I'm running Native IOS on 6509's and 6513's. The 6509's have been running
native for about a year without any issues, both with SUP-2 and MSCF. One
thing to remember is that you need to copy off the VLAN database (VLAN.DAT
file).
The one dilema is redundancy. With native IOS it's best to run
It is amazing to me how some individuals feel that they have a
right to have their questions answered. This without even
indicating that they have done any independent research on
their own prior to querying the list.
Oh well, Happy Holidays to all, and to all a good night!
Prof. Tom Lisa, CCAI
Eric,
To get PPTP to work with PAT, you need to play with it like you do with
IPSec. Check out:
http://www.cisco.com/en/US/tech/tk648/tk369/technologies_configuration_examp
le09186a00800949c0.shtml
You need to statically map TCP 1723 on the outside to your inside PC, same
port. At one time
You know, IPSec is far more secure than PPTP, especially if you're dealing
with an MS PPTP server. Sound's like you need a PIX at work...
Chuck Church
CCIE #8776, MCNE, MCSE
- Original Message -
From: eric nguyen
To: [EMAIL PROTECTED] ; 'Chuck Church' ; [EMAIL PROTECTED] ;
[EMAIL
Eric,
I just checked it with an ACL. GRE is used incoming from a PPTP server,
at least from my work PIX it does. But the trick is getting the incoming GRE
(with a destination of your PATing PIX) to the client inside. Can you try
putting a 1-to-1 static from the PIX address pointing to the
Eric,
To get PPTP to work with PAT, you need to play with it like you do with
IPSec. Check out:
http://www.cisco.com/en/US/tech/tk648/tk369/technologies_configuration_examp
le09186a00800949c0.shtml
You need to statically map TCP 1723 on the outside to your inside PC, same
port. At one time
Sounds like the nvram or flash took a dump to me. Did you load a new config
on there? What happened when you did?
thanks,
-Brad Ellis
CCIE#5796 (RS / Security)
Network Learning Inc
[EMAIL PROTECTED]
www.ccbootcamp.com
David Cooper wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Thanks for the info.
This absolutely sucks. I am sure there are many folks out there with
broadband
connection like myself, cable modem or DSL, that has only one external IP
address. Those folks might be using Cisco Pix501, Pix506 or Pix506E for
their
home firewall. I am sure they need to
Michael,
Perhap you didn't read my previous email carefully.
I only have one static external IP address and that IP address is used by
the external interface of the firewall. Therefore, I don't have any extra
public
IP addresses to use for static NAT.
Any other suggestions. Thanks.
Eric
Hmmm To quote cisco.com...
PPTP through the PIX with Port Address Translation (PAT) does not work
because there is no concept of ports in GRE.
That was from:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configura
tion_example09186a0080094a5a.shtml
This URL shows you how to
Chuck,
I did try the following:
static (inside,outside) tcp interface 1723 172.16.1.100 1723 netmask
255.255.255.255 0 0
access-list 100 permit ip any any
access-list 100 permit gre any any
access-list 100 permit icmp any any
access-group 100 in interface outside
it still doesn't work. The
Eric,
According to Cisco's recomendations you should do following steps:
1. Create static address translation for your laptop:
static (inside,outside)
netmask 255.255.255.255 0 0
2. Configure access-list to permit GRE (you have it enabled for ALLALL,
but it may be better idea to permit
Thank you Howard for laying the foundation for us to grow on..
-Kevin
- Original Message -
From: Howard C. Berkowitz
To:
Sent: Friday, December 20, 2002 10:22 AM
Subject: Re: Fwd: RE: CCIE Vs. BS or MS dergree [7:59481]
At 1:37 PM + 12/20/02, Mr piyush shah wrote:
Dear friends
Appears to be freely available. At least, I found the link after a google
search on Bruce Caslow, found a link to the study site, and was able to
download these with no problems. Authored by the good folks at netmasters /
netcraftsmen, some of whom we know as Caslow, Pavlichenko, and Inghram, good
Priscilla,
I havent forsaken you (yet). But heres the deal:
My 2610 only has 24M of memory. I ignored the recommendation for at least
40M to run 12.1 IP Plus only to meet with disastrous results. I need IP
Plus on this old clunker to enable dot1q (and Im pretty sure at least 12.1
also).
Hello,Now that I've finally got my hands on 2 3550's, I am diving
straight into the QOS section ( the one I fear the most in the Lab), had
a question on classifying traffic via acl.On CCO, I see the following
examples:mls qosaccess-list 100 permit ip any any dscp 32access-list 100
permit ip host
Me Morpheus wrote:
Hello. I am new to the list and glad I found it. I am just
starting out with vlans and I need some clarification. Can
someone clarify the following statement:
I have the following layout:
I have 1 DSLAM with 2 ethernet ports (UPLINK and MNGT) that are
both going
Priscilla Oppenheimer wrote:
It's a fast Ethernet trunk, actually. I forgot to mention that. He does
have
some internal servers. Do you think in and out of a Fast Ethernet trunk
will
be less of a problem?
The 2600 might be.
He had a broadcast meltdown last week. Perhaps that's why he's
Hey Priscilla,
I feel about 10 times better knowing it's a fast ethernet :) If
there's anyway to localize the traffic, such as putting department X's
clients and servers on vlan 100, and department Y's clients/servers on the
other, it'd be optimal. But even if you can't it should run
HSRP uses 224.0.0.2, UDP port 1985. Any ACLs blocking this? Is IGMP
snooping enabled all places between the two routers? Check out:
http://www.cisco.com/en/US/tech/tk648/tk365/technologies_q_and_a_item09186a0
0800a9679.shtml
for more info. Also, check the switch's multicast forwarding
thanks.
it seems that the NSE-1 is made for service providers (according to the
link you sent me). is there a way to determine if i need one? or even
an NPE, for that matter?
thanks,
ed
-Original Message-
From: Reinhold Fischer [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 20,
thanks for the info.
have you or anyone else any idea what configuration it takes for a 7200
router to be comparable in performance to a PIX 515 when it comes to a
site-to-site VPN? for example, would a 7204VXR by itself be enough
(over more than enough, for that matter) to meet the packet
I agree...technology is converging more and moreyou need know r/s,
security, unix, voip, databases, programming, etc
Besides...why would one want to limit oneself only to R/S?
--
Dain Deutschman
CCNA, CSS-1, MCP, CNA
Data Communications Manager
New Star Sales and Service, Inc.
I worked on a network move for a brokerage company last week and
encountered a VERY strange problem.
We moved a bunch of equipment to a new office building. During the
process, we changed the internal network from 192.168.100.0/24 to
172.31.4.0/22.
There company has 4 Cisco 3500XL 48 port
On Fri, 2002-12-20 at 16:01, John McCartney wrote:
I'm looking for the deinitive answer on who can terminate a session in
IP/IPX/Appletalk networks.
[my apologies for the long-winded reply]
Well... it depends. In the strictest sence, all of the protocols you
mentioned are connectionless, so
The thing about comparing degrees to certs is that they aren't totally
comparable because they serve different purposes. The degree is designed to
teach you general knowledge - basically to teach you how to think.
Let's face it. The vast majority of college graduate use very little of
what they
Sorry, allI attached the IPExpert Solution not the Netmaster class..
Here is the link to the solution:
http://www.netmasterclass.net/site/articles/RS-NMC-1%20Extra%20Credit.%20Catalyst%203550%20VLAN%20configuration.pdf
Thank you.
From: Munit Singla Reply-To: Munit Singla To: [EMAIL
Hi all,
How do I configure remote loopback for a E1 link on a cisco Router. I could
do it for T1 using the FDL. But for E1 I can't find any commands for remote
loopback configuration.
Moreover can any body tell me that what these options are
Can U explain me for what these loopback commands on D
csu internal to the router, the lack of commands suggests an external csu.
Brian
- Original Message -
From: Simmi Singla
To:
Sent: Saturday, December 21, 2002 7:07 PM
Subject: E1 remote loopback [7:59704]
Hi all,
How do I configure remote loopback for a E1 link on a cisco
If I understand you correctly, I don't think we were seeing what you're
describing.
We had the problem I described even when all devices were attached to a
single 3548.
Also, someone else asked about the MAC addressesthey were all
correct. Clearing MACs on the switch didn't help the
Thanks for the reply. One of the guys with us actually put a sniffer (an
actual hardware suitcase) on the network, but didn't notice anything
unusual. Like you, I suspected that it might have been a poorly configured
app or some broadcast traffic. If the trouble was showing up at the packet
Craig, I looked through the other responses, but I wanted to offer
something. I worked in brokerage for a number of years, most of which time I
was in the beginner's level regarding networking. But I do recall some
strange things happening, and I never did trust the answers particular
venders were
Depends on what you plan on doing on them. If you are going to be doing
mostly layer 2 switching then I would leave them hybrid. If you plan on
routing each port on each switch then definitely go native.
Greg Rend wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
I had a quick
33 matches
Mail list logo