TokenRing0,
changed state to up
00:10:26: %TR-6-STATRING: TR0: Ring Status: Down
00:10:26: %TR-3-WIREFAULT: Unit 0, wire fault: check the lobe cable MAU
connection.
00:10:28: %LINK-3-UPDOWN: Interface TokenRing0, changed state to down
00:10:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface TokenRing0,
changed state to down
00:10:34: %LINK-5-CHANGED: Interface TokenRing0, changed state to
initializing
00:10:42: To0: Failed to initialize, shutting down
00:10:44: %LINK-5-CHANGED: Interface TokenRing0, changed state to reset
00:10:48: %LINK-3-UPDOWN: Interface TokenRing0, changed state to down

Yes I hear a click after a few seconds when the interface is trying to comes
up
I changed the cable, i connect to a diferent port.
Question, the adapter that I have in my tr interface on my router is the
following:
Token ring - 4/16 mb - media filter, do you think that is the correct
adapter for my router.

Juan

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 20, 2002 9:23 PM
To: [EMAIL PROTECTED]
Subject: RE: Token Ring [7:53774]


Are you sure it's a 16 Mbps MAU? Try setting the speed to 4 Mbps with the
ring-speed command. If that doesn't work, try hardcoding it back to 16 Mbps.

Other than that, it's time for the swap 'til you drop troubleshooting
methodology.

Try a different:
cable
router interface
MAU

Do you hear a click after a few seconds when the interface tries to come up?
That's the relay opening. If you don't hear it, then I would suspect bad
hardware or hardware that's in a weird state. Years ago, Token Ring
troubleshooters carried around a little reset tool, but I haven't seen one
of those in years. The tool reset the port on MAUs. Mabye there's some other
way to do that on your SMC MAU. Is there a reset button or anything?

A couple years ago there was a discussion on Group Study regarding the same
MAU, and the resolution I think was that the MAU was bad.
_

Priscilla Oppenheimer
www.troubleshootingnetworks.com
www.priscilla.com

Juan Blanco wrote:

 Team,
 Could any tell me what I am doing wrongI am trying to bring
 up my
 token-ring interface up? I connect the TR interface with a
 Token Ring
 4-16 - media filter via a rj45 strait cable to mau(smc elite
 mau 4016rn),
 but the interface is always in init mode and the port status
 light on the
 mau is switching between on and off repeatedly.

 r3#show int token0
 TokenRing0 is initializing, line protocol is down
   Hardware is TMS380, address is 0008.de1c. (bia
 0008.de1c.)
   MTU 4464 bytes, BW 16000 Kbit, DLY 630 usec,
  reliability 255/255, txload 1/255, rxload 1/255
   Encapsulation SNAP, loopback not set
   Keepalive set (10 sec)
   ARP type: SNAP, ARP Timeout 04:00:00
   Ring speed: 16 Mbps
   Duplex: half
   Mode: Classic token ring station
   Group Address: 0x, Functional Address: 0x0800
   Ethernet Transit OUI: 0x00
   Last input 00:01:27, output 00:01:26, output hang never
   Last clearing of show interface counters never
   Queueing strategy: fifo
   Output queue 0/40, 0 drops; input queue 0/75, 0 drops
   5 minute input rate 0 bits/sec, 0 packets/sec
   5 minute output rate 0 bits/sec, 0 packets/sec
  10 packets input, 304 bytes, 0 no buffer
  Received 6 broadcasts, 0 runts, 0 giants, 0 throttles
  0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0
 abort
  24 packets output, 5932 bytes, 0 underruns
  0 output errors, 0 collisions, 54 interface resets
  0 output buffer failures, 0 output buffers swapped out
  87 transitions


 #
 r3#show ip int brief
 Interface  IP-Address  OK? Method Status
 Protocol
 Ethernet0  unassigned  YES NVRAM
 administratively down
 down
 Serial0unassigned  YES NVRAM
 administratively down
 down
 Serial1unassigned  YES NVRAM
 administratively down
 down
 TokenRing0 unassigned  YES NVRAM
 initializing
 down
 r3#
 r3#


 Thanks,



 JB





 Juan Blanco
 
 The greatest glory in living lies not in never falling,
  but in rising every time we fall .
  -- Nelson Mandela
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=53787t=53774

Anyone has a Cisco 2620 or 2621 for sale? [7:53594]

2002-09-18 Thread Hunt Lee


Hello,

I am currently looking for either a Cisco 2620 or 2621 for my study.  If you
have a 2nd hand one for sale, please email me offline.  Sellers within
Australia are preferable.

Thanks so much for your help in advance.

Best Regards,
Hunt Lee




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=53594t=53594
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OSPF Stub area [7:52781]

2002-09-06 Thread Lee Messenger


Hi,

I have a network (Area 3) that has 2 connections to my OSPF area 0.  One via
2mb ATM the other via VPN. I would like to configure this as a stub area,
however, with multiple exit points, will my traffic go via the ATM or VPN or
both.  I would prefer the route via ATM, and only use VPN if ATM goes down. 
What do I need to do to achive this ?

Regards

LM


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=52781t=52781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Internet control [7:52663]

2002-09-06 Thread Lee Messenger


Hi,

We use Superscout by Surfcontrol, quite cheap, easy to configure, plus good
reporting tools.  Worth a look

HTH

LM


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=52783t=52663
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF Stub area [7:52781]

2002-09-06 Thread Lee Messenger


Paul,

Thanks for the reply,

I think you may have misunderstood my network topology.  Illustrated below

Area0RouterAArea3RouterB
Both the ATM link and VPN begin and end at the above routers(via different
interfaces)

Therefore if Area 3 is a stub (or totally stubby), router B will have 2
0.0.0.0 routes to the networks in Area 0.  My question is, which interface
will traffic from router B go over when going to destinations in Area0.

I believe it will prefer the ATM over the tunnel interface because Tunnel
interfaces have a higher cost.  Although I'm a bit unsure

Hope this makes things clearer

LM


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=52790t=52781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Staic Routes on 1605 Router [7:52340]

2002-09-02 Thread Lee Messenger


A few things to try.

1.  In EXEC mode type: sh ip int brief.  confirm both ethernet interfaces
are Up Up.  If line is down check cabling

2.  type debug ip packet and do a ping from a host on one subnet to  a host
on the other subnet.  You should get a good idea form the output where the
problem is.

3.  If this doesn't work paste your config here for us all to see, would be
easier to troubleshoot that way.

One final thought, make sure your router interfaces are set to the correct
speed/duplex on your hubs, take off auto-sensing if need be

HTH

Lee

Craig Robertson wrote:
 
 Hi guys,
 I am having a problem with routing on a Cisco1605 router. 
 Ethernet0 is set
 to 10.1.1.17 255.255.255.0 and ethernet1 is set to 10.128.52.1
 255.255.255.0
 My problem is:
 
 From the 10.1.1.0 network i can ping 10.1.1.17 (ethernet0)
 From the 10.1.1.0 network i can ping 10.128.52.1 (ethernet1)
 From the 10.1.1.0 network I can NOT ping 10.258.52.101 (pc on
 subnet)
 
 I have enabled ip routing on the router, however, nothing has
 changed.
 
 Can anyone please advise of the command(s) for a static route,
 if indeed
 this is the problem.  Any suggestions would be appreciated.
 
 Thanks
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=52544t=52340
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Len Lee/CHI/NTRS is out of the office. [7:52213]

2002-08-28 Thread Len Lee


I will be out of the office starting  August 28, 2002 and will not return
until September 3, 2002.

I will respond to your message when I return.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=52213t=52213
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE R/S Cert. Guide Book [7:52052]

2002-08-25 Thread Lee Messenger


Hi,  I'm currently studying for the CCIE R/S written exam.  Could somebody
please give me an opinion on the CCIE RS Exam Certification Guide Book by
A. Brune (Cisco Press)  It has just been released in the UK and I am
considering getting it to add to my never ending collection of reading
material.

If any of you guys recommend other books then I would be interested to know
about them as well.

Thanks

Lee


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=52052t=52052
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Recommendation on Ramp;S lab boot camp [7:51746]

2002-08-20 Thread Seth Lee


IP Expert offers an excellent bootcamp. Dave was a great instructor and
really helped me unterstand the little things that kept slipping me. I
take the lab in Nov and feel very confident that I can be a first time pass
now.

Seth Lee
CCNP, CCDP, RS written passedKevin Hunt wrote:
 
 I'm looking to hear any experiences people have had with any of
 the RS boot camps.  My lab date is Dec. 9 and I'm looking to
 attend a camp in Oct. or Nov.  I was impressed with GlobalNet's
 CCNP boot camp, but would like some input regarding the other
 camps available, especially the 5 day camps as to whether or
 not it is enough time to get a good grasp on the lab.
 
 KH
 CCNP, Linux+ SME
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=51802t=51746
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Recommendation on Ramp;S lab boot camp [7:51746]

2002-08-20 Thread Seth Lee


Kevin, IP Expert has an excellent RS bootcamp. Dave was a great instructor
and always willing to help me understand the little things that kept
slipping me. I take the lab in a couple of months, but I feel much more
confident going in now. Hopefully I can get that first time pass!!! Good
Luck to you

- Seth
CCNP, CCDP
RS written passed


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=51801t=51746
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco Security Specialist 1 [7:51643]

2002-08-19 Thread Richard Lee


No, it is expired.

Juan Blanco  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Does the following is still available:

 For a limited time, candidates holding an active CCNP Security
 Specialization may obtain a Cisco Security Specialist 1 certification by
 passing the 9E0-571 CSPFA and 9E0-570 CSVPN exams.

 Thanks,




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=51685t=51643
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MCNS and CSPFA exams testing software [7:51581]

2002-08-18 Thread adam lee


Thanks!

Which exams should I look at?  They seem to have 3 for each exam.



-Original Message-
From: Mark Smith [mailto:[EMAIL PROTECTED]]
Sent: Saturday, August 17, 2002 11:07 PM
To: adam lee
Cc: [EMAIL PROTECTED]
Subject: Re: MCNS and CSPFA exams testing software [7:51581]


Boson Software

http://www.boson.com/tests/routermfg.htm


Quoting adam lee :

 I tried searching the archive but all I received back
 was an error.  I am
 wondering who writes a good practice exam(s) for the
 MCNS and CSPFA exams.

 TIA
 [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=51583t=51581
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSIDS, self-study CD ROM [7:50287]

2002-07-31 Thread Alex Lee


Has anyone used this self-study tool (TRNG-800237, CSIDS 2.1) ?

Does it help in getting familiar with the CSPM's GUI interfaces if one does
not have hand-on experience in config 4200 series sensors and CSPM ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=50287t=50287
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cross Over command for ethernet ports.. [7:50310]

2002-07-31 Thread adam lee


I believe you can change the console port to use either a straight or cross
cable.

Could this be what you heard because I have not heard of that feature in a
cisco switch.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Greene, Patrick
Sent: Wednesday, July 31, 2002 1:38 PM
To: [EMAIL PROTECTED]
Subject: Cross Over command for ethernet ports.. [7:50310]


Do any of the Catalyst switches support the ability to change a port from
straigth through to a cross-over port via command line?

Somebody told me some of the switches do but I have never seen it before.

Thanks,
Patrick




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=50348t=50310
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT: Priscilla [7:50077]

2002-07-30 Thread Alex Lee


I bought a copy a minute ago.

Alex Lee

Priscilla Oppenheimer  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...

 My new book has a troubleshooting focus. It will help people pass the
 Support Exam. It's called Troubleshooting Campus Networks. It's shipping
 finally! There's more info here:

 http://www.troubleshootingnetworks.com/

 Thanks for asking! ;-)

 Priscilla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=50106t=50077
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Book Advice [7:49865]

2002-07-27 Thread Hunt Lee


Hi All,

Has anyone read the OSPF Command  Reference book by Parkhurst?? Is it any
good??

I'd appreciate any comments.

Best Regards,
Hunt Lee




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49865t=49865
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

How to use tftp server?? [7:49651]

2002-07-25 Thread Hunt Lee


Hi Group,

Can anyone please explain to me what command syntax to boot up a router
using TFTP stftp c2500-jk8os-l.122-1d 172.16.0.1erver?

I can do a copy tftp flash, but when I tried to set up a boot system, it
keeps on failing to boot...

Is this correct??

boot system c2500-jk8os-l.122-1d 172.16.0.1

Any help will be greatly appreciated.

Best Regards,
H.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=49651t=49651
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP Next-hop reachability [7:48761]

2002-07-14 Thread Hunt Lee


Hi Group,

199.172.1.0 / 24 --- RTA --- RTB --- RTC

RTA's interface - 172.17.1.2 (connecting to RTB)
RTB's interface - 172.17.1.1 (connecting to RTA)
RTB's interface - 10.1.1.1 (connecting to RTC)
RTC's interface - 10.1.1.2 (connecting to RTB)

RTA is in AS 1
RTB  RTC are both in AS 2

I understand that for a router to learn and install an IBGP route from an
IBGP neighbor, it will need either no sync command or learnt via any IGP.
But for the BGP route's next-hop reachability, I have searched on Cisco
books  CCO website, but they only said either advertised the next-hop to
the IBGP router (in this case, RTC) with IGP routes, or use next-hop-self
command (on RTB).   However, I found that if I advertise the next-hop
reachability (the 172.17.1.0/24 subent) via BGP's network command, it would
also work.  Is this ok to use?? Is there any gotcha on this?? I just thought
it is pretty handy to just use BGP, without relying on any IGP.


RouterB#sh ip bgp
BGP table version is 4, local router ID is 192.168.0.1
Status codes: s suppressed, d damped, h history, * valid,  best, i -
internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network  Next HopMetric LocPrf Weight Path
* 10.1.1.0/30  0.0.0.0  0 32768 i
* 172.17.1.0/240.0.0.0  0 32768 i
* 199.172.1.0  172.17.1.2   0 0 1 i
RouterB#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
   D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
   N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
   E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
   i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter
area
   * - candidate default, U - per-user static route, o - ODR
   P - periodic downloaded static route

Gateway of last resort is not set

 172.17.0.0/24 is subnetted, 1 subnets
C   172.17.1.0 is directly connected, Ethernet0
 10.0.0.0/30 is subnetted, 1 subnets
C   10.1.1.0 is directly connected, Serial0
B199.172.1.0/24 [20/0] via 172.17.1.2, 01:34:38
C192.168.0.0/24 is directly connected, Loopback0
RouterB#

And at RTC, it would be able to reach 199.172.1.0 /24 via next hop of
172.17.1.2, which in turn is reached via 10.1.1.1.

RouterC#sh ip bgp
BGP table version is 4, local router ID is 172.16.3.1
Status codes: s suppressed, d damped, h history, * valid,  best, i -
internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network  Next HopMetric LocPrf Weight Path
*i10.1.1.0/30  10.1.1.1 0100  0 i
*i172.17.1.0/2410.1.1.1 0100  0 i
*i199.172.1.0  172.17.1.2   0100  0 1 i
RouterC#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
   D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
   N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
   E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
   i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate
default
   U - per-user static route, o - ODR

Gateway of last resort is not set

 172.17.0.0/24 is subnetted, 1 subnets
B   172.17.1.0 [200/0] via 10.1.1.1, 00:26:57
 172.16.0.0/24 is subnetted, 2 subnets
C   172.16.2.0 is directly connected, Loopback1
C   172.16.3.0 is directly connected, Loopback0
 10.0.0.0/30 is subnetted, 1 subnets
C   10.1.1.0 is directly connected, Serial0
B199.172.1.0/24 [200/0] via 172.17.1.2, 00:25:57
RouterC#


Any ideas will be greatly appreciated.

Thanks!!!

H.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48761t=48761
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

All ones subnet [7:48503]

2002-07-10 Thread Meng Lee


Hello ppl,

I seem to have a problem grasping what happens when we use an all ones
subnet. I remember a while ago someone posted a link to CCO concerning this.
The link is as below

http://www.cisco.com/warp/public/105/40.html

My questions are:

1. In case 1, when host 195.1.1.24 sends a local broadcast to 195.1.1.255,
do all hosts attached to the async lines on Router 2 receive that packet? I
believe they do.

2. Why does router 2 forward the packet out to router 1 via the default
route?

3. After router 1 receives the packet, it bounces between router 1 and 5.
Why? Does this have to do with router 5 forwarding the broadcast packet out
using the default route again? Do the hosts attached to router 5's async
lines receive the packet as well? I ask this because the writer did not
specify whether the hosts received the broadcast packet or not.

This stuff may be elementary but I really need to know. Any help would be
much appreciated. Thank you.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48503t=48503
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CA , FQDN [7:48032]

2002-07-03 Thread Alex Lee


If an entity does not have a registered domain name and has no desire to get
one, how would one configure a router's FQDN for CA support assuming using
in-house CA server.

Can I do this :-

hostname  whatever_host_name
ip domain-name whatever_domain_name.foo




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=48032t=48032
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Distribute-list with Extended ACL [7:47920]

2002-07-02 Thread Hunt Lee


Hi,

I have an e.g. on neighbor distribute list with Extended ACL (2 lines in
total) but I'm not too sure whether I'm heading the right way...

access-list 101 permit ip 131.108.0.0 0.0.0.0 255.255.255.0 0.0.0.0

In this line, I understand that since the wildcard mask for both network 
mask are 0.0.0.0, it means that it will permit only 131.108.0.0 /24

access-list 101 deny ip 131.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255

So does this mean it will deny 131.108.0.1 to 131.108.255.254, while the
prefix being deny is between /16 - /32.

Am I correct??

Thanks for your help again.

Best Regards,
Hunt Lee




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47920t=47920
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Neighbor distribute-list command w/ Extended ACL [7:47272]

2002-06-27 Thread Hunt Lee


Hello Charles,

Sorry to do this to you, but I still have one more e.g. that I'm not too
sure (I found this on CCO) :(

access-list 101 permit ip 131.108.0.0 0.0.0.0 255.255.255.0 0.0.0.0

In this line, I understand that since the wildcard mask for both network 
mask are 0.0.0.0, it means that it will permit only 131.108.0.0 /24

access-list 101 deny ip 131.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255

And in this line which is what I'm confused abt, I thought that on network,
it will deny 131.108.0.1 to 131.108.255.254, while the prefix being deny is
between /16 - /32.

However, Cisco CCO said it will permit route 131.108.0/24 (which I
understand), ... but deny 131.108/16 and all other subents of 131.108.0.0

Thanks for your help again.

Best Regards,
Hunt Lee



Charles D Hammonds  wrote in message
news:[EMAIL PROTECTED]...
 Hunt-

  access-list 100 deny ip 192.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255

 Remember that the wildcard mask is used to define which bits of the
network
 and mask fields to ignore. These bits are set to '1'. So, in this example,
 the last 2 octets in both the src(network) and dest(mask) fields are
ignored
 as all the bits in these octets are set to 1. Only the first 2 octets are
 compared so that any subnet/mask combo beneath the /16 will be denied.

 Hope this helps.

 Regards,
 Charles

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 Hunt Lee
 Sent: Tuesday, June 25, 2002 4:58 PM
 To: [EMAIL PROTECTED]
 Subject: Re: Neighbor distribute-list command w/ Extended ACL [7:47272]


 Hi Charles,

 Thanks so much for your explanation.  I understand your first eg., but I'm
 still confused how you get to the answer to the 2nd e.g., can you please
 elaborate a bit more on the steps for the 2nd e.g.??

 Thanks for your help again.

 Best Regards,
 Hunt Lee


 Charles D Hammonds  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  The statement
 
  access-list 100 permit ip 192.108.0.0 0.0.0.0 255.255.0.0 0.0.0.0
 
  could also be re-written as:
 
  access-list 100 permit ip host 192.108.0.0 host 255.255.0.0
 
  which means that only the aggregate /16 will be accepted.
 
  The second statement:
 
  access-list 100 deny ip 192.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255
 
  denies the VLSM networks under the /16.
 
 
  Charles
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
  Dain Deutschman
  Sent: Sunday, June 23, 2002 9:05 PM
  To: [EMAIL PROTECTED]
  Subject: Re: Neighbor distribute-list command w/ Extended ACL [7:47272]
 
 
  It's kind of wierd. The source portion of the access list defines the
  network whose updates are permited/denied...no suprise...the wierd part
is
  that the destination portion specifies the subnet mask of that network.
 So,
  in your example;
 
  access-list 100 permit ip 192.108.0.0 0.0.0.0 255.255.0.0 0.0.0.0
  ( 192.108.0.0 [wildcard] 0.0.0.0 [subnet mask] 255.255.0.0 [wildcard]
  0.0.0.0)
  ( 192.108.0.0/16 will be advertised )
 
  Maybe someone else can jump in...because the wildcard is 0.0.0.0 does it
  mean that any other VLSM networks under the 192.108.0.0/16 supernet
would
  also be advertised?
 
  access-list 100 deny ip 192.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255
  ( 192.108.0.0 [wildcard] 0.0.255.255 [ subnet mask ] 255.255.0.0
 [wildcard ]
  0.0.255.255)
  (192.108.0.0/16 would be denied...the last two octets are ignored )
 
  I'm new to all this and learning it myself...so please...someone correct
 me
  if I am wrong or add to my comments. Thanks. Dain.
  Hunt Lee  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   Hi all,
  
   Can anyone please explain this to me?? I have read some examples
 regarding
   neighbor x.x.x.x distribute-list  in | out using extended Access-List
   from CCO, Internet Routing Arch (by Halabi)  BGP 4 Command 
Reference
  (by
   Parkhurst), yet I'm still very confused.
  
   Below is one of them
  
   neighbor 120.23.4.1 distribute-list 100 in
  
   access-list 100 permit ip 192.108.0.0 0.0.0.0 255.255.0.0 0.0.0.0
  
   access-list 100 deny ip 192.108.0.0 0.0.255.255 255.255.0.0
0.0.255.255
  
  
  
   How do you read these things?? Any help will be greatly appreciated.
  
   Thanks,
  
   Hunt




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47620t=47272
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco VPN client and NAT [7:47430]

2002-06-26 Thread Alex Lee


So how does the Linksys or cisco 800 handles the IPSec thru PAT then ?
Thanks.

 Alex Lee

Lidiya White  wrote in message
news:[EMAIL PROTECTED]...
 PIX doesn't support IPSec transparency/IPSec over TCP. Concentrators do.
 It all depends on the device that is between your client and PIX, that
 is doing PAT.
 IPSec uses ESP protocol, that doesn't have ports, so how can you perform
 PAT (port address translation) for a protocol that doesn't understand
 port concept?
 Some routers can pass IPSec through the PAT (like Linksys, Cisco 800).
 So if the router/device that is doing PAT is IPSec aware, then you
 should be able to pass IPSec through. If not, then you have to make sure
 that one-to-one address translation happens for your VPN clients, not
 one-to-many (PAT)...
 Hope this helps...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47476t=47430
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSS1 exams [7:47308]

2002-06-25 Thread Alex Lee


It is still there. Make sure you select 'show all topics'.


John Kaberna  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 It used to be up on securityie.com but it got taken down.  I would rather
 not post it here.  Email me off list.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47428t=47308
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: remote router IOS upgrade best practice [7:47283]

2002-06-24 Thread Alex Lee


Hi group,

I am trying to get info from the Groupstudy mail list archive as I remember
this was posted several times before. It seems that the archive is having
problem, gives me error message 'Glimpse Index Not found'. Can anyone offer
some insight ?

I have two 1720, each in a different subnet. One router had two 'memory
allocation error' problem in two months. Both times required power-cycle the
router. Opened a TAC case but could not find any memory hardware issue.  The
two 1720 are linked by a fractional frame-relay with an ISDN BRI dial
backup. TAC said there could be IOS bug related to ISDN BRI, recommended us
to upgrade from 12.1.1 to 12.1.15.
Anyone has similar problem ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47283t=47283
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Neighbor distribute-list command w/ Extended ACL [7:47272]

2002-06-23 Thread Hunt Lee


Hi all,

Can anyone please explain this to me?? I have read some examples regarding
neighbor x.x.x.x distribute-list  in | out using extended Access-List
from CCO, Internet Routing Arch (by Halabi)  BGP 4 Command  Reference (by
Parkhurst), yet I'm still very confused.

Below is one of them

neighbor 120.23.4.1 distribute-list 100 in

access-list 100 permit ip 192.108.0.0 0.0.0.0 255.255.0.0 0.0.0.0

access-list 100 deny ip 192.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255



How do you read these things?? Any help will be greatly appreciated.

Thanks,

Hunt




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47272t=47272
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cable Modem DHCP problem [7:47175]

2002-06-22 Thread Lee James


config t
int e0 (whichever is connected to cable modem)
mac-address ..  
 I usally just change my mac-address and it will get a new ip
 and then you
 can change it back
 after that.
 Rick
 
 
 McHugh Randy  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Does anyone know how to release a DHCP lease on a 2514 eth
 interface? I
  would like to release the lease recieved from the cable modem
 (comcast) .
 I
  have tried powercycling the modem, router, reload, shuting
 the interface
 ect
  and nothing works. I get the same lease all the time and cant
 get out to
 the
  internet.
  thanks
  Randy
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47206t=47175
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP Next-Hop [7:47216]

2002-06-22 Thread Hunt Lee


Hey all, I'm probably missing some fairly simple concept here.  I have setup
4 routers as follows:-

RTB
/
RTD --- RTA
\
RTC

Both RTB  RTC are connected (via Eth) to a network called 172.17.1.0 /24.
RTA  RTD are both in AS2
RTB  RTC are both in AS1

The connection between RTA  RTD is via Ethernet

RouterA#sh ip bgpBGP table version is 9, local router ID is 25.25.25.2
Status codes: s suppressed, d damped, h history, * valid,  best, i -
internal
Origin codes: i - IGP, e - EGP, ? - incomplete
NetworkNext HopMetricLocPrfWeight
Path
* 10.1.1.0/30  10.1.1.20 0
1 i
*   10.1.2.20
1 i
* 10.1.2.0/30  10.1.1.20
1 i
*   10.1.2.20  0
1i
* 25.25.25.0/240.0.0.00
32768i
* 172.17.1.0/24   10.1.1.2   0 0 1
i
*10.1.2.2   0 0
1 i

RouterA#sh running-config
router bgp 2
network 25.25.25.0 mask 255.255.255.0
neighbor 10.1.1.2 remote-as 1
neighbor 10.1.2.2 remote-as 1
neighbor 25.25.25.1 remote-as 2
maximum-paths 6

When I lookup RTD's BGP table (shown below), for the route 172.17.1.0/24,
instead of via 10.1.1.2 or 10.1.2.2, it is 25.25.25.2.  Ok - here's what I'm
confused about.  Since I thought that in EBGP peering, the next hop is
usually the IP address of the neighbor that announced the route, but IBGP
peering preserve the Next-hop attribute learned from EBGP peers.  So in the
case, if I haven't use next-hop-self on RTA, I would think the EBGP next hop
in RTD's BGP table would be either 10.1.1.2 or 10.1.2.2, but why is the EBGP
next-hop is 25.25.25.2?


RouterD#sh ip bgp
BGP table version is 6, local router ID is 172.16.0.2
Status codes: s suppressed, d damped, h history, * valid,  best, i -
internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network  Next HopMetric LocPrf Weight Path
*i10.1.1.0/30  25.25.25.2   0100  0 1
i*i10.1.2.0/30 25.25.25.2 100  0 1
i*i25.25.25.0/24 25.25.25.2   0100  0 1 i
*i172.17.1.0/24  25.25.25.2   0100  0 1 i

Thanks,

H.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47216t=47216
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP Next-Hop [7:47217]

2002-06-22 Thread Hunt Lee


Sorry, the bgp output stuffs up before, so here's a repost  ;)

Hey all, I'm probably missing some fairly simple concept here.  I have setup
4 routers as follows:-

RTB
/
RTD --- RTA
\
RTC

Both RTB  RTC are connected (via Eth) to a network called 172.17.1.0 /24.
RTA  RTD are both in AS2
RTB  RTC are both in AS1

The connection between RTA  RTD is via Ethernet

RouterA#sh ip bgpBGP table version is 9, local router ID is 25.25.25.2
Status codes: s suppressed, d damped, h history, * valid,  best,
i -internal
Origin codes: i - IGP, e - EGP, ? - incomplete
NetworkNext HopMetricLocPrfWeight Path
* 10.1.1.0/30  10.1.1.20 0 1
i
*   10.1.2.20
1 i
* 10.1.2.0/30  10.1.1.201
i
*   10.1.2.20  0
1i
* 25.25.25.0/240.0.0.00 32768
i
* 172.17.1.0/24   10.1.1.2   0 0  1
i
*10.1.2.2   0 0
1 i

RouterA#sh running-config
router bgp 2
network 25.25.25.0 mask 255.255.255.0
neighbor 10.1.1.2 remote-as 1
neighbor 10.1.2.2 remote-as 1
neighbor 25.25.25.1 remote-as 2
maximum-paths 6

When I lookup RTD's BGP table (shown below), for the route 172.17.1.0/24,
instead of via 10.1.1.2 or 10.1.2.2, it is 25.25.25.2.  Ok - here's what I'm
confused about.  Since I thought that in EBGP peering, the next hop is
usually the IP address of the neighbor that announced the route, but IBGP
peering preserve the Next-hop attribute learned from EBGP peers.  So in the
case, if I haven't use next-hop-self on RTA, I would think the EBGP next hop
in RTD's BGP table would be either 10.1.1.2 or 10.1.2.2, but why is the EBGP
next-hop is 25.25.25.2?


RouterD#sh ip bgp
BGP table version is 6, local router ID is 172.16.0.2
Status codes: s suppressed, d damped, h history, * valid,  best,
i -internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network  Next HopMetric LocPrf Weight Path
*i10.1.1.0/30  25.25.25.2   0100  0 1
i*i10.1.2.0/30 25.25.25.2 100  0 1
i*i25.25.25.0/24 25.25.25.2   0100  0 1 i
*i172.17.1.0/24  25.25.25.2   0100  0 1 i

Thanks,

H.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47217t=47217
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP Next-hop [7:47219]

2002-06-22 Thread Hunt Lee


Sorry, the bgp output stuffs up before, so here's a repost  ;)

Hey all, I'm probably missing some fairly simple concept here.  I have setup
4 routers as follows:-

RTB
/
RTD --- RTA
\
RTC

Both RTB  RTC are connected (via Eth) to a network called 172.17.1.0 /24.
RTA  RTD are both in AS2
RTB  RTC are both in AS1

The connection between RTA  RTD is via Ethernet

RouterA#sh ip bgp
BGP table version is 9, local router ID is 25.25.25.2
Status codes: s suppressed, d damped, h history, * valid,  best,i -internal
Origin codes: i - IGP, e - EGP, ? - incomplete
NetworkNext HopMetric LocPrf Weight Path
* 10.1.1.0/30  10.1.1.2  0  0   1 i
*   10.1.2.2  0
1 i
* 10.1.2.0/30  10.1.1.2  01 i
*   10.1.2.2  0  0
1 i
* 25.25.25.0/240.0.0.0  0  32768 i
* 172.17.1.0/24   10.1.1.2 0  01 i
*10.1.2.2 0  0
1 i

RouterA#sh running-config
router bgp 2
network 25.25.25.0 mask 255.255.255.0
neighbor 10.1.1.2 remote-as 1
neighbor 10.1.2.2 remote-as 1
neighbor 25.25.25.1 remote-as 2
maximum-paths 6

When I lookup RTD's BGP table (shown below), for the route 172.17.1.0/24,
instead of via 10.1.1.2 or 10.1.2.2, it is 25.25.25.2.  Ok - here's what I'm
confused about.  Since I thought that in EBGP peering, the next hop is
usually the IP address of the neighbor that announced the route, but IBGP
peering preserve the Next-hop attribute learned from EBGP peers.  So in the
case, if I haven't use next-hop-self on RTA, I would think the EBGP next hop
in RTD's BGP table would be either 10.1.1.2 or 10.1.2.2, but why is the EBGP
next-hop is 25.25.25.2?


RouterD#sh ip bgp
BGP table version is 6, local router ID is 172.16.0.2
Status codes: s suppressed, d damped, h history, * valid,  best,i -internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network  Next HopMetric LocPrf Weight Path
*i10.1.1.0/30  25.25.25.2   0100  0 1
i*i10.1.2.0/30 25.25.25.2 100  0 1
i*i25.25.25.0/24 25.25.25.2   0100  0 1 i
*i172.17.1.0/24  25.25.25.2   0100  0 1 i

Thanks,

H.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47219t=47219
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Switch Messages [7:47005]

2002-06-21 Thread Lee James


Let me guess, 4000 switches ? I would open up a TAC case, and get the blades
changed. This is what we had to do.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47158t=47005
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

GOOD LINK [7:46974]

2002-06-18 Thread e lee


JUST TRY THIS LINK

http://www.mcmi.com/forums/aplus/index.cgi?read=33

LEE


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=46974t=46974
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

STUDY MATERIALS [7:46975]

2002-06-18 Thread e lee


HI 

JUST CLICK ON THE LINK 

http://www.mcmi.com/forums/aplus/index.cgi?read=33 

LEE


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=46975t=46975
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP w/ no synchronization [7:46707]

2002-06-16 Thread Hunt Lee


Okay folks, starting off some late nite studying and just noticed something
weird.  Got a Confederation setup like:

150.150.150.0/24---RTA ---RTB ---RTD---RTF
 | |
  RTC  RTE

RTA, B, C, D,  E are in a Confederation called AS 1, in which:-

RTA is sub-AS 65530
RTB  RTC are both in sub-AS 65531
RTD  RTE are both in sub-AS 65532

RTF is in AS 2

RTB, C, D  E are running OSPF as IGP.  And OSPF is being redistributed into
BGP at RTB.

The network 150.150.150.0/24 is being advertised into BGP by BGP network
command on RTA.

Ok, here is the thing.  The 150.150.150.0/24 network is being seen by RTA,
RTB, RTD,  RTF.  I could ping 150.150.150.1 from these four routers.
However, it can't be seen by RTC  RTE (shown as follows).  But when I put
no synchronization on the middle four routers (RTB, RTC, RTD,  RTE), then
everything becomes fine again...I thought since I used IGP (OSPF), and
if the router can see the EBGP Next-Hop (193.16.0.2) in their routing table,
then the synch. rule shouldn't apply anymore.

Am I missing something here?

RouterC#sh ip bgp
BGP table version is 4, local router ID is 172.16.0.2
Status codes: s suppressed, d damped, h history, * valid,  best, i -
internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network  Next HopMetric LocPrf Weight Path
* i150.150.150.0/24 193.16.0.2   0100  0 (65530) i
i172.16.0.0/30172.16.0.1   0100  0 ?
* i172.16.0.12/30   172.16.0.18 30100  0 ?
*i172.16.0.16/30   172.16.0.1   0100  0 ?
*i193.16.0.0/30172.16.0.1   0100  0 ?
* i193.16.0.8/30172.16.0.18  0100  0 (65532) i
RouterC#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
   D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
   N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
   E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
   i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate
default
   U - per-user static route, o - ODR

Gateway of last resort is not set

 172.16.0.0/30 is subnetted, 3 subnets
O   172.16.0.16 [110/128] via 172.16.0.1, 01:35:04, Serial1
O   172.16.0.12 [110/192] via 172.16.0.1, 01:35:04, Serial1
C   172.16.0.0 is directly connected, Serial1
 193.16.0.0/30 is subnetted, 1 subnets
O   193.16.0.0 [110/74] via 172.16.0.1, 01:35:04, Serial1
RouterC#
RouterC#ping 193.16.0.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 193.16.0.2, timeout is 2 seconds:
!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/32/36 ms
RouterC#


Thanks all!

Hunt




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=46707t=46707
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Route Reflectors Peer-Group [7:46464]

2002-06-13 Thread Hunt Lee


Hi,

I have read both BGP 4 Command  Reference + CCNP Building Scable Cisco
Networks, they both state that peer-group and route reflectors are not
compatible to each other.  Yet, when I tried to configure both together...
it seems to work for me   :(  Am I missing something important here?

RouterB#sh ip bgp ne
BGP neighbor is 172.16.0.2,  remote AS 1, internal link
 Index 1, Offset 0, Mask 0x2
  Route-Reflector Client
  group1 peer-group member
  BGP version 4, remote router ID 172.16.0.2
  BGP state = Established, table version = 1, up for 00:28:41
  Last read 00:00:40, hold time is 180, keepalive interval is 60 seconds
  Minimum time between advertisement runs is 5 seconds
  Received 36 messages, 0 notifications, 0 in queue
  Sent 36 messages, 0 notifications, 0 in queue
  Prefix advertised 0, suppressed 0, withdrawn 0
  Connections established 2; dropped 1
  Last reset 00:28:52, due to RR client config change
  0 accepted prefixes consume 0 bytes
  0 history paths consume 0 bytes
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Local host: 172.16.0.1, Local port: 11003
Foreign host: 172.16.0.2, Foreign port: 179

Enqueued packets for retransmit: 0, input: 0  mis-ordered: 0 (0 bytes)

Event Timers (current time is 0x263A98):
Timer  StartsWakeupsNext
Retrans32  0 0x0
TimeWait0  0 0x0
AckHold31 19 0x0
SendWnd 0  0 0x0
KeepAlive   0  0 0x0
GiveUp  0  0 0x0
PmtuAger0  0 0x0
DeadWait0  0 0x0

iss:  904884479  snduna:  904885079  sndnxt:  904885079 sndwnd:  15785
irs: 3309753480  rcvnxt: 3309754096  rcvwnd:  15769  delrcvwnd:615

SRTT: 310 ms, RTTO: 780 ms, RTV: 80 ms, KRTT: 0 ms
minRTT: 24 ms, maxRTT: 300 ms, ACK hold: 200 ms
Flags: higher precedence, nagle

Datagrams (max data segment is 1460 bytes):
Rcvd: 44 (out of order: 0), with data: 31, total data bytes: 615
Sent: 52 (retransmit: 0), with data: 31, total data bytes: 599


 BGP neighbor is 193.16.0.2,  remote AS 1, internal link
 Index 1, Offset 0, Mask 0x2
  Route-Reflector Client
  group1 peer-group member
  BGP version 4, remote router ID 0.0.0.0
  BGP state = Active, table version = 0
  Last read 00:04:24, hold time is 180, keepalive interval is 60 seconds
  Minimum time between advertisement runs is 5 seconds
  Received 33 messages, 0 notifications, 0 in queue
  Sent 37 messages, 1 notifications, 0 in queue
  Prefix advertised 0, suppressed 0, withdrawn 0
  Connections established 2; dropped 2
  Last reset 00:04:45, due to BGP Notification sent, hold time expired
  0 accepted prefixes consume 0 bytes
  0 history paths consume 0 bytes
  No active TCP connection
RouterB#


Any ideas would be greatly appreciated.

Thanks

--

Hunt Lee

WebCentral




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=46464t=46464
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE home lab [7:46395]

2002-06-12 Thread Hunt Lee


Hi,

I know that this may have come up many times.  But since I'm about to start
preparing for the CCIE lab, it would be great if anyone could give me some
suggestions on this. I'm planning to continue to build up my lab.

Currently, I have the following:

2 x 1603R

3 x 2501

2 x 2503

2 x 2511

1 x Cat 5000

I'm thinking whether I should get the below:-

2 x Token routers - maybe 2 x 2502?? MAU?? What else do I need for Token?? I
really don't know what else I need...

1 x Frame switch - 

1 x ISDN Simulator (do u know which one is good?)

And I probably need to upgrade RAM / Flash on my routers... since most of
them only had 4MB Flash on the moment...

Any ideas would be greatly appreciated.

Thanks

--

Hunt Lee

WebCentral




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=46395t=46395
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP Question [7:46255]

2002-06-11 Thread Hunt Lee


Hello,

I have 3 routers:-

150.150.150.0/24
   
|
|
|
|
  R1  R2R3
(AS1)(AS2)
(AS3)

R1 - R2, R2 - R3 are using EBGP

I injected the network 150.150.150.0/24 into BGP from both R1  R3.  I have
enabled bgp always-compare-med to allow R2 to compare the MED from AS 1  AS
3.  I have also set a route-map on R3 so that when it advertise
150.150.150.0/24 to R2, it would have a metric of 20, as compared to 0 from
R1.

The thing I'm confused is that after I have enabled the command bgp
bestpath med missing-as-worst, according to CCO, the MED of 0 from R1 would
now be considered as infinity (as confirmed by the debug messages), but why
is R2 still prefers the route from R1 instead of from R3?

Best Regards,
Hunt


RouterB#sh ip bgp 150.150.150.0/24
BGP routing table entry for 150.150.150.0/24, version 3
Paths: (2 available, best #1, table Default-IP-Routing-Table)
  Advertised to non peer-group peers:
  10.1.1.2
  1
172.17.1.2 from 172.17.1.2 (20.20.20.1)
  Origin IGP, metric 0, localpref 100, valid, external, best
  3
10.1.1.2 from 10.1.1.2 (15.15.15.1)   10.1.1.2 to
main IP table
02:58:54: BGP: 172.17.1.2 rcv message type 4, length (excl. header) 0
02:58:54: BGP(0): 172.17.1.2 computing updates, afi 0, neighbor version 0,
table version 2, starting at 0.0.0.0
02:58:54: BGP(0): 172.17.1.2 send UPDATE (format) 150.150.150.0/24, next
172.17.1.1, metric 0, path 3
02:58:54: BGP(0): 172.17.1.2 1 updates enqueued (average=47, maximum=47)
02:58:54: BGP(0): 172.17.1.2 update run completed, afi 0, ran for 12ms,
neighbor version 0, start version 2, throttled to 2
02:58:54: BGP: 10.1.1.2 rcv message type 4, length (excl. header) 0
02:58:54: BGP(0): 172.17.1.2 rcvd UPDATE w/ attr: nexthop 172.17.1.2, origin
i, metric 0, path 1
02:58:54: BGP(0): 172.17.1.2 rcvd 150.150.150.0/24
02:58:54: BGP(0): Revise route installing 150.150.150.0/24 - 172.17.1.2 to
main IP table
02:59:17: BGP: Performing BGP general scanning
02:59:17: BGP(0): scanning IPv4 Unicast routing tables
02:59:17: BGP(IPv4 Unicast): Performing BGP Nexthop scanning for general
scan
02:59:17: BGP(1): scanning VPNv4 Unicast routing tables
02:59:17: BGP(VPNv4 Unicast): Performing BGP Nexthop scanning for general
scan
02:59:17: BGP(2): scanning IPv4 Multicast routing tables
02:59:18: BGP(IPv4 Multicast): Performing BGP Nexthop scanning for general
scan
02:59:22: BGP(0): 10.1.1.2 computing updates, afi 0, neighbor version 1,
table version 3, starting at 0.0.0.0
02:59:22: BGP(0): 10.1.1.2 send UPDATE (format) 150.150.150.0/24, next
10.1.1.1, metric 0, path 1
02:59:22: BGP(0): 10.1.1.2 1 updates enqueued (average=47, maximum=47)
02:59:22: BGP(0): 10.1.1.2 update run completed, afi 0, ran for 12ms,
neighbor version 1, start version 3, throttled to 3
02:59:23: BGP(0): 172.17.1.2 computing updates, afi 0, neighbor version 2,
table version 3, starting at 0.0.0.0
02:59:23: BGP(0): 172.17.1.2 send unreachable 150.150.150.0/24
02:59:23: BGP(0): 172.17.1.2 send UPDATE 150.150.150.0/24 -- unreachable




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=46255t=46255
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP MED Question [7:46321]

2002-06-11 Thread Hunt Lee


Hello,

I have 3 routers:-

150.150.150.0/24
   ---
|
|
|
|
  R1  R2R3
(AS1)(AS2)
(AS3)

R1 - R2, R2 - R3 are using EBGP

I injected the network 150.150.150.0/24 into BGP from both R1  R3.  I have
enabled bgp always-compare-med to allow R2 to compare the MED from AS 1  AS
3.  I have also set a route-map on R3 so that when it advertise
150.150.150.0/24 to R2, it would have a metric of 20, as compared to 0 from
R1.

The thing I'm confused is that after I have enabled the command bgp
bestpath med missing-as-worst, according to CCO, the MED of 0 from R1 would
now be considered as infinity (as confirmed by the debug messages), but why
is R2 still prefers the route from R1 instead of from R3?

I realized that Weight, Local Pref, AS-Path, Origin are used before MED for
best path selection by BGP.  However, they are all left at default and are
the same on both R1  R3/

Best Regards,
Hunt


RouterB#sh ip bgp 150.150.150.0/24
BGP routing table entry for 150.150.150.0/24, version 3
Paths: (2 available, best #1, table Default-IP-Routing-Table)
  Advertised to non peer-group peers:
  10.1.1.2
  1
172.17.1.2 from 172.17.1.2 (20.20.20.1)
  Origin IGP, metric 0, localpref 100, valid, external, best
  3
10.1.1.2 from 10.1.1.2 (15.15.15.1)   10.1.1.2 to
main IP table
02:58:54: BGP: 172.17.1.2 rcv message type 4, length (excl. header) 0
02:58:54: BGP(0): 172.17.1.2 computing updates, afi 0, neighbor version 0,
table version 2, starting at 0.0.0.0
02:58:54: BGP(0): 172.17.1.2 send UPDATE (format) 150.150.150.0/24, next
172.17.1.1, metric 0, path 3
02:58:54: BGP(0): 172.17.1.2 1 updates enqueued (average=47, maximum=47)
02:58:54: BGP(0): 172.17.1.2 update run completed, afi 0, ran for 12ms,
neighbor version 0, start version 2, throttled to 2
02:58:54: BGP: 10.1.1.2 rcv message type 4, length (excl. header) 0
02:58:54: BGP(0): 172.17.1.2 rcvd UPDATE w/ attr: nexthop 172.17.1.2, origin
i, metric 0, path 1
02:58:54: BGP(0): 172.17.1.2 rcvd 150.150.150.0/24
02:58:54: BGP(0): Revise route installing 150.150.150.0/24 - 172.17.1.2 to
main IP table
02:59:17: BGP: Performing BGP general scanning
02:59:17: BGP(0): scanning IPv4 Unicast routing tables
02:59:17: BGP(IPv4 Unicast): Performing BGP Nexthop scanning for general
scan
02:59:17: BGP(1): scanning VPNv4 Unicast routing tables
02:59:17: BGP(VPNv4 Unicast): Performing BGP Nexthop scanning for general
scan
02:59:17: BGP(2): scanning IPv4 Multicast routing tables
02:59:18: BGP(IPv4 Multicast): Performing BGP Nexthop scanning for general
scan
02:59:22: BGP(0): 10.1.1.2 computing updates, afi 0, neighbor version 1,
table version 3, starting at 0.0.0.0
02:59:22: BGP(0): 10.1.1.2 send UPDATE (format) 150.150.150.0/24, next
10.1.1.1, metric 0, path 1
02:59:22: BGP(0): 10.1.1.2 1 updates enqueued (average=47, maximum=47)
02:59:22: BGP(0): 10.1.1.2 update run completed, afi 0, ran for 12ms,
neighbor version 1, start version 3, throttled to 3
02:59:23: BGP(0): 172.17.1.2 computing updates, afi 0, neighbor version 2,
table version 3, starting at 0.0.0.0
02:59:23: BGP(0): 172.17.1.2 send unreachable 150.150.150.0/24
02:59:23: BGP(0): 172.17.1.2 send UPDATE 150.150.150.0/24 -- unreachable




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=46321t=46321
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE Lab Mailing List problem!!! [7:46235]

2002-06-10 Thread Hunt Lee


To all,

It would be greatly appreciated if someone can shed some light on this  :)
I subscribed to the CCIE RS Lab Mailing List with my Hotmail account about
a month ago (or maybe longer).  I can receive messages fine, but I can't
post message to the board (i.e. Everytime I sent a message to
[EMAIL PROTECTED], when I checked my email a few days later, my message
never come up on the mailing list.  I tried to lookup for the WebMaster
email address, but I can't find it anywhere on the GroupStudy website.  Any
ideas??

Thanks in advance,

Best Regards,
Hunt Lee




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=46235t=46235
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP scenario (a bit lenghty - sorry) [7:46131]

2002-06-08 Thread Hunt Lee


Hi group,


RotuerC - RouterA  RouterB

On p9 of BGP 4 Command  Configuration Handbook (by Parkhurst), I follow the
exercise on Aggregating the BGP Learning Routes, everything seems well
except I can't ping from Router C to any of the 4 Loopback Interfaces I
created on Router B, even though I can see the routes fine on both Router
C's BGP table and Routing Table:

RouterCsh ip bgp
BGP table version is 6, local router ID is 172.17.1.2
Status codes: s suppressed, d damped, h history, * valid,  best, i -
internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network  Next Hop  Metric LocPrf Weight Path
* 172.16.0.0/24172.17.1.1   0 1 2 i
* 172.16.0.0/22172.17.1.1   0 1 i
* 172.16.1.0/24172.17.1.1   0 1 2 i
* 172.16.2.0/24172.17.1.1   0 1 2 i
* 172.16.3.0/24172.17.1.1   0 1 2 i
RouterC


RouterCsh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
   D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
   E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
   i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate
default
   U - per-user static route

Gateway of last resort is not set

 172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
B   172.16.0.0/22 [20/0] via 172.17.1.1, 00:00:55
B   172.16.0.0/24 [20/0] via 172.17.1.1, 02:19:56
B   172.16.1.0/24 [20/0] via 172.17.1.1, 02:19:56
B   172.16.2.0/24 [20/0] via 172.17.1.1, 02:19:56
B   172.16.3.0/24 [20/0] via 172.17.1.1, 02:19:56
 172.17.0.0/24 is subnetted, 1 subnets
C   172.17.1.0 is directly connected, Serial0
RouterC


When I tried to do a trace to say 172.16.0.1 (which is one of the loopback
interface created on Router B), the packets was stuck on Router A

RouterCtrace 172.16.0.1

Type escape sequence to abort.
Tracing the route to 172.16.0.1

  1 RouterA (172.17.1.1) 16 msec 16 msec 20 msec
  2  *  *  *
  3

However, on Router A, I can ping fine to all 4 loopback interfaces
advertised by Router B:-

RouterA#ping 172.16.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.1, timeout is 2 seconds:
!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms
RouterA#ping 172.16.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms
RouterA#ping 172.16.2.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.2.1, timeout is 2 seconds:
!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/54/148 ms
RouterA#

So if Router A can get to the Loopback interfaces advertised by Router B,
and Router C have got the routes in the Routing Table, why can't Router C
trace or ping to Router B's Loopback interfaces??

Please find attached a copy of the configs for the 3 routers:-


RouterC#sh run
Building configuration...

Current configuration:
!
version 11.1
service timestamps debug datetime msec show-timezone
service timestamps log datetime msec show-timezone
service udp-small-servers
service tcp-small-servers
!
hostname RouterC
!
enable secret 5 $1$R1vV$Ld5F0ueggoSyb4z/goBGF.
!
!
interface Ethernet0
 no ip address
!
interface Serial0
 ip address 172.17.1.2 255.255.255.0
!
interface Serial1
 no ip address
!
router bgp 65530
 neighbor 172.17.1.1 remote-as 1
!
ip host RouterA 172.17.1.1
ip classless
logging buffered
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
end

RouterC#


-
RouterA#sh run
Building configuration...

Current configuration : 907 bytes
!
version 12.2
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname RouterA
!
logging rate-limit console 10 except errors
enable secret 5 $1$hCDv$aQ/xa.CZ7YloCaNRpAaI90
!
ip subnet-zero
no ip finger
no ip domain-lookup
ip host RouterC 172.17.1.2
ip host RouterB 10.1.1.2
!
no ip dhcp-client network-discovery
!
!
!
!
interface Ethernet0
 no ip address
!
interface Serial0
 ip address 172.17.1.1 255.255.255.0
 clockrate 64000
!
interface Serial1
 ip address 10.1.1.1 255.255.255.252
 clockrate 64000
!
router bgp 1
 bgp log-neighbor-changes
 aggregate-address 172.16.0.0 255.255.252.0
 neighbor 10.1.1.2 remote-as 2
 neighbor 172.17.1.2 remote-as 65530
!
ip kerberos source-interface any
ip classless
ip http server
!
!
!
line con 0
 transport input none
line 1 16
line aux 0
line vty 0 4
 password cisco
 login
!
end

RouterA#


---
RouterB#sh run
Building

RE: 40x/50x counting towards CCNP [7:45993]

2002-06-07 Thread Lee James


According to the website, the 50x exams can be substituted for 60x exams
towards your ccnp. It doesnt mention the 40x anymore. So i think you need to
take 3 more to get your ccnp.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=46050t=45993
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCNP exam path question [7:45839]

2002-06-06 Thread adam lee


Any order is okay.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Paulo Roque
Sent: Wednesday, June 05, 2002 9:52 AM
To: [EMAIL PROTECTED]
Subject: CCNP exam path question [7:45839]


Hi all,

Must the exam path for CCNP be Routing, Switching, Remote Access and Support
or the exams could be taken in any order?

Thanks in advance!!

--
Eng. Paulo Roque
Network Engineer
Cisco Certified Network Associate
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45917t=45839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE Lab Question [7:45815]

2002-06-05 Thread Hunt Lee


All,

I want to start practising on how to search / use the Cisco's Documentation
CD for the CCIE Lab.  I have 2 CDs called Cisco Product Documentation (Oct
2001).  Are they the ones??  If not, how about can I order the Cisco's
Documentation CD from Cisco?

Thanks,

Hunt Lee




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45815t=45815
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: It's Official - CCNP 6xx series [7:45867]

2002-06-05 Thread Lee James


You can still take the 640-500 series for CCNP. You just have to take it in
Japanese. Kanichiwa!


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45900t=45867
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: static route for port 21 [7:45682]

2002-06-04 Thread Alex Lee


Yes, I do remember seeing that thread when I first joined the group. Just
can't find it now.

Daniel Cotts  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Time to restart the blueberry thread.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45759t=45682
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

trying to test ISDN [7:45786]

2002-06-04 Thread Lee James


Im trying to get ISDN backup to work, but as i am debugging dialer packets,
I am seeing this.

BRI0: Dialing cause ip (s=10.3.101.13, d=224.0.0.10)
BRI0: Already 255 call(s) in progress on BRI0, dialing not
allowed 

I have never seen this msg before. Anyone know what this means? Is there a
loop somewhere?

Thanks In Advance
James   


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45786t=45786
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: trying to test ISDN [7:45786]

2002-06-04 Thread Lee James


Yes, we are running EIGRP, and someone put in an permit any any statement
in. I removed that but ISDN is still not dialing. if i look at the history,
it shows it has dialed successfully a few weeks ago. The IOS is 11.2(5)P so
i cannot force a call to test connectivity with the carrier switch. layer 1
is active, spids are assigned, Im pretty much at a loss. The person on the
other end did say that on the external NT1 the LP LED was lit. I will follow
through with the carrier. Thanks


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45794t=45786
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: trying to test ISDN [7:45786]

2002-06-04 Thread Lee James


WE have serveral branches that have passive int on the bri0 and we do use
floating static routes. What i ended up doing was removing the config from
the bri, reloading the router, entered the switch type and spids and it
dialed fine. Thanks all for the suggestions.

James 


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45800t=45786
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 640-605 BCRAN Beta PASSED!! [7:45777]

2002-06-04 Thread adam lee


Hi Bill,

I am curious how the new test differs from the old exam.  I take the remote
exam almost a year ago.

Thanks.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Creighton Bill-BCREIGH1
Sent: Tuesday, June 04, 2002 4:03 PM
To: [EMAIL PROTECTED]
Subject: 640-605 BCRAN Beta PASSED!! [7:45777]


I'd like to thank EVERYONE in this group. Very difficult exam! but I somehow
feel prouder having passed this monster instead of the current 640-505.The
scenarios and ideas presented here are better than anything seen in a lab
and more diverse than anything seen in my workplace.

I was wondering if anyone could tell me if this will count toward the
existing CCNP track if my other exams are the current standard (640-50x) in
which case I'M DONE!!!

Finally, if I am in fact done, can anyone tell me if it's more advantageous
to go after CCDA/P or just chase the CCIE written (before the new version of
that exam is introduced).

Bill Creighton
Senior System Engineer CCNP(?)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45809t=45777
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Basic ISDN BRI config needed [7:45416]

2002-05-30 Thread Lee James


Can we see the rest of your configs. If you have a passive interface,
without a static route, you wont be able to ping.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45435t=45416
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE Lab Reading [7:45486]

2002-05-30 Thread Hunt Lee


Hi All,

I just started preparing for the CCIE Lab.  I have already read Caslow,
TCP/IP Vol 1 (by Jeff Doyle), Internet Routing Arch (by Halabi), as well as
LAN Switching (by Clark).  I'm just wondering what books I should get in
additional to these to prepare for the lab??

Please help...

Thanks!
Hunt Lee




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45486t=45486
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN Client failing to connect to PIX using rsa-sig [7:45371]

2002-05-29 Thread Alex Lee


Can you share your insight ? Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45371t=45371
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Emergency: HOw to extend the telnet timeout for a router? [7:45249]

2002-05-28 Thread Wallace Lee


yes ,
exec-timeout 0  0

rgds

Dain Deutschman wrote:

 Is it
 line vty 0 4
 exec-timeout  ??
 I could be misunderstanding the question. Please correct me if I am wrong.

 Dain

 Ocsic  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Hi, all
  the default timeout for a telnet session is 300 sec
 
  Any command can extend the telnet timeout time ?
 
 
  Please mail me [EMAIL PROTECTED]
 
  Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45249t=45249
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Passed BCRAN [7:45182]

2002-05-28 Thread adam lee


So what's your point?

Give him some props and stop being a weenie.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 27, 2002 8:40 PM
To: [EMAIL PROTECTED]
Subject: Re: Passed BCRAN [7:45182]


I passed it in 3 days reading the book.

Its easy




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45322t=45182
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Token Ring cable [7:45018]

2002-05-25 Thread adam lee


That's a type 2 cable that connects to a router with a db9?  Or is that
RJ-45 on the 2521?  Depends on how much time you want to spend on
making/searching for a cable, I would suggest upgrading to a msau that uses
rj-45.  Cabletron hubs such as the STHI-24 are plentiful on ebay and
probably will cost you about $15-20 bucks.  You can pick some madge cards on
ebay as well and connect your pcs to it as well.  Plus, you can management
the hub and if you have errors you can console into the hub and see what
they are..IE burst, congestion, fc, etc.  Of course, the sh controller
command on the router will do the same thing.



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Frankie Chiang
Sent: Saturday, May 25, 2002 1:12 AM
To: [EMAIL PROTECTED]
Subject: Re: Token Ring cable [7:45018]


You can make it by your self.
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2600/c26userg/cables.
htm

Best Regard,
Frankie

Kenneth Yeung  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi,
 Just start to prepare home lab, I got token ring interface (C2521) and MAU
 Hub.  Where can I get the cable?  What should I use?
 Any comment!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=45032t=45018
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: SYSLOG time stamp problem [7:44949]

2002-05-24 Thread Alex Lee


My take is that the time stamp is correct but it is using UTC time which is
4 hour ahead of U.S. East Coast's Day Light Saving Time.

Jeffrey Reed  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I set up a syslog server and have a problem with the time stamp in a sys
log
 message. When a message is sent to my syslog server (using solar winds
 syslog monitor) the date/time field is correct, but the time stamp with
the
 message itself is not, its 4 hours ahead. I show calendar and clock on the
 6500 MSFC and they are both set correctly. I have the system set up for
EST
 and daylight savings, so I think the syslog facility is not factoring in
 those settings.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44950t=44949
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ISDN BRI Simulator Comparison - way to expensi [7:44767]

2002-05-23 Thread adam lee


I wonder if you can write the isdn lines off as a learning expense.
Equipment might be harder to do though.  If you can't write it off, the sim
comes out ahead because it's portable and has resale value. (but that could
change)

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Treptow, Georg
Sent: Wednesday, May 22, 2002 5:02 PM
To: [EMAIL PROTECTED]
Subject: RE: ISDN BRI Simulator Comparison - way to expensi [7:44767]


For that price you might as well order 2 ISDN lines from your local telco.
That should only cost you about $80.00 a month as you don't need to get ISP
service with it. You would be able to use those for 17 months until coming
up even.

Georg Treptow

-Original Message-
From: Dennis Laganiere [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 22, 2002 6:34 PM
To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]; '[EMAIL PROTECTED]'
Subject: RE: ISDN BRI Simulator Comparison


Earlier today I proposed putting together some comparative information on
the various ISDN Simulators available. Since the question which simulator
do I buy? comes up regularly on the list, I though a cooperative effort to
develop an answer would be an interesting exercise for the group.  Just to
start the conversation, here's a review of the two that I have in my home
pod...

Arca Emutel Lite
Recent e-bay sales: $1,250 - $1,400

Features:
* 2 port BRI
* Switch types supported: NAT-1, DMS100 and 5ESS

Default settings (just because I think its useful):

PortB-channel   DN  SPID
1   1   384000  384001
1   2   384010  384002
2   1   384020  384021
2   2   384030  384022

The default ISDN switch-type is basic-dms100

Pro:
* Been using it for a year without a problem
* Built-in battery backup means you can use it without AC power for a quick
demonstration
* Supports either S (4-wire) or U (2-wire) interfaces (selected through
software)
* Simple console-like configuration

Con:
* Since I'm using 2503's, it requires 2 x NT1 (approx $30 each on ebay)
* Power supply is an external brick.  Minor thing, but kind of annoying.


Teltone ILS-B-01 ISDN Demonstrator
Recent e-bay sales: $1,225 - $1,599 (New from the manufacture, $1,855.00)

Features:
* 2 port BRI
* Switch types supported: NAT-1, ATT Custom

Default settings (just because I think its useful):

PortB-channel   DN  SPID
1   1   835-86610835866101
1   2   835-86630835866301
2   1   835-86620835866201
2   2   835-86640835866401

The default ISDN switch-type is basic-nil

Pro:
* Built in power supply.
* Windows-based configuration (I haven't tried it yet, but the book makes it
look easy)

Con:
* Since I'm using 2503's, it requires 2 x NT1 (approx $30 each on ebay)
* Only has U Interfaces

I look forward to seeing what other people have used...

Thanks...

--- Dennis


 -Original Message-
From:   Dennis Laganiere [mailto:[EMAIL PROTECTED]]
Sent:   Wednesday, May 22, 2002 2:36 PM
To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]
Subject:ISDN BRI Simulator Comparison

This brings to mind an interesting side-project, if anybody has the time and
inclination to help out. I've not seen a comprehensive comparison between
the various simulators that are available, factoring in features and
approximate cost.

Myself personality, I've got an Emutel Lite at home that I've had a for
while, and I just picked up a Teltone ISDN Demonstrator that I'm going to
start playing with this weekend. I could probably put together a quick write
up on those if it were a conversation that other people would like to
contribute too.

Anybody what to play?

Let me know...

--- Dennis




From:   Dennis Laganiere [mailto:[EMAIL PROTECTED]]
Sent:   Wednesday, May 22, 2002 1:48 PM
To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]
Subject:RE: ISDN BRI Simulator

Um... I'll pay $125...

Next bidder... :)

I don't believe you'll find too many in this range, but I'd love to learn
that I'm wrong...

Thanks...

--- Dennis

 -Original Message-
From:   [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent:   Wednesday, May 22, 2002 1:16 PM
To: [EMAIL PROTECTED]
Subject:ISDN BRI Simulator

I am looking for a 2 port ISDN BRI Simulator for under $100. Does anyone
know where I can get one?

Thanks,

Bill Cook, Network Project Manager
_
Commercial lab list: http://www.groupstudy.com/list/commercial.html
Please discuss commercial lab solutions on this list.
_
Commercial lab list: http://www.groupstudy.com/list/commercial.html
Please discuss commercial lab solutions on this list.
_

Len Lee/CHI/NTRS is out of the office. [7:44790]

2002-05-22 Thread Len Lee


I will be out of the office starting  May 23, 2002 and will not return
until June 10, 2002.

I will respond to your message when I return.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44790t=44790
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Support Passed [7:44599]

2002-05-21 Thread adam lee

Read the RA book and you'll be fine.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 20, 2002 10:02 PM
To: [EMAIL PROTECTED]
Subject: Support Passed [7:44599]

Ok, well I started kinda backward, but I passed my CCNP Support test, and
I'm now working on my Remote Access. I have the cisco press books, which I
love, but is there anything I should know about the remote access test?

Cody Lerum, CCNA, (1/4)CCNP

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44600t=44599
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Logic and Lab Rats [7:44653]

2002-05-21 Thread adam lee

Whadda ya mean remember?  We still have them and we have to support them as
well as TR, Ethernet , SNA, Cisco,IP,Cabletron, Coax, etc.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 21, 2002 12:57 PM
To: [EMAIL PROTECTED]
Subject: RE: Logic and Lab Rats [7:44653]

Do you remember Mainframe systems??? Do you remember LU and PU and logic
controllers?? Do they all work the same as IP networks or VOIP and IP
telephony networks?
Do you know all the traffic in your data network??? You seem to be bitter
about something. Do you want someone with 20 years experience Appling a
network change without testing out first in a lab environment??? Last but
certainly not least, how many mainframe guys know IP networking. You provide
me a listAnswer is very few. Many PBX or Telecomm Engineer knows VOIP or IP
Telephony??  Answer is very few. Giving me dates when things start is like
tell me that we still need to go print a circuit board for two days and use
tubes, diodes, and transistors, instead a sing microprocessor.

Finally, There are many people with 20 years of experience who feel that
they dont need to learn new technologies and therefore still trying fight
progress. We do not know every thing out there but at least we can try to be
knowledge as possible.

 You need to be more appreciative of people who want to be the best. Be
weather it be CCIE or Cissp. They have to study just like any other
professional. If my doctor doesnt put in at least 100 hours of training and
giving me a diagnostic, I will sue his pants off.

Stop being an idiot

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44676t=44653
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Fans too Noisey (2500 Series Router) [7:44571]

2002-05-21 Thread adam lee


Take the covers off and take a big, giant fat and blow, baby, blow.

Are better yet, how about moving it out of the living room or put some
insulation in the room that it's in.

But then again, 2500's are so cheap these days why bother.  Remove the fans
and buy another one when it melts!

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Kent Hundley
Sent: Tuesday, May 21, 2002 7:19 AM
To: [EMAIL PROTECTED]
Subject: RE: Fans too Noisey (2500 Series Router) [7:44571]


Maybe not if you keep the room temperature low enough, but your going to
need a lot of air conditioning. ;-)

Seriously, disconnecting fans will eventually cause your router, or any
computer, to fry.  Without heat dissapation, your components will eventually
just quit working and fill your house with the lovely smell of burning
circuits.

You might try buying/building some sort of enclosure, but that enclosure
will likely need a fan as well.

Regards,
Kent

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Will Francis
Sent: Monday, May 20, 2002 3:07 PM
To: [EMAIL PROTECTED]
Subject: Fans too Noisey (2500 Series Router) [7:44571]


Hi Guys

I've got 7 2500 Series routers in my home lab but its just getting a bit too
noisey, if the fans are unplug will this affect the routers.

cheers




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44677t=44571
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: preffered order in taking ccnp exams [7:44511]

2002-05-20 Thread adam lee


I took the exams in this order

remote access
routing
cit
switching


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
ashish
Sent: Monday, May 20, 2002 9:45 AM
To: [EMAIL PROTECTED]
Subject: Re: preffered order in taking ccnp exams [7:44511]


yeah, as such order does not matter much.
I passed routing last week.and now i am studying for remote access.I have
found that there are somethings which are assumed that reader
understands like redistribution,route filtering etc..
I can only say I am glad that I did routing before remote access.


- Original Message -
From: Thomas Larus
To:
Sent: Monday, May 20, 2002 7:55 AM
Subject: Re: preffered order in taking ccnp exams [7:44511]


 I think you can switch them around as you like except that Support should
 come last.  Once you have studied for the other three, Support just
follows
 naturally, because you should have gotten practice using the debugging
 commands and show commands and other troubleshooting tools.

 [EMAIL PROTECTED], Divakaran (GEAE, GTS India)
  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Hi,
   Is there a prefferred order in which to tkae the ccnp exams ? like
  1.routing
  2.switching
  3.remote access
  4.support ?
 
  or can it be taken in any order ?
  Does taking the exams in the above order have any advantages ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44582t=44511
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: L3 Between VLANS- no RSM or MSFC [7:44462]

2002-05-18 Thread adam lee

A 2600 with a FE interface will do trunking and be the router on a stick.  I
haven't tried a 3600 but it should work as well.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Michael L. Williams
Sent: Saturday, May 18, 2002 7:35 PM
To: [EMAIL PROTECTED]
Subject: Re: L3 Between VLANS- no RSM or MSFC [7:44462]

But if he's trying to practice doing FastEthernet VLAN trunking. =)

But I agree, if you're looking to simply route, get a router with 2 ethernet
interfaces and connect one to each VLAN. if you need to route between
more than 2 VLANs, then you'll need a router that supports trunking on the
FastEthernet port (I know the 4000 series supports this, but not for sure
about anything lower. wouldn't be surprised if the 2600/3600 series
supported this)

Mike W.

nrf  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 If you want to do it really simply, just use a router that has 2 ethernet
 interfaces.

 Phil Lorenz  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  I'm looking to mock up RSM/ MSFC type routing between VLANs.

  If my memory serves me correctly, can't I do this with a 4500 (or
  better) router outfitted with an FE module ???

  Can anyone elaborate and/ or offer a few clues to get me researching in
  the right area ???

  Thanks !!!

  Phil

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44474t=44462
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: cheapest router supporting two ethernet ports [7:44061]

2002-05-14 Thread adam lee

They are real cheap.  I paid $1200 and I would be lucking to get $500 for
it.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 13, 2002 12:26 PM
To: [EMAIL PROTECTED]
Subject: RE: cheapest router supporting two ethernet ports [7:44061]

2514's have fallen quite a bit on Ebay of late. They roughly the same as a
1605 nowdays. Figure right about 500ish.. my quick numbers show that the
average price PAID on Ebay for the last 30 days is 409.00

MikeS

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44185t=44061
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Wireless LAN for Home [7:44234]

2002-05-14 Thread Alex Lee


Any recommendation on PCI type cards ?


Roberts, Larry  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I use the BEFW11S4 and the Orinoco silver/gold cards. I have a couple of
the
 aironet cards on order for testing, but I can say that the WPC11 (
linksys )
 Card is something that you DON'T want. My range was doubled just by
changing
 cards.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44260t=44234
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN client Cisco Concentrator 3030 [7:43675]

2002-05-09 Thread Alex Lee


Great info.
You mentioned that the tweaking will work if one installed Cisco VPN client
before installing EnterNet. Does it mean that one will be have to un-install
the EnterNet PPPoE client if it was installed before the Cisco VPN client ?

Elijah Savage  wrote in message
news:[EMAIL PROTECTED]...
 This is not in refernce to certification but this is great information for
 our field. My company is rolling out a load balancing cisco vpn solution
 for our company using 3030 concentrators.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=43767t=43675
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSS1 [7:43405]

2002-05-06 Thread Alex Lee


Try this one http://www.securityie.com/


Brian Zeitz  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I started a yahoo group called CSS1 if anyone is interested. Currently
 it has 1 member, me :-)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=43406t=43405
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE LAB Prep!!! [7:43055]

2002-05-02 Thread Jason Lee


Perhaps I didn't give you any details... we have
19xx,29xx,39xx,5500,6500,8500, and the GSR 12000 Gbs/r also have
1700's,26xx,3600,7200,VPN3001,IDS,Avvid,Pix 525. just on the cisco
side... please check out our web... www.ictp.com

regards,

Jason Lee


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=43132t=43055
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VLANS [7:42932]

2002-05-02 Thread Lee James


Damian Rizzo is the vlan man. If he can't do it Noone can. Uh Rich. Mind if
i call you dick.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=43159t=42932
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CIT exam [7:43100]

2002-05-02 Thread adam lee


I just took the exam today after studying for about 30 hours using the cisco
press book and the course material.  It wasn't that hard but it wasn't that
easy because some of the wording got me.

Considering what I studied, I expected more in different areas.  Oh, well, a
pass is a pass.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 02, 2002 3:54 AM
To: [EMAIL PROTECTED]
Subject: CIT exam [7:43100]


I have taken the router, switching and remote access exams, and am about to
take the support exam.  I have heard from some that the CIT exam is the
easiest and I have heard from others that it is one of the hardest.  I would
like to get the boards perspective on this.  Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=43189t=43100
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: switching exam [7:43038]

2002-05-02 Thread adam lee

I guess it depends on who pays for toner and the paper it's printed on.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Kaminski, Shawn G
Sent: Thursday, May 02, 2002 5:18 PM
To: [EMAIL PROTECTED]
Subject: RE: switching exam [7:43038]

Tim is actually right. Everything you need to pass these exams is free on
Cisco's website. The only problem is that the site is so huge, you don't
know where to start!

Shawn K.

 -Original Message-
 From: timothy thielen [SMTP:[EMAIL PROTECTED]]
 Sent: Thursday, May 02, 2002 3:02 PM
 To:   [EMAIL PROTECTED]
 Subject:  RE: switching exam [7:43038]

 You people spend MONEY on certification prep materials?  I'm sorry.  :-)

 --Tim

 Kaminski, Shawn G wrote:

  It's sad, the true signs of brainwashing :-)

  I never said anything was wrong with them. The proven track
  record comes
  from the fact that they've done a great job marketing their
  products. Boson
  has quality products, BUT, BUT, BUT, as I've mentioned before,
  there are
  other companies out there that offer materials that are just as
  good if not
  better than Boson and the prices are about 80% cheaper. I would
  mention the
  companies, but I have a financial interest in these companies
  and I'd get
  flamed to death (believe it or not, I also have a financial
  interest in
  Boson/Quizware, but not anywhere near as much as I'd like :-) )
  You can't
  really blame Boson for their high prices because they have to
  pay a
  percentage to their authors. Plus, like you said, people have
  been
  brainwashed into believing that Boson is the only company out
  there, which
  allows Boson to charge higher prices.

  So, look around a little and take a chance on some of these
  other companies.
  Don't worry, no one is going to yell at you for spending less
  money on
  certification materials :-) I'm just trying to save people some
  money while
  at the same time hoping that I make a little, as well!

  Shawn K.

   -Original Message-
   From: Jon Krabbenschmidt [SMTP:[EMAIL PROTECTED]]
   Sent: Wednesday, May 01, 2002 8:28 PM
   To:   [EMAIL PROTECTED]
   Subject:  RE: switching exam [7:43038]

   Boson worked well for me too, but I hardly consider $40
  expensive
   especially
   given the cost of others.

   Jon

   -Original Message-
   From: Adam Hickey [mailto:[EMAIL PROTECTED]]
   Sent: Wednesday, May 01, 2002 4:22 PM
   To: [EMAIL PROTECTED]
   Subject: Re: switching exam [7:43038]

   I don't think I could have gotten through my tests without
  Boson's help -
   other than being expensive, what is wrong with them? I don't
  think I see a
   cult here but I do see the proven track record and the
  quality name Boson
   has developed for themselves. High price is a direct result
  of high demand
   -
   simple economics.

   Adam Hickey
   [EMAIL PROTECTED]

   - Original Message -
   From: Kaminski, Shawn G
   To:
   Sent: Wednesday, May 01, 2002 3:31 PM
   Subject: RE: switching exam [7:43038]

Please, people, snap out of the Boson trance. I can't take
  it anymore.
   :-)
   I
just had a discussion with Paul Borghese a few days ago
  about how Boson
always gets through the filters but other vendors don't.
  Hopefully, that
will change soon and we'll start to see better and less
  expensive
   options
come through the list without being filtered. In fact, I
  wonder if this
   will
make it through the filter since I'm saying something bad
  about the
   Boson
cult? :-)

Please proceed with flaming, ragging, name calling, tar and
  feathering,
   etc.
However, one of these days you'll thank me from preventing
  you from
   getting
that Boson tattoo on your chest ( on the ankle for the
  ladies) :-)

If you're up for an argument, please email me offline :-)

Shawn K.

 -Original Message-
 From: NetEng [SMTP:[EMAIL PROTECTED]]
 Sent: Wednesday, May 01, 2002 5:18 PM
 To: [EMAIL PROTECTED]
 Subject: switching exam [7:43038]

 just took that switching exam: 79 ?'s, 90 minutes and 699
  to pass.
   pretty
 easy test, boson's were great as usual.

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=43190t=43038
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Building a Cisco Lab [7:43072]

2002-05-02 Thread adam lee


We have quite a few Cisco 4k and they are pretty reliable.  In a year and a
half we have only replaced one 4k in our data center, and the only others we
have touched are the ones we have deinstalled and replaced with 3600's.  I
think we have a hundred or so.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Howard C. Berkowitz
Sent: Thursday, May 02, 2002 6:23 PM
To: [EMAIL PROTECTED]
Subject: Re: Building a Cisco Lab [7:43072]


Wayne,

Ive had nothing but problems with 4000 series modular routers.  So many
problems, in fact, that I've stopped selling them.  Too many hardware
failures.  Stick with the 2500 series

thanks,
-Brad Ellis
CCIE#5796 (RS / Security)
[EMAIL PROTECTED]
Cisco home labs:  www.optsys.net

Brad,

I don't doubt your current experience is accurate, but I'm curious.
When I was on the road teaching Cisco courses, the 2500's seemed to
fail more than the 4000's. Probably the most persistent 4000 problem
was one of the ports failing on the dual-Ethernet module.

Is there any pattern to what you are seeing?  I'm wondering if it's
just a mechanical problem with wear on the slot modules, or something
else that's aging.

Howard




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=43197t=43072
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE LAB Prep!!! [7:43055]

2002-05-01 Thread Jason Lee


If you need a lab to study CCIE lab, I can give you a special discount... We
have the worlds biggest Cisco Lab.. here located in city of anaheim Ca, if
you are interested please feel free to email me.

Jason Lee
[EMAIL PROTECTED] 


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=43055t=43055
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Please help!!! [7:42411]

2002-04-26 Thread Hunt Lee


Wallace Lee  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hunt,
 I guess you don't have the 203.147.154.0 route in the middle router.
 however, you have a
 defaut route in it. So, you will experience a routing loop. Check you
tunnel
 configuration as well. see the following from u :

  I have an OSPF connectivity problem.  I have 3 routers as follows:
 
OSPF Area 203.147.188.0 OSPF Area 0
  Gw1.bne2   Gw2.bne ---Gw1.bne
 
  Gw1.bne2 is connecting to Gw2.bne with Serial 0/0:0 (203.147.255.186
/30)
  Gw2.bne is connecting back to Gw1.bne2 with Serial 0/0:0
(203.147.255.185
  /30)
 
  Gw2.bne is also connected to Gw1.bne with FastEth 0/0 (202.139.236.2
/24)
  Gw1.bne is connecting back to Gw2.bne with FastEth 0/1 (202.139.236.254
 /24)
 
  Now I have 5 static routes at Gw1.bne2 (the left most Router) that I
want
 to
  redistributed into OSPF.
 
  ip route 203.147.154.0 255.255.255.128 203.147.188.65
  ip route 203.147.154.128 255.255.255.248 203.147.188.68
  ip route 203.147.154.136 255.255.255.248 203.147.188.69
  ip route 203.147.154.144 255.255.255.252 203.147.188.66
  ip route 203.147.154.148 255.255.255.252 203.147.188.67
 
  controller E1 0/0
   channel-group 0 timeslots 1-31
  !
  !
  interface Tunnel0
   description BNE2-Avior
   ip address 10.255.255.2 255.255.255.252
   no ip route-cache cef
   tunnel source 203.147.255.186
   tunnel destination 203.147.190.4
  !
  interface FastEthernet0/0
   no ip address
   ip route-cache flow
   speed 100
   full-duplex
  !
  interface FastEthernet0/0.5
   encapsulation dot1Q 5
  !
  interface FastEthernet0/0.10
   encapsulation dot1Q 10
   ip address 10.15.15.254 255.255.255.0 secondary
   ip address 203.147.188.254 255.255.255.0
   ip access-group pfilter in
   ip accounting access-violations
   ip nbar protocol-discovery
  !
  interface FastEthernet0/0.999
   encapsulation dot1Q 999
   ip address 10.2.101.1 255.255.0.0
  !
  interface Serial0/0:0
   description N7065870L to 96 Lytton Rd
   ip address 203.147.255.186 255.255.255.252
   ip nbar protocol-discovery
   ip route-cache flow
   load-interval 30
   service-policy output voippol
  !
  router ospf 7496
   log-adjacency-changes
   redistribute connected
   redistribute static subnets
   passive-interface FastEthernet0/0.999
   network 203.147.188.0 0.0.0.255 area 203.147.188.0
   network 203.147.255.184 0.0.0.3 area 203.147.188.0
 
  At Gw1.bne2, it shows the subnets are learned via statics
 
  gw1.bne2#sh ip route 203.147.154.136
  Routing entry for 203.147.154.136/29
Known via static, distance 1, metric 0
Redistributing via ospf 7496
Advertised by ospf 7496 subnets
Routing Descriptor Blocks:
* 203.147.188.69
Route metric is 0, traffic share count is 1
 
  When I goto Gw2.bne (middle router), I can see the routes in the OSPF
  Topology Table (all of them are learned from 203.147.255.186 -
Gw1.bne2),
  but not the its routing table:-
 
  N.B:  I also tried to do a clear ip route 203.147.144.0/20, but no help.
  The same route came straight back
 
Type-5 AS External Link States
 
  203.147.154.0   203.147.255.186 572 0x8002 0xAC01   0
  203.147.154.128 203.147.255.186 573 0x8002 0xA40D   0
  203.147.154.136 203.147.255.186 573 0x8002 0x6246   0
  203.147.154.144 203.147.255.186 573 0x8002 0xFF9F   0
  203.147.154.148 203.147.255.186 573 0x8002 0xE5B4   0
 
  gw2.bne# sh ip route 203.147.154.136
  Routing entry for 203.147.144.0/20, supernet
Known via ospf 7496, distance 110, metric 3, type inter area
Last update from 202.139.236.254 on FastEthernet0/0, 00:17:48 ago
 Routing Descriptor Blocks:
* 202.139.236.254, from 203.147.255.156, 00:17:48 ago, via
 FastEthernet0/0
Route metric is 3, traffic share count is 1
 
  However, if I goto Gw1.bne (the rightmost router), it can see all 5
subnets
  in the OSPF Topoloy Table and Routing Table
 
Type-5 AS External Link States
 
  203.147.154.0   203.147.255.186 867 0x8002 0xAC01   0
  203.147.154.128 203.147.255.186 867 0x8002 0xA40D   0
  203.147.154.136 203.147.255.186 867 0x8002 0x6246   0
  203.147.154.144 203.147.255.186 867 0x8002 0xFF9F   0
  203.147.154.148 203.147.255.186 867 0x8002 0xE5B4   0
 
  gw1.bne#sh ip route 203.147.154.136
  Routing entry for 203.147.154.136/29
Known via ospf 7496, distance 110, metric 20, type extern 2, forward
  metric 52
Redistributing via ospf 7496
Last update from 202.139.236.2 on FastEthernet0/1, 00:49:30 ago
 Routing Descriptor Blocks:
* 202.139.236.2, from 203.147.255.186, 00:49:30 ago, via
FastEthernet0/1
Route metric is 20, traffic share count is 1
 
  As a result, when I do a trace from Gw1.bne (the rightmost router), it
  points it to Gw2.bne, but Gw2.bne points it back - Routing Loop   :(
 
  gw1.bne#trace 203.147

Re: Please help!!! [7:42411]

2002-04-26 Thread Hunt Lee


Firstly, I must say thank you so much for getting back to me :-)

Sorry about this, but the network is actually like this:

Gw1.bne2 - Gw2.bne Gw1.bne  MLS2 (cat
6500) - Avior (Linux)
   |
|

|---
|
Tunnel

I agree. Are you terminiating the tunnel on gw1.bne? Or do you have
another route from gw1.bne2 to gw1.bne? Becuase it looks like gw1.bne is
learning it's route directly from gw1.bne2. If you could include the config
from gw1.bne, it would help.

So the tunnel actually terminates at the other end of the network.


After I've done some more investigation, I have found that the gw2.bne is
taking the Inter-Area summary route advertised by MLS2 instead of learning
it directly from gw1.bne2:-

At Gw2.bne:-

gw2.bne#sh ip route 203.147.154.136
Routing entry for 203.147.144.0/20, supernet
Known via ospf 7496, distance 110, metric 3, type inter area
Last update from 202.139.236.254 on FastEthernet0/0, 01:29:27 ago
Routing Descriptor Blocks:
* 202.139.236.254, from 203.147.255.156, 01:29:27 ago, via FastEthernet0/0
 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I agree.  Are you terminiating the tunnel on gw1.bne?  Or do you have
 another route from gw1.bne2 to gw1.bne?  Becuase it looks like gw1.bne is
 learning it's route directly from gw1.bne2.  If you could include the
config
 from gw1.bne, it would help.
Wallace Lee  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hunt,
 I guess you don't have the 203.147.154.0 route in the middle router.
 however, you have a
 defaut route in it. So, you will experience a routing loop. Check you
tunnel
 configuration as well. see the following from u :

  I have an OSPF connectivity problem.  I have 3 routers as follows:
 
OSPF Area 203.147.188.0 OSPF Area 0
  Gw1.bne2   Gw2.bne ---Gw1.bne
 
  Gw1.bne2 is connecting to Gw2.bne with Serial 0/0:0 (203.147.255.186
/30)
  Gw2.bne is connecting back to Gw1.bne2 with Serial 0/0:0
(203.147.255.185
  /30)
 
  Gw2.bne is also connected to Gw1.bne with FastEth 0/0 (202.139.236.2
/24)
  Gw1.bne is connecting back to Gw2.bne with FastEth 0/1 (202.139.236.254
 /24)
 
  Now I have 5 static routes at Gw1.bne2 (the left most Router) that I
want
 to
  redistributed into OSPF.
 
  ip route 203.147.154.0 255.255.255.128 203.147.188.65
  ip route 203.147.154.128 255.255.255.248 203.147.188.68
  ip route 203.147.154.136 255.255.255.248 203.147.188.69
  ip route 203.147.154.144 255.255.255.252 203.147.188.66
  ip route 203.147.154.148 255.255.255.252 203.147.188.67
 
  controller E1 0/0
   channel-group 0 timeslots 1-31
  !
  !
  interface Tunnel0
   description BNE2-Avior
   ip address 10.255.255.2 255.255.255.252
   no ip route-cache cef
   tunnel source 203.147.255.186
   tunnel destination 203.147.190.4
  !
  interface FastEthernet0/0
   no ip address
   ip route-cache flow
   speed 100
   full-duplex
  !
  interface FastEthernet0/0.5
   encapsulation dot1Q 5
  !
  interface FastEthernet0/0.10
   encapsulation dot1Q 10
   ip address 10.15.15.254 255.255.255.0 secondary
   ip address 203.147.188.254 255.255.255.0
   ip access-group pfilter in
   ip accounting access-violations
   ip nbar protocol-discovery
  !
  interface FastEthernet0/0.999
   encapsulation dot1Q 999
   ip address 10.2.101.1 255.255.0.0
  !
  interface Serial0/0:0
   description N7065870L to 96 Lytton Rd
   ip address 203.147.255.186 255.255.255.252
   ip nbar protocol-discovery
   ip route-cache flow
   load-interval 30
   service-policy output voippol
  !
  router ospf 7496
   log-adjacency-changes
   redistribute connected
   redistribute static subnets
   passive-interface FastEthernet0/0.999
   network 203.147.188.0 0.0.0.255 area 203.147.188.0
   network 203.147.255.184 0.0.0.3 area 203.147.188.0
 
  At Gw1.bne2, it shows the subnets are learned via statics
 
  gw1.bne2#sh ip route 203.147.154.136
  Routing entry for 203.147.154.136/29
Known via static, distance 1, metric 0
Redistributing via ospf 7496
Advertised by ospf 7496 subnets
Routing Descriptor Blocks:
* 203.147.188.69
Route metric is 0, traffic share count is 1
 
  When I goto Gw2.bne (middle router), I can see the routes in the OSPF
  Topology Table (all of them are learned from 203.147.255.186 -
Gw1.bne2),
  but not the its routing table:-
 
  N.B:  I also tried to do a clear ip route 203.147.144.0/20, but no help.
  The same route came straight back
 
Type-5 AS External Link States
 
  203.147.154.0   203.147.255.186 572 0x8002 0xAC01   0
  203.147.154.128 203.147.255.186 573 0x8002 0xA40D   0
  203.147.154.136 203.147.255.186 573 0x8002 0x6246   0
  203.147.154.144 203.147.255.186 573 0x8002 0xFF9F   0
  203.147.154.148 203

1 2 3 4 5 >

1 - 100 of 469 matches

Mail list logo