Re: PIX PDM [7:74758]
I have experienced by using PDM to configure VPN is unstable. Everytime I try to modify the particular VPN connection. All of the connection will be disconnected. In addition, everytime if you have changed the configuration in PDM, you must remember to save it manually, otherwise reboot will erase all of the config. Finally, before you make any change within PDM, you should download the latest version configuration from PIX. Otherwise, you will erase the running config. Philip Gary Leong wrote in message news:[EMAIL PROTECTED] Our security group is recommending not to use PDM to configure our Pix firewalls. They did not give any reason for their recommendation. Does anyone know why PDM should not be used? __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=75162t=74758 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
LS100 Single Mode ATM card [7:73087]
Sorry for the off topic question, I am currently building a ATM lab and using LS100 switch. If anybody have an extra SM card for the LS100, please contact me off line. Thanks Philip Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73087t=73087 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: number of CCIE [7:70151]
Man, I never see a job post specify that certain CCIE number is prefer. Why did you even bother to ask this question in the beginning, if you think the value of CCIE title has drop. I think is fair to say, after you finished it than you will know what it take. Please take the CCIE lab exam before you make any common on this subject. Of course the # mean a lot but the learning process was even more important. In fact, one consultant company just hires two new CCIE recently with 140K salaries per year. They both study at the same school that I went. This studygroup is a very valuable resource to us and everybody is working really hard to his or her dream. I will suggest that if you are scare about the increasing number of CCIE, please leave and seeking another valuable certification for yourself. Just my 2-cent. - Original Message - From: n rf To: Sent: Thursday, June 05, 2003 5:16 PM Subject: RE: number of CCIE [7:70151] Well, there are still less than 10,000 CCIE's. So the population hasn't accelerated THAT dramatically. Having said that, I will say that the CCIE has most likely gotten less rigorous and therefore less valuable over time. I know this is going to greatly annoy some people when I say this, but the truth is, the average quality of the later (read: high-number) CCIE's is probably lower than the average quality of the higher (read: lower-number) CCIE's. Before any of you high-number CCIE's decides to flame me, ask yourself if you were given the opportunity to trade your number for a lower number, would you do it? For example, if you are CCIE #11,000 and you could trade that number for CCIE #1100, would you take it? Be honest with yourself. I'm sure you would concede that you would. By the same token we also know that no low-number CCIE would willingly trade his number for a higher one. The movement is therefore all one-way. If all CCIE's were really created equal then nobody would really care one way or another which number they had. Therefore the CCIE community realizes that all CCIE's are not created equal and that intuitively that the lower number is more desirable and the higher number is less desirable (otherwise, why does everybody want a lower number?). Simply put, the test is not as rigorous as it was in the past, which is why lower numbers are preferred. Or, I'll put it to you another way. Let's say that starting at #12,000 Cisco makes the test ridiculously hard, putting in all kinds of funky technologies, and making the pass rate less than 1% or some other god-awful number. What would happen? Simple. Word would get around that the new CCIE was super-rigorous and therefore very prestigious to pass. Eventually, numbers greater than #12000 would be coveted, and everybody would want to trade in their number for one greater than #12000. Recruiters and HR people would start giving preference to CCIE's with numbers greater than #12000. The point is that when rigor increases, prestige and desirability tends to follow. When rigor declines, so does prestige and desirability. And what is the cause of this decline in rigor? Well, you alluded to several factors. While it is still rather controversial exactly how the switch from 2 days to 1 day impacted the program, it is widely conceded that it probably didn't help. Nor does having all these braindumps all over the Internet, and not just for the written, but the lab as well. The CCIE has certain arcane logistical rules that people have figured out how to 'game' - for example, for example, some people who live near test sites just attempt the lab every month over and over again. Finally, there is the consensus that the CCIE program has simply not kept up with the growing amount of study material, bootcamps, lab-guides, and so forth. We all know there's an entire cottage industry devoted just to helping people to pass the lab, and while there's nothing wrong with that per se, it does mean that Cisco needs to keep pace to maintain test rigor. To offer a parallel situation, when the MCSE bootcamps started to proliferate, the value of the MCSE plummeted because Microsoft did not properly maintain the rigor of the cert. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70239t=70151 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Password recovery [7:62738]
Hi I need to recover the password for a CISCO 2611 without wiping the config? Any idea's? Philip Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62738t=62738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Fluke one touch Network assistant and RCS SafeNet software [7:54887]
If you attached the Fluke to a switched port then it will only see network traffic destined to the device on that port and multicast/broadcast traffic. It would seem than that your broadcast traffic is 0.8% of your available bandwidth, 80% of your 1% utilization. That seems reasonable, I'd look elsewhere for the problem. One option if your equipment supports it would be to span the vlan traffic to a port and plug the fluke into the spanned port. Depending on you network design you still may only see a subset of your traffic. Philip -Original Message- From: Sim, CT (Chee Tong) [mailto:[EMAIL PROTECTED]] Sent: Friday, October 04, 2002 6:35 AM To: [EMAIL PROTECTED] Subject: Fluke one touch Network assistant and RCS SafeNet software [7:54860] Hi... Recently we found that LAN is getting slower and I used Fluke One Touch Network Assistant to check the health of network. And it gave me the following. Utilization 1% Error 0 % Collision 0% Broadcast 80 % IP 48% Station 250 % Do you think the fluke output indicate that our network got problem? The broadcast portion is quite high and I tried to find out which pc contribute to the broadcast, it gave me PC-A 6% PC-B 6 PC-C 6% PC-D 6% PC-E 6% PC-F 6% PC-G 6% PC-H 6% PC-I 6% All the PC that listed are installed with RCS software, when we uninstalled RCS from the PC, the PC's broadcast will be gone. Why RCS caused the broadcast, I am not sure whether it is the cause of our network slowness or not. Any idea? Thanks in advanced Sim == De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. == The information contained in this message may be confidential and is intended to be exclusively for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. == Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54887t=54887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: priviledge levels [7:53723]
I'm quite sure you could accomplish your goals with TACACS and aaa authorization, is that out of the question? -Original Message- From: Adam Hickey [mailto:[EMAIL PROTECTED]] Sent: Friday, September 20, 2002 12:52 PM To: [EMAIL PROTECTED] Subject: priviledge levels [7:53723] All, I want to configure a special priviledge level for our NOC in all our cisco devices to basically have all commands except config. Looking at cco, if you allow sh run at any priv level other than , the user will only be able to see the commands they can configure which defeats the purpose. Anyone know a way around this - so the NOC can have say a level 14 access and be able to see the entire running-config without being able to configure anything? thx Adam Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53727t=53723 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TACACS+ [7:53721]
Your passwords are encrypted with SSH between the client and router, between the router and tacacs server your tacacs key is used. I use tac_plus with clients that use a combination of SSH and telnet. Some routers require SSH some basic telnet is allowed. I have no special configurations within tac_plus to accommodate the two access methods. Philip -Original Message- From: Erich Kuehn [mailto:[EMAIL PROTECTED]] Sent: Friday, September 20, 2002 12:16 PM To: [EMAIL PROTECTED] Subject: TACACS+ [7:53721] Im trying to setup tacacs+ for aaa on my routers. I have downloaded and installed tacplus from cisco on a linux box (RH7.3). Im looking for some examples of config files for the tac_plus executable. Currently we use SSH and local logins for authentication, I would like to continue to use SSH to get into my boxes. From the config files I have seen Im unsure as to how I would continue to use SSH as the passwords are all encrypted. Thanks Erich Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53734t=53721 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TACACS+ [7:53721]
Mike, I guess your reading comprehension skills are on par with your tact. The original post was in regards to SSH and TACACS, and my reply to that post was to point out the functional difference between SSH or Telnet access and TACACS. The conversion between the client and router is encrypted via the SSH session, but the TACACS server is providing AAA. The same as it would with a telnet session; however, the telnet session wouldn't provide encrypt between the client and the router. Philip -Original Message- From: mike greenberg [mailto:[EMAIL PROTECTED]] Sent: Friday, September 20, 2002 3:53 PM To: [EMAIL PROTECTED] Subject: RE: TACACS+ [7:53721] Now I know why EDS stock is taking a beating When you use TACACS+, you basically offload the authentication, authorization and accounting to the TACACS+ server (running on your Linux box). If you don't want people to connect to your routers via telnet, set the vty line on your routers to accept only SSH. You can still log onto the routers with SSH and use the account on your TACACS+ server (if you configure the router properly). I have a sample TACACS+ configuration. Contact me off-line if you are interested. The configuration of TACACS+ has nothing to do with either telnet or ssh Blair, Philip S wrote:Your passwords are encrypted with SSH between the client and router, between the router and tacacs server your tacacs key is used. I use tac_plus with clients that use a combination of SSH and telnet. Some routers require SSH some basic telnet is allowed. I have no special configurations within tac_plus to accommodate the two access methods. Philip -Original Message- From: Erich Kuehn [mailto:[EMAIL PROTECTED]] Sent: Friday, September 20, 2002 12:16 PM To: [EMAIL PROTECTED] Subject: TACACS+ [7:53721] Im trying to setup tacacs+ for aaa on my routers. I have downloaded and installed tacplus from cisco on a linux box (RH7.3). Im looking for some examples of config files for the tac_plus executable. Currently we use SSH and local logins for authentication, I would like to continue to use SSH to get into my boxes. From the config files I have seen Im unsure as to how I would continue to use SSH as the passwords are all encrypted. Thanks Erich Do you Yahoo!? New DSL Internet Access from SBC Yahoo! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53748t=53721 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: EIGRP default route distribution. [7:52377]
Try adding: router eigrp 1 redistribute static Lose the ip default-network command -Original Message- From: Robert Cluett [mailto:[EMAIL PROTECTED]] Sent: Friday, August 30, 2002 1:29 PM To: [EMAIL PROTECTED] Subject: EIGRP default route distribution. [7:52377] I have the following network in my home lab: Internet RouterEisenhowerRooseveltNixonKennedy The Internet Router (192.168.1.1) runs RIP. Eisenhower (E0:192.168.1.100 and S0:172.26.1.9) runs RIP and EIGRP. Roosevelt, Nixon, and Kennedy run EIGRP for the 172.26.1.0,172.26.128.0,192.168.3.0, and 192.168.4.0 networks. I am peforming redistribution of EIGRP into RIP on the internet router which also hosts my LAN of 192.168.1.0). I am unable to propagate the default route out to the rest of the EIGRP routers being Roosevelt, Nixon and Kennedy. Any one have a clue on what I am missing? EISENHOWER CONFIG BELOW router eigrp 1 passive-interface Ethernet0 network 172.26.1.0 0.0.0.255 network 172.26.128.0 0.0.0.255 network 192.168.3.0 network 192.168.4.0 auto-summary eigrp log-neighbor-changes ! router rip version 2 redistribute eigrp 1 metric 0 passive-interface Serial0 passive-interface Serial1 network 192.168.1.0 no auto-summary ! ip classless ip default-network 0.0.0.0 ip route 0.0.0.0 0.0.0.0 192.168.1.1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52381t=52377 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: EIGRP default route distribution. [7:52377]
You don't have all your loopbak addresses in the 172.26.128.0/24 network, do you? If so, create unique subnets for each loopback. -Original Message- From: Robert Cluett [mailto:[EMAIL PROTECTED]] Sent: Friday, August 30, 2002 2:47 PM To: [EMAIL PROTECTED] Subject: RE: EIGRP default route distribution. [7:52377] Ah! redistribute static, and removing the default-network worked! The other option would have forced EIGRP to run on the interface I was running RIP on, and thus would defeat the purpose of what I was trying to do. Only one problem...why cannot I not get to the loopback addresses I have placed on each router and included in the eigrp 1 process as network 172.26.128.0/24? Any ideas? Thanks guys! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52388t=52377 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ACL studying [7:49154]
A different spin. access-list 1 permit 10.10.10.32 0.0.0.1 access-list 1 permit host 10.10.10.34 access-list 1 deny 10.10.10.32 0.0.0.127 access-list 1 deny host 10.10.10.49 access-list 1 permit any -Original Message- From: Persio Pucci [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 18, 2002 2:19 PM To: [EMAIL PROTECTED] Subject: ACL studying [7:49154] Folks, what would be the smallest way to put an ACL to filter, let's say, IPs 10.10.10.35 to 10.10.10.49? (just want to check if I am doing it ok...) Persio Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49175t=49154 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT - Networkers, Orlando [7:47921]
I will be there and would like to meet up with any members. Phil = Original Message From R. Benjamin Kessler = Anyone from the list going? Is there going to be a GroupStudy gathering? _ Commercial lab list: http://www.groupstudy.com/list/commercial.html Please discuss commercial lab solutions on this list. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47921t=47921 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Dual Link redundancy .... [7:47854]
Check out Fast Etherchannel (watch for wrapping) http://www.cisco.com/warp/customer/cc/techno/media/lan/ether/channel/tech/fe tec_wp.htm -Original Message- From: Paul [mailto:[EMAIL PROTECTED]] Sent: Monday, July 01, 2002 2:05 PM To: [EMAIL PROTECTED] Subject: Dual Link redundancy [7:47854] I have two switches that will be connected over fibre ... two connections at each end (hope you like the top Ascii art :)) | 1 |---| 1 | | A | | B | |_2 _|---|_2_ | How can I fix it so that if A1-B1 goes down A2-B2 automatically becomes active ?? Or even use both links to load balance and hence take the full load if the other falls over . Regards Paul ... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47865t=47854 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: authentication and router [7:46932]
Try to change: line con0 line authentication no_tacacs To: line con0 login authentication no_tacacs -Original Message- From: GEORGE [mailto:[EMAIL PROTECTED]] Sent: Friday, June 21, 2002 11:52 AM To: [EMAIL PROTECTED] Subject: FW: authentication and router [7:46932] I wouldn't like any username prompt at the console -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Blair, Philip S Sent: Thursday, June 20, 2002 3:20 PM To: [EMAIL PROTECTED] Subject: FW: authentication and router [7:46932] At the password prompt, if you enter your configured enable password you get access? Sounds like it's working as you have it configured, how did you want it to work? Philip -Original Message- From: GEORGE [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 18, 2002 5:37 PM To: [EMAIL PROTECTED] Subject: authentication and router [7:46932] I just configured my router to authenticate with cisco secure every works ok, except if I try to Console I get a password promt, and I stop cisco secure I get a password promt Now I tried to enter my enable password and wont work Am I missing something here aaa new-model aaa authentication login default group tacacs+ enable aaa authentication login local local aaa authentication login no_tacacs enable aaa authentication ppp default if-needed group tacacs+ aaa authorization exec default group tacacs+ local aaa authorization network default group tacacs+ aaa accounting exec default start-stop group tacacs+ aaa accounting network default start-stop group tacacs+ line con0 line authentication no_tacacs Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47290t=46932 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: authentication and router [7:46932]
At the password prompt, if you enter your configured enable password you get access? Sounds like it's working as you have it configured, how did you want it to work? Philip -Original Message- From: GEORGE [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 18, 2002 5:37 PM To: [EMAIL PROTECTED] Subject: authentication and router [7:46932] I just configured my router to authenticate with cisco secure every works ok, except if I try to Console I get a password promt, and I stop cisco secure I get a password promt Now I tried to enter my enable password and wont work Am I missing something here aaa new-model aaa authentication login default group tacacs+ enable aaa authentication login local local aaa authentication login no_tacacs enable aaa authentication ppp default if-needed group tacacs+ aaa authorization exec default group tacacs+ local aaa authorization network default group tacacs+ aaa accounting exec default start-stop group tacacs+ aaa accounting network default start-stop group tacacs+ line con0 line authentication no_tacacs Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47096t=46932 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Let the flamin' begin....dumbass beginner question [7:43772]
Use PPP or HDLC encapsulation on each end. PPP PPP or HDLC HDLC On the router with the DCE end of the cable set the clock rate. interface serial 0 encap ppp ip address 10.1.1.1 255.255.255.252 clock rate 64000 For more detail see: http://www.cisco.com/warp/public/116/ppp_back.html Everyone was a beginner once :) Later -Original Message- From: mark [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 09, 2002 1:19 PM To: [EMAIL PROTECTED] Subject: Let the flamin' begindumbass beginner question [7:43759] I originally configured and maintain several Cisco routers at work so I'm not a TOTAL dumbass when it comes to routers but I sure do feel like one about now. I have a couple of 2500's and a 2600 router with a couple of back to back cables. I'm not doing something correctly to allow the units to talk to each other using those cables. I can telnet into each router or connect via console connection and all are working. The green lights come on the serial connections when the b to b cables are plugged in but I can't for the life of me get them to talk to each other. Can't ping from one serial port on subnet A thru the b-to-b cable to the serial port on the other router on the same subnet on any of the routers. I have checked and rechecked ip info on all. I have tried frame-relay and PPP (which I would NOT trust my configuraion of but I do know frame OK - or at least I thought I did). I have RIP and EIGRP enabled on all and have them redistributing. I have tried the DCE and the DTE at each end. This is what maybe the particularly dumbass question - Do I need to set a clock rate or data rate for a frame connection using these cables? If so the commands required would be helpful. I can look at the options available. I just need to know where to start with them. If it's not a clock rate issue, have I given enough info for anyone to give me an educated guess as to what I'm doing wrong? If not, what other info can I provide? Muchas gracias. Mark Gump Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43772t=43772 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IPX Traceroute [7:43327]
If SWITCH1 is a layer two device, then RTR-1 and RTR-3 should be on the same IPX Network (either 1c10 or 1100). Of course I could be misinterupting the ASCII art. Philip -Original Message- From: Arjun Das [mailto:[EMAIL PROTECTED]] Sent: Sunday, May 05, 2002 4:55 AM To: [EMAIL PROTECTED] Subject: IPX Traceroute [7:43327] Dear Group Members, This is my first message please accept apologies for any mistakes. However, I seek help for the following problem. Here is the setup! IPX Network: 100 ---|--|--- | | RTR-1 RTR-AL / / |(1c10) / /| (1120)/ / SWITCH1 / / | / /(1210)| (1100) RTR-2 RTR-3 Problem: IPX routing is enabled on all the routers. I can ping (IPX) RTR-AL from RTR-3 but can not perform TRACEROUTE? Any help will be much appreciated? Output from ROUTER-3 (RTR-3) --- RTR-3# RTR-3#ping 100..0c3d.d1eb Translating 100..0c3d.d1eb Type escape sequence to abort. Sending 5, 100-byte IPX Novell Echoes to 100..0c3d.d1eb, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/35/44 ms RTR-3# RTR-3# RTR-3#traceroute ipx 100..0c3d.d1eb Type escape sequence to abort. Tracing the route to 100..0c3d.d1eb 0 * * * 1 * * * 2 * * * 3 * * * ... tracing the route using Diagnostic Requests 4 * * * RTR-3# __ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43386t=43327 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ip route statement [7:43001]
How a Null route can prevent a routing loop. If you have, for example, 4 networks behind you router. 10.1.0.0\24 10.1.1.0\24 10.1.2.0\24 10.1.3.0\24 And to reduce the size of the routing tables in the upstream routers you summarize those networks to one network. 10.1.0.0\26 and you have a default route point to the upstream router. All is good, until you lose one of your networks. Now you don't have 10.1.2.0\24 in your routing table, **^$#! So you send it to the upstream router, your gateway of last resort. The upstream router has your summary route so the packet is routed back to you, %^$^%^%*! And around it goes... In come the null route to save the day. Add a null route to your summary address and when you have the route in your routing table, more specific prefix, you route it accordingly. However, when a more specific route disappears packets destined to the missing route will match the null route, thus stopping the loop. Hope that explains at least one case. Philip -Original Message- From: Chuck [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 01, 2002 10:18 PM To: [EMAIL PROTECTED] Subject: Re: ip route statement [7:43001] can you provide an example of what circumstance might require the use of a null route to prevent a loop? My lack of imagination is preventing me from deriving my own example. Ladrach, Daniel E. wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The Null interface is typically used for preventing routing loops. Daniel Ladrach CCNA, CCNP WorldCom -Original Message- From: Stanfast Preye [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 01, 2002 2:34 PM To: [EMAIL PROTECTED] Subject: ip route statement [7:43001] Dear Group, Why is it necessary to configure all routers in a network with ip route xxx.xxx.xxx.xxx null 0 statement before implementing migrating to a new IP address scheme and DHCP service in the network. Somebody please help Regards, Preye. - Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43123t=43001 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN dial problem [7:43071]
Can you share the config? If you have only a group-async interface defined with the modem lines, you may need to define a dialer intreface to pickup the ISDN calls. Philip -Original Message- From: supernet [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 01, 2002 10:30 PM To: [EMAIL PROTECTED] Subject: ISDN dial problem [7:43071] Hi Dear Friends, We have a Cisco 5300 as RAS router. It has PRI and digital modems. Regular modem users dial the number no problem, they can always get connected. But ISDN users (Cisco 1604 router) couldn't make a connection. On 1604 router, it says carrier wait timeout. We suspect that it's LEC problem but they insist everything is good on their side. What seems to be the problem? Thanks a lot. Yoshi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43133t=43071 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Urgent help Please! [7:43084]
Type 7 passwords are easily decrypted. Type 5 (enable) are not. If you have physical access to the box then you can perform password recovery via the console, see the cisco website for the specifics for your router. If you have SNMP read/write access your can download the config, make the change, then push it back. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 02, 2002 12:19 AM To: [EMAIL PROTECTED] Subject: Urgent help Please! [7:43084] Hi ! All, Can any one please break this password? enable secret 5 $1$rMrT$blzJIo4ZyCBfJkvu2CP/Z1 Thanks in advance. === WARNING This message may contain information that is confidential and may be subject to the provisions of section 61A of the Police Act 1958, which creates an offence to have unlawful possession of Police documents. If you are not the intended recipient of this message or have received this message in error, you must not peruse, use, pass or copy this message or any of its contents. Also note, the views expressed in this message may not necessarily reflect those of the New Zealand Police. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43129t=43084 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN dial [7:42884]
You can define multiple dialer string under the interface. The latest version of IOS 12.2T gives you greater control when using multiple dialer strings. http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122 t/122t8/ftrotdls.htm (watch for line wrap) Philip -Original Message- From: Michalis Palis [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 30, 2002 8:52 AM To: Subject: ISDN dial [7:42884] Hello all. I have a customer who wants a router to dial (ISDN) to another destination in case the fist destination fails to answer ( no answer, busy etc). How can I do it using a Cisco router? I will appreciate your help. __ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42893t=42884 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF over ISDN demand circuit [7:42348]
Are you trying the setup the circuit to use Dial on Demand Routing (DDR), such that that circuit only comes up when needed then disconnects? If so, what are you implementing? backup interface? floating static? dialer watch? Depending on your implementation of DDR you need to adjust your interesting traffic (dialer-list). Philip -Original Message- From: Ruihai An [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 23, 2002 2:18 PM To: Subject: OSPF over ISDN demand circuit [7:42348] Hi, Group, On an ISDN circuit running ospf , if I want to use ip ospf demand-circuit to keep it from being brought up by ospf update, do I need to define 224.0.0.5 as non-interesting traffic in dialer-list? I have configured ip ospf demand-circuit on one side of the ISDN, but routing update to 224.0.0.5 keeps activating the circuit? What is the problem? Thanks Ruihai Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42363t=42348 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Using a Router to redirect IP traffic [7:42217]
Not that I'm advocating it, but whether or not it could be done depends. From a high level, you could define some static network address translations (NAT) that map your old address to your new addresses. The depends part comes now, your router would need to be positioned such that the old addresses would be routed to it. And I believe the second interface would need to be on a separate subnet. NAT requires an inside and an outside interface and those interface need to be on separate subnets. Better solutions.. Adjust the TTL on the DNS records for the web servers to stop DNS records from being cached. Then change the DNS record during the move. Sound like you don't like that option. How about leaving a reverse-proxy or just a http server with a redirect at the old ip address for some time. -Original Message- From: Trevor Jennings [mailto:[EMAIL PROTECTED]] Sent: Monday, April 22, 2002 9:16 AM To: [EMAIL PROTECTED] Subject: OT: Using a Router to redirect IP traffic [7:42217] Hello, Where I work, we have a number of servers being co-located at one location and are planning on moving those servers to another co-location provider soon. My boss asked me why we could not, when we move the servers, just place a router at the original ISP to redirect all traffic from the original ip's to the new ip's rather than having duplicate servers or adjusting the DNS at the same time. I told him that I wasnt sure whether it was possible and was told by a friend that its not really possible to do that. Can anyone confirm that or rather explain why that is not possible? My Boss's theory was that we would have a router with 2 ethernet ports and redirect the original ip's to the new ip's through the second ethernet. Cheers, - Trevor Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42234t=42217 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to disable error logging on serial interface? [7:42215]
If it is logging to a SNMP manager try: int ser 2 no snmp trap link-status -Original Message- From: Love Cisco [mailto:[EMAIL PROTECTED]] Sent: Monday, April 22, 2002 5:53 AM To: [EMAIL PROTECTED] Subject: How to disable error logging on serial interface? [7:42215] Hi, everyone I want disable error logging on serial 2 interface. I tried no logging event link-status on serial 2 interface. But it does not work. If you know how. Please let me know. Many thanks Kevin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42235t=42215 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: output buffers swapped out [7:41985]
Take a look at: http://www.cisco.com/warp/public/784/packet/oct99/pdfs/p70-troubleshooting.p df It may help explain when the counter gets bumped. Philip -Original Message- From: Pierre-Alex Guanel [mailto:[EMAIL PROTECTED]] Sent: Friday, April 19, 2002 1:57 PM To: [EMAIL PROTECTED] Subject: output buffers swapped out [7:41985] (resent) Can't find any explanation on CCO about output buffers swapped out (Ethernet interface) Any one has a definition of what it is and what could cause 146399903 output buffers swapped out on an Ethernet interface? thank you, Pierre-Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=41995t=41985 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Connecting printer through Cisco Routers [7:41473]
My interpretation of the question may be incorrect but it sounds like your looking to extend a RS-232 connection across your router network? PC- RS-232- Router- Net- Router- RS-232- Printer I assume in theory you could use STUN (serial tunneling), but throw in the fact that you want to use the console port and things become a little more difficult. Philip -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, April 15, 2002 5:04 AM To: [EMAIL PROTECTED] Subject: Connecting printer through Cisco Routers [7:41473] Hi Guys I have a strange problem. I have to carry a printer a different location ( The PC connected to printer is not moving , only printer) The printer must be connected to RS 232 Port of the PC. So I will have to carry RS232 signals through Cisco Router. I mean PC connected to serial port of router and Printer will connect to the other router s serial port. Anybody tried this or has an idea ? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=41494t=41473 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Dialer profile vs. rotary group? [7:41271]
Legacy Dial One Physical w/Dial Rotary Groups Multiple Physical Interfaces, One dialer Interface Dialer Pools Multiple Physical Interfaces, Multiple Dialer Interface Dialer pool expands on the rotary concept by allowing a physical interface to belong to multiple pools, the dialer interface can then reference the pool of physical interfaces or multiple pools. Philip -Original Message- From: Sean Knox [mailto:[EMAIL PROTECTED]] Sent: Friday, April 12, 2002 2:15 AM To: [EMAIL PROTECTED] Subject: Dialer profile vs. rotary group? [7:41271] Hey all, I am confused by the difference(s) between dialer profiles and rotary groups. All the text I've read seems rather convoluted - physical interfaces can only be in one rotary group but can exist in many different dialer pools (if using dialer profiles)? Is that the main difference? Rotary groups seem to be an outdated configuration solution. Someone please point me in the right direction... Sean Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=41335t=41271 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: New CCNP Exam [7:40967]
What is the major change. Anybody? - Original Message - From: Matthew Meiers To: Sent: Tuesday, April 09, 2002 5:31 PM Subject: RE: New CCNP Exam [7:40967] It appears to be soon. Cisco is already listing the old 500 series exams as no longer applicable on the tracking page. -Original Message- From: Tony Chen [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 09, 2002 3:48 PM To: [EMAIL PROTECTED] Subject: New CCNP Exam [7:40967] Cisco has finished the beta testing to CCNP exams. Does anyone know when are they going to roll out and replace the current CCNP 2.0? Tony *** This message is a private communication. If you are not the intended recipient, please do not read, copy, or use it, and do not disclose it to others. Please notify the sender of the delivery error by replying to this message, and then delete it from your system. Thank you. - Visit http://www.ballfoundation.org for our latest news. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=41024t=40967 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Boson test help [7:40829]
Hello all, I schedule myself to take the new CCNA exam next week, could someone let me know should I buy all three Boson exams or just the #1 exam is good enough for the new version. Thanks Philip Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=40829t=40829 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: frame relay question [7:34090]
The bandwidth on the hub router's frame interface in a pure multipoint topology should be the CIR x the number of PVC's. Yatou Wu wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, if there are one central site and three remote sites. all the remote sites need to connect to the central site. now I need to decide the access circuit and port speed for the central site. the CIR requirement are following: Remote site A: 14M Remote site B: 14M Remote site C: 14M how many T3 access Circuits and ports are needed for the central sites? any advise is highly appreciated! yatou _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34109t=34090 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF Startup questions [7:33711]
Another resource for this would be RFC2178. Cebuano wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Thanks all for the different insights. Being in a teaching environment, these are just what i need to be able to explain the behavior/process in easier-to-digest terms. Elmer - Original Message - From: Priscilla Oppenheimer To: Sent: Wednesday, January 30, 2002 5:33 PM Subject: Re: OSPF Startup questions [7:33711] At 12:41 PM 1/30/02, Cebuano wrote: i would think that regardless if there's a new router with a higher RID that comes on line, the DR/BDR should be the default MASTER to initiate the exchange since he's got all the topology/links info in the area, except of course for scenarios where there is no DR/BDR. Both neighbors have information to send. The master/slave business is just a temporary relationship to allow the neighbors to exchange their information in a reliable fashion. There's no real reason for one router instead of the other to become the master. Remember that protocol design is modular. You should keep the database synchronization process separate from the DR/BDR election. The synchronization process is the first step in the adjacency-building process. Each router describes its database by sending a sequence of database description packets to its neighbor. Each database description packet has a sequence number. Database description packets sent by the master (polls) are acknowledged by the slave through echoing of the sequence number. Both polls and their responses contain summaries of link-state data. The master is the only one allowed to retransmit database description packets. The OSPF protocol developers could have chosen some other method to ensure reliability, such as opening a TCP session or inventing a client/server protocol with the DR acting as the server on networks that have a DR. Instead they invented a master/slave protocol. It's just how they decided to implement it. If you think about it, you can see that their method has some advantages. If you were in a computer science protocol development class, you could write an essay on why their method is best. As a CCIE candidate, however, I'm tempted to say, why ask why? ;-) Priscilla Elmer - Original Message - From: Rogell, Dennis To: 'Cebuano' Sent: Wednesday, January 30, 2002 12:19 PM Subject: RE: OSPF Startup questions [7:33711] You can make the Dr the higher rid , and the answer to 3 is it looks at sequence numbers not timestamps.If the information it receives is the same but the sequence number is greater that will be entered into ls database. hth Dennis Rogell CNE, CCNP nextiraone Formally Milgo Solutions Email : [EMAIL PROTECTED] Phone: (954) 846-5128 -Original Message- From: Cebuano [SMTP:[EMAIL PROTECTED]] Sent: Wednesday, January 30, 2002 08:38 To: [EMAIL PROTECTED] Subject: OSPF Startup questions [7:33711] Hi, group. I have a few questions to iron out regarding OSPF startup. 1. EXSTART - master/slave is created between each router and its adjacent DR/BDR. Q: But this election on who the master will be is mute because the router with the higher RID (thus) the DR/BDR acts as the master, right? If not, shouldn't the DR act as the master anyway since he ( or she) is the central distribution point for the area's topology? 2. LOADING - slave router sends an LS request if the master's DBD has a more up-to-date link-state entry. Q: up-to-date meaning timestamps?? But...what if there's no NTP server to synchronize them? Thanks. Elmer Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=33857t=33711 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX with no NAT [7:31353]
I've been on Cisco's site for hours, but cannot find a conclusive answer to my question. When you disable NAT (NAT 0) to allow the use of public IP's behind the PIX, are the internal nodes allowed to start outbound connections by default?? I need to selectively allow nodes behind the firewall to start outbound connections on certain porthow should I accomplish this? Access-lists? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31353t=31353 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ATM circuit [7:28774]
What is the new book? Philip Jache Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=28801t=28774 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ACL Gurus [7:27361]
Try enabling the interface configuration command ip accounting access-violations. This will log source/destination pairs which fail the access-list on the interface. Scott Nawalaniec wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi Anil, To the best of my knowledge and without looking it up at www.cisco.com, I think if you put log on the end an access-list statement it will send the log to the syslog server. I don't know if that is true in all cases. I like to keep my routers streamed lined.ie unnecessary services and buffers turned off=) OUTPUT from show log: Admin_3662#sh log Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns) Console logging: level debugging, 723 messages logged Monitor logging: level debugging, 0 messages logged Buffer logging: disabled Trap logging: level debugging, 727 message lines logged Logging to X.X.X.X, 727 message lines logged HTH, Scott -Original Message- From: anil [mailto:[EMAIL PROTECTED]] Sent: Friday, December 07, 2001 12:58 PM To: Scott Nawalaniec Subject: RE: ACL Gurus [7:27361] Scott, If I add an access list with [log] at the end, can I expect to see the log by typing: show log At the moment I see nothing. I am trying to catch snmp traffic, using snmpwalk. port 161, 162. If I do debug snmp packets then I can see some logs. Many thanks -Anil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Scott Nawalaniec Sent: Tuesday, November 27, 2001 5:41 PM To: [EMAIL PROTECTED] Subject: RE: ACL Gurus [7:27361] Thanx for the info and the verification. Scott -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 7:25 PM To: [EMAIL PROTECTED] Subject: RE: ACL Gurus [7:27361] My understanding is ICMP is not a subset of IP or anything with IP protocol. ICMP and IP both work at the network layer and are separate protocols. Bzzt. You are the weakest link. Goodbye ;-) ICMP is IP protocol 1 (TCP is 6, UDP is 17). ICMP stands for Internet Control Message Protocol, which is a bit of a hint that it might be related to IP (although hardly strong evidence). According to TCP/IP Illustrated (Stevens); ICMP is often considered part of the IP layer, so you're correct there, but ICMP messages are transmitted within IP datagrams, so your permit ip any any will permit ICMP. And anyway, I use permit ip any any to define interesting traffic on some dialup links, and I can bring up the links with a well-directed ping. So I know IP includes ICMP ;-) JMcL - Forwarded by Jenny Mcleod/NSO/CSDA on 27/11/2001 02:09 pm - Scott Nawalaniec To: [EMAIL PROTECTED] Subject: RE: ACL Gurus [7:27361] Sent by: nobody@groups tudy.com 27/11/2001 11:29 am Please respond to Scott Nawalaniec Hello, Good call on the access-list 101 permit icmp x.x.54.0 0.0.1.255 any echo (equivalent to your two lines) My understanding is ICMP is not a subset of IP or anything with IP protocol. ICMP and IP both work at the network layer and are separate protocols. So you would not need the access-list 102 deny icmp any any (may as well block all other icmp) or access-list 102 deny icmp any any (may as well block all other icmp) because the implicit deny at the end should take care of dropping the unwanted protocols. Please correct me if I am wrong. What about udp and tcp protocols? The implicit deny would drop all protocols at the end. Scott -Original Message- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 3:56 PM To: [EMAIL PROTECTED] Subject: Re: ACL Gurus [7:27361] My view/guestimation only here, so anyone is welcome to pick holes in it: I would apply 101 (the outgoing access list to the ethernet port). May as well drop the rubbish before the router processes it. I would also make it: access-list 101 permit icmp x.x.54.0 0.0.1.255 any echo (equivalent to your two lines) access-list 101 deny icmp any any (denies all other icmp, otherwise your next line allowed everything including icmp) access-list 101 permit ip any any I would apply 102 as you have on the serial interface, with slight change. access-list 102 permit icmp any any echo-reply (presumably as you allowed echo outgoing, you want the replies) access-list 102 deny icmp any any (may as well block all other icmp) access-list 102 permit ip any any Of course this is just fictional to control icmp only. I've changed it about 4 times, so I've no doubt it could take some more changes. Regards, Gaz Matthew Tayler wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Ok I am a little confused here, but 1. What does access-list 101 actually deny ? 2. If you
RE: CCBootcamp: CCIE Written Qualifier 3-Day BootCamp [7:25404]
I would give this bootcamp a big A+. I attended the first session, Dennis is a great instructor and the book follows the test perfectly. Philip Jache Sports Illustrated Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25748t=25404 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: New York Study Group [7:23580]
We could start one. Philip Jache Sports Illustrated 135 West 50th Street New York, NY 10020 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23596t=23580 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: More fun with Access Lists [7:20477]
Very nice Dennis, they are the same access-list 10 deny 192.168.100.128 to 192.168.100.255 access list 10 deny 192.168.100.112 to 192.168.100.127 access-list 10 deny 192.168.100.104 to 192.168.100.111 access-list 10 deny 192.168.100.100 to 192.168.100.103 access-list 10 permit any any or access-list 10 deny 192.168.100.100 to 192.168.100.255 (0.0.0.155) access-list 10 permit any any vs. access-list 10 permit 192.168.100.0 to 192.168.100.63 access-list 10 permit 192.168.100.64 to 192.168.100.95 access-list 10 permit 192.168.100.96 to 192.168.100.99 access-list 10 deny 192.168.100.0to 192.168.100.255 access-list 10 permit any any or access-list 10 permit 192.168.100.0 to 192.168.100.99 access-list 10 deny 192.168.100.0 to 192.168.100.255 access-list 10 permit any any Phil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=20479t=20477 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT - CCIE Written class - it worked [7:20056]
As one of the students in this session my advice to anyone planning on taking the CCIE Written exam is, TAKE THIS CLASS. This is a well thought out course that fills in the gaps, the emphasis is on material you will not have seen preparing for the CCNA-CCNP exams. The book is well written and Dennis is a great instructor. I can not overstate how great this was. Philip Jache Sports Illustrated Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=20059t=20056 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Question about split horizon IPX [7:19232]
you can't disable split horizon for IPX RIP. Phil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=19237t=19232 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CID Exam--How difficult????????? [7:17497]
Your book is fine, give it a fast read including the appendix. Not a lot of design questions on the test. A good solid cross section of everything is on the test. I took it on July 24th, 755 was passing at that time. Review SNA and the Stratosphere line. Good luck Phil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17500t=17497 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Why Should the Binary Math Method Be Used to S [7:15552]
Loved your design book Phil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=15583t=15552 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IGRP [7:7966]
IGRP is a distance vector routing protocol whereby the RIB is sent on a regular basis. There isn't a database to my knowledge as you find with OSPF and EIGRP. Phil. - Original Message - From: Lupi, Guy To: Sent: Monday, June 11, 2001 2:03 PM Subject: IGRP [7:7966] I set up IGRP in a lab this weekend, studying up on the earlier protocols. What I need to know is, how would I go about seeing all the routes in the database so I can determine what routes the router is seeing in addition to what is in the routing table? I could not find a show ip igrp database or anything similar. I ended up having to set the variance to the maximum (128), looking at all the routes and their corresponding metrics, and then setting the variance command again to install only those routes I wanted. Thanks in advance for any help. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7973t=7966 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IGRP [7:7966]
I havn't seen 'sh ip rip database' . What IOS are you running with ? Phil. - Original Message - From: Lupi, Guy To: 'Philip Barker' ; Sent: Monday, June 11, 2001 3:37 PM Subject: RE: IGRP [7:7966] I know that the RIB is sent on a regular basis, but even RIP has a show ip rip database that will show you routes that the router has seen but did not install in the table. I am looking for a command that will do something similar to this. I cannot find one in any documentation that I have, I was hoping that someone else has also encountered this. It is very possible that the command does not exist, but I was hoping that is not the case. -Original Message- From: Philip Barker [mailto:[EMAIL PROTECTED]] Sent: Monday, June 11, 2001 10:19 AM To: Lupi, Guy; [EMAIL PROTECTED] Subject: Re: IGRP [7:7966] IGRP is a distance vector routing protocol whereby the RIB is sent on a regular basis. There isn't a database to my knowledge as you find with OSPF and EIGRP. Phil. - Original Message - From: Lupi, Guy To: Sent: Monday, June 11, 2001 2:03 PM Subject: IGRP [7:7966] I set up IGRP in a lab this weekend, studying up on the earlier protocols. What I need to know is, how would I go about seeing all the routes in the database so I can determine what routes the router is seeing in addition to what is in the routing table? I could not find a show ip igrp database or anything similar. I ended up having to set the variance to the maximum (128), looking at all the routes and their corresponding metrics, and then setting the variance command again to install only those routes I wanted. Thanks in advance for any help. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7977t=7966 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Transparent Bridging ? [7:7126]
Thanks for the excellent answer Rick. I now have it hammered down. PS : for all those who spotted my Gaff, I was on different networks at either end. Blush. Regards, Phil. - Original Message - From: Rick Seiler To: Sent: Tuesday, June 05, 2001 1:04 AM Subject: RE: Transparent Bridging ? [7:7126] OK, more than you ever wanted to know... The setup of the PCs is really no different than if they are on the same hub, switch vlan, or directly connected via a twist cable. The configuration of the PCs has to be done in one of two ways: 1. Set the PCs to the same ip subnet and mask (the default gateway doesn't matter, it won't be used). 2. Set the PCs to entirely different ip subnets (or the same, as long as the ip address is not identical or a broadcast address) and set the default gateway the same as the ip address. First Option: - Set the PCs to the same ip subnet and mask (the default gateway doesn't matter, it won't be used). For example: PC#1: IP: 10.100.1.20 MASK: 255.255.255.0 GW: 0.0.0.0 (or blank, depending on OS) PC#2: IP: 10.100.1.21 MASK: 255.255.255.0 GW: 0.0.0.0 The reason the default gateway doesn't matter is because both PC's are on the same IP subnet. The default gateway is only used if you try to communicate (ping) an ip subnet that is not local to the PC. On PC#1, ping your loopback (ping localhost on Windows), then ping your interface (ping 10.100.1.20) see above, then ping the other PC (ping 10.100.1.21). The reason for pinging your loopback and your own interface is to verify that your IP stack is functioning and configured properly before you blame the 'network'. Since the two PCs don't actually use the IP addresses to communicate, you can see what is actually going on by typing 'arp -a' in Windows to see the local ARP cache. You should see the IP address of PC#2 (10.100.1.21) and the MAC address. When you typed 'ping 10.100.1.21' on PC#1 (above), PC#1 actually: a. Sent an ARP request on the wire (you will see this on your sniffer) looking for the MAC address that answers to IP address 10.100.1.21. b. Provided only one machine on this segment (hub, switch vlan, etc.) is configured with this IP address, PC#2 will be the only PC to answer that ARP request. c. PC#1 will populate its local ARP cache with the IP address to MAC address mapping d. All communication with PC#2 will be with the MAC Address of PC#2 (not the IP Address). The reason for the IP address is to make it easier for humans to manage device addressing, the computers use only layer 1 (the cabling, hub) and layer 2 (mac address, bridge) to send information to each other. This is why you cannot ping an IP address on a different subnet (192.168.255.1 for example). The PC will try to use a default gateway to get there, which isn't configured and doesn't exist. To illustrate this point a little better, let me explain the second option for configuring the PCs: Second Option: -- Set the PCs to entirely different ip subnets (or the same, as long as the ip address is not identical or a broadcast address) and set the default gateway the same as the ip address. For example: PC#1: IP: 192.168.255.26 MASK: 255.255.255.0 GW: 192.168.255.26 PC#2: IP: 10.1.50.201 MASK: 255.0.0.0 GW: 10.1.50.201 Notice that the IP address and default gateway are identical on each individual PC. Now, why would you ever do this? To illustrate a point. If you would ping PC#2 (10.1.50.201) from PC#1 (192.168.255.26), it will work!!! (Assuming you started by verifying that you could ping localhost and your own interface). Why does this work? Because, by setting the ip address and default gateway the same, you tell the PC to ARP for everything. Even though the two PCs are configured on different IP subnets, the PCs don't care because they really use their MAC addresses to communicate. So, PC#1 sends and arp request for 10.1.50.201 on the wire and PC#2 responds, PC#1 adds the MAC address to its ARP cache and will send all further IP packets destined for 10.1.50.201 to the MAC address of PC#2. Does this clear anything up? Here are sample configs for your two routers: R1 -- ! the following line is NOT necessary if you don't put ip addresses ! on the individual interfaces, like this config ! no ip routing ! interface ethernet0 no ip address bridge-group 1 no shut ! interface serial0 desc DCE no ip address clockrate 56000 bridge-group 1 no shut ! bridge 1 protocol ieee ! end R2 -- ! the following line is NOT necessary if you don't put ip addresses ! on the individual interfaces, like this config ! no ip routing ! interface ethernet0 no ip address bridge-group 1 no shut ! interface serial0 desc DTE no ip address bridge-group 1 no shut ! bridge 1 protocol ieee ! end Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7317t=7126
Re: Cisco May Bid for Marconi [7:7024]
Natasha, Marconi are making no comment citing that the top execs are in Atlanta at a trade show My own personal thought would be that the Marconi execs would have issued a statement if their was NO truth in the matter, since Marconi shares are up 6% today on this rumour. Q: What have Marconi got that Cisco want ? A: Strong European foothold. Regards, Phil. - Original Message - From: Natasha To: Sent: Monday, June 04, 2001 3:52 AM Subject: Cisco May Bid for Marconi [7:7024] London, June 3 (Bloomberg) -- Cisco Systems Inc. may make a 12 billion pound ($17 billion) bid for the U.K.'s Marconi Plc to increase sales in Europe, Sunday Business reported, citing unidentified industry sources. http://www.bloomberg.com/fgcgi.cgi?T=marketsquote99_news.hts=AOxpdARUzQ2lzY 28g Does anybody know anything about this? Thanks -- Natasha Flazynski CCNA, MCSE http://www.ciscobot.com My Cisco information site. http://www.botbuilders.com Artificial Intelligence and Linux development Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7055t=7024 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Transparent Bridging ? [7:7126]
Hi Group, I vill say ziss only vonce. Okay, its my second attempt at trying to work out how I can bridge IP across to 2500's. I have 2 2500's configured with no ip routing. 2 PC's are connected at either end, i.e one to bridge 1 and one to bridge 2. I have a sniffer on both PC's. I am attempting to ping from one PC to the other. IEEE spanning tree is applied on both bridges. The bridges are connected via a serial cable and the serial ports of the bridges as well as the Ethernet ports are in bridge group 1. I have verified spanning tree operation and one of the serial ports has been elected root port on bridge 1, the other bridge is the designated bridge. Ref : Radia Perlman, Interconnections p.83. So far so good. I have configured the PC's with a default gateway to the IP address of each of the bridges. When I attempt to ping from one PC to the other, I can see from my Sniffer trace that the PC ARP's for the MAC Address of the bridge, this ARP is successful and the PC then sends out an ICMP echo request. This echo request appears to be my problem since the destination MAC address of this packet contains the Ethernet Mac address of the local bridge and the local bridge consequently disregards the packet. Should the PC have an ARP entry installed for the destination IP address that I am pinging ? Has anyone achieved this scenario ? or am I way off mark with my thinking here. The reason I set this LAB up was because so many questions appear to be being asked at CCIE written level akin to this setup i.e can PC 1 ping PC 2 in similar arrangement using (RSRB/DLSW+/SRB etc) Any comments welcome. Regards, Phil. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7126t=7126 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Transparent Bridging ? [7:7126]
Jeepers, Its working, though I'm not convinced as to why !!! Maybe it was when I swore at the bridges and told them Priscilla was on the case that they just through the towel in ??? Regards, Phil. PS : I'm gonna strip it down now working backwards until I break it again. - Original Message - From: Priscilla Oppenheimer To: Philip Barker ; Sent: Monday, June 04, 2001 8:27 PM Subject: Re: Transparent Bridging ? [7:7126] The PC shouldn't ARP for a bridge. A bridge is transparent. It should ARP for the end station. Something is weird with addressing and submasks. Priscilla At 03:22 PM 6/4/01, Philip Barker wrote: Hi Group, I vill say ziss only vonce. Okay, its my second attempt at trying to work out how I can bridge IP across to 2500's. I have 2 2500's configured with no ip routing. 2 PC's are connected at either end, i.e one to bridge 1 and one to bridge 2. I have a sniffer on both PC's. I am attempting to ping from one PC to the other. IEEE spanning tree is applied on both bridges. The bridges are connected via a serial cable and the serial ports of the bridges as well as the Ethernet ports are in bridge group 1. I have verified spanning tree operation and one of the serial ports has been elected root port on bridge 1, the other bridge is the designated bridge. Ref : Radia Perlman, Interconnections p.83. So far so good. I have configured the PC's with a default gateway to the IP address of each of the bridges. When I attempt to ping from one PC to the other, I can see from my Sniffer trace that the PC ARP's for the MAC Address of the bridge, this ARP is successful and the PC then sends out an ICMP echo request. This echo request appears to be my problem since the destination MAC address of this packet contains the Ethernet Mac address of the local bridge and the local bridge consequently disregards the packet. Should the PC have an ARP entry installed for the destination IP address that I am pinging ? Has anyone achieved this scenario ? or am I way off mark with my thinking here. The reason I set this LAB up was because so many questions appear to be being asked at CCIE written level akin to this setup i.e can PC 1 ping PC 2 in similar arrangement using (RSRB/DLSW+/SRB etc) Any comments welcome. Regards, Phil. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=7146t=7126 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ethernet jam signal ? [7:5796]
When I wrote the decoder for Chevin Software we attempted to be as networkingly honest as possible as to what we saw on the line. I, as a result had endless traces sent to me from clients who claimed that our software was buggy when we depicted the jam code 0xAA/0x55 in all its glory when compared to A.N. OTHER analysers that did'nt capture this at all and was therefore bug free. I think that due to these types of support calls most analyser developers don't show the truth of the matter. Regards, Phil. - Original Message - From: Priscilla Oppenheimer To: Sent: Saturday, June 02, 2001 11:05 PM Subject: Re: ethernet jam signal ? [7:5796] At 10:07 AM 6/2/01, E Joseph wrote: Priscilla, What would a the resulting jam look like on a sniffer trace?? If the jam signal is all ones, it would look like 0xFFs on a Sniffer. The jam doesn't have to be all ones, though. On old bus coax networks, it was actually rare to see the jam because by the time the jam happened the clocking was so messed up that the Sniffer had already stopped capturing and just reported a runt, CRC error, collision. On a network with repeaters (hubs), when the repeater detects a collision it sends a 96-bit jam composed of alternating ones and zeros, which would look like 0xAAs or 0x55s. That's easier to see. A lot of Sniffers don't capture bad frames or runts, so you wouldn't see any of these jams in those cases. Someone else may have some additional information. It's always been a question of mine also whether you can really see jams or not. Of course in networks where full-duplex switch ports have replaced hub ports, this is no longer relevant. Please send messages to the group, not to me. Thanks, Priscilla Thank You, Ed --- Priscilla Oppenheimer wrote: When a transmitter detects a collision, the transmitter continues to send the preamble, (if the preamble has not completed), and also sends 32 additional bits, which are called a jam signal. The jam signal extends the duration of the collision event to ensure that all stations hear the collision. The contents of the jam can be any pattern that is not intentionally designed to be the 32-bit CRC value corresponding to the (partial) frame already transmitted. Most implementations send all ones. Completely sending the preamble and transmitting a jam signal guarantees that a signal stays on the media long enough for all transmitting stations involved in the collision to recognize the collision and react accordingly. Priscilla On Thu, 24 May 2001, [EMAIL PROTECTED] wrote: What is an ethernet a jam signal Priscilla Oppenheimer http://www.priscilla.com [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=6980t=5796 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Transparent Bridging end-to-end ping woes !!! [7:6795]
Hi group, I have a lab setup with 2 routers connected via a serial link. no ip routing is configured on both. I have 2 w/stations connected to Bridge 1 and Bridge 2 respectively. The routers are 2500 series and their serial ports and eth ports are in bridge group 1. w/s 1 can ping local eth interface of bridge 1 and can ping serial interface of bridge 1. However, w/s 1 cannot ping the remote side of the serial connection to bridge 2. Bridge 1 can ping serial interface of Bridge 2 and can ping w/s 2, w/2 sends the reply to bridge 2, but bridge 2 drops the packet ? debug says not.gateway. I would appreciate any ideas as I have been stuck on this problem all week. Regards, Phil. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=6795t=6795 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CIPT Study Material [7:5404]
Hello, Does any body can send me material on studying CIPT ? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5404t=5404 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Advance PIX Configuration Exam
I Took this exam 5 days after returning from the course in Brussels. It's tough and matches the course well. I wouldn't call it 'Advanced Pix', but it does test how solid your knowledge of the fundamentals is. You need to know all the regular PIX commands and concepts from 4.x and 5.x along with Cisco Secure, CBAC, Websense Basically MCNS in more detail! Philip. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Richie, Nathan Sent: 12 January 2001 15:21 To: [EMAIL PROTECTED] Subject: Advance PIX Configuration Exam Has anyone taken this exam? I know it is a part of the security track, but does it replace the exam # 9E0-559 "Cisco Secure PIX Firewall Fundamentals"? Is there an exam outline for this exam? Thanks, Nathan Richie _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Advice CCIE/CCNP + Security
Hi Eric, I'd take a different angle to Brian, I did my CCNP v1, CCDP and then MCNS CATM before my drake test. I had my CVoice booked but time kindof got the better of me. (That and the new CVoice2 Exam) As a refresher I also covered the Routing 2 Switching 2 Course Notes/Exams as this gave me a more confidence and exposure to BGP, Multicasting, MLS etc.. I believe it all helped, yet when I look back probably 60-70% my Drake (CCIE Written) I answered from experience not the few days worth of study I did before hand. It's an individual thing, I found CCprep and Certification.Zone sample Q's helped me focus my study also. Thanks, Philip. On Wed, 13 Dec 2000, Eric Gunn wrote: Hello, I just finished my CCNP and originally planned to go right on to the Security Exam, wether that be 1 or 4 tests it didn't really matter to me. However I also planned on starting on the road towards my CCIE right away as well. Is it worth getting the CCNP Security speciality or would I be better served by going on to the CCIE written right away? I personally would do the written first. The CCIE written is not going to be focused on security security securityso no sense in having that all in your head. But definitly take the CCNP security. The lab has security, voice and ATM so getting those specializations is a big help. Brian _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Protocol Analyzer displaying ARP
Hi Jeff, I've just grabbed a trace for you. http://www.mcgeoch.com/~pneeson/lab/Debugs/Arp.cap Is this what your after? Philip. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jeff Lodwick Sent: 19 October 2000 13:57 To: [EMAIL PROTECTED] Subject: Protocol Analyzer displaying ARP Does anybody have an example or know where I can get an example of a protocol analyzer output showing information about ARP? Thanks, Jeff Lodwick MCSE/CCNA _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PCMCIA Flash Cards.
Hi Guys, Does anyone know of a utility that would enable you to copy IOS images directly onto PCMCIA flash cards from a laptop? I know the formats are different for the 3600's, SupIII's etc.. Thanks, Philip. **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Written 350-001 - IOS Version
Hi, I searched this and other study groups. But can't seem to find an answer. Can anyone please tell me what in respect to which IOS version the current Drake (350-001) is written for. 11.3 or 12.0?? I would expect 12.0 but up until recently even most exams seem to have been based around either 11.2 or 11.3 Thanks in advance, Philip. Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CBT Training Options
If you're in the states there is a law that stops or reduces sales calls. Tell them to add you to their do not call list and get a name. Write down the time and date of the call and who you talked to. After that they pay you $500 every time they call you. -Philip Date: Mon, 7 Aug 2000 13:27:42 -0700 From: "Bharat Suneja" [EMAIL PROTECTED] Subject: CBT Training Options (CCNP) Besides, I think ForeFront (now SmartCertify) sales guys are TOO PUSHY AND PERSISTENT - they kept calling me repeatedly inspite of the fact that I got really annoyed with them and clearly asked them never to call me again and that I'm NOT interested at all in their product any more. I write this to the group so that everyone thinks twice before leaving their name/address/phone number/e-mail on their web site before downloading the demos - earlier today I was woken up by the same over-zealous sales guy from Forefront and it wasn't the first time grrr ("Oh, I was wondering if you're still interested in the CCNA CBT NO, I'M NOT - REPEAT - NOT INTERESTED IN THE DAMN CCNA CBT FROM YOUR COMPANY.. NOW WHAT PART OF THAT DON'T YOU UNDERSTAND ???") The sales tactics used : The list price of the CCNA CBT is $1800, but they'll give you all kinds of discounts (bring the price down to about $1200 or so), and if you express your inability to buy an expensive CBT product (which isn't worth the money, imho, going by the demo I downloaded), they will try to sell you all kinds of installment plans to sell you the CBT, throw in freebies (buy CCNA 1.0 now and we'll throw in CCNA 2.0/ICND for free)... anything to make you buy! CAVEAT EMPTOR My $0.02 worth... :-) Bharat Suneja ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT Virtual Rack
Does anybody know what happened to virtualrack.com? It looks like the site has been down for better than a month. -Philip ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BCSN book
Can any one tell me which book is good for BCSN ? Regds, Anil "Shahir Boshra" [EMAIL PROTECTED] wrote: I just passed BCRAN exam last Thursday, I used CIM, ISDN Access and Exam Cram "Remote Access", it's a compact book which maps directly with the course (and exam) outline. Very helpful. Regards Shahir Boshra Telecommunications Specialist USAID - Egypt [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello group, I want to know that which book for BCRAN is good? Should I use BCRAN by cisco press...author: Catherine Paquet Or new BCRAN book by Thomasby osborne (i assume) ??? Please let me know that which book is easy to understand the material? Thanks Sabeen ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get free email and a permanent address at http://www.netaddress.com/?N=1 ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]