What about a static route?
"Clue Less" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi,
>
> Just trying out ospf401 on fatkid, and was reading the hints about
> summarizing. Here's the hint
>
> "There are two built in OSPF methods to summarize OSPF routes.
tudents ask you questions and you
must continually tell them you'll have to look it up (and I've seen many
cases like this), then as an instructor, you won't survive in this business
very long.
Hope this helps...and good luck to those that are really serious about
trying this!!
e latter is the more preferrable. I
haven't experienced this
problem lately (version 5.x code), but have experienced it in 2.x and 3.x
code--I don't remember with 4.x
Hope this helps.
Enjoy!
Richard Deal
""Jennifer Cribbs"" wrote in message
[EMAIL PROTECTED]"&g
Having taught all of these classes (and still teaching), I agree with the
below order.
Enjoy!
Richard Deal
""mtxpert"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I took the routing test first and found it's information was repeated
>
The test covers the IOS of the 1900 series and the set-based interface of
the 5000 series--the IOS interface of the XL and 5000 is NOT covered.
And yes, there are some significant differences between the IOS of the 1900
and XL series, as you have found out.
Enjoy!
Richard
""Hunt Lee"" wrote i
, instead of passing them
transparently through the network, tried to process them, causing the
customer all kinds of problems.
Hope this helps!
Enjoy!
Richard Deal
[EMAIL PROTECTED]
* Author of the following Coriolis books: CCNP Switching Exam Cram, CCNP
Remote Access Exam Prep, and C
This is correct...assuming that the other end IS point-to-point. the
encapuslation will have to match on the two ends, like "aal5snap".
Enjoy!
--
--------
Richard Deal
[EMAIL PROTECTED]
* Author of the following Coriolis books: CCNP Switching
It's the 1900 switch that uses case-insensitive passwords. The routers, ATM
switches, set-based switches, and XL switches have case-senstive
passwords...basically everything else.
--
Richard Deal
[EMAIL PROTECTED]
* Author of the following Cor
Sometimes you get
get a good deal, but expect to fork over about $1,000. Everyone in the
CCNP/CCIE hunt is looking for one. :-) Teltone makes a very nice one. I
really like their 4-port model where you have 2-U and 2-S/T interfaces.
Good luck!!!
--
--------
Ri
brainer.
Enjoy!
--
--------
Richard Deal
[EMAIL PROTECTED]
* Author of the following Coriolis books: CCNP Switching Exam Cram, CCNP
Remote Access Exam Prep, and CCNP Cisco Lan Switch Configuration; as well as
a CCNP test author for ww
Try this:
line 1-8
absolute-timeout 480
transport input telnet
transport output telnet
telnet transparent
stopbits 1
Enjoy
--
Richard Deal
[EMAIL PROTECTED]
* Author of the following Coriolis books: CCNP Switching Exam Cram, CCNP
Remote
You need "transport output telnet"--this is the default, but you've
overrridden it with the "none" parameter.
Enjoy!
--
----
Richard Deal
[EMAIL PROTECTED]
* Author of the following Coriolis books: CCNP Switching Exam Cram, CCN
10, but you can
build PVCs, it will support SVCs, and it will do SoftPVCs.
Enjoy!
--
--------
Richard Deal
[EMAIL PROTECTED]
* Author of the following Coriolis books: CCNP Switching Exam Cram, CCNP
Remote Access Exam Prep, and CCNP Cisco Lan Switch Configurat
Dear Hunt,
1 & 3 apply to all VLANs on the respective ports--all VLANs are treated the
same. Commands 2 and 4 allow you to change the values on a per-VLAN basis,
treating each VLAN differently.
Hope this helps!
Enjoy!
Richard Deal
[EMAIL PROTECTED]
* CCNP test author for www.equizware.com
realized one day that when they added another
machine to the network, it broke the cycle, and then they decided to
redesign their network with routers (which was why I was there).
Enjoy!
Richard Deal [EMAIL PROTECTED]
* CCNA/CCNP test author for www.equizware.com--500 questions each for the
CCNA Rout
x27;m currently redesigning a network that would have
> > a vlan containing about
> > 300 devices. Is the 254 restriction a design one?
> > Please can someone
> > enlighting me on this issue.
Richard Deal [EMAIL PROTECTED]
* CCNP test author for www.equizware.com--500 q
I'm about to run a trial of CSPM 2.3i for some IDS sensors that I have. I
noticed in the release notes that this version of the product only runs on
Windows NT 4.0; however, I --REALLY-- would like to run this on Windows 200
server.
Has anyone had any success on running this on Windows 2000 serv
popular form of a
Denial of Service (DoS) attack where a hacker floods a service with TCP
SYNs. Many firewall solutions, including the PIX and the IOS Firewall
feature set have mechanisms to deal with this kind of attack.
Hope this helps.
Cheers!
--
Richard Deal
* Author of the ebook "CCNA Se
se tell Larry I said "hi!" and I'd be curious to find out what he's up
to.
Best of luck Time!
--
__
Richard Deal
email: [EMAIL PROTECTED]
web: http://pages.prodigy.net/richard.deal
* Just finished a CCNA ebook available at Boson (www.boson.com):
+ "C
ey exchange, even though the man-in-the-middle sees
the public keys that are shared, it doesn't see the private keys, nor the
new "secret" key derived from the remote's public and your private.
Hope this helps
Happy holidays!
--
________
was a pretty good book. I expected the book to be about 500 pages but it
comes in at about 350 pages.
Hope this helps!
Enjoy!
--
Richard Deal
* Author of the ebook "CCNA Secrets Revealed!" and Exam Cram and Exam Prep
books from the Coriolis Group
* Test author for QuizWare (www.quizw
To all,
I have received an email from Brantley Coile, on of the two co-developers of
the PIX firewall, congratulating me on my book. He kindly sent me
information about the development of the PIX and its subsequent sale to
Cisco. If you would like to see the entire story, please visit this link
(w
You can restrict console access with a username and password, but it
requires you to configure AAA.
Cheers!
--
Richard A. Deal
Visit my home page at http://home.cfl.rr.com/dealgroup/
Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, a
t; Jason, I haven't taken the test yet but will be at the end of the month.
> The book I am using is Cisco Pix firewall by Richard Deal. Alot of people
> consider it the best one out. Or you can wait till March 31st and get the
> cisco press book.
>
>
> John
>
>
> On
Juan,
The PIX does not permit you to telnet into it from the "outside"
interface--this is a security feature. There are two solutions available:
SSH and a VPN. My recommendation is to go the hard route and set up a remote
access VPN connection to the PIX--SSH has been shown recently to have some
v
Jojo,
I didn't see the ACL applied to the interface; also, make sure you execute
"clear xlate" after this.
Cheers!
--
Richard A. Deal
Visit my home page at http://home.cfl.rr.com/dealgroup/
Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam
Carol,
No, the PIX cannot block email SPAM. It can help filter web content
information, but requires a third party product, like WebSense or Sentian to
assist. You'll need to find another solution than the PIX.
Cheers!
--
Richard A. Deal
Visit my home page at http://home.cfl.rr.com/dealgroup/
Manny,
Yes, you can limit the maximum number of connections to a device and the
maximum number of half-open (embryonic) connections. This is done with the
NAT command, at least in your case, since the connections are going from
high-to-low security levels. The NAT command allows you to specify the
Priscilla,
I hate to burst the bubble, but the current BSCI test includes IS-IS. I'm
not sure about the new foundation exam, since I couldn' find when this was
updated, but the BSCI exam was updated within the last 6 months, so I'm
assuming you'll find IS-IS on it.
Cheers!
--
Richard A. Deal
Vi
Was this NAT or PAT?
If PAT, and the client kept on trying to open up new connections, the source
port would probably be different for each, thus a new xlate in the
translation table.
Cheers1
--
Richard A. Deal
Visit my home page at http://home.cfl.rr.com/dealgroup/
Author of Cisco PIX Firewal
Was this NAT or PAT?
If PAT, and the client kept on trying to open up new connections, the source
port would probably be different for each, thus a new xlate in the
translation table.
Cheers1
--
Richard A. Deal
Visit my home page at http://home.cfl.rr.com/dealgroup/
Author of Cisco PIX Firewal
tp://www.mddailyrecord.com/current_issues/2_89_monday/businessnews/58338-1
.html
> >
--
__
Richard Deal
email: [EMAIL PROTECTED]
web: http://pages.prodigy.net/richard.deal
* Just finished a CCNA ebook available at Boson (www.boson.com):
+ "CCNA Secrets Revealed!"
* CCNP test
To all,
Does anyone know the MCNS passing mark as well as the number of questions?
Thanks!!!
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24935&t=24935
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/
ame format, same questions...
>
> Dvass
--
__________
Richard Deal
email: [EMAIL PROTECTED]
web: http://pages.prodigy.net/richard.deal
* Just finished a CCNA ebook available at Boson (www.boson.com):
+ "CCNA Secrets Revealed!"
* CCNP test author for QuizWare (www.qu
To all,
In 6.2 of the FOS you CAN do this :-).
You just have a situation of overlapping networks. here is the info on how
to accomplish this:
http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration
_guide_chapter09186a00800eb71e.html#xtocid26
(watch the wrap).
Cheers!
Richa
Arni,
I believe the throughput of the 800 series is about 384Kbps when doing
encryption, so you might want a bigger router.
Cheers!
--
Richard A. Deal
Visit my home page at http://home.cfl.rr.com/dealgroup/
Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CC
Ramesh,
As to routing, the PIX will forward packets from one interface to another,
but you have to do certain things to accomplish this:
>From higher security level to lower, you need nat and global commands; from
lower to higher, you need static and access-list commands.
Fro external people acce
Arni,
Thanks for the kudos!
Just do a search on Cisco's web site for "+router +encryption +throughput".
Unfortunately, the only place I've ever seen this information brought
together was Cisco's official course material (like the CSVPN coursebook).
Hope this helps.
Cheers!
--
Richard A. Deal
Vi
Ciaron,
You know, I've been impatiently waiting for the same feature. When I teach
classes that are remote for Boson, we use a 3002 and a router. I need to set
up a GRE tunnel and then encrypt this tunnel. And because this stuff
typically goes through a firewall, I need a TCP VPN connection. It wo
John,
The CSS1 exams are valid until the end of January, upon which you must take
the new exams. CiscoPress doesn't have any books out yet on the new tests.
Cheers!
--
Richard A. Deal
Visit my home page at http://home.cfl.rr.com/dealgroup/
Author of Cisco PIX Firewalls, CCNA Secrets Revealed!,
Arni,
Thanks for the plug on my book. You can also use it to study for the new PIX
exam, if you are thinking of pursing the CSS1, CCSP, or PIX specialist
certification. If you have any questions while reading it, please don't
hesitate to shoot me an email.
Cheers!
--
Richard A. Deal
Visit my ho
n message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> So when are you going to write one, Rich?
> We're waiting. :)
>
>
> Quoting Richard Deal :
>
> > John,
> >
> > The CSS1 exams are valid until the end of January,
> > upon which
wish I did. Too many other things to do and keep up with. Not much
> available on the PDM. Cisco's got squat on their site about it other than
> installation. Wonder what all I can do thru the PDM that I just don't know
> about.
> Thanks for writing the book.
>
> Mark
>
aces configuration examples like 0,100,99
> and 70. Thanks
> Shahid
> Richard Deal wrote:Mark,
>
> Actually, Mark, I'm one step ahead of you :-). My PIX book came out at the
> end of October from McGraw-Hill/Osborne. I wrote it as a non-certification
> book, but it co
To all,
I have the same problem with my 501 at home--the power connector that Cisco
developed is junk. Just touching the power connector (seated into the PIX)
usually causes it to have conniptions.
Cheers!
--
Richard A. Deal
Visit my home page at http://home.cfl.rr.com/dealgroup/
Author of Cis
To all,
WebSense, and N2H2 (in 6.2), are good solutions if you want to filter web
CONTENT--if you have a statitic list of sites, then using an ACL will do the
job. Another solution, especially if you have roaming users and their IPs
are assigned via DHCP, is to use Cut-Through proxy--with this sol
To all,
There is a freeware program called Dr. TCP Win for Windows 2000/XP that
allows you to change both the MTU and TCP Window size--requires a reboot,
though, after the change.
Cheers!
--
Richard A. Deal
Visit my home page at http://home.cfl.rr.com/dealgroup/
Author of Cisco PIX Firewalls,
To all,
Use the "show route" command to see if you received the default route. One
configuration mistake that you might have made with the "ip address" command
is omitting the optional "setroute" parameter at the end. This parameter
accepts and uses the default route received from the ISP. The com
Mark,
Thanks for the kudos. I worked really hard on the book and I know, after
having written 6 books, that you can't please everyone. However, of all of
the books that I've written, I'm proudest of this book. Yes, there are some
errors that slipped in during my last review of the book and when it
d, some multiple
> times, and I hope I'm not offending anyone by asking this question: How
well
> does a book publisher pay for the books you write? I'm not expecting any
> specific figures, but a ballpark figure would be interesting.
> Thanks!
> GM
>
> -Original
Jamie,
Not quite...what you can do, however, is have all traffic go through one PIX
and have another PIX as a failover. In this scenario, if one PIX would fail,
the other could kick in--in this scenario, only one PIX is active. Of
course, this still presents a problem of an exit path--by default,
Joe,
The Cisco Press book has material to help you with both tests. Boson and I
use the book to teach our CSS1 bootcamp classes.
Cheers!
--
Richard Deal
* Author of the ebook "CCNA Secrets Revealed!" and Exam Cram and Exam Prep
books from the Coriolis Group
* Test author fo
It's probably an MTU problem.
I have an IPSec connection being tunneled via GRE, which in turn, is
tunneled by another IPSec connection. Don't ask why I'm doing this :-) But
we had to set the MTU down to 1320 to prevent fragmentation, and thus
performance, issues.
In your case, you might want to
David,
No, the course has completely changed. The switches are different--3550s and
2950s. Most of the content is different, including topics like new enhanced
STP features, CEF, VRRP, queuing and prioritization, metro and optical, and
many other topics. I'd definitely take the newer version since
DJ,
You need to either take the course or buy a used one off of eBay. And the
newer courseware won't be cheap--in some instances, expect to pay up to
$300US for it, depending on the demand.
Cheers!
--
Richard A. Deal
Visit my home page at http://home.cfl.rr.com/dealgroup/
Author of Cisco PIX
There is a new exam, called SECUR. With this exam, no PIX stuff is
covered--only router stuff. I would definitely look at the objectives for
the exam, since there is a bunch of new stuff, like Authentication proxy,
IDS, and other stuff.
Cheers!
Richard Deal
""thartman"" w
Huge differences.
I'm just finishing my Exam Cram book for Que Publishing on the new exam, and
there is probably a 50-70% change in material. Out of all of the CCNP exams,
this one definitely changed the most. MLS is completely revamped--CEF; new
enhancements to STP--RSTP and other stuff; IOS conf
Tu Do,
Thanks for the kudos!
And goo luck with your studies!
Cheers!
--
Richard A. Deal
Visit my home page at http://home.cfl.rr.com/dealgroup/
Author of CCNA Cisco Certified Network Associate Study Guide (Exam 640-801),
Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access Exam Pr
58 matches
Mail list logo
