Mmm, looks like you have area 15 configured as a Not so stubby totally
stubby area (NSSTSA) rather than as a not so stubby area (NSSA)...some
slight differences as noted below; also, note how type 5 and 7 are (and are
not) supportedLSA type 5 routes will not be used in a NSSA or NSSTSA;
howev
Is is a truly unmanaged switch that can not be addressed whatsoever, or is a
switch that can be assigned an IP address and managed, but just hasn't been
done yet??? I believe that 99.44% of Cisco switches are all manageable
(have a MAC associated with them). Persausions and dissausions for this
s
Can we see the configuration for the 2500 and 7500 (just the OSPF part).
Also, is this route in the table at all? That is, is another protocol
(like EIGRP) also advertising this route??
Thanks,
Charles
""Thomas Salmen"" wrote in message
news:[EMAIL PROTECTED]
> i have a problem with ospf
I don't know why a Class A address was chosen...personnally, I would have
chosen a Class C address...less wasteful. However, I might be missing the
point here, tho...
""Bharani"" wrote in message
news:[EMAIL PROTECTED]
> Dear Readers
>
> Does any one know the Mathematical reason for making
> 12
Looked this up on Software Advisor...it listed feature sets primarily with
an Enterprise flavor, as well as a few VoIP, Telco, and Service Provider
flavors. What I got out of the whole thing was that the IP only feature set
will not cut it. IS-IS speakers natively use CLNS to communicate even as
gt;
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
> Charles Cthulhu Riley
> Sent: Friday, August 15, 2003 12:35 PM
> To: [EMAIL PROTECTED]
> Subject: Re: did you save ?? [7:73986]
>
>
> Out here in Kansas, we all got ethano
Out here in Kansas, we all got ethanol fueled hamsters running on treadmills
for power production, so we were unaffected by the blackout. One hamster did
escape and raid the local quickee-mart for some chocolate donettes,
though...that reduced power output by about .1%, as well as causing cardio
pr
Your pool may consist of addresses from the local addresses, and the xlates
are occuring on a catch as catch basis, which acconts for the weird results
of your show command..
Assuming your local addresses are 213.x.x.x, your pool of addresses to which
these locals are to be translated is also 213.
Less IP addresses used?
wrote in message
news:[EMAIL PROTECTED]
> Guys,
>
> Very quick one here.
>
> If I have a hub site with 5 spoke sites on an FR network, I could use FR
> P2P sub ints or P2M sub ints.
>
> Why would I prefer a P2P over P2M method? The routing protocol would be
> EIGRP and a
Assign an address (as secondary) from the incorrect range to the router
interface to which this device is connected, and from that router, connect
(telnet or ssh) to that device, fix the ip, (get disconnected in process, of
course), and remove the incorret secondary from the router...voila and oth
Three words
MY-CROW-SOFF?
""John Neiberger"" wrote in message
news:[EMAIL PROTECTED]
> [This isn't the usual type of follies question where you have to figure
> something out. In this case, you either know the answer or you don't. If
you
> don't, you can probably figure out how to look it u
Get PIXOS 6.3, enable OSPF on the firewall, and let it participate in OSPF
routing...voila! OSPF "through" the firewall...
Also, how about using neighbor statements (with no translation) which
converts the OSPF multicasts to unicasts? Just a thoughtobviously,
would need an ACL applied at key
I would appreciate if the posters would drive over to my house and read
their message to me, with accompanying gestures as appropriate.Not only
that, but maybe fix me a glass of ice tea and some cookies. It's hot out
here in Kansas, and cookies are hard to come by...
""Kaminski, Shawn G""
Go, Cisco, milk that cash cow! Hope it doesn't kick you in theoh, look
a bird!
""annlee"" wrote in message
news:[EMAIL PROTECTED]
> Here's the actual announcement:
>
>
>
> CISCO INTRODUCES CCNA PROGRAM ENHANCEMENTS
> CCNA Offers New Exams for Those Entering Networking Field
>
>
Wow, Chuck, way to suck the life out of the economy and our futures...oh,
wait, that was due to the bubble popping lo all those years ago. For an
assessment of networking futures, let's turn to Lovecraft...(thanks to
www.Cthulhu.org)
"It seemed to be a sort of monster, or symbol representing a mon
What an interesting scenario! If I understood your message correctly, the
network picture is something like this:
Wired Network -Cat-Wireless Network
|User|
Your problem is that the user is bridging the wired and wireless (and so is
the Cat), w
The counters are not incrementing because the entries are not being matched.
Suspect that the ACL is applied to the wrong interface. Remember the
direction - in - which means that the access list is applied to traffic
entering a particular interface from their residence on that interface.
For exa
My first question to you is:
Do you have a written security policy governing such actions, along with
consequences and a chain of escalation spelled out?
If not, give it up, as it will rapidly devolve into a did too/did not
discussion, with one of you bursting into tears, which, while funny in th
I feel your pain! I am sitting here looking at a "correct" configuration
that is not working. Cisco TAC seems befuddled as I am.
Why is hte PIX so erractic? This sometimes work, sometimes not is driving
me bonkers!
Whatever you do, do NOT use 6.3 unless there is a specific feature or bug
fix y
I feel your pain! I am sitting here looking at a "correct" configuration
that is not working. Cisco TAC seems befuddled as I am.
Why is hte PIX so erractic? This sometimes work, sometimes not is driving
me bonkers!
Whatever you do, do NOT use 6.3 unless there is a specific feature or bug
fix y
Hi, all,
I have a problem that is making me scream and shout, gonna knock myself out.
It has to do with my PIX firewall configuration.
The long and short of my problem is that the inside network can only reach
inside hosts and outside networks: it can not reach any host on on the DMZ,
depsite th
Hi, all,
I have a problem that is making me scream and shout, gonna knock myself out.
It has to do with my PIX firewall configuration.
The long and short of my problem is that the inside network can only reach
inside hosts and outside networks: it can not reach any host on on the DMZ,
depsite th
Sorry if you get this twice or thrice...problem with outlook and dates...
Hi, all,
I have a problem that is making me scream and shout, gonna knock myself out.
It has to do with my PIX firewall configuration.
The long and short of my problem is that the inside network can only reach
inside hosts
Hi, all,
Does anyone have a template or configuration I can use to put my rack
online? At this point, this is for me and my colleagues personnally, not
looking at selling time on it anytime soon. I figured I would ask the group
for a design or template and see if I can avoid reinventing the wheel
You may be able to avoid throwing a VPN concentrator into the mix just yet.
Need more information before this can be answered, but it could be that the
source address of your home system is being NATed, which can interface with
IPsec. It could be that your Pix is blocking.
Before you tear into y
Try www.micromuse.com or logboss at
http://www.securityprofiling.com/logboss.htm.
HTH,
Charles
wrote in message
news:[EMAIL PROTECTED]
> Does anyone know of a product that will merge log files from multiple
> sources Snort, PIX, Checkpoint, etc...?
>
> I'm trying to centralize much of ou
There are also some very nice prebuilt Snort sensors with a GUI from the
following vendors.
www.sourcefire.com
www.silicondefense.com
www.packetalarm.com
I have had the opportunity to evaluate and configure products from all
three, and they have done an excellent job of bringing Snort to the mas
John,
Sounds like you had what I call a "Floating Talking Head" experience. It's
happened to me before.
Basically, you are in the middle of teaching, presenting, or briefing, and
you experience a trippy sensation of almost being outside yourself. As you
talk, your self awareness gets distorted,
Chris,
Got this off of www.firewall-1.org, not exactly what you are looking for
but at least you can play with the GUI until CP comes through
You need an eval licence to have a fully functional product for 30 days. But
if what you want is to see the GUI interface (not functionall at all), yo
o Nuts"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello Charles,
>
> With due respect I ask, why did you abandon your quest for the CCIE? I am
> curious as to how many times you actually hit the Lab?
>
> Sincerely,
>
> CN
>
> >
Chuck,
Your post reminds me of those weird little ice cream stands that I sometimes
see at the mall and various carnivals. It's called something like "Dipping
Dots - The Ice Cream of the Future". The initial human instinct is much
like the Cro-Magnon humanoids encountering the monolith at the b
I believe that if you check the Cisco website or documentation, you will see
that it defines a session as a single TCP or UDP connection. If somehow you
had 2M users, yet their total number of sessions never exceeded 500K, then
your firewall could handle 2M users. I am not addressing performance
letting
users
> download .exe files via e-mail attachments might make a lot of sense as an
> e-mail server configuration.
>
> Anyway, start looking at Layer 7 and above (politics, policies). Question
> your Internet provider!
>
> Priscilla
>
> Charles Riley wrote:
> >
&g
ap first,
reboot
> and then install analyzer.
>
> http://winpcap.polito.it/install/default.htm
> http://analyzer.polito.it/install/default.htm
>
> Then you can see if the packets are coming back to you and if windows is
> dropping them for some reason.
>
> ""Charles R
John,
It's a little dated, but alot of folks like 802.11 Wireless Networks: The
Definitive Guide (O'Reilly Networking) (Matthew S. Gast). I have that book
and it provides some very good detail on A and B, but little on G which just
emerging as the book went to press.
The below is an excellent s
I ran across a strange problem with one of our POPs the other day, and am in
the process of researching/troubleshooting it. We have a configuration
something like this:
"Internet"---2500---AS5300---D/U Users
Not shown is a LAN connected to the 2nd Ethernet on the 2500. All
c
It may that no alerts at the "warnings" level have occured. Trying setting
it at a high level such as 6 or 7 (which pretty much logs everthing). Once
you have ascertained that logging between the PIX and syslog server are
working, then restore it back to the warnings level.
HTH,
Charles
""Eli
Robert,
What new features does it have,and what problems will it solve?
TIA,
Charles
""Robert Raver"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hey,
>
> For all those interested the 4.0 VPN Client(BETA) will be in March/April.
> This VAN Client is totally rebuilt and has
I like the various SNORT products...non-proprietary (or as close as this
field gets).
SNORT looks good (www.snort.org)
And if you don't have time to build your own, try:
www.sourcfire.com
www.silicondefense.com
Heck, even Packet Alarm may be an option though you will not find any
contact inform
;Howard C. Berkowitz"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> At 5:23 PM + 1/20/03, Charles Riley wrote:
> >Sorry for the OT post, but have searched high and low, and no definite
> >answer in site. Really, really apoliogize for the nont
Thanks to Priscilla, I think the below may be what I was looking for...more
reading before I make a final determination.
http://aspe.hhs.gov/admnsimp/nprm/seclist.htm
Thanks!
""Priscilla Oppenheimer"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECT
HIPAA compliant" are doing the equivalent of
individuals putting "CCIE Written" on their resumes?
Charles
""Priscilla Oppenheimer"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Charles Riley wrote:
> >
> > Sorry for the
Sorry for the OT post, but have searched high and low, and no definite
answer in site. Really, really apoliogize for the nontechnical nature of
this post, but I have reached a wall after searching all over for an answer.
I guess you could say that I am "ill" with searching...
HIPAA is an medical i
Please, kill this thread. It is contributing highly to bandwidth waste. If
you love Cisco and networking, get your CCIE. If you love academia over
everything else, get your Ph.D. If you love both equally, get them both.
Bottom line is that both are hard to attain, and unless you got the love f
Hi, all
Apologies in advance for this slightly OT, but can anyone point me in the
direction of a scanner that can scan and enumerate IPX-only and
AppleTalk-only networks? That is, scan and identify devices on a network
running IPX only or AppeTalk only...no IP.
I would prefer something that di
Howard C. Berkowitz wrote:
>
> Password structure is too detailed for the security policy,
> although
> it's necessary in the security design. The policy should state
> something on the order that people must protect their
> passwords,
> whether they can or cannot change their own, etc.
>
OK,
While security policies need to be unique per organization, there are some
common elements that can be recycled.
Just to give an example, how about the handling of passwords? Really, do
you need to re-create the piece of the policy that says passwords need to be
protected, must be of a certain l
Hey Rich,
Easiest way is probably:
!
line vty 0 4
transport input none
!
However, you might want to reserve telnet access to a private range for
your own ease of admin in which case:
!
line vty 0 4
transport input telnet
access-class 2 in
!
access-list 2 remark Secure Telnet Access
access-l
Do you mean "gt" and "lt" for "greater than" or "less than" specific
port numbers?
Use extended access lists with an ACL number of 100 - 199 and a specific
protocol (TCP / UDP).
Eg:
Access-list 101 deny tcp 192.168.100.0 0.0.0.255 host 192.168.200.1 gt
1024
HTH,
Scott
-Original Message--
ate ones for your device.
Hope this helps!
Scott Riley CCNP CCDA MCSE (NT4)
Senior Network Engineer
Firstnet Services Ltd
T: 0113 292 7768
F: 0113 234 1962
W: http://www.firstnet.net.uk
[This message subject to: http://www.firstnet.net.uk/disclaimer.html]
-Original Message-
From: [EMAIL P
.100.0 0.0.0.255 any eq web
Remember to put your Squid (proxy) server in the exceptions list otherwise
it'll never work!
Hope this helps...
Cheers,
Scott Riley CCNP CCDA MCSE (NT4)
Senior Network Engineer
Firstnet Services Ltd
W: http://www.firstnet.net.uk
[This message subject to: h
opback int), that way
regardless of how many vlans bob and bill can see each other on, they will
only form adjacancies on one IP address with one another.
Any comments or suggestions would be greatly appreciated.
(Here's were it's something REALLY obvious and I look silly)...
Cheers guys,
,
Scott Riley
Senior Network Engineer
Firstnet Services Ltd
W: http://www.firstnet.net.uk
[This message subject to: http://www.firstnet.net.uk/disclaimer.html]
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, 06 December 2001 14:48
To: [EMAIL PROTECTED
The following line in global config mode should help:
async-bootp dns-server 10.10.10.1 10.10.10.2
Alternatively you could pass the details to them via RADIUS.
Cisco-AVPair = "ip:dns-servers=10.10.10.1 10.10.10.2"
Scott Riley
Firstnet Services Ltd
W: http://www.firstnet.net
l -HUP syslogd
Hope this helps!
Scott Riley
Cisco Internet Engineer
Firstnet Services Ltd
W: http://www.firstnet.net.uk
[This message subject to: http://www.firstnet.net.uk/disclaimer.html]
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Anh Lam
Sent: Frid
55 matches
Mail list logo
