Not sure what your using your access-list's for, but you may want to
consider implementing CBAC or Reflexive Access List's.
-Original Message-
From: Murphy, Brian J SSI-ISET-31 [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 28, 2001 10:22 AM
To: 'ciscojolof'; [EMAIL PROTECTED]
Sub
All depends on how much experience you have with Cisco products and overall
network knowledge. If your looking for a career change and plan on taking
the CCNA exam as your first IT Cert, it can and will be a very intimidating
exam. For those of us who have been in the field for a few years and hav
I am currently using two 1600 series routers and a 2924 Catalyst Switch to
prepare for my CCNP. I bought everything off of ebay. In my opinion, e-bay
is the way to go if your looking for used equipment.
-Original Message-
From: Foulks, Brian, CTR [mailto:[EMAIL PROTECTED]]
Sent: Wedne
It's relatively easy. For example if you wanted to simulate a Frame Relay
connection between the two routers via a DCE/DTE cable, you would configure
your routers as stated below;
Router 1 (the DCE end, provides clock at 64Kb, "clockrate 64000")
interface Serial1
no ip
No problem =)
-Original Message-
From: Mixa [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 28, 2001 1:50 PM
To: [EMAIL PROTECTED]
Subject: Re: Help!
You're the man! Thanks Damian. This really helps.
Mixa
"Rizzo Damian" <[EMAIL PROTECTED]
Did you try "erase start"
-Original Message-
From: Christopher Kolp [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 28, 2001 5:22 PM
To: [EMAIL PROTECTED]
Subject: quick way to clear config totally
Is there a quick way to clear the entire config of a router?
"setup" doesn't kill
Did you try another straight through cable? 9 times out of 10, the cable is
to blame.
-Original Message-
From: Charles Paver [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 28, 2001 9:24 PM
To: [EMAIL PROTECTED]
Subject: 1900 switch
Hi--I cant hyperterminal into my new 1900 ser
Try here...
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_5_2/config/v
lans.htm
-Original Message-
From: Gunjan Mathur [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 01, 2001 9:14 AM
To: [EMAIL PROTECTED]
Subject: How to setup VLAN, Pls help.
Hi,
I'm new to this fi
scg/inde
x.htm
http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/29_35xu/scg/kivl
an.htm
David Armstrong
"Rizzo Damian" <[EMAIL PROTECTED]> wrote in message
49C181ACF35ED311A7DC00508B5AF61102E52464@NAEXCHANGE">news:49C181ACF35ED311A7DC00508B5AF61102E52464@NAEXCHANGE...
>
Please excuse my ignorance, but what the heck is the command to enable
events and messages to be displayed via a Telnet
session instead of the default console session? Thank you!
Damian Rizzo-CCNA+ Security, CNE, MCP
Senior IT Engineer
Marakon Associates
203-978-6341
[EMAIL PROTECTED]
___
Ahhh yesthank you very much!
-Original Message-
From: Foulks, Brian, CTR [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 01, 2001 12:34 PM
To: 'Rizzo Damian'; '[EMAIL PROTECTED]'
Subject: RE: embarrasing question...
term mon
> -Original Message---
Anyone have any success using Ciscos' Secure VPN Client v.1.0 or 1.1 on
Windows 2K?...It seems it doesn't work. What do I use on Win2K Clients then?
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and
unfortunately.
-Original Message-
From: Chris Lemagie
To: [EMAIL PROTECTED]
Cc: Rizzo Damian; [EMAIL PROTECTED]
Sent: 3/1/01 6:47 PM
Subject: RE: VPN Client for Windows 2000?
The only version of the VPN 3000 client that supports Windows 2000 is
currently in Beta. I know a lot of
You wouldn't be able to authenticate to a Cisco Router running IPsec, using
DES and
MD5.
-Original Message-
From: michael liu [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 02, 2001 3:12 PM
To: [EMAIL PROTECTED]
Subject: VPN client for windows 2000
You could use pptp in windows 2000
I have two 1600 series routers that I am trying to upgrade to a IPsec
feature set IOS. The problem I am experiencing is no matter version of the
feature set I try (I've tried 4 so far), after the image appears to load
successfuly from a TFTP server, the router displays the message "Image
Checksum
I have a home lab with a few routers and switches, I have a permanent DSL
connection but unfortunately they use PPPoE for authentication. Is there any
way possible I can use this connection with a Cisco Router??? I'd like to
plug the modem into my router and then route traffic from there. But can'
PM
To: Timothy Metz; Rizzo Damian; [EMAIL PROTECTED]
Subject: Re: DSL internet with PPPoE
Tim, PPPoE fundamentals are pretty much similar to PPP over WAN links but
PPPoE breaks the boundary on router/modem & brings down to host level where
PPP is initiated just like a router but instead of se
rahul.
- Original Message -
From: "Rizzo Damian" <[EMAIL PROTECTED]>
To: "'Rahul Kachalia'" <[EMAIL PROTECTED]>; "Timothy Metz"
<[EMAIL PROTECTED]>; "Rizzo Damian" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Tues
fool around with access-list's, Firewall feature set, NAT, PAT, etc...
-Original Message-
From: Glenn Johnson [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 06, 2001 3:58 PM
To: Rizzo Damian; 'Rahul Kachalia'; Timothy Metz; [EMAIL PROTECTED]
Subject: RE: DSL internet wit
I'm having some problems with a cisco-cisco IPsec setup that is utilizing
private addresses on both ends of the SA with public addressing in between.
When the SA begins to be established, IKE works fine - but the IPsec SA
fails with the note 'proxy identities not supported'.
What does 'proxy id
IMO, the PIX is not a router and does not perform any routing or load
balancing that I am aware of.
-Original Message-
From: Yonkerbonk [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 08, 2001 10:49 AM
To: [EMAIL PROTECTED]
Subject: Off Topic: Load Balancing Through a PIX
What wit
Your joking right?
-Original Message-
From: Daawa LilAllah [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 08, 2001 11:16 AM
To: [EMAIL PROTECTED]
Subject: ** Beside Cisco ** OFF Topic Only Interested Read *
Group,
I know I will get flamed for this but I just want to sha
the same DLCI number. Is this correct?
Damian Rizzo
Senior IT Engineer
Marakon Associates
203-978-6341
[EMAIL PROTECTED]
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations
It was my understanding that two devices in a PVC connection had to have the
same DLCI number. Is this correct?
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROT
The only way I know of to give seperate users "enable" mode passwords is by
using the "enable secret level 1-15" command, usually used in conjunction
with the "privilege exec" command.
-Original Message-
From: Sean Young
To: [EMAIL PROTECTED]
Sent: 3/11/01 8:58 AM
Subject: help with c
Block ports 500(isakmp), 50(esp) and 51(ahp).
-Original Message-
From: Gil Shulman [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 12, 2001 6:37 AM
To: 'Damien Kelly'; '[EMAIL PROTECTED]'
Subject: RE: Access list to deny IPSEC on C1600
Hi,
The IPSEC protocol uses UDP port 500.
G
>
> Do any of you know of any software utilities that can track and monitor
> what percentage of internet bandwidth is being used by various tasks
> such as streaming video, http, mp3, java, etc...?
>
> Thanks.
>
>
>
>
>
>
> Damian Rizzo
> Senior IT Engineer
> Marakon Associates
>
Anyone know if a 3102 Router's serial port is the DB-60 kind of today or
not so much?
Damian Rizzo
Senior IT Engineer
Marakon Associates
203-978-6341
[EMAIL PROTECTED]
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Repo
Here's an interesting problem...We have two routers on their own subnet,
with Windows NT and 9x Clients. We setup WINS servers on each subnet to
resolve Netbios names. On one subnet we can see everyone in network
neighborhood (both subnets), but on the other subnet, we can only see
machines on tha
I just recenlty asked Cisco this same question, and their answer is still
"Not yet, but soon".
-Original Message-
From: Parris, Brian [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 15, 2001 11:20 AM
To: '[EMAIL PROTECTED]'
Subject: Question
Has Cisco come out with a version of Cisco
If you have 5 Hubs attached to a Cisco Switch, will the switch add every
MAC address that touches one of those Hubs to it's ARP table?
Thanks.
-Rizzo
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Rep
We have a problem with our 3660 router. We forgot the enable password and
need to start from scratch and recreate the passwords. The problem is, the
router has no Flash memory, so the router only boots into Rommon mode...I
don't believe these routers have bootflash, because you can't use the "bo
Rizzo
-Original Message-
From: EA LOUIE [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 20, 2001 4:32 PM
To: Rizzo Damian; [EMAIL PROTECTED]
Subject: Re: [Password recovery]
LOL... learn how to use http://www.cisco.com
my search of "Password Recovery" gave me:
http://www.cisco.com/
Were currently using EIGRP as our routing protocol and we now have two
separate T1 connections that were running Frame-relay on. If my
understanding of EIGRP is correct, then I shouldn't have to make any
modifications to the router in order for load balancing to take effect
correct?
Thanks!
Pretty sure you have to complete the CCDA exam before attempting the CCDP.
-Original Message-
From: anil.philip [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 26, 2001 3:45 PM
To: [EMAIL PROTECTED]
Cc: Andrew Larkins; Audio Kisei
Subject: Pre requisite for CCDP
Hello Everyone,
I pass
Sure, first thing I do is set the register to 0x3920 to increase the baud
rate on the router, then set your terminal software to a baudrate of 115200.
>From there a simple "xmodem filename" does the job. Never had a problem with
it.
-Original Message-
From: Niraj Palikhey [mailto:[EM
Can someone please give me a non-Cisco explanation between the
differences of the Gateway of last resort and the Default Gateway, which
logically appear to do the same thing?...Thank you!
-Rizzo
_
FAQ, list archives, and subscription info: http://www.gro
I'd like to make a comment regarding "Radius is more powerful"...In
actuality TACACS+ is Much more robust and versatile then RADIUS. From
encrypting the entire datagram, to using TCP, to being able to split
Authentication, Authorization and Accounting services, to setting privilege
exec levels, TA
u have any bench-mark to back
it up or do you hear it from "somewhere (presumably) cisco". I am not
saying RADIUS is better. I am just saying that RADIUS is more powerful
because it is widely used and there more developers support RADIUS than
TACACS+.
Sean
>From: Rizzo Damian <
Preparing for my BSCN exam, I have found myself unclear as to whether or
not EIGRP is in fact a Hybrid or Distance-Vector protocol. All the Cisco
classes I've been too have always referred to EIGRP as a Balanced Hybrid
protocol, now studying for my CCNP, I am finding EIGRP referred to as a
Dist
AH-port 50, ESP-port 51 and ISAKMP-port 500
-Original Message-
From: Ruihai An [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 30, 2001 12:05 PM
To: [EMAIL PROTECTED]
Subject: IPsec port
I configured my PIX as the IPsec VPN terminator to support DES VPN client.
I have an inbound access
Try here:
http://www-1.cisco.com/cgi-bin/Support/OpenForum/dispnewqa.pl/6614
-Original Message-
From: John Huston [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 30, 2001 12:47 PM
To: [EMAIL PROTECTED]
Subject: Back -to-Back
I would appreciate someone's knowledge on how to setup two Ci
SP = port 50.
> >
> > Christopher A. Kane, CCNP
> > Senior Network Control Tech
> > Router Ops Center/Hilliard NOC
> > UUNET
> > (614)723-7877
> >
> >
> >
> > -Original Message-
> > From: Rizzo Damian [mailto:[EMAIL PROTECTED
If I recall correctly, Instant Messenger utililizes port 5190. So something
like a "conduit deny tcp any any eq 5190" may work for you.
-Original Message-
From: Kevin O'Gilvie [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 04, 2001 12:42 PM
To: [EMAIL PROTECTED]
Subject: Block Insta
Is there a way to Prioritize Frame-Relay traffic to give a higher preference
to Microsoft Exchange traffic?
Thanks.
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PRO
Hi all...When I do a "show frame-relay pvc" on our Internet Router, the
following statistics bother me;
in FECN pkts 12974
dropped pkts 27
We have recently been experiencing some noticeable slow downs on our
Internet connection, do these statistics prove that we have
Anyone remember the keystrokes to stop a router from performing an endless
traceroute or ping?... Thanks.
-Rizzo
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=978&t=978
--
FAQ, list archives, and subscription info: http:
Depends on the IOS.
-Original Message-
From: Charles Nunie [mailto:[EMAIL PROTECTED]]
Sent: Friday, April 20, 2001 6:42 AM
To: [EMAIL PROTECTED]
Subject: QoS [7:1346]
Hi,
Can Cisco 2600 and 3600 be configured to provide Quality of Service? We want
to dedicate bandwidth to our wireless
If I have 2 routers connected back-to-back via their AUX ports and I
decided to implement OSPF, solely for the
purposes of training...will OSPF function and update properly over the AUX
ports? Thanks!
-Rizzo
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15
Quick question for you all. If you were to break a Frame Relay
connection going into a router by first plugging it into a hub, then
connecting it to the router, for the purposes of plugging a sniffer into
that hub to monitor all frame traffic, would this scenario work or not so
much? Thanks for
Message-
From: Rizzo Damian [mailto:[EMAIL PROTECTED]]
Sent: Friday, April 27, 2001 10:10 AM
To: [EMAIL PROTECTED]
Subject: Sniffer on a Frame line... [7:2253]
Quick question for you all. If you were to break a Frame Relay
connection going into a router by first plugging it into a hub, then
Do they make a serial cable that goes from DB60M to the new High
Density Smart Serial Male?
Thanks!
-Rizzo
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3091&t=3091
--
FAQ, list archives, and subscription info: http:
Hi all,
We have reason to believe we are experiencing Dropped packets
between us and our remote branch. What I need
Is proof, so I can go to my manager and say, "here, look at this". He
believes just because he looks at the router and does a "show frame pvc" and
the Dropped Pkts s
I clear the counters usually every 30 days.
And no there are no other branches going into this interface.
-Original Message-
From: Bob Timmons [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 15, 2001 10:59 AM
To: [EMAIL PROTECTED]
Subject: Re: Frame relay and dropped packets... [7:4529
Access-Lists are your friend.
-Original Message-
From: andre [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 17, 2001 1:44 PM
To: [EMAIL PROTECTED]
Subject: Network Access Control [7:4873]
Hello,
How do I control who accesses a network? I want to use a Cisco 2611
router, mostly cause
Hey folks, I have a quick question regarding BGP. We are looking for an
alternative ISP for our Internet. One company we spoke with that offers a
100MB connection, said that in order to use their services we need to
implement BGP on our Internet router. We currently utilize a class A address
on ou
As you'll find out, there is no 10/100 network module for the 2600 series
router. If you want a 10/100 capable router, you'll need a 2620, 2621, 2650
or 2651 router.
-Rizzo
-Original Message-
From: Rashid Lohiya [mailto:[EMAIL PROTECTED]]
Sent: Friday, May 18, 2001 2:32 PM
To: [
Hey all, is it possible to translate public IP addresses (outside) to
private IP addresses (inside) on a PIX firewall. Basically the exact
opposite of what's usually performed on a firewall. We are going to have
users dial in to our internet router and receive a Public IP address. They
have to get
:[EMAIL PROTECTED]]
Sent: Monday, May 21, 2001 11:44 AM
To: Rizzo Damian
Cc: [EMAIL PROTECTED]
Subject: Re: PIX question... [7:5248]
Sounds like a VPN is your best bet.
Should you decide to implement the VPN, you may want to consider whether
you still need to maintain the modem pool on the Internet
>
> -Rizzo
>
>
>
>
>-Original Message-
>From: Craig Columbus [mailto:[EMAIL PROTECTED]]
>Sent: Monday, May 21, 2001 11:44 AM
>To: Rizzo Damian
>Cc: [EMAIL PROTECTED]
>Subject: Re: PIX question... [7:5248]
>
>Sounds like a VPN is your best bet.
>Shou
Anyone know why I would have problems with apparently ANY routing
protocol over an HDLC point-to-point Link? Works fine with static routes,
but when I try to implement any routing protocol (RIP, EIGRP, OSPF, etc..)
they don't seem to work (no routes discovered). Am I missing something?
Thanks!
Cisco's ACS v2.6 using Radius and Funk's Radius Server are the only Two
known Radius server's that support MPPE (Tacacs is not supported). I'm
willing to bet your not using either one of those.
-Rizz
-Original Message-
From: Kenneth [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June
It was always my understanding that you could Not telnet to the outside
interface of a PIX firewall. I hear today that it is in
fact possible. Is that true?
Thanks,
-D
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=9218&t=9218
This was not very helpful James!
-Original Message-
From: Lee James [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 21, 2002 5:39 PM
To: [EMAIL PROTECTED]
Subject: RE: Rack [7:38796]
This electronic mail transmission contains confidential information intended
only for the person(s) n
Since no one else opted to field your question, please allow me.
It is absolutely possible! I have done in it at home with an Earthlink DSL
account. There are two scenarios you can have as outline below;
Scenario1:
Lan 2600(wic-1adsl card)--Internet
PPPOE client on the
Boot from a TFTP server. You don't need Flash!
-Rizz
-Original Message-
From: Scott Lokey [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 31, 2001 12:18 PM
To: [EMAIL PROTECTED]
Subject: Is loading IOS into 2500 with no Flash possible? [7:14375]
Hi,
I have 3 2500's that have 16meg RA
Hello all;
We have a challenge. It appears that we can not VPN through our PIX
firewall using PPTP to a remote location. Note, we are NOT using PPTP on the
PIX itself; we just want it to pass the traffic through it. Anyone see this
issue before and/or have any ideas to a possible soluti
I do not think this will work. I had the exact same problem as below, though
I was using a Cable connection. After talking with Cisco it was determined
that the problem was attempting to forward GRE traffic. Since GRE is a
Protocol and not a Port, it is extremeley difficult to route and/or forward
Sure does. Thank you all for your responses!
-Original Message-
From: R. Benjamin Kessler [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 04, 2001 11:01 AM
To: CiscoG; [EMAIL PROTECTED]
Subject: RE: Question about moving PVC's. [7:28062]
The ASCII Art didn't come through too well o
Hey all. Anyone know if you can successfully use a PIX firewall with
Multiple IP addresses?
For example; If you assigned a Public IP address to the outside interface is
it possible to assign a totally different Public IP address (different
subnet) for the "Global" IP addresses to be translated?
y arp for those
addresses, but I can't recall. As long as your forwarding that subnet
directly to the PIX's outside interface it'll be fine.
Darrell
"Rizzo, Damian" wrote:
>
> Hey all. Anyone know if you can successfully use a PIX firewall with
> Multiple IP a
Hey all, got a quick question regarding VLANS. Can you create multiple
VLANS in the same subnet?
For instance if you have RouterA-->VLAN1--> VLAN2-->etc... Can both VLAN 1
and 2 be in the same subnet?
Thank you.
This electronic mail transmission contains confidential informa
Hi, does anyone know for sure if the NM-2FE2W 10/100 FastEthernet Module
is in fact compatible with a 2600 series router? I've been told yes and no
and I've only used it in a 3600. Thanks for your help!
-R
This electronic mail transmission contains confidential information inte
I as well!
-Original Message-
From: VNithianandam [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 04, 2001 12:23 PM
To: [EMAIL PROTECTED]
Subject: RE: how to build a pix firewall out of a PC box. [7:18335]
I would be interested in building a PIX firewall.
Vini
-Original Me
I have the below and I personally feel as if I have too much!!!
2 1604's
1 2610
1 2924 Switch
1 PIX-506
Don't understand why so many people believe they must go overboard on
equipment.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, S
Hey all, I have a quick question regarding a Catalyst 2900XL Switch.
All appears well, all the status LED's are green with the exception of two
of them. Coincidentally, those two ports are connected to the Uplink ports
of two Hubs. Now both hubs work fine, all connected devices work fine, a
"show
come to know
and love!
Again thanks for your assistance!
-Rizzo
-Original Message-
From: Leigh Anne Chisholm [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 04, 2001 6:21 PM
To: Patrick Ramsey; [EMAIL PROTECTED]; Rizzo, Damian
Subject: RE: Orange lights on Catalyst 2900XL S
77 matches
Mail list logo
