• << Первая
• « Предыдущая
• 1
• 2
• 3
• 4
• 5
• Следующая »
• Последняя >>

http://www.cisco.com/warp/public/474/index.shtml

99.3>Q: Сертифицировано ли в Минсвязи оборудование Cisco ?

>A: (Serge Turchin)

Да, номера сертификатов ОС/1-СПД-59 - ОС/1-СПД-91

http://www.amt.ru/products/cisco/certificates/index_tmp.phtml

>A: (Denis Golovenko )

ОС/1-СПД-70 -- для моделей 2505/07/09/11/18

>A: (Vladislav Nebolsine)

ЦИИИС было сертифицировано следующее оборудование:
Маршрутизаторы Cisco
761, 765, 771, 775
1001, 1003, 1005, 1601, 1603
2501, 2503, 2505, 2507, 2509, 2511, 2512, 2514, 2518, 2520, 2522
26xx
3620, 3640
4000, 4000M, 4500, 4500M, 4700, 4700M
7204, 7206, 7505, 7507, 7513
AS5200, AS5300
MC3810
Cache Engine LDIR-410, LDIR-420
LAN коммутаторы
Catalyst 1400, 1900, 2820, 29xx
3000, 3100, 3200
5000, 5002, 5500, 5505
WAN коммутаторы
LightStream 1010
IGX8, IGX16, IGX32, IGX8410, IGX8420, IGX8430
BPX8600
MGX8220

Сетевые экраны Cisco PIX Firewall
(3 класс защищенности по системе сертификации средств защиты
информации по требованиям безопасности информации)

P.S. (DY)

Список соответствия оборудования и сертификатов
http://www.comptek.ru/cisco/teach/certif.html

[05.01.2001] >A: Ilia Zubkov - про сертификацию Catalyst
На эту тему -- вот у меня на столе лежит копия письма зам. министра МинСвязи
Волокитина (б/н, от 02.11.2000) в московский офис киски о том, что, мол,
"На Ваш запрос о необходимости сертификации коммутаторов"
типа Catalyst 1900,2900XL,3500XL,4000,6000,8500CSR "Минсвязи сообщает, что
указанное оборудование не подлежит сертификации в системе "Электросвязь",
и его применение не запрещает коммерческую эксплуатацию сети
при установке на узлах связи для соединения оборудования во взаимоувязанной
сети по протоколам Ethernet, FastEthernet, GigabitEthernet".

По моему разумению, желающим в МинСвязи не должны отказывать в выдаче
копии этого письма.

P.S. (DY) поскольку это письмо б/н (без исходящего номера) то
статус этого письма до конца не ясен.

[13.06.2000] 99.4>Q: Как по названию файла опpеделить веpсию иоса,
IP-only он, IP/IPX или enterprise?

>A: (Serge Turchin)

*-i-* - IP
*-is-* - IP Plus
*-d-* - Desktop
*-ds-* - Desktop Plus
*-j-* - Enterprise.

и т.д. В 11.2 нет IP/IPX, а только Desktop, на него цена снижена
в сравнении с 11.1. Суффикс - a - appn. Вообще, где-то есть на
сервере расшифровка.
У 1000-ных ядер система другая. n-Novell, b - Apple Talk, y - IP,
q - асинхронный вариант.
> И еще - на сайте для веpсий были файлы pазмеpом в 2-4pаза меньше иосов и
> с
> загадочным словом boot в названии - это bootstrap only? :-)
У 7500, 4500-4700 нет прошитых намертво бутовых систем. Hо есть
специальный т.н. bootflash в котором записана укороченная версия
системы.

>A: (Dmitriy Yermakov)

Кажется все описано тут - http://www.cisco.com/warp/public/620/1.html

99.5>Q: Есть ли поддержка R2 для 3600 ?

>A: Vladislav Nebolsine

***Hot News*** Announcing R2 support for the 3600 Digital Modems!!

Hot News!!!
===========
Announcing R2 support for the 3600 family of Digital Modems
=================================================

The 3600 team is pleased to announce R2 support for integrated Digital Modems on the popular Cisco 3600 series platform. This feature is available with the introduction of IOS 12.0(1)T
This new feature supports the use of R2 signalling with the 3600 internal digital modems, enabling high-speed (up to 56kbps) remote access for branch offices and small/mid size ISP's who utilize this specific line-signalling protocol.
This announcement extends the range of connectivity options available for
the 3600 Digital Modems, now supporting:
PRI CAS(CT1) R2 (CE1))

By supporting this flexible range of signalling protocols , the 3600
digital modem solutions can now be deployed on a world-wide basis!

A Country list and Mini Q&A follow.

Countries configurable with R2 on the 3600: (this is a subset of the
supported 5300 R2 countries)
=================================
Argentina Australia Brazil * China *
Columbia Costa Rica
Eastern Europe mode supports:
Croatia Russia * Ecuador (ITU and LME)
Greece Guatemala Hong Kong (China & ITU Variants)
India Indonesia Israel *

ITU mode supports:
Denmark Finland Germany
Russia (ITU variant) *
Hong Kong (ITU variant)
South Africa (ITU variant)
Korea * Malaysia * Mexico (Telmex and Telnor) *
New Zealand * Paraguay Peru
Philippines Saudi Arabia

Note: All countries listed have been tested in house. Countries marked
with a * have also been successfully tested in-country.

Mini Q&A
=========

Q. What is R2 ?
A. R2 is a signaling system (Q.422) used by a number of countries
worldwide. This signaling system runs over an E1 Carrier (2.048Mb/s),
containing 32 64Kb/s timeslots, of which, 30 timeslots can be used
for digital modem calls.

Q. Does this feature require new hardware in the 3600?
A. No

Q. What network modules support this feature?
A. All the current 1/2 PRI NMs, including the new 1FE 1/2 PRI NM.

Q.Is the Cisco Dial-out Utility supported through an R2 connection?
A. Yes. Version 2 of the Cisco Dial-out Utility (available early
November) together with MICA Portware 2.5.1.0 support Dial/Fax out
through the R2 interface

Q. Is this R2 feature supported the Cisco 2600, 3620, and 3640?
A. The ability for Modem calls to be terminated through an R2 interface
is available for all platforms that support Cisco digital modems. This
currently limits R2 support to the 3640/3620

Q. Do I need a new version of the digital modem microcode to support R2?
A. No. All shipping versions of Portware are supported. For information
on Portware and instructions on downloading the latest version, please
visit: http://www.cisco.com/public/sw-center/sw-access.shtml.

Q. What IOS is required to utilize this feature?
A. IOS 12.0(1)T and above

Q. Can I support ISDN PRI R2, and CAS in the same chassis?
A. Yes, on a per network module basis. Each individual PRI NM can be
configured as R2,CAS or ISDN PRI.

Q. What countries will this R2 feature be available in?
A. At FCS, a subset of the 5300 supported R2 countries will be supported.
All Countries in the list above have been successfully tested internally.

Q. Will the new mixed media FE/PRI support R2?
A. Yes.

Q. Can two PRI/R2 links share one DM NM?
A. Yes. The pool of modems is available to all R2/PRI interfaces.

99.6>Q: Когда же наконец будет релиз V.90 для MICA ?

>A: (Oleg Zharoff)

Вышел наконец долгожданный релиз V.90 для MICA модемов, версия 2.5.1.0.
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_serv/5300/
mod_info/53fw_pw/53micaa/rn250x.htm

99.7>Q: А вот почему я не могу через console зайти на мою ciscу? И настройки
крутил, и порты на машинках живые, а что не так - не пойму.

>A: Pavel Stepchenko McFlySr@irc

Проверьте марку вашей motherboard. Если это Atrend, проверьте,
"родные" ли "косички"? Дело в том, что поганые(кто мне возместит душевное
равновесие?! ;) ) китайцы решили, что они умнее всех, и заюзали "косички"
с шахматной распайкой(как и на AT486); на остальных же MB - прямая
распайка.
Если не ATREND - все равно проверьте порты на целостность, так как cu по
умолчанию имеет Xon/Xoff и вообще :)
Убеждаемся, что на cuaa0(1) не висит (m)getty, пускаем cu -l
/dev/cuaa0(1), и наслаждаемся жизнью :)
Thanks for support: CGHost, Fifo, Jimson, Lee7, Mdh, ReedCat, vul.

99.8>Q: Тут проблема - кто знает как выставить номер сети у Hовелльного
клиента ? Hачал бить сетку на VLANы - и возникли проблемы. MS работает
нормально, а Hовельный клиент не хочет.

>A: (Serge Turchin)

Прописать spantree portfast на портах Каталиста.

[13.06.2000] 99.8.1>Q: Как заставить порты на 2924XL быстрее инициализироваться ?

>A: os@alkar.net

http://www.cisco.com/warp/public/473/12.html

99.9>Q: Кто-нибудь знает, как быть с утерянным паролем на 1020?

>A: (Gleb Pijov)

Question: How do you recover lost passwords on a Cisco 1020?
Answer:

As the Cisco 1020 is rarely physically secured, password recovery is
done by calling Cisco and providing a system generated CHALLENGE. Using
the override program, the support engineer can provide a one-time
password to use to get into enable mode. Then, follow these steps:

1.Customer: Put up dip switch 1 and apply power. You should see
"Console Username:".

2.Customer : Login with Username "enable" and Password "override". It
will print a CHALLENGE.

3.Cisco runs the override program and prints a RESPONSE.

4.Customer: On the 1020, log in as "enable" and give the RESPONSE as
the password. That will get you the # prompt, then you can do a wr t to
see the current enable password. Or, you can do a config t and reset the
enable password.

99.10>Q: Проблемы с MTU на interface tunnel.

>A: "Philipp V. Patrushoff"

BugID: CSCdm54169

>>> [13.09.2000] Vladislav Nebolsine, NB !!!
>>> баг исправлен в 11.3(11) и 12.0(6)

You cannot change the MTU size of a tunnel interface using software after Cisco IOS Release
+11.3(9.2).

Workarounds:

Use images between Release 11.3(5.1)T and Release 11.3(9.3) or Release 12.0(0.16) and
Release 12.0(4.2). Configure ip mtu on the tunnel interface before you configure tunnel
destination. If tunnel destination is already configured, then unconfigure the destination,
configure ip mtu, and then reconfigure the destination. You need to wait five seconds
after removing the tunnel destination before issuing the ip mtu command. Once the workaround
is issued, there should be no problems in the event of a router reboot as the ip mtu command
is parsed before the tunnel destination.

[27.12.2000] 99.11>Q:Есть несколько Кисок сеpии 25xx. Hyжно одновpеменно на всех в опpеделенный
момент менять X25 routing, пpичем желательно одним скpиптом из-под FreeBSD. Как ?

>A: A: (Alex Bakhtin), (John Gladkih), (Vladislav Staroselsky)

=== newconfig ===
interface serial
shutdown
exit
no x25 route ...
x25 route ...
interface serial
no shutdown
end
=== newconfig ===

=== Cisco config ===
ip rcmd rcp-enable
ip rcmd remote-host enable
ip rcmd remote-username
rlogin trusted-remoteuser-source local
rlogin trusted-localuser-source local
=== Cisco config ===

=== change_routing.sh ===
#!/bin/sh
su -c "rcp newconfig @:running-config"
=== change_routing.sh ===

В newconfig вставляем нyжные изменения текyщего pоyтинга (чеpез no route и
route). Пpописываем на FreeBSD юзеpа. В нyжный момент запyскаем
change_routing.sh

===========================================================

PPP per-user timeouts explained
http://www.employees.org/~dpeng/per_user_timeout.htm
Кстати говоря, начиная с 11.3(8)T (или AA :-) timeouts уже и в PPP/PAP
работают.Без извратов в vprofiles etc.

Dmitriy Yermakov - где-то начиная с 11.3(5)T появилось
ppp authorization per interface
теперь можно отключать авторизацию на leased line с enc ppp

Serge Turchin - В 12.03T появился X.25 over FR...
Vladislav Nebolsine - Hу, а подробнее об этой опции можно прочитать здесь
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120t/120t3/x25anxg.htm

Dmitriy Yermakov - требования к объему памяти
http://infoblast.comptek.ru/cpqrg/cpqrg2.htm#xtocid2097032

Cisco-on-line Conference on Comptek
http://online.comptek.ru/cisco/index.html

Martin McFlySr
Cisco Year 2000 Product Compliance URL
http://www.cisco.com/warp/public/cc/cisco/mkt/gen/2000/prodlit/cptbl_ov.htm

Dmitriy Yermakov - Проблемы с Zelax M115 на связке cisco-unix,
решение от Игоря Николаева - http://knot.pu.ru/faq/pppd.html

Распайки различных кабелей, конфиги для модемов - http://www.links.ru

[13.06.2000] Cisco IOS Software RoadMap - http://www.cisco.com/warp/public/620/roadmap.shtml

[13.06.2000] Vasily Ivanov - Ограничение скорости коннекта для MICA модемов -
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_serv/5300/mod_info/at/atcmnds.htm

[04.07.2000] Vladislav Nebolsine - Если кому интересно - в 12.1(2)XH появилась
- поддержка E1 R2 для 2600/3600/7200,
- Caller ID для 3810/2600/3600,
- ISDN PRI Q.931 User-Side/Network-Side для голосовых модулей 2600/3600
(до этого был только Q.SIG)
- и кое-что другое.

Подробности:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121limit/121x/121xh/121xh_2/index.htm

[04.07.2000] Полтергейст в NM-*AM (Проблемы с NM-8AM (NM-16AM))
Симптомы:
1. Модемы не берут трубу при входящем звонке.
2. Модемы показывают наличие входящего звонка просто при подключении к
тел.линии.
3. При звонке обратным телнетом на обычный телефон - вместо
handshack-сигнала - рев 50 гц.

Заземлите циску.

[27.12.2000] Yuri Vorobyev - Cisco ground
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_mod/cis3600/3600_ cn/nebslugs.htm

[02.08.2000] Gosha Zafievsky NM-8AM, NM-16AM _не_ поддерживают режим leased line.

P.S. (DY) Желающие могут поэкспериментировать с ATA и большИм временем
ожидания CARRIER. За результат не ручаюсь.

[12.09.2000] john gladkih - LL на MCOM модемах (NM-8/16AM)
кого интересовали LL на MCOM модемах? оно работает.
мы заводили 18 вольт на короткой линии.
через DDR+RIP

[05.09.2000] Victor L. Belov - Туннель с win98 на cisco router

вариантов 2 =-)

1. pptp поддерживается только в специальном IOS
(12.0.7XE что ли... не помню точно) на 7xxx маршрутизаторах.
С другой стороны pptpd на FreeBSD и Linux работает нормально.

2. на мелких маршрутизаторах поддерживается l2tp туннели,
но тогда на 95/98/NT придется ставить доп. клиент - например
WinVPN от http://www.routerware.com
В Windows 2000 есть встроенная поддержка l2tp. Я даже завел
между ним и Cisco IPSec - получается совсем хорошо.

[22.10.2000] (DY) псевдовыделенка на чем угодно, как поднимать канал.
Как настраивать DDR - читать доки.
А чтобы киска сама поднимала канал не зависимо от активности в сети,
наверное, имеет смысл настроить ntp на киске :)

[24.10.2000] Basil Dolmatov - 17xx не поддерживает ISL, hardware
limitation. И не будет поддерживать.

[09.12.2000] Valery Filippov - 4500 не тянет 4Mbit на DCE.

[27.12.2000] Eugeny Krasilnikov - undocumented Cisco IOS commands
http://boerland.com/dotu

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t1/sshv1.htm#10313

* Cisco-networking-FAQ *

Subject: comp.dcom.sys.cisco Frequently Asked Questions (FAQ)
Date: 12 Sep 1997
From: jhawk@panix.com (John Hawkinson)
Organization: PANIX Public Access Internet and Unix, NYC
Newsgroups:
comp.dcom.sys.cisco, comp.protocols.tcp-ip, comp.dcom.servers, comp.answers, news.answers

Archive-name: cisco-networking-faq
Last-modified: $Date: 1996/04/28 05:55:19 $
Version: $Revision: 1.10 $

This FAQ is edited by John Hawkinson, .

Administrivia:

Please contribute answers to the questions in the Todo section! If
your answer is somewhat complicated, posting would probably be best
(to comp.dcom.sys.cisco). Otherwise, e-mail it to cisco-faq@panix.com.
Please note that a LOT of these questions have been hanging around for
some time, and if knowledgable people could take the time to answer a
few of them, that'd help.

This draft FAQ is in RFC1153 digest format, so you can follow each
question with your newsreader. I suppose that question-numbers should
be moved to the From: field. Note that Date: fields represent
last-modification times for the questions.

Since this FAQ was first developed, cisco has written up a lot of
useful information on their web site, http://www.cisco.com. If you
can't find what you're looking for here, please check there, too.

Table of Contents

=================

1. How can I contact cisco?
2. What is this newsgroup?
3. What does ``cisco'' stand for?
4. How do I save the configuration of a cisco?
5. Where can I get ancillary software for my cisco?
6. Is there a World-Wide-Web (www) information source?
7. How can I get my cisco to talk to a third party router over
8. How can I get my cisco to talk to a 3rd-party router over Frame Relay?
9. How can I use debugging?
10. How can I use NTP (Network Time Protocol) with my cisco?
11. Sample cisco NTP Configurations
12. How do I avoid the annoying DNS lookup if I have misspelled a command?
13. Tracing bad routing information
14. How to use access lists
15. The cisco boot process
16. Where can I get cisco hardware?
17. Where can I get IETF documents (RFCs, STDs, etc.)?
18. Future features in cisco software
19. How do cisco routers rate performance-wise?
20. How are packets switched?
21. How does one interpret buffer statistics?
22. How should I restrict access to my router?
23. What can I do about source routing?
24. Is there a block of private IP addresses I can use?
25. Is DHCP supported?
26. Where can I get cisco documentation?
27. What's the latest software for the CSC/3?
28. What IP routing protocol should I use?
29. How do I interpret the output of ``show version''?
30. What is the maximum number of Frame Relay PVCs?
31. How much memory is necessary to telnet to a cisco router?
32. Where can I purchase flash RAM?
33. When are static routes redistributed?
34. When is the next hop of a route considered ``reachable''?
35. How do name and phone number of ``dialer map'' interfere?
36. What's the purpose of the network command?
37. What is VLSM?
38. What are some methods for conserving IP addresses for serial lines?
39. Why do some ip addresses get rejected?
40. How do 4xxx serial numbers correspond to models?
41. Where can I find more info on TACACS+
99. Acknowledgements.

todo:

=====

* What is SNMP and how can I use it? What software is available and how do
I use cisco enterprise MIBs? MIBs on ftpeng.cisco.com and CIO.cisco.com
* Pointers to other net resources, like comp.protocols.tcp-ip, RFCs,
the firewalls mailing list, etc (bgpd?[or is it cidrd now? :-)]).
* Hints about confusing and not-well documented things like xtacacs...
* Comments on interoperability issues WRT other vendors.
* What's SMARTnet, why should I subscribe, how much does it cost,
and what do I get?
* What should I name my router, my interfaces, etc.?
* Should we adjust the buffer parameters on the routers? What should
be the indicator before tunning the buffer parameters? How should
one fine tune the buffer parapeters?
* What is CIDR and why do I care (or a more general acronym decoder) ?
* How do I configure my cisco to use variable-length subnetting ?
* Is there a block of private network numbers I can use
within my organization only? When should I use them?
How do I access them from outside?
* What do I do if I have to partition a network number?
* Questions and answers about access lists
access-list reference list (lots of questions on that)
* I forgot to mention that routing DECnet over X.25 is a problem.
* Where PD network applications for SLIP/PPP are.
* What is HSRP and how does it work? When is it available (10.0)
(Hot Standby Routing Protocol)
* Should I run 10.0, 10.2, 10.3, 11.1, or what?
* What's the difference between IBGP and EBGP? Why should I run BGP?

Actual content.
===============

------------------------------

How can I contact cisco?

From: Question 1
Date: 31 October 1994

Corporate address:

cisco Systems
170 West Tasman Drive
San Jose, CA 95134

The following phone numbers are available:

Technical Assistance Center (TAC) +1 800 553 2447
(553 24HR)
+1 800 553 6387
+1 408 526 8209
Customer Service (Documentation, Warranty & +1 800 553 6387
Contract Services, Order Status
Engineering +1 800 553 2447
(553 24HR)
On-site Services, Time & Materials Service +1 800 829 2447
(829 24HR)
Corporate number / general +1 408 526 4000
Corporate FAX (NOT tech support) +1 408 526 4100

The above 800 numbers are US/Canada only.

cisco can also be contacted via e-mail:

tac@cisco.com Technical Assistance Center
tac-euro@cisco.com European TAC
cs-rep@cisco.com Literature and administrative (?) requests
cs@cisco.com *UNRELIABLE*, special-interest, ``non-support''

Please follow the directions available on CIO before doing this.
cisco provides an on-line service for information about their routers
and other products, called CIO (cisco Information Online). telnet to
cio.cisco.com for more details.

The collective experience of this FAQ indicates that it is far wiser to
open a case using e-mail than FAXes, which may be mislaid, shredded,
etc.

For those of you still in the paperfull office (unlike the rest of us),
cisco Systems' new corporate address is:

170 West Tasman Drive
San Jose, CA 95134

Mail to tac@cisco.com should include your service contract number, your name,
telephone number, a brief one line problem/question description, and a
case priority in the first 5 lines. For example:

Cisco service contract number 92snt1234a
First and last name Jane Doe
Best number to contact you 415-555-1234
Problem/question description Cannot see Appletalk zones
Case Priority 3

CASE PRIORITIES are defined as one of the following:

Pri 1 Production network down, critical business impact
Pri 2 Production net seriously degraded, serious impact
Pri 3 Network degraded, noticeable impact to business
Pri 4 General information, non production problems

------------------------------

What is this newsgroup?

From: Question 2
Date: 26 July 1994

comp.dcom.sys.cisco, which is gatewayed to the mailing list
cisco@spot.colorado.edu, is a newsgroup for discussion of cisco
hardware, software, and related issues. Remember that you can also
consult with cisco technical support.

This newsgroup is not an official cisco support channel, and should
not be relied upon for answers, particularly answers from cisco
Systems employees.

Until recently, the mailing list was gatewayed into the newsgroup,
one-way. It is possible that this arrangement may resume at somet time
in the future.

------------------------------

What does ``cisco'' stand for?

From: Question 3
Date: 31 October 1994

cisco folklore time:

At one point in time, the first letter in cisco Systems was a
lowercase ``c''. At present, various factions within the company have
adopted a capital ``C'', while fierce traditionalists (as well as some
others) continue to use the lowercase variant, as does the cisco
Systems logo. This FAQ has chosen to use the lowercase variant
throughout.

cisco is not C.I.S.C.O. but is short for San Francisco, so the story
goes. Back in the early days when the founders Len Bosack and Sandy
Lerner and appropriate legal entities were trying to come up with a
name they did many searches for non similar names, and always came up
with a name which was denied. Eventually someone suggested ``cisco''
and the name wasn't taken (although SYSCO may be confusingly similar
sounding). There was an East Coast company which later was using the
``CISCO'' name (I think they sold in the IBM marketplace) they ended
up having to not use the CISCO abberviation. Today many people spell
cisco with a capital ``C'', citing problems in getting the lowercase
``c'' right in publications, etc. This lead to at least one amusing
article headlined ``Cisco grows up''. This winter we will celebrate
our 10th year.

[This text was written in July of 1994 -jhawk]

------------------------------

How do I save the configuration of a cisco?

From: Question 4
Date: 31 October 1994

If you have a tftp server available, you can create a file on the
server for your router to write to, and then use the write network
command. From a typical unix system:

mytftpserver$ touch /var/spool/tftpboot/myconfig
mytftpserver$ chmod a+w /var/spool/tftpboot/myconfig

myrouter#write net
Remote host [10.7.0.63]? 10.7.0.2
Name of configuration file to write [myrouter-confg]? myconfig
Write file foobar on host 10.7.0.2? [confirm] y

Additionally, there's a Macintosh TFTP server available:

ftp://nic.switch.ch/software/mac/peterlewis/tftpd-100.sit.hqx

Additionally, you can also use expect, available from:

ftp://ftp.uu.net/languages/tcl/expect/expect.tar.gz
ftp://ftp.cme.nist.gov/expect/expect.tar.gz

or, in shar form from ftpeng.cisco.com.

Expect allows you to write a script which telnets to the router and
performs a ``write terminal'' command, or any other arbitrary set of
command(s), using a structured scripting language (Tcl).

------------------------------

Where can I get ancillary software for my cisco?

From: Question 5
Date: 5 July 1994

Try ftping to

ftp://ftpeng.cisco.com/pub

It's a hodgepodge collection of useful stuff, some maintained and some
not. Some is also available from

ftp://cio.cisco.com

Vikas Aggarwal has a very customised tacacsd:

A new version of xtacacsd is available via anonymous FTP from:

ftp://ftp.navya.com/pub/vikas/xtacacsd-3.5.shar.gz


------------------------------

Is there a World-Wide-Web (www) information source?

From: Question 6
Date: 28 April 1996

You can try the WWW page for this FAQ:

http://www.panix.com/cisco-faq/

or the cisco Educational Archive (CEA) home page:

http://sunsite.unc.edu/cisco/cisco-home.html

or the cisco Information Online (CIO) home page:

http://www.cisco.com/


------------------------------

How can I get my cisco to talk to a third party router over a serial link?

From: Question 7
Date: 5 July 1994

You need to tell your cisco to use the same link-level protocol as the
other router; by default, ciscos use a rather bare variant of HDLC
(High-level Data Link Control) all link-level protocols use at some
level/layer or another. To make your cisco operate with most other
routers, you need to change the encapsulation from HDLC to PPP on the
relevant interfaces. For instance:

sewer-cgs#conf t

Enter configuration commands, one per line.
Edit with DELETE, CTRL/W, and CTRL/U; end with CTRL/Z
interface serial 1
encapsulation ppp
^Z

sewer-cgs#sh int s 1

Serial 1 is administratively down, line protocol is down
Hardware is MCI Serial
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255
Encapsulation PPP, loopback not set, keepalive set (10 sec)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
[...]

If you're still having trouble, you might wish to turn on serial interface
debugging:

sewer-cgs#ter mon
sewer-cgs#debug serial-interface

------------------------------

How can I get my cisco to talk to a 3rd-party router over Frame Relay?

From: Question 8
Date: 27 July 1994

You should tell your cisco to use ``encapsulation frame-relay ietf''
(instead of ``encapsulation frame-relay'') on your serial interface
that's running frame relay if your frame relay network contains a
diverse set of manufacturers' routers. The keyword ``ietf'' specifies
that your cisco will use RFC1294-compliant encapsulation, rather than
the default, RFC1490-compliant encapsulation (other products, notably
Novell MPR 2.11, use a practice sanctioned by 1294 but deemed verbotten
by 1490, namely padding of the nlpid). If only a few routers in your
frame relay cloud require this, then you can use the default
encapsulation on everything and specify the exceptions with the
frame-relay map command:

frame-relay map ip 10.1.2.3 56 broadcast ietf
^^^^

(ietf stands for Internet Engineering Task Force, the body which
evaluates Standards-track RFCs; this keyword is a misnomer as both
RFC1294 and RFC1490 are ietf-approved, however 1490 is most recent and
is a Draft Standard (DS), whereas 1294 is a Proposed Standard (one step
beneath a DS), and is effectively obsolete).

------------------------------

How can I use debugging?

From: Question 9
Date: 26 July 1994


The ``terminal monitor'' command directs your cisco to send debugging
output to the current session. It's necessary to turn this on each time
you telnet to your router to view debugging information. After that,
you must specify the specific types of debugging you wish to turn on;
please note that these stay on or off until changed, or until the
router reboots, so remember to turn them off when you're done.

Debugging messages are also logged to a host if you have trap logging
enabled on your cisco. You can check this like so:


sl-panix-1>sh logging
Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns)
Console logging: level debugging, 66 messages logged
Monitor logging: level debugging, 0 messages logged
Trap logging: level debugging, 69 message lines logged
Logging to 198.7.0.2, 69 message lines logged
sl-panix-1>

If you have syslog going to a host somewhere and you then set about a
nice long debug session from a term your box is doing double work and
sending every debug message to your syslog server. Additionally, if you
turn on something that provides copious debugging output, be careful
that you don't overflow your disk (``debug ip-rip'' is notorious for
this).

One solution to this is to only log severity ``info'' and higher:

sl-panix-1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
logging trap info

The other solution is to just be careful and remember to turn off
debugging. This is easy enough with:

sl-panix-1#undebug all

If you have a heavily loaded box, you should be aware that debugging
can load your router. The console has a higher priority than a vty so
don't debug from the console; instead, disable console logging:

cix-west.cix.net#conf t
Enter configuration commands, one per line. End with CNTL/Z.
no logging console

Then always debug from a vty. If the box is busy and you are a little
too vigorous with debugging and the box is starting to sink, quickly
run, don't walk to your console and kill the session on the vty. If
you are on the console your debugging has top prioority and then the
only way out is the power switch. This of course makes remote
debugging a real sweaty palms adventure especially on a crowded box.
Caveat debugger!

Also, if you for some reason forget what the available debug commands
are and don't have a manual handy, remember that's what on-line help
is for. Under pre 9.21 versions, ``debug ?'' lists all commands. Under
9.21 and above, that gives you general categories, and you can check
for more specific options by specifying the category: ``debug ip ?''.

As a warning, the ``logging buffered'' feature causes all debug
streams to be redirected to an in-memory buffer, so be careful using

• << Первая
• <<
• >>
• Последняя >>