Hi All,
Has anyone experience something similar to - the rip default not being shown
in the route table and the rip database that is being sent by the upstream
router?
(Upstream router being a tier 2 provider).
I have other routers hanging off the provider edge router that are receiving
the
Hi,
In the use-proxy PROXY remote-zone gk2 outbound-from terminal line, is
PROXY your local zone name in the gatekeeper, besides, being your h323
proxy's h323-id? You should enter local zone name of the gatekeeper after
use-proxy command, that local zone should be the zone to where the h323
Hi,
Is it a MUST to configure 'fragmentation' (under 1.5M wan link) when
enabling LLQ (for voip over frame-relay)? How about if One side connection
is FR but another is just a simply leased line?
Thanks.
rgds,
ivan
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60939t=59820
if you want to get it in a short time,you can write mail to
me([EMAIL PROTECTED]),
i will help you to get it and you do nothing but you must pay for
them.the p
rice is the lowest,for example(Include the charge of exam):
CCIE(WRITTEN): 1500$
ocp(updated):500$
Message Posted at:
Hi
Can anyone please tell me what the point of the following command is
static (inside,outside) 157.157.146.13 157.157.146.13 netmask
255.255.255.255 0 0
Same IP address on the inside and the outside, I have seen this used on
production networks, but can not figure out why, can anyone please
you can try an extended ping with the record bit set, maybe it tell you all
routes in that case.
Priscilla Oppenheimer a icrit dans le message de
news: [EMAIL PROTECTED]
Symon Thurlow wrote:
Well, I would view an ISP who uses 1918 addresses in their
public network a little warily.
I think that is to ensure that any traffic coming from the outside to
the inside for that particular host will NOT get address translated (as
long as you have a conduit or access list command that allows access).
Symon
-Original Message-
From: Arni V. Skarphedinsson [mailto:[EMAIL
Ok,
But I am not quite sure I understand this, beacuse in this example the
address is used as an privat address on the company´s internal network, and
is not routed to the pix on the outside interface from hosts on the network,
so If this is to bypass NAT, by what IP address do the hosts on the
I's used when no NAT is performed.
Kvepja,
Marko.
-Original Message-
From: Arni V. Skarphedinsson [mailto:[EMAIL PROTECTED]]
Sent: manudagur, 13. janzar 2003. 11:13
To: [EMAIL PROTECTED]
Subject: PIX Question [7:60941]
Hi
Can anyone please tell me what the point of the
An application for this would be if you have a server with a global ip
address assigned to it in your DMZ, then you don't want your PIX to
translate your global from the outside.
static (dmz,outside)157.157.146.13 157.157.146.13 netmask 255.255.255 0 0
Another case would be an intranet server,
Hello group,
I'm looking to monitor VPNs via SNMP for up/down and traffic volume
monitoring (maybe even send to MRTG). I just wanted to know if the PIX IOS
MIB supports for this.
Thanks
Albert
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60948t=60948
For static(inside,outside), I remember doing this in our lab where two PIXs
connect one after the other. Disabling NAT static(inside,outside) for the
transition network would simplify things.
I guess you might just see this setup in a production network. Ü
Message Posted at:
Hi all,
The cat 6500 power supplies - 1300W and 2500W.
Can these 2 types be mixed in the same chassis or must they be the same
type?
Andrew Larkins
BCom, CCNP, CCDP
Bytes Technology Networks
A Division of the Bytes Technology Group
A Member of the Altron Group
www.btgroup.co.za
visit the press
Do any of your external devices have a route for the 157.157.x.x network,
pointing to the PIX to get there?
I have used this in the past to ensure that another local device outside the
PIX could send syslog messages to a server behind it, using it's real address.
Symon
-Original
It is just a static NAT of the internal address to an external address, in
this case they happen to be the same address
... sometimes used in conjunction with conduits/ACL's to permit certain
monitoring/syslog/tftp/etc. traffic to external devices (edge routers, for
ex.) without exposing the
A friend of mine works for a local community college and is interested in
starting up a Cisco Networking Academy. Is anyone familiar with how one
goes about getting one of these started? Any information would be
appreciated and passed on.
Thanks
Confidentiality Notice: This e-mail message,
A friend of mine works for a local community college and is interested in
starting up a Cisco Networking Academy. Is anyone familiar with how one
goes about getting one of these started? Any information would be
appreciated and passed on.
Thanks
Confidentiality Notice: This e-mail message,
The thing is the the router external to the pix, does not have a route for
the 157.157.0.0 network, considering that, whill this ever work ???
Although the address is a public IP address, this company uses it as an
internal address, and It sould not be visible on the internet, also the
server
--
Johnny Routin
)?)
-
Chee Kin Chan wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hi all,
Please do not ask from me the site.
I would just like to know if there has been any form of violation.
Thanks,
cheekin
Message Posted at:
It might be here:
http://cisco.netacad.net/public/index.html
Don
- Original Message -
From: Roberts, Timothy
To:
Sent: Monday, January 13, 2003 7:03 AM
Subject: Cisco Network Academy [7:60952]
A friend of mine works for a local community college and is interested in
starting up a
Just so I understand (crypto is a tough subject for me), if one knows the
length of a packet before crypto processing, it becomes a weakness
because(fill in the blank).
Howard C. Berkowitz wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
At 12:03 AM + 1/13/03, Steven
Thanks! I was just curious. What about L2 headers in Frame Relay
Fragmentation (frf.12)?
Priscilla Oppenheimer wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Steven A. Ridder wrote:
Does anyone know if a packet is fragmented, that the specific
values in a
field are
YES!!!
Dude, send me your LEGAL name and I'll make sure I send the invitation
to Cisco as well. Dude, you could make millions, even in jail.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 13, 2003 4:29 AM
To: [EMAIL PROTECTED]
Subject: Pass IT
If there is no route for that block, including summarizations thereof (and
no interface in that subnet), then it shouldn't go anywhere / be reachable.
So the next question - does it work?
* Can that machine get out, and if so ... try
www.whatismyip.com
...
Hiya,
Anyone got any ideas on sizing memory for a VIP, short of getting default
and seeing if it runs out? Normal router memory I can usually get about
right, but I dont know the correlation between RSP memory and VIP memory.
Ta
Lauren
Message Posted at:
Materials provided by the Cisco Networking Academy program are
for the exclusive use of students enrolled in the program even if they
are
free to them. Unless this instructor has received permission from Cisco
to distribute it freely to anyone, he should have that area of the
webpage
password
Hi
I have a problem with a Cat3548 and 2611 where i did set the ports on
both to FULL DUPLEX and no errors are seen on the interfaces but the
switch's CDP is keeping telling me
%CDP-4-DUPLEX_MISMATCH ... discovered
is this some kind of IOS bug ?
Any danger from this message or can i
i am trying to setup my xyplex for remote telnet sessions...
whenever i telnet to the xyplex server, it crashes hard. I must recycle
the power on it. has anyone had this similar problem ?
thanks...
Sign Up for Juno Platinum
yes it is a CDP ver 2 bug.
I posted a similar report, including configs and outputs a week or two back,
and someone was kind enough to let me know about his experiences in this
matter.
check back a couple of weeks in the archives.
HTH
--
TANSTAAFL
there ain't no such thing as a free lunch
Hi Albert,
The following SNMP MIBs were created to support the Cisco VPN Device
Manager (VDM) product, however, you can interogate these and I have
attached a URL of a good document with an overview of how this is done.
CISCO-IPSEC-FLOW-MONITOR- MIB
CISCO-IPSEC-MIB
I usually get the max memory possible, but I believe that 128Mbps per VIP is
the minimum required to run distributed CEF.
-Original Message-
From: Lauren Child [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 13, 2003 10:46 AM
To: [EMAIL PROTECTED]
Subject: VIP memory sizing? [7:60962]
Yes and no.
In combined mode they may be different wattages.
In redundant mode wattages must be identical.
More detail at:
http://www.cisco.com/en/US/partner/products/hw/switches/ps708/products_c
onfiguration_guide_chapter09186a008007e6f6.html
Frank Jimenez, CCIE #5738
[EMAIL PROTECTED]
Here's an answer from a year ago from Eric B
The CDP duplex error message may not mean you have a
mis-match in the speed/duplex somewhere.
The message occurs because CDP version 2 packets
include duplex information. CDP version 1 doesn't
include duplex info. If you have a older device that
Hi,
Anyone has attempted CCNP recertification exam?How
hard it is?Any idea?
Thanks.
Saj
__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
Message Posted at:
I want to create an object-group but I'm not sure which one to use and how
to use it. I want to add a range of tcp ports and a few udp ports. How
can I do it? Thank you.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60976t=60976
hy all,
is anyone here, who passed the 640-910 exam? i took it
and failed by 5 points *argl*.
i think that i misinterpret the ospf exhibitions ( the drawings
aren't really good).
any suggestions?
kind regards,
marco
[GroupStudy.com removed an attachment of type application/pgp-signature]
Are you still receiving it? (debug ip rip...)? And are you sure you aren't
receiving any other default route via other -better admin distance-
routing protocol? What do you see in a debug ip routing?
Vicuna, Mark
Enviado por: [EMAIL PROTECTED]
13/01/2003 09:13
Por favor, responda a
Steven A. Ridder wrote:
Thanks! I was just curious. What about L2 headers in Frame
Relay
Fragmentation (frf.12)?
They probably stay the same? The FR header doesn't have much in it, but what
it does have should be in each fragment, I would think. But I'm not sure on
that one. That's one we
239.0.0.0 thru 239.255.255.255 make up the multicast limited scope
(224.0.0.1-238.255.255.255 are classified as globally scoped meaning that
these are taken up by various protocols/applications). As far as I know,
there is no CIDR/subnet mask notation for addresses in the Class D space.
You can
I just set up a back to back PIX firewall test. Using IKE and IPsec with a
laptop on either end. One is a 520 (6.2) and the other is a 501 (6.2) and
Win2K and Win98 as clients. Everything works as it should but.. isnt there
always a but? the traceroute response time is something like 800mS. When I
it has nothing with the VPN tunnel but everything to do with DNS. if you
specify the
IP address in the /etc/hosts file, that will speed it up very quickly. I
have the same
setup like yours with the exception that I have franken pixes (Pix520) on
both ends
By the way, use version 6.2(2) on the
Mike,
How are the PIXes connected? If via a crossover, you might be
experiencing excessive collisions. I've tested a similar configuration
as well, and I've found that placing a switch in between the two PIXes
will eliminate the collisions.
Ed
-Original Message-
From: [EMAIL
In answer to Eric, there is not any DNS involved as the traceroute is IP
only... no name resolution needed.
In answer Ed's comments, I have both plugged into a switch and so it's not
*back to back* in the normal sense of the word.
MikeS
Message Posted at:
Check for duplex and speed settings on switch as well as interface errors
and collisions.
Mike Sweeney wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
In answer to Eric, there is not any DNS involved as the traceroute is IP
only... no name resolution needed.
In answer Ed's
Taking the 640-604 switching exam within the next week or two and my
research shows, from the cisco site, although there was HSRP and ATM LANE
questions on the 640-503 exam, these topis are not included on the 640-604
exam.
Just wanted to confirm, thanks.
Message Posted at:
I ment 640-504 sorry, not 640-503 I fat fingered it.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60988t=60987
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and
HI
Does anybody know where I Can get basic free training on the Cisco Switch
3550 ?
Thanks
_
Protect your PC - get McAfee.com VirusScan Online
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
Message Posted at:
johnman johnman wrote:
HI
Does anybody know where I Can get basic free training on the Cisco Switch
3550 ?
Thanks
_
Protect your PC - get McAfee.com VirusScan Online
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
Yes there is. From my experience with this I know that ADC sells a modular
SDSL modem. You can use either an ethernet,
RS-530, V.35, or RS-449 interface with this modem. The serial card is FLEX
module with two data ports and 1 DSX port.
The data port interfaces are a mini-SCSI 26 pin port. ADC
Is ping that slow too? What else did you try? FTP? TFTP? Traceroute and
Telnet are sort of weird ways of testing response time, but a good start.
Can you put a sniffer on one of the Windows machines and see where the
delays are actually occuring?
Try to distinguish between a slow network and
Hi,
If I want to set the voice traffic have high priority and the rest will use
fair queue, which cisco queuing method can achieve it?
The hardware is 17xx or 26xx. Thanks.
It looks like the LLQ or CBWFQ will have guaranteed bandwidth feature during
congestion but seems not the solution I am
Thanks. That is the confirmation I need.
cheekin
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60995t=60894
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and
I Just found this out from SANS Critical Vulnerability Analysis...
HIGH: Cisco IOS SSH Denial of Service Vulnerability
Affected Products:
Cisco IOS versions 12.0S, 12.0ST, 12.1T, 12.1E, 12.1EA, 12.2, 12.2T,
12.2S. All products running these versions of IOS are vulnerable if
the SSH server
I'm a CCIE with over 4 years of experience in networking and a college
degree. Each position I have had required a small percentage of security
related work. Does that satisfy the requirements or are they asking for
100% security work? Any help greatly appreciated.
Message Posted at:
check out the technical documents section on
www.netmasterclass.net
johnman johnman wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
HI
Does anybody know where I Can get basic free training on the Cisco Switch
3550 ?
Thanks
Hi,
I passed it around 6 months back.I think the drawings were proper.You can
refer some of the PDF's available on this in the web site.
Kind Regards/Thangavel
-Original Message-
From: Marco Eulenfeld [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 13, 2003 11:53 PM
To: [EMAIL
Hi,
I have done both, and it still does not work! I have a linux box on the
external segment, and I can ping the external interface of the PIX from
it. I can also ping the Linux box from the PIX, but not through it.
I get the feeling the answer to this will be a doh!, but I can't see it
at the
Can the PIX ping hosts out on the Internet?
Can the ping ping an internal host? Can that host ping the internal
interface of the PIX?
-Original Message-
From: Symon Thurlow [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 13, 2003 11:31 AM
To: Daniel Cotts; [EMAIL PROTECTED]
Subject:
An update,
Even with debug ICMP trace enabled, if I try to ping through the PIX (
I have conduit permit icmp any any) I see nothing, also using a sniffer
on the internal segment, I see my ping requests, but no replies.
If I ping the inside interface, I get debug results.
I am starting to think
Good to do a show interface to make sure they are up.
Might want to do a conduit permit icmp any any to do some ping tests.
I'm assuming that your outside interface is reachable from the Internet.
Verified?
-Original Message-
From: Symon Thurlow [mailto:[EMAIL PROTECTED]]
Sent: Sunday,
Hi team,
I am finding difficult to follow on the Lab 8 of the ccbootcamp - Sec 1
z (cc) and Sec. 3 ( More BGP configuration ). Can somebody explain
whats been asked there?
Thanks,
rajesh
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60993t=60993
I would appreciate feedback from anyone who has actually used this product.
Thanks!
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60936t=60936
--
FAQ, list archives, and subscription info:
Yes to all!
-Original Message-
From: Daniel Cotts [mailto:[EMAIL PROTECTED]]
Sent: 13 January 2003 18:05
To: Symon Thurlow; [EMAIL PROTECTED]
Subject: RE: Learning PIX [7:60919]
Can the PIX ping hosts out on the Internet?
Can the ping ping an internal host? Can that host ping the
Could it be because a host on the outside may need to initiate a connection
to the host on the inside. The PIX requires a NAT, even if it is to the
same address.
Evans, TJ (BearingPoint) wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
If there is no route for that block,
There will be HSRP , Not ATM LANE :)
-Original Message-
From: David Ristau [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 14, 2003 12:03 AM
To: [EMAIL PROTECTED]
Subject: CCNP 640-604 switching exam [7:60987]
Taking the 640-604 switching exam within the next week or two and my
65 matches
Mail list logo