If its a flat rate, why not use something like this:
!
interface BRI0
ip address 1.1.1.1 255.255.255.252
no ip proxy-arp
encapsulation ppp
no ip route-cache
no ip mroute-cache
dialer hold-queue 10
dialer load-threshold 1 either
dialer-group 1
no fair-queue
ppp authentication chap
!
acc
You should be able to Ping the inside interface of your PIX. You can not ping
an outside interface. There must be route statements in your PIX so that it
knows where to send the reply.
At 08:52 AM 03/02/2001 -0500, Nabil Fares wrote:
>Rob,
>
>By default PIX does not allow pings! You can hav
ation to another vlan, it can ping everything
> in the 155 network EXCEPT for the firewall.
>
> Obviously I am confused.
>
> Thanks for your help. Any further thoughts would be appreciated.
> rob
>
>>
>> -Original Message-
>> From: Darren Crawfor
Christopher,
Try Syslogd. It's a free app., easy to use and it provides text file type log
that are configurable to last a week, a month or a year. Whatever you like.
It can be found at:
http://www.cls.de/syslog/eindex.htm
Another would be Triaction's. It runs on Windows 95 & NT 4.0+ only.
If you are opening the ports to "outside" entities you'll need to create
conduits. They would look something like this:
conduit permit udp host 1.1.1.1 eq 3050 any
conduit permit tcp host 1.1.1.1 eq 3050 any
conduit permit udp host 1.1.1.1 eq 3051 any
conduit permit tcp host 1.1.1.1 eq 3051 an
It has been my experience that this is required. I even use it if the call is
local.
HTH
Darren
At 04:47 PM 03/13/2001 -0500, Alex Lee wrote:
>Hi group,
>
>We are going to setup an isdn BRI backup between two sites located in two
>different states.
>
>In my dialer map ip command do I need to
Know the Catalyst 3920. That will be your Token Ring attachment to your
router. MAUs are gone. Since it's a single switch you'll need to know how to
configure different VLANs for the different ring numbers you'll have to bring
up.
Darren
At 10:29 PM 03/16/2001 +0800, Jit Cherng wrote:
>curre
I agree with Rik regarding your subnet size. It's way too big. Divide people
up by floor, wing or business function, whatever makes sense. Also you'll
save yourself quite a few headaches by hard coding your speed and duplex at the
switch.
HTH
Darren
At 12:37 PM 03/22/2001 +, Karl Brenn
X.25 is design for speeds of 56K or below. In a previous life (Apple
Computer), I had lots of experience working with their X.25 network. 56K
was/is the top end. Sorry!
Darren
At 08:53 AM 03/26/2001 -0600, Pickard, Richard wrote:
>3/26/2001 8:51am Monday
>=20
>Can anyone help me out with
I agree! I'm at a client right now that has subnetted their VLAN with /21
addressing (2046 addresses per) and then added up to 4 secondary addresses on
top of that. Granted they are not using all the available addresses in the
space. Big and flat is generally not good. Especially in chatty
en
Try "clear arp" on the MSFC. If that doesn't work you may need to "clear cam
dynamic" on the switch.
At 07:19 PM 04/12/2001 -0400, Vijay Ramcharan wrote:
>ARP table of the MSFC below.
>
>Core_Even_MSFC#sh arp
>Protocol Address Age (min) Hardware Addr Type Interface
>Internet 10.4
In a campus environment, I recommend having each building in its own HSRP
group. I recently had a client implement another pair of 6509, like you
said,
on their campus and performance from their call center to the main frame
(located in a building across the quad) became rather sluggish. I found
You can do "autocommand" under LAT services, Line interfaces, DECnet and who
knows what else. It would look something like:
!
line vty 0 4
login
autocommand show ip int brief
!
HTH
Darren
At 02:33 PM 04/19/2001 -0400, EA Louie wrote:
>well, that's a little bummer, because if the user is in p
In the lab an outboard router will handle the VLAN routing. I don't think
you
need it.
Darren
At 05:15 PM 04/19/2001 -0400, Lupi, Guy wrote:
>I asked this question before, and someone sent some helpful info, but I am
>looking for something more specific. I know the 5000 series is the switch
>u
Forget the MAU. The lab has a 3920 switch now that you will have to
configure
with two VLANs for your Token Ring connectivity. Other than that it looks
good.
HTH
Darren
At 12:05 PM 04/23/2001 -0400, WEN JIA YANG wrote:
>Equipment Name
>
>Token Ring MAU(8 ports) 28v
>Ethernet Hub(C1900 12 10M po
Your sc0 interface can be in either VLAN you've mentioned or something
different. The trunk should be configured something like this to allow VLANs
10 and 20 to traverse the cable:
Cat5K (enable) >
set port enable 1/1
set port duplex 1/1 full
set trunk 1/1 on 10,20
Rtr7513#
!
int fa
I agree with Pete but your management VLAN doesn't have to be VLAN 1. For
example, I implemented a DMZ for a client where we used VLAN 999 for the
management "rail".
Darren
At 12:03 PM 05/03/2001 -0400, Peter Van Oene wrote:
>Interface sc0 is not all that relevant here as far as I recall. You
The following discription came from CCO:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fint
er_c/icfgenrl.htm#xtocid2802
IDB Scalability
Cisco IOS Software uses interface descriptor blocks (IDBs) to store
interface-specific information, such as protocols configured and t
Where did you get this? We all know that there's a "deny all" at the end of
an
access list.
At 10:13 AM 05/04/2001 -0400, Jim Dixon wrote:
>Hello Group,
>
>I think this question has the wrong idea about which answer is correct here.
>What does the group think?
>Am I missing something?
>
>Sorry y
I ran into this same problem at my current client. Apparently this is a
necessary evil in a NT clustered environment for load balancing and fault
tolerancy. There are two 1,514 byte packets sent every second by default.
One
to the MAC of the NIC and the other to the multicast address. The size
I've said it before and I'll say it again. Get yourself a 3920. You will
see
in the lab.
Darren
At 07:24 PM 05/09/2001 -0400, Eugene Nine wrote:
>Here's what I have so far:
>2524 w/ 1 4 in one module
>2516
>2507
>2 DTE cables and 1 DCE cable
>all above for $1843 (bought it all in one purchase
I don't know about this company but these two have been good:
Half Price Computer Books - http://www.hpcb-online.com/
Books A Million - http://www.booksamillion.com/
HTH
Darren
At 01:02 PM 02/28/2001 -0500, Nabil Fares wrote:
>Greetings,
>
>any of you guys bought books form this site before?
de that was connected via
>cross over cable to the other node. By having a pair of NIC's dedicated to
>heartbeat we can avoid having the heartbeat flood the network.
>TTFN,
>Bill in Anchorage
>
>-Original Message-
>From: Darren Crawford [mailto:[EMAIL PROTECTED]]
Right on Jack! This is a tremendous accomplishment. Accolades to Jeff is
all
that should be flying around under this subject.
Jeff - Thanks for your candor and your willingness to tell us all about your
approach, lessons learned, whatever you want to call. It is greatly
appreciated.
"Q" - Go
These boxes have a great deal of horse power so if you're on a small network,
the light might not flicker much. ;^)
Seriously though, there is no mechanism that I know of to turn it off or on.
It defaults as on.
Darren
At 10:53 PM 05/13/2001 -0400, Brandon wrote:
>I have a Cat 6000. The netw
Try Lucent's Vital Suite (VS). It's much more intuitive than Concord
(doesn't
require a week long class just for configuring and running reports). Concord
is priced per interface (big routers, and switches require many elements to
monitor the whole device). VS is priced per device (big routers
" wrote in message
>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>> Breaking things is bad. I pull my suggestion and have bookmarked the page
>> for future reference.
>> TTFN,
>> Bill
>>
>> -Original Message-
>> From: Darren Cra
I use Solarwinds too but what tool are you referring to in the suite for
baselining a network? Snooping and documenting yes but baseling...Hmmm.
Darren
At 09:45 PM 05/14/2001 -0400, Jeff Duchin wrote:
>Check out www.SolarWinds.net ... really cool and it has alot of extra tools.
>The Engineers e
Absolutely! You still need to know the Classical IP flavor of ATM. Not to
spill all the beans but other pieces of your lab will depend on that link
being
up and functional.
Darren
At 12:54 PM 05/15/2001 -0400, Morabito Joe wrote:
>With cisco taking atm lane out of the lab, will we be required
As I understand it, that means the next digits are in HEX. Nothing more
exciting than that.
At 01:59 PM 05/15/2001 -0400, [EMAIL PROTECTED] wrote:
>This may be a rudimentary question for all the EE majors out there.
>
>Can anyone tell me what the 0x in front of 0x00-80-C2 is for?( Why
>don't th
Traffic originating from the inside interface (outbound connections) are
allowed by default so an access-list on the inside interface isn't necessary
in
this case. Here's an excerp from the 5.1 manual:
Outbound connections or states are allowed, except those specifically denied
by
access control
Are you going to have to connect to a mainframe using a CIP or to a Novell
SAA
gateway? No. But you need to know DLSw, all flavors of bridging and the
like.
HTH
Darren
At 05:19 PM 05/17/2001 -0400, Lists Wizard wrote:
>Hi group,
>
>Does the CCIE R/S lab exam covers SNA?
>
>Thanks
>FAQ, list a
I thought that document was very useful. I was also working in a mixed Token
Ring / Ethernet environment at the time I took the exam. I also found that
the
Cisco CBTs were very useful.
Darren
At 12:04 PM 05/18/2001 -0400, EA Louie wrote:
>What kind of questions did you miss? (Is it remotely p
I've seen this before in networks using HSRP and no route caching. Is it
causing a problem or just interesting?
Darren
At 11:59 AM 05/21/2001 -0400, Vincent Chong wrote:
>I suggest that you check your routing table, that's what come out my mind.
>
>HTH
>Vincent Chong
>
>""Watson, Rick, CTR, OUS
Try using "sh trunk" to see what you're looking for.
Darren
At 03:11 PM 05/21/2001 -0400, Reel, JohnX wrote:
>Comrades,
>
>I have one quick question that I have not been able understand so far... can
>someone please help with an answer or a direction pointer. I appreciate your
>help.
>
>(1) CAT5
Yes it's an ARP issue. I bet your PIX has the following line:
arp timeout 14400 (equal 4 hours in seconds)
The other parameters for timeout settings are something like the following:
timeout xlate 1:00:00 conn 1:00:00 udp 0:02:00
timeout rpc 0:10:00 h323 0:05:00
timeout uauth 0:05:00 absolute
OK kids. Allowing packets from a lower security level interface to a higher
security level interface requires a conduit or access list. So yes, it can
be
done. I wouldn't forget about security though. ;^)
D.
At 01:50 PM 05/21/2001 -0400, Rizzo Damian wrote:
>Actually it seems as if you under
Back to Back doesn't provide you with the same feedback you need to fully
prepare for the lab.
Darren
At 04:24 PM 05/21/2001 -0400, Daniel Cotts wrote:
>You can run two routers with ATM cards back-to-back. You need a switch for
>three or more.
>
>> -Original Message-
>> From: No Data [ma
on the router and allow full access with an
>> access-list (for this range of IP addresses) on the outside interface of
>the
>> PIX.
>>
>> This is my understanding of how the PIX and NAT translations work, but I
>> have not tested this to disprove it, so if I am in error
Because as a CCIE you should know how to do this stuff. ;^)
D.
At 01:04 PM 05/24/2001 -0400, [EMAIL PROTECTED] wrote:
>The following have been removed from the lab. Why haven't the been removed
>from the CCIE written?
>
>LAT, DECnet, Apollo, Banyan VINES, ISO CLNS, XNS, ATM LANE, and X.25.
>Eff
Unless you use "ip subnet-zero" Then it starts with 172.16.0.0. ;^)
I agree though, either way you slice this, it's not a network address.
D.
At 05:38 PM 05/24/2001 -0400, Michael Bambic wrote:
>OK first of all 172.16.0.0/21 is actually 172.16.0.0 255.255.248.0
>Which means the network addres
In the lab you'll have a Ring 1 and a Ring 2 via two VLANs in a 3920. I'd
practice with two rings if I were you.
Darren
At 09:14 AM 05/31/2001 -0400, RamG wrote:
>Hello - General Q - How many TR int required for CCIE lab practice? I have
>2 routers with TR.
>
>Thanks / RamG
x$:0`0:$xx$:
It has changed to:
tcbc.booksonline.com/cgi-bin/ndCGI.exe/Develop/pagHome?clubId=TBC&promo=bhp-1
-5
Darren
At 03:57 PM 06/01/2001 -0400, William E. Gragido wrote:
>yeah Carl, its www.booksonline.com/telecommunications
>
>
>
>-Original Message-
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROT
I had to build an async interface on a 3620 not to long ago and the first
number allowed me to use was Async65. Sorry Sean.
At 10:00 PM 05/31/2001 -0400, Sean Young wrote:
>The max. number of Async-line you can have on the NM for either 2600s or
>3600s is
>
>thirty-two (32). I couldn't find an
Voice in the lab is VoIP across an ATM cloud.
At 08:46 AM 06/03/2001 -0400, sparkest pig wrote:
>I know that VoIP is on the lab. but how about VoFR or VoATM?
>are they included in the VoIP? (the CCIE outline doesnot say that)
>__
I am working with Dell TrueMobile AP1100s, Dell TrueMobile 4800s and Cisco
AP350s right now. I have my access points configured with hard coded IP
addresses. The wireless users have their NICs configured for addressing
via DHCP. So they get DNS, WINS and the like via their DHCP request when
the
Easy test for someone who has hands experience. I also used Ole's CITCMD
program. Download it at:
http://www.RouterChief.com/dowload/citcmd.exe
Hopes this helps,
Darren
At 11:46 AM 2/8/2002 -0500, Joshua Barnes wrote:
>I know that folks have asked about this test, but I am taking it Thursda
Hi all,
I'm taking the CID exam next Wednesday. I decided to pickup one of the
Boson practice exams for this test. Does anyone have suggestions on areas
to focus my studying on or other tools to use?
TIA
Darren
x$:0`0:$xx$:0`0:$xx$:0`0:$xx$:0`0:$x$:0`0:$xx$:0`0:$xx
Luc
Yes. I have tested it with several vendor's NICs. You must select "No"
under "Use Aironet extensions:" option. Otherwise it only talks to Cisco
NICs.
HTH
Darren
At 03:50 AM 11/16/2001 -0500, Thomas wrote:
>Hi All - I wonder if the Cisco wireless access point 350 standard? Is it
>compatible
What exactly are you trying to accomplish here? The 2502 only has one
token ring and two serial interfaces. If you had a 2513, the router
itself would be your 'media converter' between TR and Ethernet segments.
To my knowledge, there is no such animal to change your token ring
interface into an
The Cisco CID book covers this too.
Darren
At 11:23 PM 11/26/2001 -0500, John Tafasi wrote:
>Does any one remeber which one of the cisco press book covers Ethernet
>repeater classes? Your answer is highly appreciated
>
>Thanks
>
>John Tafasi
Darren
x$:0`0:$xx$:0`0:$xx$:0`0:$xx$:0`0
I wanted to thank everyone who helped me focus and pass the CID exam.
Specifically, Jim Walker and Scott Nawalaniec! Thanks for your
encouragement and direction in the areas to zero in on.
This test is a bruiser! But with perseverance you can get by it too!
Darren
x$:0`0:$xx$:0`0:$xx
You will have to use secondary addressing.
interface ethernet 0
ip address 10.1.1.1 255.255.255.0
ip address 10.1.2.1 255.255.255.0 secondary
HTH
Darren
At 03:10 PM 12/27/2001 -0500, John Mairs wrote:
>Hi,
>
>I have a 2501 (one ethernet interface) and I wanted to
>route over that interface b
Join Books A Million's Millionaire Club. The club discount on books makes
them hard to beat. Go to the following to see what I mean:
http://www.booksamillion.com/ncom/books?id=2095579934874&pid=1587200023
I'm a member of the club so the book is only $60.75 (19% savings). The
club fee is only
221563 ) Watch the rap.
At 12:13 PM 12/27/2001 -0800, John Mairs wrote:
>Thank you sir! I appreciate your time on this. one
>side though if it's ok, what is the difference between
>secondary interfaces and sub-interfaces?
>
>John
>
>
>--- Darren Crawford wrote:
According to this you can get a used copy for $51.69 delivered. Someone
purchased the book a few days ago and is reselling it? Strange.
D.
At 09:18 PM 12/27/2001 -0500, Rich Russell wrote:
>www.bestwebbuys.com/books
>
>ranks the books from cheapest to most expensive with shipping
>
>Rich
>www.
You can clear the trunks for anything 2-1005 and 1025-4096 (6000 series)
but I don't believe it will allow you to do that with the default VLAN.
HTH
Darren
At 06:59 PM 1/2/2002 -0500, Ali, Abbas wrote:
>Is it possible to remove default Vlans 1, 1002-1005 from ISL trunking? I am
>setting up a I
I must disagree with VLAN 1 being the only administrative VLAN. It is
simply the default VLAN. At a previous client I set up a DMZ switch with a
management VLAN of 999. This was on a Cat5505.
HTH
Darren
At 11:28 PM 1/2/2002 -0500, Mark Odette II wrote:
>Ali-
>If my memory serves correct, you
2 -0500, Hire, Ejay wrote:
>True enough, the management VLAN doesn't have to be 1. Using 1 is
>reccomended however, because it is the default.
>
>-Original Message-
>From: Darren Crawford [mailto:[EMAIL PROTECTED]]
>Sent: Thursday, January 03, 2002 12:32 PM
>To: [E
A) No. But next time try "clear controller s 0/0" or whatever slot it's in.
B) Carriers never admit they have a problem
C) It could have been something goofy like your cable got bumped and
loosened the WIC. If everything was buttoned down tight this is highly
unlikely.
HTH
Darren
At 04:07 P
Did you notice that they want "3-6 years experience in High Speed
Networking" as well. A CCIE below 3000 has well over 6 years experience.
They don't even know what they're asking for.
At 03:02 PM 9/10/2001 -0400, Eric Rogers wrote:
>I was just cruising on the dice jobs board when something caug
My client has a configuration as shown below running over a 56K circuit for
IP traffic and some terminal access to a mainframe not yet upgraded for
TN3270.
HTH
D.
At 05:46 PM 9/11/2001 -0400, MADMAN wrote:
>ME thinks Russ wants to bridge and route the same protocol in which
>case that won't wor
Excuse my ignorance but who is the CCNI offered by because it is not listed
any where on Cisco's site that I saw?
D.
At 03:52 PM 9/12/2001 -0400, SUranjith Ariyapperuma wrote:
>Fellow list members,
>I have been asked to do the Cisco Certified Network Instructor (CCNI) Lab 4
>(the final exam) in
I disagree. The books are different (some overlap but not much) and each
excellent in their own right. Volume II has a lot of I have both in my
library and would recommend everyone on this quest to do the same.
My $.02
Darren
At 09:51 AM 10/14/2001 -0400, Paul Jin wrote:
>Probably about 10-15
Both.
At 02:25 PM 10/26/2001 -0400, juno vtv wrote:
>Hi everybody,
>
>Does anybody know what the difference are between Jeff Doyle's Routing
>TCP/IP Vol 1 and 2, besides BGP stuff?I have heard some conflicting
>arguments about these books. Which volume would you guys recommend?
Thanks!
>
>-juno
Except when you're in the lab exam and you can't use static routes. ;^)
Darren
At 08:49 AM 10/29/2001 -0500, Engelhard M. Labiro wrote:
>Hi,
>
>Normaly use ebgp-multihop if you put the IP address
>of loopback interface of your peer at the neighbor command eg:
>if your peer loopback is 1.1.1.1,
Where's the phone number to dial? I've always used a phone number after
the broadcast statement. Like the following:
dialer map ip 172.20.10.2 name New_York_City broadcast 17775551212
HTH
Darren
At 05:27 PM 11/2/2001 -0500, nettable_walker wrote:
>11/2/2001 4:30pm Friday
>
>Professional'
More specifics would be helpful in helping you.
Darren
At 01:50 PM 11/15/2001 -0500, Patrick Ramsey wrote:
>My stuff is broken, I think I need some things to fix it.
>
>Any ideas on what's wrong?
>
>any help appreciated!
>
>-Patrick
x$:0`0:$xx$:0`0:$xx$:0`0:$xx$:0`0:$x$:0`0:$xx$:
Conduits are global and access lists are interface specific. Go with access
lists.
At 09:11 PM 7/17/2003 +, E. Keith J. wrote:
>Hi all
>
>
>
>The boss wants to allow ping.
>
>In the website I found the way by using an access list.
>
>In another config I see a conduit is used.
>
>
>
>Wha
YES!
At 03:56 AM 7/25/2003 +, Puckette, Larry (TIFPC) wrote:
>Is anybody else receiving multiple emails from [EMAIL PROTECTED] that
>are empty??
>
>Larry Puckette
>Network Analyst
>Temple Inland
>[EMAIL PROTECTED]
>512-434-1838
>Where there is no idol but money and power, there is no hope
www.solarwinds.net has a nice one.
At 05:15 PM 9/9/2003 +, Steven Aiello wrote:
>Any one know a good free subnet calc. After realizing how many break
>downs, and how many subnetworks you would have to figure for CIDR, I
>would rather not do it with pan and paper. Free is good, for the calc
71 matches
Mail list logo