- Original Message -
From: MADMAN
To: The Long and Winding Road
Cc:
Sent: Tuesday, 18 February, 2003 6:50 AM
Subject: Re: Dropped Packet on 6506 switch [7:63053]
The Long and Winding Road wrote:
hey, Dave, request for clarification
whenever I run my config tools ( either
Here -
http://people.ee.ethz.ch/~oetiker/webtools/mrtg/
Almost everything you need to know can be found there.
The comp.dcom.net-management newsgroup is a good forum for getting it set up
the way you want it. Both MRTG and RRD Tool (comes with MRTG).
If you want to run it on a Windows server,
Did you replace the cable with a known good one? Or with the one that
your predeccessor replaced because he jammed it in the door and had
problems with bad FCS :) just kidding!
Make sure you replaced it with a new or known good cable, rather than a
spare.
Symon
-Original Message-
Look into CBWFQ. Search on CCO for Class based weighted fair
queuing...This will give you the finest granularity of control
over the type of traffic your dealing with.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Stuart Pittwood
Sent:
I had a look at the link, and this is the flow for inside-outside:
If IPSec then check input access list
decryption - for CET (Cisco Encryption Technology) or IPSec
check input access list
check input rate limits
input accounting
policy routing
routing
redirect to web cache
NAT inside to outside
Set prompt :
-Original Message-
From: MADMAN [mailto:[EMAIL PROTECTED]
Sent: 27 February 2003 22:11
To: [EMAIL PROTECTED]
Subject: Re: Cat4006 - Prompt [7:63984]
FWIW The system name clears but not the prompt. I'm running 7.2.2:
C4006A (enable) set system name
System name cleared.
I replaced a couple of Checkpoint boxes that were handling about 700
concurrent inbound connections (trading system).
The Checkpoint boxes (I think one was a PIII 500, the other a dual PIII
700) both PC's, handled it easy, no real CPU load, and they only need
about 192MB RAM, 256 MAX.
The PIX
Thanks. symon.
Would anybody answer my question titled 'NAT definition' ?
(I sent it to this ML in 25 Feb.)
regards.
On Sat, 1 Mar 2003 08:44:08 -
Symon Thurlow wrote:
I had a look at the link, and this is the flow for inside-outside:
If IPSec then check input access list
decryption
I would like to log all failed (and maybe even all successful) login
attempts on a router to my syslog server, but I can't find a way to do this.
Since I'm using a local user database, with login local on the VTY, I would
like to see what user acconts are beeing tried at the logon prompt.
Can
Hello,If the clock rate has been configured for 64000 on one side of the
link (home lab), does that mean that the bandwidth needs to be set to
64000 on both sides of the link using the bandwidth command so that
routing protocols like Ospf correctly compute the metrics? After all,
isn't the
Kiwi makes a good Syslog server.
-dlb
Johan Hjalmarsson wrote in message
news:[EMAIL PROTECTED]
I would like to log all failed (and maybe even all successful) login
attempts on a router to my syslog server, but I can't find a way to do
this.
Since I'm using a local user database, with login
Google is your friend :)
But here is the site and everything you need is there on the site
http://people.ee.ethz.ch/~oetiker/webtools/mrtg/
Also here is what a sample looks like of mrtg running graphing my pix
and web server and mail server for my home network.
http://www.digitalrage.org/mrtg
Hi,
the solution to this is the Cisco Security Server ACS. If you
authenticate the users via this AAA Server it will log the
successful and failed attempts. One server will do it for all
routers and switches on the network.
AAA means authentication, authorisation and accounting. This
means you
Isn't it standard practice for two entities, when setting up
a peering, transit, or partial transit relationship, to agree
on what routes will be sent over the links and then develop
route filters on each side accordingly? If this is done properly,
then a misconfiguration on one side should not
That's actually an accurate statement. From the White House's 'National
Strategy to Secure Cyberspace', (iii) Border Gateway Protocol. Of the many
routing protocols in use within the Internet, the Border Gateway Protocol
(BGP) is at greatest risk of being the target of attacks designed to
In my uneducated opinion, it seems to me like there are much larger concerns
out there than BGP security. I say uneducated because I haven't worked for
an ISP, nor have I worked for any other organization that would run BGP. My
BGP experience consists of reading and lab work, that's it. I'm a
Yes, in order for OSPF or EIGRP to have a more precise computation of costs
and metrics, you should match the bandwidth with the port speed. However, if
this is frame relay, you may want to match the bandwidth with the link's CIR.
Message Posted at:
Adeboye Onifade wrote:
Server.
The
server is a Pentium 3, 128MB changed to 256, it's also on full
duplex on the switch/ hubs etc could anyone advise on how
to make the server more efficient!
You can't configure full-duplex when connecting to a hub. Probably explains
the problems you're
I presume you've configured one of them as a vtp server, while the other as
a vtp client? Likewise, they should both have the same vtp domain name.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64156t=63937
--
FAQ, list archives,
You can use the time-range command together with an access-list and Modular
QoS CLI (MQC) to accomplish this.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64157t=63886
--
FAQ, list archives, and subscription info:
On Sat, 1 Mar 2003, Cisco Nuts wrote:
Hello,If the clock rate has been configured for 64000 on one side of the
link (home lab), does that mean that the bandwidth needs to be set to
64000 on both sides of the link using the bandwidth command so that
routing protocols like Ospf correctly
At 2:24 AM + 3/1/03, Edwin R. Gonzalez wrote:
I came across this article about BGP earlier today,
check it out;
http://news.com.com/2100-1009-990608.html
The Stephen Dugan quoted in the article has not, AFAIK, made any
contributions to IETF or NANOG. Blackhat's bio says he has presented
At 3:15 AM + 3/1/03, The Long and Winding Road wrote:
Edwin R. Gonzalez wrote in message
news:[EMAIL PROTECTED]
I came across this article about BGP earlier today,
check it out;
http://news.com.com/2100-1009-990608.html
yada yada yada :-
the big point seems to be the misconfigured
Thanks for the replies...
My TAC case worker believes the same to be true, although he's still
trying to verify this with absolute certainty.
I'll have to cross my fingers and hope that they add it in the future,
although by then, it won't matter for this project. We're going to
have to go
I don't know if this is doable since you are doing it locally. My advice to
you is
that this is not a scalable solution. What really want is TACACS+ server.
If you
are cheap like myself, you can build your own tacacs+ server running on an
Intel 486 machine with 32MB of RAM with the OS being
I agree with the part that there are many human related problems
with BGP configs and policies implementations. But that's the case
with other protocols as well. In BGP's case it's probably showing more
of people's carelesness or misunderstanding of the working of the protocol
since as you
Hi,
I have 10 different VPN tunnels from my Pix520 firewall (500Mhz PIII and
256MB of
RAM) to other Firewalls (Pix and Checkpoint) and Cisco VPN Concentrators.
At
the moment, all of the tunnels are using 3des, sha and DH group 2 in phase
1. In
phase 2, I use 3des and sha1. For security
I recently acquired a used 2501 router for my home lab that is booting with
no problem. There is no configuration so it asks if you want to auto config.
I try to enter an N at this point and get nothing it seems as if the
keystroke is not seen by the router. If I just run my hand across the
Howard C. Berkowitz wrote:
At 3:15 AM + 3/1/03, The Long and Winding Road wrote:
Edwin R. Gonzalez wrote in message
news:[EMAIL PROTECTED]
I came across this article about BGP earlier today,
check it out;
http://news.com.com/2100-1009-990608.html
yada yada yada :-
Did you figure out how Windows RPC tells the client the new port to come
back on or find a URL? I'm dying to know! :-)
I bumped this up as a new message so it wouldn't get buried. For those of
who do this on the Web, threads that were started days ago don't tend to get
much attention even if
Someone gave me a better link for the special IOS, so I updated the document
on www.laganiere.net
I'd be curious if anybody has tried to run a TE configuration using this
version. I played a bit, but then got distracted with wireless over the last
few months...
Thanks all...
--- Dennis
Jim wrote in message
news:[EMAIL PROTECTED]
I recently acquired a used 2501 router for my home lab that is booting
with
no problem. There is no configuration so it asks if you want to auto
config.
I try to enter an N at this point and get nothing it seems as if the
keystroke is not seen by
Hello,
I have an ospf problem. Two neighbors on a nbma
network who have connectivity are unable to go in the
two state, but have establish adjacency with the DR.
I include the configurations and ospf neighbor
states.
Perhaps have I done a mistake or don't know ospf
enough. Can u help please.
At 7:55 PM + 3/1/03, Priscilla Oppenheimer wrote:
Howard C. Berkowitz wrote:
I'm really unimpressed with this article.
Me too. :-) It doesn't sound like he has any detailed information.
Let's put it this way -- BGP authentication has more options than
just an MD5 signature on an
Arnaud V. wrote in message
news:[EMAIL PROTECTED]
Hello,
I have an ospf problem. Two neighbors on a nbma
network who have connectivity are unable to go in the
two state, but have establish adjacency with the DR.
I include the configurations and ospf neighbor
states.
the problem is that
hi everyone ,i have a question about NDA that i am not sure about ,hope
someone can answer me .
I was offered a job a small training company to write a ccie lab guide but
due to the NDA aggrement i signed in the ccie lab a few months back ,my
question is if i write about Cat3550 ,routing protocol
Elijah,
What kind of GBICs are you using? If they're LX and MM fiber, are you
using mode-conditioning cables?
Chuck Church
CCIE #8776, MCNE, MCSE
From: Elijah Savage [mailto:[EMAIL PROTECTED]
Sent: Friday, February 28, 2003 8:27 AM
To: [EMAIL PROTECTED]
Subject: FCS Errors between 2
When you run your hand across the keyboard, do you touch it or is this a
psychic thing :-)
I'd check the parity on your terminal. It may be setting the wrong
parity for the router but ignoring incorrect received parity.
Marc
Jim wrote:
I recently acquired a used 2501 router for my home lab
forgive the format. my Outlook Express client is severely misbehaving,
crashing randomly when I try to do in-line posting.
i have a question about NDA that i am not sure about ,hope
someone can answer me
Cisco is the ultimate arbiter. you can contact them directly at
[EMAIL PROTECTED] I have
Look up ip multicast helper-map...
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64183t=64130
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations
For Pix's, I know that 'enable password __' sets the enable password.
Questions:
1) How do u set the telnet password?
2) How do u set the console password?
I've heard that the command to set both telnet and console passwords are the
same..please confirm.
thank you
Bill
Message Posted at:
Has anyone ever tunnelled a citrix session within a VPN tunnel?
I know this is redundent as the citrix session is already encrypted but
this is another story that I do not want to go into.
I am having problems with I believe the packet size but I am wondering can
anyone shed some light as to my
Ok, I'm trying to capture TCP, specifically Telnet traffic going between two
routers on 2 ports of the bridge. I have a protocol
analyzer on port 1/2 (I've tried other bridge ports as well). The routers
come in on 1/2 and 2/3.
To start I enter the command 'set span 2/3 1/2 both' on the 5000
Hi group,
I have a cisco 2522 router that is configured as a frame relay switch. I am
trying to configure CIR on serial 4 so that if the router connected to s4 is
sending more traffic than the configured CIR, packets will be dropped at fhe
frame relay switch. I configured the CIR on the switch
I have recently received some routers for a home lab. When I boot one
it displays the following.
routername(boot)
what is this (boot) mean
and how do I get ride of it? I've worked on routers before and never
seen this. Thanks in advance.
Steve
Message Posted at:
MED is propagated throughout the iBGP peers.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64189t=63884
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure
You need to set the configuration register to 0x2102.
This enables the router to boot from flash.
This link might be of some help;
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ffun
_c/ffcprt2/fcf010.htm#xtocid3
--
_
The harder you work,
Sorry about the link.
This site has good info on boot process
http://home.attbi.com/~blaga/index.htm
--
_
The harder you work, the luckier you get!
_
The only place success comes before
work is in the dictionary!!!
Thanks to all that responded. The problem is solved. I found an article that
related to this type of problems in 2502 routers that had an older version
of the boot rom not exerting CTS to allow the term emulator to send
information to the console port. By disabling flow control the problem was
Hello group, Hate to ask this (as this has been asked a million times
before) but just wanted a confirmation on what I should cover for the atm
portion of the lab?Sincerely,CN
STOP MORE SPAM with the new MSN 8 and get 2
Hello group, Hate to ask this (as this has been asked a million times
before) but just wanted a confirmation on what I should cover for the atm
portion of the lab?Sincerely,CN
Add photos to your e-mail with MSN 8. Get 2
I dont beleive it will work on routers that are frame switching in the lab..I
thought I read that it will only work with the real frame relay switches...
Larry Letterman
Network Engineer
Cisco Systems
- Original Message -
From: John Tafasi
To: Cisco Group Study ; ccielab
Sent:
you have the analyzer and the router in the same port ?
1/2 according to the below text ?
set span source-port dest-port in/out/both
Larry Letterman
Network Engineer
Cisco Systems
- Original Message -
From: Richard Burdette
To: [EMAIL PROTECTED]
Sent: Saturday, March 01, 2003
53 matches
Mail list logo