Hi, all,
I have a problem that is making me scream and shout, gonna knock myself out.
It has to do with my PIX firewall configuration.
The long and short of my problem is that the inside network can only reach
inside hosts and outside networks: it can not reach any host on on the DMZ,
depsite th
Hi, all,
I have a problem that is making me scream and shout, gonna knock myself out.
It has to do with my PIX firewall configuration.
The long and short of my problem is that the inside network can only reach
inside hosts and outside networks: it can not reach any host on on the DMZ,
depsite th
Raj,
Is the software going to be open source? I have a large collection of
scripts for automating configuration (during rollouts) and basic
troubleshooting. I've had intentions of providing a GUI front-end at
some point, either in Java or PHP, but never seem to have the time to
get around to
Sorry if you get this twice or thrice...problem with outlook and dates...
Hi, all,
I have a problem that is making me scream and shout, gonna knock myself out.
It has to do with my PIX firewall configuration.
The long and short of my problem is that the inside network can only reach
inside hosts
Salvatore,
ebg-multihop is not required for load balancing. It can be beneficial
to use a loopback to peer from/to, similar to IPX internal networks
provide better load balancing for NetWare servers.
If you feel it's a good idea to peer to/from loopack interfaces
(redundancy, better balancing
I would definitely say go for it ... thre isn't much to "basic" or even
intermediate LAN switching and IO am sure you will be able to cope. Just
have confidence in yourself, and while you are getting used to the
environment, just be very throughtful about each command you enter. I still
often ope
Looks ok to me, but as always .. I would look through the code first.
Presumably it logs on to the router using standard vty / telnet. (does it
require enable ?), I am alway wary of inputing these details into a 3rd
party program unless I can proof read the code. Even then I would probably
cre
To be at the CCNP level you must have already shown some skills with LANs -
Support and switching exams.
This sounds like it may be a good thing. If you have experience for 2 years
as you say, then it should be OK. Maybe they can let you in on what they are
doing on the LAN - VLANs, etc. Ever playe
go for it
Deal with it
heheheheh
Your be fine
Ian
- Original Message -
From: "B Rudy"
To:
Sent: Thursday, May 29, 2003 8:52 AM
Subject: Am I over my head guys? [7:69746]
> Hey guys, I just got an offer to become a 2nd senior network engineer for
> this company in Orange Country.
personally, if you've got the offer, someone thinks you can do it.
For my first networking position, I was deemed to be the cisco 'expert' as I
had read a Cisco book on TCP/IP, but at that stage I hadn't even seen a
router/switch!
Look at it from the point of view, that you are going into an existi
I will be interested to see the answers of others to this too. My guess is
many will tell you to 'go for it'. I'm in a similar position in that I am
beginning to get the offer of interviews for senior(ish) roles and am a CCNP
with minimal 'real' experience so am a little nervous about being 'found
Man, you sound like me. I don't have a job offer though. Either you lack
confidence
or you know your own limitations. Odds are it's a confidence issue. Go for
the job
and enjoy it!
Mark
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 29, 2003 2:52 A
Hi,
Go for it and do whatever it takes to succeed!
If one goes only for the best, one finds it.
Good Luck!
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=69749&t=69746
--
FAQ, list archives, and subscription info: http://www.gr
Hey guys, I just got an offer to become a 2nd senior network engineer for
this company in Orange Country. Great News i know!!
Dilemma: I am a CCNP but have no local Area Nework Experience. Going to be
workin with Catalyst 6500 switches. Also i have about 2 yrs working with
cisco equipment, how
Henrique Issamu Terada wrote:
>
> Karyn ,
>
> Regarding this problem , for sure the other end must know how
> to get back
> the packets to your network where your host
> muse is ( maybe 198.182.157.0).
I agree. Since your end looks good, make sure the router at the other end
has a route back.
Alas, those sys admins. I love your way of putting it. (They know how to
right click things but not much more. ;-) The thing that gets me is that
they are sure that they know networking.
Thanks for a helpful story.
Priscilla
John Brandis wrote:
>
> I would like to tell you about a problem I had
Karyn ,
Regarding this problem , for sure the other end must know how to get back
the packets to your network where your host
muse is ( maybe 198.182.157.0).
Regarding the other one , ask them to issue a trace form their router to the
network 198.182.157.0 and to 192.168.1.2 .
Ask for the resu
Hi,
I am inquiring about the internal physical bus layout on the 6509. I have
Dual supes, w/ MSFC2's, running SRM HA, but my quesion relies specifically
on slot 6 and slot 9. I am using CATOS 6.3.5 and MSFC IOS 12.1.(8). Do these
2 slots work on seperate or same BUSES? Basically do these slots
just finished an 8 city (3 u.s./5 e.u.) vpn deployment. we were in a
bit of a rush and now that we have finished the initial deployment we
have the luxury of time to think things through a little more
clearly. one oversight that we made in our haste to deploy we just
confirmed - the overhead
Hi All,
A friend and myself have recently completed a program, in which WE think
is going to be very helpful to all engineers out there. Basically its a
network-graphing program. How does it work ?
· logs on to all known routers in your network and issues term len 0 and
then show ip route.
Hi,
Just want to clarify for basic-ni is set on BRI, then if one dialer string
set on remote site can bring up both channels? Anyone use this swith type
at work please share your experience.
Thank a lot.
Regards,
Fanglo
_
Little minds are interested i
Understood.. but does the command "neigh x.x.x.x ebgp-multihop X" by itself
provide load-balancing? I could be wrong.. but from my undrstanding this
just states that you have the capability of peering with neigh that are not
directly connected.. You could very well acheive loadbalancing when 2 EBG
More info. I can ping from the router, but not from other hosts on my
network.
muse% traceroute 192.168.0.1 (ip addr of my int)
traceroute to 192.168.0.1 (192.168.0.1), 30 hops max, 40 byte packets
1 MSFC (198.182.157.253) 0.704 ms 0.445 ms 0.459 ms
2 CAIOA.calarts.edu (65.165.175.254) 7.5
I would like to tell you about a problem I had in relation to this.
In November last year, I rolled out a new building for my current employer.
We are not a huge company, but it was around 600 ports using 100% Cisco
gear. The challenge was, that on thursday night, I took delivery of the
gear. Frid
I can ping the interface at 192.168.0.2, but nothing beyond which is
supposed to be the 10.120.4.0. I do not control the other side which just
adds complexity. So how can I test that my side is working properly when
only data to 10.120.4.0 is going out this interface ?
Here's what a traceroute to
Hello Peter, and yes I took the support exam recently and it did not contain
any question about appletalk, this was my case and the CIT course includes
some appletalk topics so I was looking forward to see some questions about
it, but nop, not a single question about appletalk in my exam. By the w
Tom,
Congratulations, it appears that you hit the nail right on the head. Router
ID was not an issue - I just failed to show you the loopback interfaces.
The issue was apparently network type. As soon as I hard-set R2s network
type to point-to-multipoint (it was, as you correctly pointed out,
n
Check your network types on the connections between r2 and r5 and r2 and r6.
Cheers,
Scott
""Kevin Love"" wrote in message
news:[EMAIL PROTECTED]
> R2#sh ip ospf int
> Serial1.256 is up, line protocol is up
> Internet Address 172.16.56.2/29, Area 1
> Process ID 1, Router ID 192.168.2.2, Net
Actually , this /32 route is correct .
It is default, when you have a PPP link .
In order to disable it, you'll need to do a no peer neighbor-route , under
interface config .
Interface seems to be up , IPCP as well . Do you have any connectivity
problem , besides this "fake" route problem ?
>
I believe there was an extensive conversation within the group in the
last few months that the difference wasn't so much with what topics
being covered, but rather that the level of difficulty was ratcheted up.
Priscilla was a major contributer to the conversation, so you know it
will have signific
First of all, I wouldn't post a question advertising it to be from the
350-001 test to a public newsgroup. It just seems like a bad idea.
I'm responding to the question based on the fact that I took the test a
couple weeks ago and didn't see the question. I'm HOPING that the
question is from
At 6:46 PM + 5/28/03, Robert Perez wrote:
>Hi all,
>
>I have a question on the CCIE 350-001 test. I have heard differing opinions
>on this but when traffic crosses a WAN connection and there are problems who
>does the retransmit?? Host or RTR??
>
>1.) In Frame relay there is a line hit or corr
Hi,
Can you post your two configs (remove private info if required)?
Regards
Paul
""Mary Kvitashvili"" wrote in message
news:[EMAIL PROTECTED]
> Trying to config PIX 506 to PIX 515 for basic VPN/IPSEC/LAN/LAN
> connectivity. Took the configs straight off the Cisco site but I cannot
> establ
Kevin,
It might just be an oversight, but R5 and R6 don't seem to have a
loopback or explicit router ID defined.
Also, what is the OSPF network type on R2? It's set manually on R5 and
R6, but left to the default on R2. I believe (but haven't verified) the
default would be non-broadcast not p
I playing with the CSI (1.0) lab on the cisco partners site, nice little
lab, hopefully it will help solidify my cmds if there are any sims on the
actual exam.
Glad to hear you passed. Way to go...
Andrew Larkins wrote:
-Original Message-
From: Andrew Larkins
Sent: 28 May 2003 11:18
To
It looks like this will be pretty simple via PBR. I'll give it a shot.
thanks to everyone who replied.
Lance
-Original Message-
From: Warner, Lance
Sent: Wednesday, May 28, 2003 9:30 AM
To: '[EMAIL PROTECTED]'
Subject: circuit restriction???
Is it possible to force packets to leave o
Maybe policy-based route , matching the address of your server and setting
outgoing interface/next hop ?
> _
> Henrique Issamu Terada, CCIE # 7460
> IT Support - Open Network
> CPM S.A. - Tecnologia criando valor
> Tel.: 55 11 4196-0710
> Fax: 55 11 4196-090
Hi all,
I have a question on the CCIE 350-001 test. I have heard differing opinions
on this but when traffic crosses a WAN connection and there are problems who
does the retransmit?? Host or RTR??
1.) In Frame relay there is a line hit or corrupt packet on the WAn, who
retransmits, should be the
Maroun,
OSPF routers don't really send out routes to their neighbors, they send
LSAs. For most things you can think of them as being the same, except
in situations like yours.
Your router is presumably creating the default route (use 'show ip ospf
database' to verify) and therefore creating t
I recall on the web there is a shareware tool called MCASTER. Do a google
search on it. I use it and it is quick and great. You can alos use th IOS
MRM commands to generate S,Gs...
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=69711&t=69686
-
Hi Shawn,
Thanks for your feedback. I was planning to set up a proper web site and
then submit to search engines but thought I'd stick it out on a couple of
newsgroups to what response I would get. I've checked out other labs and I
would rather price it low and have it used all of the time than no
I don't believe that ISL requires identical native VLANs at each end of a
trunk, however, 802.1Q does (if I'm wrong, someone please correct me). The
trunk negotiation parameter at each end of the link does not have to be
identical because there can be different negotiation combinations that each
po
ian williams wrote:
>
> This has come up in the ccie written.
A question that asks whether you should use auto or manual is really on the
CCIE written? Of course, you can't answer that under NDA ;-), but I agree
with John that it would be a bad question. It's implementation dependent,
with change
To the first part of your question, yes, that is it basically. If you are
using the Cisco VPN client, you will enter the group name and password under
the "Authentication" tab. You can also use the VPN client that is built
into Windows, in which case you do not need the group name and password, b
Thank you Dave and Kok - I appreciate your letting me know...
On Sun, 2003-05-25 at 19:29, Dave Jacoby wrote:
> Me neither.
>
> Dave
>
> ""Kok Onn Lim"" wrote in message
> news:[EMAIL PROTECTED]
> > You can forget about the two topic. I've done the exam, but didn't face
> any
> > question on
study sam halabi - ospf design guide
-N
""ericbrouwers"" wrote in message
news:[EMAIL PROTECTED]
> Rivalino,
>
> Here are five examples I made when studying BSCI. I used a/o following
> books:
> - the Sybex BSCI book,
> - Cisco Press Routing Cert. Guide,
> - CCO IOS IP Configuration Guide,
> - TA
Hi vijay
Can u plz tell me abt ur background. I am asking this because, I think CCIE
exam requires an extensive amount of practical experience rather thatn
classroom knowledge.
I am preparing for CCNP and do not like to pay higher classroom pricess. It
is better to purchase the equipment than pay
i am going to take my ccie R&S lab on Aug 31 in b'lore,,so i am pratic;ing
with five 25xx routers and live ISDN connection,,i did my ccie lab all in
one guid(hutnik)..
i want to know whatz all senarios ,,,what all i want to do??? and is dlsw
and MPLS is there in now a days ccie lab examm,,,pls giv
Roseli,
For sure, native vlans need to match , no matter SW revision, product,
vendor , whatever .
If not , imagine vlan 2 native in side A and 3 in side B . SIde A won't
tag vlan 2 frames, and side B won't tag vlan 3 frames .
Trunk will come up, but both vlans won't work properly .
Regardi
I have been to the above links, but i m still not satisfied with the
replies. I am preparing for the routing exam, in the last release it was
titled as building scalable cisco internetworks. The objectives of these
exams are identical. so whats new in here the exam numbers. The only
difference i ca
I agree with dave 100%...our default on the campus is auto/auto...
Larry Letterman
Cisco Systems
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
MADMAN
Sent: Wednesday, May 28, 2003 8:46 AM
To: [EMAIL PROTECTED]
Subject: Re: port/duplex configs [7:695
I have long been a hard coder of duplex and speed especially with Sun's and
various other equipment.
Recently working with Wi-lan (U3) and Proxim (AP2500) wireless gear changed
my mind. Lab testing with a Cisco 3550 resulted in the Proxim only working
with 10/half or auto/auto. Anything else pro
no,
ur solution is to get a cable for the 4000 with a v35 connector and one for
the 2500 with a v35 connector
of, if you are good with a soldering iron, buy/steal some connectors, take a
printout of the pinouts and spend an afternoon on ur workbench
-N
""H"" wrote in message
news:[EMAIL PROTECTED
Real.com has a free 25 user server. Also Microsoft offers a free server
so does Apple.
Nabil
"I have never let my schooling interfere with my education."
I don't have enough time at the moment to explain this as well as I should.
Do a quick search on autonegotiation in the archives and I have some recent
postings that explain it better. here's the short version:
The only connection method specific in the FastEthernet standard is AUTO.
If you do a
I have cleared it today in the morning , in my second attempt . I got 924
out of the required 82 percent for passing
Don't underestimate the test , there are questions most of which are from
the SAFE whitepaper of SMR , go through the book of MCNS as well and know
all aspects of security design .
Is it possible to force packets to leave out the same interface they came in
on?
Explanation - I want to add another server on the DMZ but restrict all of
it's access to a specific T1 (don't want it using the bandwidth of the
regular internet CKT). So I was thinking that maybe there was a way t
There are good and bad points about this.
It's always good to have multiple lab vendors to choose from and I'm sure
that people would be interested. HOWEVER, the certification market is
saturated with labs like yours and with study materials, etc. It is very
difficult to break into this business w
ian williams wrote:
> This has come up in the ccie written.
> If I understand this subject correctly AUTO , sends out packets to try and
> match the 2 devices up with regards to speed and duplex.
> If your getting connection problems this would be a speed issue. If its
some
> sort of packet loss/er
R2#sh ip ospf int
Serial1.256 is up, line protocol is up
Internet Address 172.16.56.2/29, Area 1
Process ID 1, Router ID 192.168.2.2, Network Type NON_BROADCAST, Cost: 64
Transmit Delay is 1 sec, State DR, Priority 255
Designated Router (ID) 192.168.2.2, Interface address 172.16.56.2
Back
Has anyone got any Multicast server software for windows NT
I would like to get some multicast traffic working on my testlab
thanks
Ian
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=69686&t=69686
--
FAQ, list archives, and s
Trying to config PIX 506 to PIX 515 for basic VPN/IPSEC/LAN/LAN
connectivity. Took the configs straight off the Cisco site but I cannot
establish my tunnel at the ISAKMP level. Trying to ping from LAN to LAN.
Getting the following error message from "debug crypto isakmp":
HQ-PIX#
ISAKMP (0): be
I would like to know, if when you are using an Ethernet Media Trunk line
operating with ISL mode between two Cisco SWs, with same identical modules,
software revisions and VLANs configurations, you need to configure identical
native VLANs and identical Trunk negotiation parameters at each end of th
Trying to config PIX 506 to PIX 515 for basic VPN/IPSEC/LAN/LAN
connectivity. Took the configs straight off the Cisco site but I cannot
establish my tunnel at the ISAKMP level. Trying to ping from LAN to LAN.
Getting the following error message from "debug crypto isakmp":
HQ-PIX#
ISAKMP (0): be
NP-2T uses a large 50-pin connector. It is quite different from the 60 pin
that exists on 2500s. Part number on a V.35 DTE cable is CAB-NPV35TV2= aka
72-0671-02
One solution would be to mate this with a CAB-V35FC= aka 72-0792-01 (which
is a DCE cable and fits your 2500s)
You end up with a 20 foot l
Hi Kevin,
can you set the default values for ospf hello interval. can you post the
result of "show ip ospf int" and "show ip ospf data" from all the three
routers.
NetChild,
""Kevin Love"" wrote in message
news:[EMAIL PROTECTED]
> Hey Team,
>
> I cannot figure this out. I've configured lots of
At 12:02 PM 5/28/2003 +, Rohit Sundriyal wrote:
>Hi All
>
>I am facing very Strange Problem .My lan is behind Pix and for the last few
>weeks i am receiving some popup messages on my lan pc from internet even
>thought i am not browsing any site.Can anybudy tell how to block this kinda
>messages
Have you ever had access to the card? 5530 is a SUP III. Console for it uses
a straight Cat5 cable rather than the rolled Cisco console cable.
> -Original Message-
> From: John Brandis [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, May 27, 2003 8:37 PM
> To: [EMAIL PROTECTED]
> Subject: ws-x55
Hello there,
I've set up a pod of equipment that can be accessed from the Internet. I'm
hoping to get some feedback on how usable it is and if there is a market for
selling access to this sort of stuff. I've spent a fair bit of money and
time setting it up. I've done the CCIE stuff so have some em
Try "The One" book.
Sorry. Could avoid that.
Unfortunately (or fortunately) there is no 'one' book. It is really
necessary ready the BluePrint and develop your skills (there are questions
that requires a knowledge one gets with practice). After this it would be
helpful test your level with Bos
Try this:
( if it works, credit given to author below )
Scotty
Enter this under stupid router tricks (it's got to be more expensive than an
ISDN emulator, but
not if you've got the parts lying around).
Switch: Cisco 2600 or 3600 with NM-2V
Hi,
thanks for your reply,
actually I have a default route in the router.
I tried with a default route poiting to an IP address,
and tried matching on this address in the route-map.
But no success, I even tried with a permit any
access-list but also no success.
Then I removed the first default r
Hi.. I am new to this VPN 3000 concentrator. I want to ask if I have a VPN
3000 concentrator device in NY. Can I connect my VPN client in London to
it? What info do I need? Just the external IP of the VPN server and VPN
client group name + password? Is the VPN client free for download?
Wh
73 matches
Mail list logo
