RE: OT-Netscreen 5xp VPN very slow [7:62461]

finally found the problem. my end is configured for IKE replay protection but the far end isn't so it drops packets. The interesting thing is that I got some packes but not all, which made me think it's simply slow. found this out by "debug vpn". Thanks all for your help. Cheers. Xueyan Mess

RE: OT-Netscreen 5xp VPN very slow [7:62461]

checked duplex/speed, they were 10 half, set to full, didn't help. I'll post my findings if I can find the problem. Xueyan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62581&t=62461 -- FAQ, list archives, and subscription info:

RE: OT-Netscreen 5xp VPN very slow [7:62461]

I'm using the first connection. But if I access intranet, I would go through a gateway on the other end. Don't see anything abnormal in log. Thanks. Xueyan Ivan Yip wrote: > > Hi, > > Did you check the NS-5XP log? > Also, if you place your PC behind the NS and access internet, > what's the pa

OT-Netscreen 5xp VPN very slow [7:62461]

Hi, Group Can somebody help with this problem with a netscreen 5xp firewall running VPN (3des)? It's behind a cable modem. If I connect my pc directly to the modem, I can surf the internet fine. As soon as I put my pc behind the firewall and try to access intranet web page through vpn, it's very

Re: Help the newbie... [7:62087]

another option is to use ospf and cef to load balance the links then configure BGP with loopback interfaces to use the two ospf routes (make them equal cost). same concept as using two static routes but a little more flexibility. Xueyan Message Posted at: http://www.groupstudy.com/form/read.php

RE: MTU and TCP in PIX [7:61441]

Since Priscilla has brought a very good point about fragmentation, I'll add my 2 cents. Worked with pix before but not an expert. Say PIX does fragment, would the return packet be recognized as a valid packet for a previously established session? Xueyan Message Posted at: http://www.groupstudy.c

RE: route-map no-export - not working!! [7:61480]

Looks like you have "permit" all the way but no "deny" on the particular AS. change one permit to deny either in your route-map or access-list should fix the problem. Xueyan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=61501&t=61480 ---

Re: Diff. b/w ^701$ 701$ _701$ _701_ [7:61219]

You're right. Didn't think that you would have number(s) right before 7. Xueyan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=61233&t=61219 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html R

RE: Diff. b/w ^701$ 701$ _701$ _701_ [7:61219]

Hi, The following cisco webpage explains different regular expressions. http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_command_reference_chapter09186a00800ca655.html >From what I worked in the isp world, ^701$ matches routes with AS number 701 only in the AS-PATH 701$ matches rou

RE: Need CCIE [7:61155]

Hi Mr. A P Where is this position located? Direct or contract? How much do you want to pay? Benefits? Vacation? etc. We need more information than just say "hey, we need a CCIE" Xueyan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=61209&t=61155 -

Re: Is a Virus or Hacker attack?? [7:60114]

could be the yaha viarant that's spreading these days. as John has mentioned, check out symantec website for removal tools. http:[EMAIL PROTECTED] Xueyan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=60117&t=60114 -- FAQ, list a

RE: How to monitor the port in another switch? [7:59516]

configure rspan port instead of span port. see cco http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a008007f323.html#xtocid16 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59634&t=59516 -

Re: Routers multicast address 224.0.0.2 ?! [7:59609]

Hi, there I think there is a way to force a router interface to join a multicast group. try this command under the interface see if that helps. from cco ip igmp join-group group-address To have the router join a multicast group, use the ip igmp join-group interface configuration command. To canc

RE: E1 back to back connection [7:59600]

Should be same as T1 cross-over, check out this website http://www.nettonet.com/support/faq/#00084.en-us 1 -> 4 2 -> 5 4 -> 1 5 -> 2 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59622&t=59600 --

RE: ACS Authentication/Auth/Accounting [7:59393]

Do you have an enable password configured on the router? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59396&t=59393 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Non

RE: Cisco Tracking Center [7:59386]

here is the link, also accessable from main page/learning&events https://www.certmanager.net/~cisco_s/login.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59388&t=59386 -- FAQ, list archives, and subscription info: http://www.

RE: 2511 problem [7:59366]

yes, there is. check out this cisco page. http://www.cisco.com/en/US/tech/tk801/tk36/technologies_configuration_example09186a0080093c7b.shtml Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59370&t=59366 -- FAQ, list archives, and s

RE: BCRAN 640-605 test [7:59234]

Those I got (a month ago) were IOS based. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59290&t=59234 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure viol

RE: help [7:59112]

You have the wrong default gateway. It should be yor provider's address. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59115&t=59112 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report mi

RE: Switching Exam [7:59082]

They are very similar to the real ones. I used the one for 605 and it helped to know what to expect. Xueyan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59083&t=59082 -- FAQ, list archives, and subscription info: http://www.grou

RE: Can I configure BGP neighbor using HSRP VIP ip add [7:58908]

I ran into this problem before and figured out I had to peer with the real addresses. That worked out fine. Xueyan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58910&t=58908 -- FAQ, list archives, and subscription info: http://w

RE: Is there a redirect traffic command in IOS ? [7:58887]

you can configure policy based routing to achieve that. Xueyan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=5&t=58887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct

Re: ccnp switching passed!!! [7:57482]

I used the old book for 605 too. No problem. So don't through the books out of the window yet:) Xueyan --- Leonardo Rocha wrote: > People, yesterday I took the 640-604 exam and passed > with 901, I did spend > 37 minutes to answer the questions which were so > well defined. > Used only the cisc

RE: ISDN/DDR - Bandwidth on Demand [7:57038]

Is the route through your isdn link in your routing table? Or you have a more optimal route so traffic is taking that route instead. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57053&t=57038 -- FAQ, list archives, and subscripti