Dear All,
I hope to find an expert in PIX firewall to help me to solve this problem:
About PIX authentication With ACS2.3.
I am trying to configure my PIX506 with IOS5.1 to use cisco secure ACS2.3 to
authenticate my internal users when they try to access the internet..
The ACS located on the insid
[EMAIL PROTECTED] ("EA Louie") wrote in
:
>read (watch the wrap)
>http://www.cisco.com/univercd/cc/td/doc/product/software/ios11/cbook/cipx
>.ht m
>
>I don't think they've changed the cost 'calculation' since IOS 11.0.
>It's not so much a calculation as it is an assigned value that you can
>cha
in this case definitely. No adjacency formed because the ip address was
duplicate. Once I sorted this problem then the adjacency came in so in this
scenario I would definitely say that Jeff Doyle is wrong.
-Original Message-
From: tom cheung [mailto:[EMAIL PROTECTED]]
Sent: 14 April 200
Can anyone please explain to me what is the difference between the
command "show ip bgp" (or show ip bgp summary) and "show ip route bgp"?
I have read the BSCN book between page 348 and 352 many times, but I'm
still very confused. The book said "show ip bgp" displays BGP routing
table?? But I tho
Here is my understanding of the difference. Hope it helps.
Show ip bgp shows you the "potential routes". This is showing you the
routes that are in the BGP "forwarding table". This is what BGP knows about
(sometime referred to as RIB). These are the potential routes to be
injected into your r
Here is a little explanation.
"show ip bgp" shows the bgp routing table. This may or may not be different
from the IP routing table for a particular router.
"show ip bgp summ" shows the EBGP & IBGP neighbor/peer relationships that a
router has been able to establish.
"show ip route bgp" shows
>Can anyone please explain to me what is the difference between the
>command "show ip bgp" (or show ip bgp summary) and "show ip route bgp"?
>I have read the BSCN book between page 348 and 352 many times, but I'm
>still very confused. The book said "show ip bgp" displays BGP routing
>table?? But
OK, for those of you who continue to be
incredulous, let me spell this out.
We have a budget with budget lines. Commodities
fall under $100, and equipment is over $100.
Third party cables would be commodities, and
there isn't enough money in that budget line
to buy cables, because somebody else d
I have an as5300 that i am advertising the pool addresses via ospf. I am
redistributing static and conected subnets. However when i do a sh ip
route xxx.xxx.xxx.0 i am seeing two or three entries like:
U xxx.xxx.xxx.0/24 [1/0] via xxx.xxx.xxx.99 <-- 1 of the pool ips
This is causing the
I have an as5300 that i am advertising the pool addresses via ospf. I am
redistributing static and conected subnets. However when i do a sh ip
route xxx.xxx.xxx.0 i am seeing two or three entries like:
U xxx.xxx.xxx.0/24 [1/0] via xxx.xxx.xxx.99 <-- 1 of the pool ips
This is causing the
Priscilla Oppenheimer wrote:
>
> At 06:12 PM 4/13/01, Irwin Lazar wrote:
>
> >I know a few years ago several interface cards, especially those from
Intel,
> >had a heck of a time auto negotiating with Cisco Catalyst 5xxx's, but I'd
> >imagine these problems are resolved by now. (It shows you ho
No problem:
#1. The addresses listed do not overlap (all different class Bs), and EIGRP
handles
VLSM. **see #2**
#2. EIGRP by default auto-summarizes at classful boundries, so either use NO
IP
AUTO-SUMMARY, or make sure you don't create multiple clouds of
172.20.xxx.xxx/24
networks.
DaveC
S
I have an as5300 that i am advertising the pool addresses via ospf. I am
redistributing static and conected subnets. However when i do a sh ip
route xxx.xxx.xxx.0 i am seeing two or three entries like:
U xxx.xxx.xxx.0/24 [1/0] via xxx.xxx.xxx.99 <-- 1 of the pool ips
This is causing the
No problem:
#1. The addresses listed do not overlap (all different class Bs), and EIGRP
handles
VLSM. **see #2**
#2. EIGRP by default auto-summarizes at classful boundries, so either use:
(config-router)#NO AUTO-SUMMARY {on all eigrp routers.}
Or make just make sure you don't create mult
Hello Gang - I am looking for 8 MB flash for 2501 & 2502. Can someone help
with the link. I tried browsing the net and found couple of sites where
they sell 8MB flash for USD.199. I am looking for something less. I tried
ebay. Either the shipping is way too high or the seller is not interest
Hello Everybody!
I was just curious if anyone has scheduled to sit in on the CCIE Optical
Beta?
http://www.cisco.com/warp/public/625/ccie/ccie_program/whatsnew.html
I see the beta is only US$50. After reviewing the CCIE Blueprint, does
anyone have any thoughts on how difficult the exam may be?
Actually you can get IPSEC to work with nat. The problem lies within the
procedure on the router. Packets are nat'ed before the IPSEC process takes
place.
Here is a link dealing with IPSEC and nat. I am sure if you search around
there will be more. This link deals with one side doind NAT and IPSE
I am trying to get various opinions of several CCIE Lab Prep courses. I
already know about MentorTech's ECP1. I am already registered for that class
in August. I want to know if anyone has opinions on these courses.
BNetsys CCIE Courses
Global Knowledge ANEW
Bruce Williams
[mailto:[EMAIL PROTECT
>I don't know that they do, but the Linksys does support port >redirection.
>Just point the standard telnet port (23) at your inside >router. Once on
>one inside router you can telnet around to others >inside, or you can also
>point other ports from the outside to inside >port 23. The biggest
Hi group
Is there anyone have experience with Alcatel 1641 SM (ADM for STM-1) ?
I just wanted to know standard configuration for Alcatel 1641 SM. Can this
box supported software loopback ?
I rather difficult to find out any information that i want in alcatel
website, have you any idea to help me
Sipitung,
Try this link for find info on SONET/SDH:
http://www.aloni.com/CND/CNDest.asp?TOCId=Telecom&TopicID=SONET
Simple Diagram:
(Drop) Term Multiplexer (Line) Add Drop MultiplexerIR(Line) Term
Multiplexer (Drop)
Terminal - Terminates OC-n (Drop side and Line side)
Add/Drop - A
I happen to be a ccnp and mcse. I get how ip helper-address works. Also
work with microsoft dhcp servers.
How do you setup a scope for a remote subnet, and how does the dhcp server
know how to hand out the correct ip leases for a non-connected subnet?
Does the dhcp server look at the source ad
Thanks for the list of errors from the cramsession. I'll put then together
with some observations from a few others, including Pricilla, and try and
get them to publish an update.
Thanks again...
--- Dennis
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=721&t=721
---
At 01:32 PM 4/15/01 -0400, Fred Danson wrote:
> >Anyway, here is what you could do
> > PublicPrivate
> >63.1.1.1 :23192.168.1.23 :23
> >63.1.1.1 :24192.168.1.24 :23
> >63.1.1.1 :25192.168.1.25 :23
> >63.1.1.1 :26192.168.1.26 :23
>
>I wasn't aware that it is possible to
Thanks for the info,
Does the telnet client that is built into Windows2000 Professional allow
changing of the destination port? Could I just click start --> Run and type
in telnet 63.1.1.1 :24 ??
Thanks in Advance,
Fred
>From: Carroll Kong
>To: "Fred Danson"
>CC: [EMAIL PROTECTED]
>Subject
Chuck
Thanks for the proof read :>
Bellow is the cisco page & part of the doc relating to zero subnets.
To me it reads "don't; because we say so"
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c/ipcprt1/1cdipadr.htm#xtocid105602
---
Enabling Use
ipaddress port' from the command line/run (telnet ipaddress:port from the
command line fails to work properly and just reports that it cannot
connect). I suggest getting TeraTerm for a much better telnet/serial
program. You can change the telnet:// URL to launch it instead of the
Windows telnet.
Yes, but remember that just changing the port is very weak security that any
portscanner will be able to find:
Start - Settings - Control Panel - Administrative Tools - Telnet Server
Administrator:
Microsoft (R) Windows 2000 (TM) (Build 2195)
Telnet Server Admin (Build 5.00.99201.1)
Select one o
Yup, you got it. Just set up the extra scope(s) for the subnet(s) you have
the ip helper-address enabled port(s) on. The DHCP server sees the source
address (or perhaps network address/mask, I'm not sure the down and dirty
details), and sends an appropriate DHCP address from the scope that fits
That's got to be one of the lamest things I've ever heard. I'd tell
accounting to stick it, and that unless they want to learn how to make
routers work and figure out the correct parts, that perfectly legitimate
third-party serial cables are no different than the Cisco blue & logo'd
cables other
Fred Danson wrote:
>
> Thanks for the info,
>
> Does the telnet client that is built into Windows2000 Professional allow
> changing of the destination port? Could I just click start --> Run and type
> in telnet 63.1.1.1 :24 ??
>
more like:
telnet 63.1.1.1 24
I use this all the time to read
Took CIT on Apr 3 2001 and only had one... thank goodness!
Tim
""Priscilla Oppenheimer"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> For those of you who have taken the Support exam recently, did you get any
> AppleTalk questions?
>
> The outline for the 640-506 Support exam
EIGRP has no class either... :)
David Chandler wrote:
> Chuck
>
> Thanks for the proof read :>
>
> Bellow is the cisco page & part of the doc relating to zero subnets.
> To me it reads "don't; because we say so"
>
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c/i
I apoogize for the multiple posts on my ospf question.
dale
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=732&t=732
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and
Thanks for the explanation guys :) Just one more quick question, on the
"show ip bgp",
are the best routes indicated by an > or an *?
Regards,
Hunt Lee
Howard C. Berkowitz wrote:
> >Can anyone please explain to me what is the difference between the
> >command "show ip bgp" (or show ip bgp s
At 04:04 PM 4/15/01, you wrote:
>Priscilla,
>
>With reference to the comment below:
>
>The cram
> > session has the usual misconceptions, such as claiming that SRB and SRT
are
> > in 802.5, which they aren't, and that HSRP is a routing protocol that is
> > standing by, (it's a router standing by),
At 01:52 PM 4/15/01, Michael Snyder wrote:
>I happen to be a ccnp and mcse. I get how ip helper-address works. Also
>work with microsoft dhcp servers.
>
>How do you setup a scope for a remote subnet, and how does the dhcp server
>know how to hand out the correct ip leases for a non-connected sub
I've heard the same said of IPX. Which leads to the obvious question - is IP
any less chatty than any other protocol? At least with IPX there is no need
for ARP because the station address and the MAC address are one in the same.
I believe that the designers of Microsoft networking were cognizant
Wonder if that's part of the reason I didn't make it to day 2 ;->
I see the point of the article, but I still believe it is more of a
compatibility issue than anything else. Can't get into the RFC server I
normally use to see if RFC 1812 ventures an opinion. CIDR probably figures
in here somewhe
Dale,
No appology necessary. Your mail bounced in the moderators queue because it
contained xxx. My guess is I approved it twice by mistake.
Hey I am trying to get rid of the spam and I assumed XXX would be a good
keyword.
Take care,
Paul
- Original Message -
From: "Dale Frohman"
T
Hi All,
Just wanted to hear what other people are using (or would recommend) for the
IOS images on their 2500 series routers with a typical 16MB DRAM/ 8MB Flash
setup.
I remember hearing from Louie that he ran 12.09 Enterprise Plus IOS on all
of his 2500's with that 16/8 configuration. There'
version 12.1
no service single-slot-reload-enable
service timestamps debug datetime
service timestamps log datetime
service password-encryption
!
hostname Cisco1605
!
logging buffered 4096 debugging
logging rate-limit console 10 except errors
enable secret 5 **
!
ip subnet-zero
no ip sourc
Roger,
I ran into the same problem you had. You want to run enterprise images with
all the bells and whistles and be 12.0 ver.
The only wy was for me to up grade all of my routers to 16 meg flash. Yes a
bit costly but in the end to be able
to get things done well in a home lab is to have an IOS
That Cisco page is extremely dated information, and actually not
quite right -- RFC 791 is, indeed, the primary IPv4 specification,
although the IP address format was originally defined in RFC 760.
Neither one of these, however, discusses subnetting, which was
introduced later in RFC 950. RFC
Hunt,
When you do the show ip bgp command - it shows you a lot of information on
the top (status codes, origin code etc etc...). The status code "*"
indicates that it is one of the valid paths and ">" indicates that it is the
best path. Hope this helps.
Also, I found a lot of excellent infor
the best track to follow is pick a subject and read
http://www.cisco.com/warp/public/625/ccie/certifications/rsblueprint.html
...you might think you know some topics but you will be surprised ...i
speak for myself..example the datalink layer...oh my
this is what i used to study and pass the wr
While we're posting configs, I figure I might as well share my latest for an
827 that's temporarily taking the place of my 1605R (the 827 is awaiting
install, but works great and seems to have much less latency than going
through the usual Alcatel ADSL modem and then to 1605R ethernet). Plus, the
hi techs
i got a small problem at my client place
i have isdn connection between my client's head office and factory through
2610 routers (through isdn bri card). configuration is through. every thing
working fine. i draw a separate cable from NT1 second port and connected to
head office router
well Aaron, it has something to do with something Cisco calls 'throughput'.
I don't know how they determint throughput - perhaps by the 5 minute average
load on the interface.
-e-
- Original Message -
From: "[EMAIL PROTECTED] (Aaron)"
To:
Sent: Sunday, April 15, 2001 4:33 AM
Subject: R
Well,
Since ip nat is accomplished through the use of access lists,
you can log the rule hits/misses or view the statics on the number of
matches with the _show access-lists_. Logging can be used to analyze
traffic going through your access lists (and thus, nat'ed) so that you can
obtain more
Sorry to give you so much flack.As I mentioned in my first reply, the
part numbers you need are:
CAB-V35MT=
CAB-V35FC=
If you'd like, I could buy them for you and jack up the price. Then you
could pay me $75 per cable and I'd make $30 or $40 on the deal. :-)
Sorry, I couldn't resist.
Reg
HEY!!!
Todd may have his name on the cover and the series,
but I did have a little something to do with the Sybex
CID book!!! Like writing 13 chapters! Thanks for the
complements, although I strongly recommend that
readers review the Cisco Web site for the StrataCom
material.
If the beta is an i
I have heard from an inside source that much of the further development
on the optical product lines will cease as part of the bleeding out due
to Cisco's budget cuts.
Lance
>From: "Scott Jensen" >Reply-To: "Scott Jensen" >To: [EMAIL PROTECTED]
>Subject: CCIE Optical Qualification Beta (Exam 351
Hi All - In the real world, how should I obtain an "autonomous system"
number? Will I be assigned from some organization or I just make it up?
Sorry for the so simple question!
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=752&t=752
-
With 8MB of Flash, I would recommend you to ran IOS version 12.0(15),
IP/IPX/AT/DEC. This is the latest version of v12.0. It's only require 8MB
of flash and is a clean version (have the TCP security flaw bug fixed).
""Roger Sohn"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECT
So are we all agreed that there is not a problem with using the all 1s/0s
subnet?
The real problem seem to be that they continue to teach it.
I think I can plow through RFCs 791, 950 & 1812 within the next couple days.
May be there is a more compelling reason than it could cause problems with
hos
Was the CID test more technical like the other CCDx tests or more like case
study questions like the CCDA with a ton of reading???
""Sean C."" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi Andy,
>
> Took the CID last week and passed - 2nd attempt. The horror stories you
>
Here is a good link:
http://www.cisco.com/warp/public/cc/pd/rt/12000/prodlit/gspos_an.htm
""sipitung"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi group,
>
> Have you any idea for url which described about sonet/sdh framing in more
> detaili still a bit confuse about
Allen- This last one did the trick...Thanks to you and all on the list
that responded
to my help...I was just about starting to give up on this thing.. again
thanks a mill !!!
On Wed, 11 Apr 2001 12:53:32 -0400 "Allen May" writes:
> - Original Message -
> From: "EROD EROD"
> To:
>
59 matches
Mail list logo
