I'd always thought there was a specific way of inserting the flash chip
regardless of where it's 'facing'.
Odd thing is I tried loading the IOS (v11.2) on two separate flash chips.
Tried it on two different routers (2511 and 2523), had the same errors.
Loaded a 12.0 and the errors just
I attempted to upgrade a Cat6K on Sunday with little success, shame as the
5Ks worked a treat. If I show the steps below if anyone can point out where
I went wrong.
Here's the IOS version I started with: IOS (tm) c6sup2_rp Software
(c6sup2_rp-IS-M), Version 12.1(3a)E4
I wanted the load this
Hi group,
I am trying to get info from the Groupstudy mail list archive as I remember
this was posted several times before. It seems that the archive is having
problem, gives me error message 'Glimpse Index Not found'. Can anyone offer
some insight ?
I have two 1720, each in a different subnet.
Dear Group
I want to know about implementing Mac based Vlan in Cisco. Can anybody help
me.
Many thanks in advance.
Hitesh
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47284t=47284
--
FAQ, list archives, and subscription
The VPN Client is an IPSec tunnel. If your using it, and the concentrator is
set to hand them out, it should work. We use the 3030 and the VPN Client
(3.5) and it works wonderfully.
Its really hard to go wrong with this. Under group/general properties, make
sure that the Primary and secondary
Hello,
I have scheduled the MPLS exam for July 1'st.
Can someone tell me the passing score of this exam.Also any
suggestion/comments regarding this exam will be highly helpful.
TIA for your help.
Kind Regards /Thangavel
186K
Reading,Brkshire
Direct No -0118 9064259
Mobile No
I've just found a wireless LAN set up by someone in the building, I found it
by chance when I was checking something with a colleague from another dept.
The WLAN has zero security which is not a surprise and lets the user into
the main LAN in the site with a DHCP address served up too! Does
WEP for starters, then you can set the acccess point to only accept
connections from specific MAC addresses. You can implement LEAP on the
cisco AP, radius/tacacs+ requiring user/pass. Then you could place the AP
outside the LAN/Firewall and require VPN to access the LAN resources.
Cisco has
Howard C. Berkowitz wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
At 9:21 PM -0400 6/23/02, Kevin Cullimore wrote:
It's a problem when:
people assume that symmetry exists when HSRP similar L3 failover
technologies are implemented.
It's a problem getting in the way of:
Try to change:
line con0
line authentication no_tacacs
To:
line con0
login authentication no_tacacs
-Original Message-
From: GEORGE [mailto:[EMAIL PROTECTED]]
Sent: Friday, June 21, 2002 11:52 AM
To: [EMAIL PROTECTED]
Subject: FW: authentication and router [7:46932]
I wouldn't like
It's only a matter of time. It's bad enough they can buy their own servers
and switches down at CompUSA and set up situations that can bring your
network down while spanning tree runs..
1) does your employer have a written security policy in place? Will your
management enforce such a policy if
What about restricting DHCP based on MAC Address.
Problem is a lot more administration.
--- Patrick Donlon wrote:
I've just found a wireless LAN set up by someone in
the building, I found it
by chance when I was checking something with a
colleague from another dept.
The WLAN has zero
Thanks Chris, I was thinking more about securing the switch ports by
authenticating mac's (probably a bit OTT) or using SNMP to check for new
devices, any other ideas? I've already set up a wireless LAN here with WEP
with authentication on an ACS server, which is a waste of time when you have
Don't know if you know about this or not, but NetStumbler is a good freeware
(begware) app for finding those rogue wireless apps that you might not know
about. Check them out at:
http://www.netstumbler.org/
What about restricting DHCP based on MAC Address.
Problem is a lot more
arca technologies are offering special discount pricing on their ISDN
simulators for Cisco Students and Trainers.
The emutel|Solo has 2 ports which offer either S/T or U interfaces (software
switchable) and a choice of Euro-ISDN, North American or NTT support.
Please see www.isdnsimulator.com
When we find access points like that, we disable the switch port they
connect to.
We are using Network Stumbler to find rogue access points. Works well
and it's free.
Ken
Patrick Donlon 06/24/02 08:48AM
I've just found a wireless LAN set up by someone in the building, I
found it
by chance
I've been happy with my $1095 unit from www.CheapISDN.com
-Original Message-
From: Gillian Wylie [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 24, 2002 9:51 AM
To: [EMAIL PROTECTED]
Subject: ISDN Simulator offer [7:47295]
arca technologies are offering special discount pricing on
Did anyone receive the score ?
I would like to know
Nigel Taylor wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Folks,
I'm trying to understand how cisco went about grading this exam.
Much like everyone else
I too was told by Prometric when I called in that I had
I'm at the Networkers CCIE power session as I type, and I heard July.
Steve
Frank Merrill wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
My guess is no later than the middle of August based on previous Cisco
Beta-to-production life cycles. However, anything is possible.
The
I think the picture got messed up. But, let's say R1 and R2 are running
HSRP on the Local LAN. It doesn't matter which one becomes primary. If the
clients send to one router, but the other router has a better route, than
the router will send the packet back out the Local LAN to the other
Hy
I have a ISDN Dial up and dont want have any Routing Protocol over it. What
is the right access-list, and which features should you Block over the
ISDN link.
access-list 101 permit icmp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
( or any any )
access-list 101 deny Tcp 0.0.0.0
At 11:54 AM 6/24/02, chris wrote:
WEP for starters, then you can set the acccess point to only accept
connections from specific MAC addresses.
I don't think he was asking how to secure a wireless network. He was asking
how to control non-IS user types from installing new equipment on the
Sorry misread the question, best option is to disable unused swithcports and
resric them to mac, like you were mentioning.
Chris
Patrick Donlon wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Thanks Chris, I was thinking more about securing the switch ports by
authenticating
Ah the old eighth layer. Policy policy policy = termination termination
termination. Usually the first one to go gets the point across to the other
folks. ;
-Original Message-
From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 24, 2002 1:27 PM
To: [EMAIL
I'm doing exactly that. I have two 5509s spanning into a smaller
switch, and the smaller switch spanning into my sensor. But we're
moving in a few months, and after the move, I'll be trunking the 5509s,
so I won't need to do that anymore.
Bob German
CCNA, MCSE, CNE
Sr Sys Eng - Irides, LLC
Since I can't get my cheap company to send me to classes, I have to do
self-study go get my Cisco Security Specialist Certification. Does anyone
have any suggestion which books would help for each of the exams?
Thank you in advance,
Joy
Message Posted at:
Can anyone recommend which books to prepare for the three tests to complete
the certification?
jp
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47309t=47309
--
FAQ, list archives, and subscription info:
Trust me, u dont need classes. Just study 4 books from Cisco Press and ull
do it fine. I passed 3 exams in 15 days and only one to go. If u appear for
MCNS, 95% CSVPN is covered and 75% Pix is covered. For IDS i am myself
studying.
Shahid
[EMAIL PROTECTED] wrote: Since I can't get my cheap
Trust me, u dont need classes. Just study 4 books from Cisco Press and ull
do it fine. I passed 3 exams in 15 days and only one to go. If u appear for
MCNS, 95% CSVPN is covered and 75% Pix is covered. For IDS i am myself
studying.
Shahid
[EMAIL PROTECTED] wrote: Since I can't get my cheap
Trust me, u dont need classes. Just study 4 books from Cisco Press and ull
do it fine. I passed 3 exams in 15 days and only one to go. If u appear for
MCNS, 95% CSVPN is covered and 75% Pix is covered. For IDS i am myself
studying.
Shahid
[EMAIL PROTECTED] wrote: Since I can't get my cheap
Obviously the corresponding books for each of the classes/exams from cisco
press.
Managing Cisco Network Security
Cisco Secure Pix Firewalls
Cisco Secure Virtual Private Networks
Cisco Secure Intrusion Detection System
Some other publishers have books that cover these subjects too, but I have
Don't forget eBay, as well. I just picked up a Teltone ILS-1000 for a decent
price. Also, I've seen some auctions for the units from Cheap ISDN and
Emutel at decent prices.
Shawn K.
-Original Message-
From: Andy Barkl [SMTP:[EMAIL PROTECTED]]
Sent: Monday, June 24, 2002 1:30 PM
To:
1. Managing Cisco Network Security -- Cisco Press
2. Boson Test.
It should be enough to pass the MCNS, VPN, PIX, but regarding the IDS
you'd better to have some hands-on experience on that, otherwise, you
have to remember lots of operation menus, commands, etc. good luck
Best Regards.
Leo
Does it have English Version?
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
LEOSHEN
Sent: Monday, June 24, 2002 12:43 AM
To: [EMAIL PROTECTED]
Subject: about ciscofan [7:47279]
the present url of ciscofan is ciscofan.yeah.net
welcome to visit it!
I received my score in the mail today.. I PASSED!!! I have *no* idea
how I slid by, but I got a 50 on it. (passing score was 45)
The beta was very difficult, so much so that I forked up the $300 and took
the current written a week or so later (and passed)... So I could look at
this as
Hi,
They will send a congratulatory letter, a certificate
and nothing moreno ID card.
Enjoy
--- Dwayne Saunders wrote:
Hi all
Was Just wondering after completing your Cisco
Qualified specialist
exam what does Cisco send out if anything
[EMAIL PROTECTED]
I don't know which IGP protocols you run on your network (if any)... so this
is just a wild guess.
If you were running RIP it could trigger the link ...
(I would add: access-list 101 deny udp any any eq 520)
If you were running OSPF
(I would add: access-list 101 deny ospf any any)
I user brought in the w32.klez.h.mm virus our virus software was able to
stop it from spreading but our router 3640 router stop responding and had to
be restarted.
Can this virus attack shares on networks connected to the router? can klez
spread across the router using other then smtp?
we
Suppose someone registers with prometric to take the exam 350-001
in August,and this exam retires in July.
What happens then, he/she still takes the 350-001 version
or the newest version of it (351-001).
Thanks
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47324t=47184
Steve :
Suppose someone registers with prometric to take the exam 350-001
in August,and this exam retires in July.
What happens then, he/she still takes the 350-001 version
or the newest version of it (351-001).
Thanks
Reply To This Message Newer
About 10-15 minutes would be about right. Speed is important, but more than
anything else, the knowledge and reason why are you are doing it.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47326t=47320
--
FAQ, list archives, and
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47327t=47327
--
FAQ, list archives, and
Yes, some forms of the Klez infects network shares.
Dan
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Gary Crouch
Sent: Monday, June 24, 2002 4:50 PM
To: [EMAIL PROTECTED]
Subject: klez crashed our router [7:47323]
I user brought in the
Recently I had the pleasure of taking one of the courses CSVPN via a
training partner. Most of the course material is echo'd on the cisco site.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/secur_c/scprt4/index.htm
If you step down a layer from that directory you will
Shares? On Routers? Tell me more..
Mike W.
Dan Penn wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Yes, some forms of the Klez infects network shares.
Dan
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Gary Crouch
Sent:
He/She will take the newer version doesn't matter when you register. It
matters when you take it.
HTH,
Mike W.
Shaheen Gagan wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Suppose someone registers with prometric to take the exam 350-001
in August,and this exam retires in
Hey Team,
I am trying to pass data through a WIC-1DSU-T1 to test it. In order to do
this, I need to put a couple of modular routers back-to-back. I can handle
the configuration if I can just get the right cable. I have cable and a
crimper. Does anybody have any idea what pinout I would need
CISCO'S ANSWER:
---
peer-on-demand defaults does not change what we learn from the peer during
CapEx. We have learned the default cost
value from the remote, which is 3 - and that is what we show in 'sh dls
cap'. However, the value configured on peer-on-
demand defaults (5)
Alex,
I am sure you can improve your time as you go along.
But, I have another advice on ISDN for you.
Do NOT get in to the habit of configuring your Chap to use your router's
name as the username. Whatever you configure (CHAP, Callback, Callin
one-way authentication..), make sure Chap's
The statement
access-list 100 permit ip 192.108.0.0 0.0.0.0 255.255.0.0 0.0.0.0
could also be re-written as:
access-list 100 permit ip host 192.108.0.0 host 255.255.0.0
which means that only the aggregate /16 will be accepted.
The second statement:
access-list 100 deny ip 192.108.0.0
I am having some trouble understanding NLRI as opposed to
straight network routing updates.
Anyone got a pointer to information that might clear up NLRI
some?
Thanks
--
--Rick
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47337t=47337
Dude, you mis read. it's shares on attached networks, not on the
routers :)
B
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Michael L. Williams
Sent: Monday, June 24, 2002 8:41 PM
To: [EMAIL PROTECTED]
Subject: Re: klez crashed our router
Kevin,
Check out http://www2.adtran.com/support/technotes/t1ddsadptxvr/
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Kevin Love
Sent: Monday, June 24, 2002 8:50 PM
To: [EMAIL PROTECTED]
Subject: T1 Cat5 Crossover Pinout (WIC-1DSU-T1) [7:47332]
Hey
Yeah... you can make one pretty easily.
http://www.cisco.com/univercd/cc/td/doc/product/dsl_prod/6015/6015hig/05inap
pc.htm
http://www2.adtran.com/support/technotes/t1ddsadptxvr/
HTH,
Mike W.
Kevin Love wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hey Team,
I am
Assuming you are using catOS, here is a start
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_6_3/config/v
mps.htm
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Hitesh Pathak R
Sent: Monday, June 24, 2002 6:42 AM
To: [EMAIL PROTECTED]
- Original Message -
From: Priscilla Oppenheimer
To:
Sent: 24 June 2002 2:26 pm
Subject: Re: Rogue Wireless LANs [7:47287]
At 11:54 AM 6/24/02, chris wrote:
WEP for starters, then you can set the acccess point to only accept
connections from specific MAC addresses.
I don't think
Yes. being very aware of Klez and what it does/can do, I was taking his
statement that the 3640 needed to be restarted as an implication that
perhaps the router got the virus. That's why I was asking for a
clarification. =)
Mike W.
Brian Backer wrote in message
[EMAIL
Now that would be a tricky virus...but I guess if someone wanted to do
it, it would be possible to write up a little worm that instead of
trying to find unpatched IIS servers looks for routers with the RW
community of private then erases their config. However I don't think
you are going to find
LOL. I posted the exact same link. gotta love Google =)
Mike W.
Brian Backer wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Kevin,
Check out http://www2.adtran.com/support/technotes/t1ddsadptxvr/
Message Posted at:
Someone sent me the following:
Here are the prices that I found (approx. prices):
4 port T1 ATM interfaces NEW=$3000 Refurb (no returns etc.)=$2100
8 port T1 ATM interfaces NEW=$5250 Refurb (no returns etc.)=$4100
Is there not a less expensive card with a single ATM interface for a 3640?
True, true however, a buddy of mine in security has said (from his
experiences wearing the black hat) that you wouldn't believe how many
routers are setup with 'cisco/cisco' as the telnet and enable password.
=)
Mike W.
Dan Penn wrote in message
[EMAIL PROTECTED]">news:[EMAIL
Hunt,
Simply put, a distribute list simply has an ACL associated with it (in
your example it's an extended ACL).
Traffic inbound from the peered router (120.23.4.1) has extended ACL
applied to it.
You are probably familiar of defining ACL's and applying it on an
interface. In this example
Thanks for the info. Is it possible that normal Vlan dynamic Vlan can
co-exist ?
-Original Message-
From: Andy Hoang [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 25, 2002 7:16 AM
To: [EMAIL PROTECTED]
Subject: RE: Need suggestion on MAC based VLAN [7:47284]
Assuming you are using
Tis very true...
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Michael L. Williams
Sent: Monday, June 24, 2002 9:25 PM
To: [EMAIL PROTECTED]
Subject: Re: klez crashed our router [7:47323]
True, true however, a buddy of mine in security has said
Halo CIscoer, help me on this ISDN debug:
12:24:38: CALL_PROC pd = 8 callref = 0xF5
12:24:163208757248: ISDN BR1/4: TX - RRr sapi = 0 tei = 64 nr = 2
12:24:45: ISDN BR1/4: RX RRr sapi = 0 tei = 64 nr = 3
12:24:193273528320: BRI1/4: wait for isdn carrier timeout, call id=0x817F
Hey all,
I've been having problems setting up my access server (2511) to accept
incoming PPP sessions via an external modem, and I finally figured out
it is a cabling problem.
Therefore, I need the model and availability of a cable that connects my
Hayes Accura modem (female DB-9) to a
The following mail can't be sent to [EMAIL PROTECTED]:
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Alto Bound
The attachment is the original mail
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47355t=47355
--
FAQ,
the cards in question are the ATM T1 IMA cards, which list for 4,000 for the
4 port and 7,000 for the 8 port. You do the math.
No there is no 1 port ATM T1 for the 36xx box.
OTOH, there is a 1 port ATM T1 card for the 2650 router - I don't have my
pricing tools handy, so I can't get you a part
Let me take a swing at this..
Looking at the debug I would assume, that ISDN Service provider is not
'there' by looking at this line.
12:24:193273528320: BRI1/4: wait for isdn carrier timeout, call id=0x817F
Can I assume that the D Channel is up looking looking at the TEI number
which is
To remove yourself simply type your e-mail address in the List Manager
found on www.groupstudy.com and click unsubscribe all lists (which is
the default value).
Or you can follow the directions under the list link
(http://www.groupstudy.com/list/cisco.html), or follow the directions
from the
Hi guys
I have a problem that I'm sure you guys may have encountered before.
Even after installing the recommended software, I still get gibberish
when I click on any link on the documentation CD home page. I am
currently using the November 2001 CD and have tried with various other
editions of
Just got a new 3550-EMI 24port.
Check the sh ip portion. Yep, it's an IP router!
Looks like this little bad boy could actually throw a rather large monkey
wrech into the works.
-Eric
##
3550-EMI#?
Exec commands:
72 matches
Mail list logo