|
H110Hawk posted:(I can hear the cash register ringing in M@'s head.) I thought you were on vacation! If any of you guys have PA-MC-2T3+ that you (or your company) are looking to get rid of, I need to buy many of them, and I will pay you lots of money for them.
|
# ? Mar 28, 2008 00:44 |
|
|
# ? Jun 5, 2024 05:04 |
|
I'm building a house and hope to scrape together enough cash to wire it up with Cisco products, in the meantime I have need for a new wireless access point and I thought I might pick up an Aironet to connect to my Soekris Net 5501. My questions are: 1. I think I need an "autonomous" model, otherwise I'll need a separate wireless LAN controller, is that right? 2. Will I need to learn a lot of IOS to make this thing work, or can I just plug it into my Soekris and go? 3. My number one priority is stability. In terms of actual models, the Aironet 1130 AG seems like the sort of product I should be looking at but I don't have a problem with used gear as long as it's a stable model. Are there any recommended 802.11g models from the Aironet line? 4. Are there any other downsides (besides price and initial configuration complexity) to using Aironet at home versus consumer gear, and if so do you have any alternate recommendations? Any advice would be helpful goons, thanks!
|
# ? Mar 28, 2008 18:29 |
|
Correct, you'll want something autonomous, unless you also want to spend the money on a wireless controller (ie., Cisco 2106), which you would only want to do if you plan on having a bunch of radios. I don't have any experience with running 1130s in heavy (autonomous) mode, so I can't comment on how much IOS you'll need to know. You will need to do some configuration- these aren't exactly plug and play. Also, 1130s get very very hot, so be careful where you stick the thing.
|
# ? Mar 28, 2008 20:09 |
|
http://www.cisco.com/en/US/docs/wireless/access_point/12.3_7_JA/configuration/guide/s37frst.html This should help with getting your initial configuration going. One caveat with the 1100s is the fixed antenna configuration, so just be aware of that.
|
# ? Mar 28, 2008 20:39 |
|
I'm looking to build a kit for the new CCNA exam and I was wondering what hardware I would need and if anyone has taken it.
|
# ? Mar 28, 2008 21:24 |
|
I haven't taken it, but I am working through the material via the Sybex CCNA book instead of any Cisco press books. You can purchase a special set which comes with a net sim. I believe it's pretty much restricted to the labs, but it probably has some use. If you're looking for real equipment, a couple of 2940/2950/2960 switches plus a few lower end routers with two ethernet ports per router and capable of doing EIGRP should be sufficient for most of the material I'm working through. Again, I'm not using the Cisco press books so I'm not sure how that might effect requirements.
|
# ? Mar 28, 2008 22:51 |
|
I'm using the Sybex books by Todd Lamlle also. His company makes a product called router sim and I was wondering if that would be worth it instead of hardware.
|
# ? Mar 29, 2008 02:46 |
|
OK goons, heres a question for you. Recently I've been thinking of all the really long (or annoying) commands that I use often and making somewhat shorter aliases for them, I've included some below. code:
My question is this, is it possible to make some kind of alias like function where I can run multiple commands from a single line?
|
# ? Mar 29, 2008 06:09 |
|
Has anyone used Lantronix SLC console servers? I'm looking for something to replace our Avocents, which I do not like very much.
|
# ? Mar 31, 2008 22:16 |
|
jwh posted:Has anyone used Lantronix SLC console servers? I'm looking for something to replace our Avocents, which I do not like very much. I've never used either, but we really love the Digi CM 48-port console servers.
|
# ? Mar 31, 2008 23:19 |
|
I purchased a handful of equipment recently and with it I got a VConsole ISDN Simulator. Unfortunately it doesn't have the disk that carries the ISDN Manager software with it. Do you goons know of any alternative way to configure or manage it? Or have the software on them? I can't seem to find it on their site, unless I looked in all the wrong places.
|
# ? Apr 1, 2008 03:48 |
|
namol posted:I'm looking to build a kit for the new CCNA exam and I was wondering what hardware I would need and if anyone has taken it. Unless you are planning to go straight on to CCNP or further, you might be better off going with Dynamips/Dynagen instead. It's not a simulator - it actually emulates the hardware and runs real IOS images on your PC (Windows or Linux). You can run multiple routers and connect them up via a virtual network (or bridge them to a real network) and do virtually anything you can do on a real router. The only major thing that it can't do is emulate ISDN interfaces. But if you want to do ISDN with real kit, you will likely need rather expensive ISDN simulator hardware anyway. Obviously you're not going to get the performance of a real router, but it's a million times better than any simulator. I'm pretty sure there's some discussion about it earlier in this thread.
|
# ? Apr 1, 2008 16:22 |
|
Reefer Inc. posted:Obviously you're not going to get the performance of a real router, but it's a million times better than any simulator. I'm pretty sure there's some discussion about it earlier in this thread. As was mentioned earlier in this thread, there is no switch emulation. You can add a switch to your topology, but that's about it.
|
# ? Apr 1, 2008 17:46 |
|
jwh posted:Has anyone used Lantronix SLC console servers? I'm looking for something to replace our Avocents, which I do not like very much. I have a couple of Lantronix SCS400s at remote sites and they're fairly nice and feature packed, but some aspects of the interface make me think they're not all that secure. You can telnet direct-to-port and I don't think there's any real authentication on that feature. Beyond that though you can wire one up to be in/out on any port with or without modems, and even SSH/telnet out from the device. It's really flexible.
|
# ? Apr 1, 2008 18:00 |
|
CrazyLittle posted:I have a couple of Lantronix SCS400s at remote sites and they're fairly nice and feature packed, but some aspects of the interface make me think they're not all that secure. You can telnet direct-to-port and I don't think there's any real authentication on that feature. Beyond that though you can wire one up to be in/out on any port with or without modems, and even SSH/telnet out from the device. It's really flexible. That still sounds a hell of a lot better than what we get with the Avocents, and apparently the Lantronix devices are cheaper. I just read through some of the Lantronix user docs, and I guess you can set them up to authenticate via tacacs / radius, but who knows. I like the fact that they claim to be able to watch console ports and alert based on regex matches seen.
|
# ? Apr 1, 2008 18:29 |
|
Here's my problem: I'm on Comcast. Any time I connect directly to my router I have no issues with speed. When I connect with a Cisco 2610 my speeds are throttled down to 30kb/sec max unless I open multiple threads (like on USENET) to 180kb/sec. Do you guys see anything on my config that could cause this? Here's my config and sh ver:code:
code:
|
# ? Apr 1, 2008 19:24 |
|
Spazz posted:Here's my problem: I'm on Comcast. Any time I connect directly to my router I have no issues with speed. When I connect with a Cisco 2610 my speeds are throttled down to 30kb/sec max unless I open multiple threads (like on USENET) to 180kb/sec. Do you guys see anything on my config that could cause this? Here's my config and sh ver Can you do a 'show int switching'?
|
# ? Apr 1, 2008 21:53 |
|
jwh posted:Can you do a 'show int switching'? code:
|
# ? Apr 1, 2008 22:00 |
|
Spazz posted:
I don't really know, except to suggest you try another (later) 12.3 mainline image, or look at your interface counters and 'show controller' output for anything abnormal. Are the switch(es) your ethernet ports are connected to aware that you've hard-coded to full duplex? If your switches are expecting autonegotation they're failing back to half-duplex while you're coded to full.
|
# ? Apr 1, 2008 22:24 |
|
jwh posted:Well, NAT's in the CEF path, so that's not the problem. Yeah, I was previously getting CDP errors on my Catalyst 3550 I had it hooked into. I changed it to force full duplex on eth1/0. I then went into the FastEth 0/1 and set it to full duplex. Here's show controllers for each interface. code:
code:
|
# ? Apr 1, 2008 22:33 |
|
Spazz posted:Yeah, I was previously getting CDP errors on my Catalyst 3550 I had it hooked into. I changed it to force full duplex on eth1/0. I then went into the FastEth 0/1 and set it to full duplex. What about your outside e0/0 interface? Is that connected to something hard-coded for full-duplex too?
|
# ? Apr 1, 2008 23:21 |
|
jwh posted:What about your outside e0/0 interface? Is that connected to something hard-coded for full-duplex too? Kicked her down to half duplex and that fixed it. Once again, I owe you goons.
|
# ? Apr 1, 2008 23:25 |
|
Oh boy have I got a stumper. PE is Cisco 7206VXR, IOS (C7200-P-M), Version 12.2(25)S CE is Cisco 2821, IOS (C2800NM-SPSERVICESK9-M), Version 12.4(5a) The three VLANs are used for three separate MPLS VPNs, respective subinterfaces are directly connected via /30 point-to-point networks. Right now we have a static route setup going, but the customer needs a backup connection, so I'm setting up BGP peering between PE and CE. Evertything's fine except the BGP session across VLAN 212, because a TCP connection can't be established between the point-to-point addresses. The point-to-point networks for VLANs 210 and 211 are just fine, ICMP goes both ways and BGP sessions are established. There are no access lists, the switch has all three VLANs allowed in its trunk ports, and I can see both ends of the point-to-point networks in both ARP tables for VLAN 212: code:
code:
code:
Here's the interface configuration, as straightforward as it gets: PE code:
code:
|
# ? Apr 3, 2008 11:19 |
|
Irrespective of the failed ping, does the address arp successfully?
|
# ? Apr 3, 2008 15:05 |
|
If you debug icmp on the PE router, do you see echo requests arriving over vlan 212 when you conduct your ping? Also what's CEF say about the 172.16.36.238 adjacency?
|
# ? Apr 3, 2008 16:17 |
|
inignot posted:Irrespective of the failed ping, does the address arp successfully? Yeah, there's constant heavy traffic across the link. jwh posted:If you debug icmp on the PE router, do you see echo requests arriving over vlan 212 when you conduct your ping? Also what's CEF say about the 172.16.36.238 adjacency? Echo replies are logged on PE when pinging it from CE; nothing on CE when pinging it from PE. CEF says code:
|
# ? Apr 4, 2008 06:25 |
|
What are some good books on configuring VRRP and in general networking equipment? I think I've come to the limit of my networking knowledge but at work I'm being tasked as a "network admin" on top of my normal duties, mainly because it's incredibly hard to find anyone worthwhile around here to interview. I'll explain my problem(s) so that you guys can point me to the resources (books, online courses etc.) to solve this. I have the following equipment 2 3845 routers (with 16 port 10/100 etherswitch) 2 ASA 5520s 2 3750G switches I have two ip subnets each with two physical uplinks an active and a backup that are basically just uplinks from different switches on the same vlan 123.123.123.0/24 123.123.124.0/24 Because we're having half of the network behind the firewalls and the other half in front of them they are split into the following subnets 1) 123.123.123.0/25 (dmz) 2) 123.123.123.128/25 (filtered by firewall) 3) 123.123.124.0/25 (dmz) 4) 123.123.124.128/25 (filtered by firewall) Right now I have network 1 working properly, I also have network 2 assigned on the other side of the firewall and I'm using router 1 as a switch with a vlan for the filtered network and that works fine to distribute to my load balancers. I also have another vlan setup for network 3 and I am able to ping that interface. The problem I'm having right now is getting network 4 to route to the firewall and filter through like network 2. I'm using the router as an L2 switch right now but that's what I'm used to so that's what I've been doing but I think how I'm doing it is fundamentally wrong. Eventually I need to get router 1 and 2 working in an active/passive mode, so that if one router goes down the other will take over and vice versa. In addition to that I also have to have the firewall working in much the same way. What books, or resources are there out there for me to find out the best practices and apply this network. Currently it's going through one router, to one firewall, and out another interface to one device and then to the switches.
|
# ? Apr 4, 2008 07:35 |
|
legalcondom posted:Stuff Here's how I envision your physical cabling: Use a L2 vlan to terminate the ISP handoffs into the switches, then out to the router (outside interface). Use a different L2 vlan to terminate the return-cabling (router inside interface) into the switches. You can then run an HSRP (or VRRP) group on the router-inside interfaces since they can both talk on the same L2 vlan and send their heartbeats etc etc. That's just a simple interface-level command of: standby (a_number) ip x.x.x.x standby (a_number) priority (0-255) standby (a_number) preempt Post your interface configs for the firewall network that is working and the firewall network that is not, as well as the ports that connect to the firewall so we don't start running down the wrong path in troubleshooting.
|
# ? Apr 4, 2008 08:37 |
|
Pussy Noise posted:Echo replies are logged on PE when pinging it from CE; nothing on CE when pinging it from PE. Yucky. I'm sorry man, it sounds like you're running into a bug of some sort. Have you tried putting Gig0/1.212 on PE into another VRF, and then putting it back into vpn-3?
|
# ? Apr 4, 2008 15:09 |
|
jwh posted:Yucky. I'm sorry man, it sounds like you're running into a bug of some sort. Yeah, I kind of think so too Thanks tho'! I haven't tried that yet, but I will on Sunday. The circuit is in production so I can't gently caress with it too disruptively during the week.
|
# ? Apr 4, 2008 15:24 |
|
jbusbysack posted:Here's how I envision your physical cabling: The way I currently have it is the ISP terminating into the routers on an l2 vlan, there are 4 physical connections and I'm putting a link from each subnet on each router on its own vlan (2 links per router, "primary" and "secondary"). From there I plug them straight down to my ASAs, and from the ASAs I run a line back to each router which terminate on their own seperate vlans for my "filtered" network. From that seperate vlan for the filtered I then go to my load balancers and to my switches which go to my servers, from my asa I also run a line directly to my switches but that's really only used to provide a gateway that's not the F5 and to manage the servers etc. over the VPN. Here is a visio I threw together a while back explaining how I think it should be connected to provide the highest availability. I'll throw up some configs once I get in to work today. If the ASAs had 6 ports instead of 4 I would have run one more blue one between the opposite switch and one more orange one between the opposite router but we'll have to live with this. edit: this image was made for my boss to show the board, it's more pretty than anything but it does show our physical connections, and each different color is a separate vlan. Also I'm not asking anyone to solve this for me but to show me where I can find good resources to solve this myself, we're having some contractors come out but that's a few weeks out (scheduling etc.) and they want this done way before then. ElCondemn fucked around with this message at 16:41 on Apr 4, 2008 |
# ? Apr 4, 2008 16:38 |
|
Stupid question: Can you throw dissimilar interfaces into one multilink MLPPP bundle? IE - 2x ADSL + 1 ISDN + 1 DSU = fat pipe?
|
# ? Apr 8, 2008 18:47 |
|
I have a couple of questions for you guys: I saw last summer (ca. page 5-10) that people were positive about buying 26xx routers in pairs with T1 WICs for a lab setup. Now, I see reference to EIGRP on everyone's CCNA preparedness lists - is there a simple way to know which (software) versions support which features? I think the 2610s available to me have 48MB DRAM and 16MB Flash, and support software versions 12.3 and below, but I can't be sure, and Cisco's site is not geared toward novice users... If I am interested in pursuing Cisco certs, it seems that routing between Cisco platforms is the usual way to go, but I also have a couple of 1720 routers available, which support the same T1 WICs, as well as some 3Com Router 5009, 5012, and 3033 that also support T1 (if indeed they support any other WAN connection at all.) My next question, then, is whether a Router 5012 (or 3016, or 3033, or 5009) would even be an asset? It could provide a different set of tools, if I'm ever working in a mixed or non-Cisco shop (like now), as well as being a more capable router for my use if I get tired of my m0n0wall setup, though part of my assessment of this as 'more capable' is that Cisco 10/100 WICs are a little more difficult to come by cheaply - for instance, I can find 1720 routers for ~$20 all day on ebay, but the 10/100 WICs go for $100+. Outside of a lab, a T1 WIC doesn't do me much good unless I want a real T1, and the 2610 has only one ethernet port. I guess I just want to know if I should even try to buy this crap? I just sold one of the lot, and it went for its starting price of $24.99. Any help anyone can give would be greatly appreciated, as it's driving how I structure my auctions and what I make direct offers on.
|
# ? Apr 8, 2008 20:07 |
|
Oddhair posted:is there a simple way to know which (software) versions support which features? For EIGRP, here's all the feature sets that support EIGRP on a 2610-2613, IOS 12.3(26): code:
Oddhair posted:I think the 2610s available to me have 48MB DRAM and 16MB Flash, and support software versions 12.3 and below... CrazyLittle fucked around with this message at 21:34 on Apr 8, 2008 |
# ? Apr 8, 2008 20:52 |
|
CrazyLittle posted:Otherwise you might try finding serial WICs and external CSU/DSU boxes (which are largely a waste of space, electricity and time.) You can use those 60-pin back-to-back serial cables and avoid TDM altogether, although you miss out on learning the black arts of DS1 framing and coding. 2600s are fine little routers for learning, although they really don't have enough horse to do anything useful. I have two 2621's and I'd never expect them to push anything near FastEthernet bandwidth.
|
# ? Apr 8, 2008 21:42 |
|
jwh posted:although you miss out on learning the black arts of DS1 framing and coding. jwh - got any ideas on my question: CrazyLittle posted:Stupid question:
|
# ? Apr 8, 2008 21:50 |
|
CrazyLittle posted:Stupid question: Dare I ask..."What are you trying to accomplish with this?".
|
# ? Apr 8, 2008 22:18 |
|
CrazyLittle posted:jwh - got any ideas on my question: I've been running around like crazy this afternoon, and I haven't had a chance to look into it. I don't do any MLPPP, so I don't know off the top of my head. I've heard it's not recommended, but I don't know much more than that.
|
# ? Apr 8, 2008 22:23 |
|
CrazyLittle posted:Stupid question: I wouldn't recommend it, is the equipment on both sides 'trusted'? You could run something like EIGRP between the nodes and do unequal-cost-multipath and let CEF load balance for you.
|
# ? Apr 9, 2008 00:56 |
|
|
# ? Jun 5, 2024 05:04 |
|
Girdle Wax posted:I wouldn't recommend it, is the equipment on both sides 'trusted'? You could run something like EIGRP between the nodes and do unequal-cost-multipath and let CEF load balance for you. With OER and other load balancing options that only load balances for the egress connection and the return path is not really accounted for. That doesn't work for customers of ours who run small employee internet-visible portals or VPN servers. So why do you "not recommend" using MLPPP to form a big pipe out of dissimilar interfaces? We already do a lot of multiple-T1 bonding with MLPPP. It just doesn't make sense to have 4xT1 circuits just so that two people can VPN in while the office gets a 6mb download speed. (oh, and just for fun my office moved, and I setup a bonded ADSL pair connection because we could only get 3mb/768k) CrazyLittle fucked around with this message at 01:51 on Apr 9, 2008 |
# ? Apr 9, 2008 01:45 |