Hello,
my name is Lucien and I try to find a solution for the following issue.
Actually I have Ipsec Site-to-Site and Remote Access VPN´s from Cisco ASA to
ASA and IOS Router to Cisco ASA running
very well with IPv4.
Now I want try this setup with IPv6 to transport IPv4 and / or IPv6 Traffic
The usb console on new cisco routers is simply a rs232-usb convertor built into
the router.
so when you connect the usb cable to your pc, it see's it as a usb to rs232
convertor device. (after installing cisco driver)
I would assume it's the same in this switch, so I would imagine it would be
Dear Sir ,
we are deploying Cisco metro Switch to create VPLS network as below.
PC-Cisco Switch + Cisco switch E1 Link [ service provider]
-Cisco Switch + Cisco Switch -internet
For E1 link , we are using protocol converter that its Ethernet port only
On Monday, August 01, 2011 10:15:30 PM Gert Doering wrote:
Maybe try a somewhat less ancient IOS version? From what
I can read on this list, SR* before SRD* is not
something I'd want to have...
Agree - move to SRE4 first (consider what features you
currently have in SRB4, however) and see
On Sunday, July 31, 2011 02:47:38 PM Gert Doering wrote:
If you order a cross-city ethernet link from a telco,
they usually force duplex/speed settings on their gear
and turn off autonegotiation.
Funny, we tend to do the opposite these days :-).
I can understand closed networks and
we are deploying Cisco metro Switch to create VPLS network as below.
PC-Cisco Switch + Cisco switch E1 Link [ service provider]
-Cisco Switch + Cisco Switch -internet
For E1 link , we are using protocol converter that its Ethernet port only
support MTU 1500.
On Tue, 2 Aug 2011, Reuben Farrelly wrote:
Not to mention it also breaks MDI-X... grrr.
It doesn't really, just on some platforms. Just the same way that there is
absolutely no reason for the device to stop advertising autoneg
capabilities just because 100/full was forced, is there a reason
Hi,
On Tue, Aug 02, 2011 at 09:49:23PM +1000, Reuben Farrelly wrote:
and by definition fixing the speed and duplex on a switch port means you
never see *any* collisions or broken frames on that specific end of the
link anyway.
Actually, you see CRC errors and Runts. So it can be spotted if
You need to monitor 'sh proc mem sorted' over time and see which
allocating process keeps going up.
For reference:
http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_tech_note09186a00800a6f3a.shtml#tshoot2
Then based on that we'll have to determine if it's a bug based on which
From: cisco-nsp-boun...@puck.nether.net [cisco-nsp-boun...@puck.nether.net] On
Behalf Of Mikael Abrahamsson [swm...@swm.pp.se]
Sent: Tuesday, August 02, 2011 9:59 PM
To: Reuben Farrelly
Cc: Gert Doering; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] does
ATT Metro E services are generally hard set and personally, I generally go
this route as well. I find a lot of problems with autonegotiation between
vendors. Company J handles this pretty well on their switching and almost
always negotiations set up correctly and company C generally in my
Hi,
On Tue, Aug 02, 2011 at 10:16:41AM -0400, Scott Granados wrote:
[..]
the far end is negotiated to full. Never had any issues though after hard
setting both sides so it just became a matter of habbit. Maybe its
something I should revisit.
Revisit :-)
Nowadays, more vendors have
On Tuesday, August 02, 2011 11:01:50 PM Gert Doering wrote:
Revisit :-)
Nowadays, more vendors have problems with hard settings
not quite working (because that code doesn't get
tested so well, I'd assume) than in the last century.
Agree. Definitely revisit :-).
We're a multi-vendor house,
So I'm new to IOS based Firewalls.
Can someone kind of check my thinking with them.
IOS based firewalls use ACL's to firewall with. To make it stateful, you
use the IP inspect commands.
Is that that general idea?
Scott
___
cisco-nsp mailing list
We are hitting the snmp limit on a few cisco devices. Show Snmp shows a
large, and increasing, volume of Failed Community requests. Before I go
and find/limit the valid requests, I want to lock down these failed
community requests.
I was unable to obtain anything useful from debug snmp
On Tue, 2011-08-02 at 12:07 -0400, Ryan Pavely wrote:
We are hitting the snmp limit on a few cisco devices. Show Snmp shows
a large, and increasing, volume of Failed Community requests. Before
I go and find/limit the valid requests, I want to lock down these
failed community requests.
I
Check out the new Zone Based Firewall configuration for IOS Fw feature set.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
On Tue, Aug 02, 2011 Scott Granadose wrote:
Nowadays, more vendors have problems with hard settings not quite
working
(because that code doesn't get tested so well, I'd assume) than in the
last century.
The notable exception being the Cisco 7200 (single-port) FastEthernet
modules
(PA and
Funnily enough there is an authenticationFailure trap which contains
the address of misbehaving poller (no varbind with community though).
http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a00800a9405.shtml
On Tue, Aug 2, 2011 at 6:07 PM, Ryan Pavely para...@nac.net wrote:
Hi,
On Tue, Aug 02, 2011 at 11:12:47AM -0500, Dantzig, Brian wrote:
It also eliminates the possability of a negtiation issue. If both sides
are auto, there is a chance it won't work right. If both are full, it
works. You might call this determinalistic provisioning.
And that's the point: it's
Thanks all!
Someone else suggested enabling the snmp authfail traps. Good idea.
If that doesn't pan out then I can try some interface acl's or another
suggestion of a receive acl, however I need to learn more about them.
On a 3560G running 12.2(53)SE, it does seem to log packets with a
Hello,
I'm interested in the 6PE solution to offer IPv6 for customers, for those of
you who have checked this solution in production network please share your
experiences and what are the hardware and software configurations you have??
Kind regards,
Waseem
On Tue, 2011-08-02 at 14:36 -0400, Ryan Pavely wrote:
Looking at my 15min the only ips/vlans that are sending packets are my
two 'expected' hosts. Neither would be sending an invalid community.
We were going to run 'debug snmp packets' for a longer period of time
to get a good snapshot of
I do :)
Well... appreciate you all for the help so far, I'll let you know how things
come around after the update, if I survive it, as per Mark's
read-between-the-line warnings :)
On Tue, Aug 2, 2011 at 7:45 AM, Mark Tinka mti...@globaltransit.net wrote:
On Monday, August 01, 2011 10:15:30
On Wednesday, August 03, 2011 12:12:47 AM Dantzig, Brian
wrote:
It also eliminates the possability of a negtiation
issue. If both sides are auto, there is a chance it
won't work right. If both are full, it works. You might
call this determinalistic provisioning.
Our experience has always
On Wednesday, August 03, 2011 03:55:43 AM waseem thaer
wrote:
Hello,
I'm interested in the 6PE solution to offer IPv6 for
customers, for those of you who have checked this
solution in production network please share your
experiences and what are the hardware and software
configurations
No, the console cable on a 3110G ends in a serial DB9 female connector.
- Original Message -
From: Andrew Jones andrew.jo...@alphawest.com.au
To: Erik Nelson enelso...@yahoo.com; cisco-nsp@puck.nether.net
cisco-nsp@puck.nether.net
Cc:
Sent: Tuesday, August 2, 2011 3:49 AM
Subject:
As I understand, in case ISP-A would like to peer with ISP-B, the
ISP-A usually specifies it's AS-set it will announce to ISP-B? For
example in case XS4ALL(xs4all.nl) would like to set up a peering with
some other ISP, it will announce AS-ACCESSFORALL, which contains all
XS4ALL ASN's. ISP-B should
28 matches
Mail list logo
