Hello,
I would like to ask you how to define a new radius attribute on a Cisco NAS
(Cisco 3825).
We have already define the attribute on our AAA server, but we don't know how
to configure the Cisco NAS for this new attribute.
Please could you help us to solve this ?
Thanks.
Best regards
Tj
Last time I looked into this (mid last year) the Linux bits weren't very
mature. Not sure how Mikrotik or Vyatta have changed it. Hopefully they
have made things better.
Rubens Kuhl wrote:
Have anynone done any testing interoperating Cisco MPLS (Cat 6k or
7600 families) with Mikrotik (which
Have anynone done any testing interoperating Cisco MPLS (Cat 6k or
7600 families) with Mikrotik (which is just packaging of MPLS Linux) ?
I'm specially curious about EoMPLS and H-VPLS interoperating, but
basic LDP/RSVP/MPLS-TE/MPLS-FRR also needs to be addressed, of course.
Rubens
___
On Wed, 29 Apr 2009, Jose wrote:
I was wondering if someone might have an explanation as to why we encountered
an issue with uRPF (loose mode) when we tried enabling it on our upstream
facing links. We have 2 x 7603s w/ SUP32 acting as our Gwy routers and our
transit providers connect into th
> the new[ish] Catalyst 2975 switch looks like a 2960+stacking.
> Do these things stack with 3750s / 3750Es ? They show
> up as another "blade" on the stack?
Word I have is that they do not stack. Haven't physically plugged one in to
see what happens, however.
B.
__
I was wondering if someone might have an explanation as to why we
encountered an issue with uRPF (loose mode) when we tried enabling it on
our upstream facing links. We have 2 x 7603s w/ SUP32 acting as our Gwy
routers and our transit providers connect into them (one on each gwy +
private peer
Hi All,
This seems like a simple solution, but I cannot seem to get this working.
What I have is a the following setup...
837---[Internet]Pix5157200--[T1]Customer 2691
I have a lan to lan tunnel going from the 837 to the pix. The 7200 behind
the pix is addressed with
ormation from ESET NOD32 Antivirus, version of virus
signature database 4043 (20090429) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mail
her.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
__ Information from ESET NOD32 Antivirus, version of virus
signature database 4043 (20090429) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
_
It's really hard to say without knowing some details about your network but
if you want 1 path active at once you can always use the max-paths command
set to 1.
tv
- Original Message -
From: "Jason Link"
To: "Cisco-nsp"
Sent: Wednesday, April 29, 2009 2:57 PM
Subject: [c-nsp] ASA /
Hello ,
We want to rent the internet access service to the houses which are
provided to employees. That's why we need bandwidth limit per user and
billing system solution. There will be also a guest users in the network.
Could you give me an idea , is it possible to do that with Cisco wireless
Quick question... the new[ish] Catalyst 2975 switch looks like a
2960+stacking. Do these things stack with 3750s / 3750Es ? They show
up as another "blade" on the stack?
Jeff
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net
Hello all,
With an ASA running a redundant physical interface pair for the Inside
interface, each link connected to a separate switch which is connected
to a separate router, and everything running EIGRP, I get multiple
routes (2) to the same destination subnet, one for each of the connected
ro
Hello,
Forget about it. I solved the issue by clamping the TCP MSS (maximum segment
size) to 1200 bytes on packets flowing through the corresponding router
interfaces.
I used the following command in config-int: ip tcp adjust-mss 1200.
This trick prevent IP fragmentation along the path by forcing
Thanks Steve, after seeing your example, I found this
http://www.cisco.com/en/US/partner/tech/tk543/tk545/technologies_tech_note09186a0080114326.shtml
Would it work on inbound traffic?
On Wed, Apr 29, 2009 at 1:43 PM, Steve McCrory
wrote:
> Hi Chuck,
>
> Here's an example of a nested policy th
Jason, Michael, and Luan,
Thanks for the replies. That's exactly what I was looking for. I never
looked for a sub-option under the split-tunnel config. I figured there
was an alternate command to the split-tunnel command that I just
couldn't find.
Thanks again
Justin
Jason Link wrote:
Not really - simply don't specify a split tunnel policy under the
group-policy for the Remote Access group on the ASA.
group-policy RAS attributes
dns-server value X.X.X.X
vpn-tunnel-protocol IPSec
split-tunnel-policy excludespecified ! don't need
split-tunnel-network-list va
Hi Justin:
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Justin Shore
Sent: Wednesday, April 29, 2009 11:30 AM
To: 'Cisco-nsp'
Subject: [c-nsp] PIX/ASA full tunnel for clients
I've got what's probably a simple question t
In the group policy for the specific VPN instance, use
"split-tunnel-policy tunnelall"
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Justin Shore
Sent: Wednesday, April 29, 2009 1:30 PM
To: 'Cisco-nsp'
Subject: [c-nsp]
Hi Marlon
Unfortunately I'm not that familiar with all the IPTV equipment. I just saw a
few slides about the system last week at a local Cisco conference. I suggest
you contact your local Cisco contact for further details.
__
Med venlig hilsen / Kind r
Leif Sawyer wrote:
The bad:
There is no cisco firewall archetecture that allows mixed-mode
IPv4 and IPv6. Oh, they -claim- that it works, but it is so full of
caveats
and bugs that it is effectively broken.
Does this include the FWSMs or just the ASAs and PIXs?
2) if you ment
I've got what's probably a simple question that I just can't figure out.
Is there a trick for setting up a "full" tunnel client VPN profiles (ie,
no split tunneling?) on a PIX or ASA running v7 or better? I used to do
this on VPN 3000 Concentrators with ease but my searches on "cisco ASA
ipse
Renelson Panosky wrote:
> Hello fellow Engineers
>
> We are getting ready to start testing IPv6 at my job, if you are running
> IPv6 right now please let me how is it working fo you? I would like to know
> the good, the bad and the ugly
>
I'm not an ISP but I have deployed IPv6. I currently onl
While this is a great conversation, and I hope people continue to jump in, I
have something to say in response to the following excerpt:
... and The Ugly:
1) there are no Cisco training classes for IPv6-based services.
Oh, sure, there's an -intro- to IPv6. But nothing in t
Thank you all for the responses on IPv6 i've learned a lot from you guys and
i feel a lot more comfortable
Renelson
On Wed, Apr 29, 2009 at 11:03 AM, Renelson Panosky wrote:
> Hello fellow Engineers
>
> We are getting ready to start testing IPv6 at my job, if you are running
> IPv6 right now ple
Hi Chuck,
Here's an example of a nested policy that we have deployed on 7206VXR
(NPE400):
policy-map cust_4Mbvoip_parent
class class-default
shape average 400
service-policy cust-4Mvoip-out
!
policy-map cust-4Mvoip-out
class cust-rtp
priority percent 28
class cust-skinny
Hi,
you should try Class Based Weighted Fair Queuing (CBWFQ),
This ist what you are looking for.
Regards
thomas
We have several customers coming in on Ethernet. They are connected
to L2 switch and trunked into a 7500 router via VLAN. This has worked
fine so far with the use of rate-limit
Probably better to stumble over to the ipv6-...@lists.cluenet.de archives
http://lists.cluenet.de/pipermail/ipv6-ops
David
--
http://dcp.dcptech.com
> -Original Message-
> From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-
> boun...@puck.nether.net] On Behalf Of Renelson Panosky
"clear running-config"
Kelsay, Mark wrote:
I need to erase an old config and tried the erase config command but it
did not work. Any idea what the command is? I am consoled into the
console port.
TIA,
Mark
** This email is sent for and on behalf of Inspop.com Limited **
Steve,
You have an example of this? I've found on the platforms I work
on most that you can't use any LLQ (priority keyword) on a subint. So
I've put a policy handling the priority stuff on the main int, and then
the other shaping/policing stuff on the subint, but have always
questioned
No IPv6 uRPF in hardware on 6500/7600
No IPv6 uRPF at all in many other cisco platforms.
Dave.
Renelson Panosky wrote:
> Hello fellow Engineers
>
> We are getting ready to start testing IPv6 at my job, if you are running
> IPv6 right now please let me how is it working fo you? I would like to k
Thanks Lars. Do you know by any chance what is this appliance called?
Probably the video module on ASR9K will have it as well.
Thanks,
Marlon
On Tue, Apr 28, 2009 at 11:28 PM, Lars Lystrup Christensen <
l...@dansketelecom.com> wrote:
> Hi Marlon
>
> Yes, Cisco has an appliance for RCC, which is
Have you tried implementing Modular QoS CLI (MQC) using service
policies?
I haven't worked on the 7500 platform but we have successfully applied
QoS for VoIP on subinterfaces on the 7200 series routers.
It should be noted that on sub-interfaces, you need a parent service
policy to shape traffic t
Are you in debug mode?
if not, execute:
#llama
-Mensagem original-
De: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] Em nome de Kelsay, Mark
Enviada em: quarta-feira, 29 de abril de 2009 12:43
Para: cisco-nsp@puck.nether.net
Assunto: [c-nsp] CSS 11501 Ques
> Renelson Panosky writes:
> We are getting ready to start testing IPv6 at my job, if you
> are running IPv6 right now please let me how is it working fo you?
> I would like to know the good, the bad and the ugly.
The good:
I have a heirarchical addressing model that puts all of my
loop
Renelson Panosky wrote:
> Hello fellow Engineers
>
> We are getting ready to start testing IPv6 at my job, if you are running
> IPv6 right now please let me how is it working fo you?
It works just as well as IPv4 does :)
> I would like to know
> the good,
- it's just emerging so learning/imp
I need to erase an old config and tried the erase config command but it
did not work. Any idea what the command is? I am consoled into the
console port.
TIA,
Mark
** This email is sent for and on behalf of Inspop.com Limited **
Authorised and regulated by the Financial Servi
We have several customers coming in on Ethernet. They are connected
to L2 switch and trunked into a 7500 router via VLAN. This has worked
fine so far with the use of rate-limit on the sub-interface. Most
customers have 5~10mbps.
However, we are increasingly needing QoS so VoIP traffic does not
Hello fellow Engineers
We are getting ready to start testing IPv6 at my job, if you are running
IPv6 right now please let me how is it working fo you? I would like to know
the good, the bad and the ugly
Renelson
___
cisco-nsp mailing list cisco-nsp@pu
On Tue, 2009-04-28 at 22:24 +0200, Gert Doering wrote:
> On Tue, Apr 28, 2009 at 04:10:46PM -0400, Seth Fiermonti wrote:
> > If it is so common, please answer.
Ehh... that seems like very questionable logic. To me this says: If the
answer is so common that I'd have to be quite careful NOT to fin
I added the column headers based upon what I thought they were. :-)
What I missed is that they are simply the packet counters for each DScP
or COS value. The 3550 was limited to reporting on 8 DSCP markings at a
time and it didn't occur to me that the 3750 could report on all DSCP
and COS v
41 matches
Mail list logo
