From: Faryar Zabihi \(fzabihi\) (fzabihi@cisco.com)
Date: Tue Aug 15 2006 - 19:08:13 ART
I have one acronym for you. ASA
:)
-----Original Message-----
From: Victor Cappuccio [mailto:cvictor@protokolgroup.com]
Sent: Tuesday, August 15, 2006 06:03 PM Eastern Standard Time
To: 'sadia habib'; bdennis@internetworkexpert.com
Cc: ccielab@groupstudy.com
Subject: RE: ospf strange problem !!!
Come on Sadia, this is a Cisco Study Group.
What can you expect?
-----Mensaje original-----
De: nobody@groupstudy.com [mailto:nobody@groupstudy.com] En nombre de sadia
habib
Enviado el: Martes, 15 de Agosto de 2006 05:37 p.m.
Para: bdennis@internetworkexpert.com
CC: ccielab@groupstudy.com
Asunto: RE: ospf strange problem !!!
well i was not expecting that bogus answer from you!!! come on dont deny the
netscreen value compare to pix!! reality is pix is good only to test in
CCIE security LAb !!! no comments !
>From: "Brian Dennis" <bdennis@internetworkexpert.com>
>To: "sadia habib" <cutesadia12@hotmail.com>
>CC: <ccielab@groupstudy.com>
>Subject: RE: ospf strange problem !!!
>Date: Tue, 15 Aug 2006 17:19:09 -0400
>
>Follow these 4 easy steps to fix your issue:
>
>1) Unplug the Netscreen's power
>2) Take the Netscreen out of the rack
>3) Walk over to the nearest trashcan and throw the Netscreen in (see note
>below)
>4) Call your local Cisco SE and get them to send you a Cisco PIX firewall
>
>Note: Your trashcan may already be full of other Juniper products along
>with some Juniper stock so you may need to look for an empty trash can
>
>HTH,
>
>Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
>bdennis@internetworkexpert.com
>
>Internetwork Expert, Inc.
>http://www.InternetworkExpert.com
>Toll Free: 877-224-8987
>Direct: 775-745-6404 (Outside the US and Canada)
>
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>sadia habib
>Sent: Tuesday, August 15, 2006 1:19 PM
>To: juniper-nsp@puck.nether.net
>Cc: ccielab@groupstudy.com
>Subject: ospf strange problem !!!
>
>DEAR ALL
>
>I am trying to configure ospf between router and netscreen I am facing
>little problem!! while its remain in init state for ospf !! can any body
>help me ?
>
>i am copying the config
>
>
>
>
>set protocol ospf
>set enable
>set area 0.0.0.144
>set auth-server "Local" id 0
>set auth-server "Local" server-name "Local"
>set auth default auth server "Local"
>set admin http redirect
>set admin auth timeout 10
>set admin auth server "Local"
>set admin format dos
>set zone "Trust" vrouter "trust-vr"
>set zone "Untrust" vrouter "trust-vr"
>set zone "DMZ" vrouter "trust-vr"
>set zone "VLAN" vrouter "trust-vr"
>set zone "Trust" tcp-rst
>set zone "Untrust" block
>unset zone "Untrust" tcp-rst
>set zone "MGT" block
>set zone "DMZ" tcp-rst
>set zone "VLAN" block
>set zone "VLAN" tcp-rst
>unset zone "Untrust" screen tear-drop
>unset zone "Untrust" screen syn-flood
>unset zone "Untrust" screen ping-death
>unset zone "Untrust" screen ip-filter-src unset zone "Untrust" screen land
>set zone "V1-Untrust" screen tear-drop set zone "V1-Untrust" screen
>syn-flood set zone "V1-Untrust" screen ping-death set zone "V1-Untrust"
>screen ip-filter-src set zone "V1-Untrust" screen land set interface
>"ethernet0/0" zone "Trust"
>set interface "ethernet0/1" zone "DMZ"
>set interface "ethernet0/2" zone "Untrust"
>unset interface vlan1 ip
>set interface ethernet0/0 ip
>set interface ethernet0/0 route
>set interface ethernet0/2 ip
>set interface ethernet0/2 route
>unset interface vlan1 bypass-others-ipsec unset interface vlan1
>bypass-non-ip set interface ethernet0/0 manage-ip set interface ethernet0/2
>manage-ip set interface ethernet0/0 ip manageable set interface ethernet0/2
>ip manageable unset interface ethernet0/0 manage telnet unset interface
>ethernet0/0 manage snmp set interface ethernet0/0 manage mtrace set
>interface ethernet0/2 manage ping set interface ethernet0/2 manage ssh set
>interface ethernet0/2 manage ssl set interface ethernet0/2 manage web set
>interface vlan1 manage mtrace unset flow no-tcp-seq-check set flow
>tcp-syn-check set hostname DCK set dbuf size 1024 set ike respond-bad-spi 1
>set nsrp cluster id 1 set nsrp cluster name DCK set nsrp rto-mirror sync
>set nsrp vsd-group id 0 priority 100 set nsrp vsd-group id 0 preempt set
>nsrp secondary-path ethernet0/2 set nsrp vsd-group id 0 monitor interface
>ethernet0/0 set nsrp vsd-group id 0 monitor interface ethernet0/2 set nsrp
>ha-link probe set pki authority default scep mode "auto"
>set pki x509 default cert-path partial
>set url protocol sc-cpa
>exit
>set nsmgmt bulkcli reboot-timeout 60
>set ssh version v2
>set ssh enable
>set config lock timeout 5
>set dl-buf size 4718592
>set vrouter "untrust-vr"
>set source-routing enable
>exit
>
>set vrouter "trust-vr"
>set router-id
>set source-routing enable
>exit
>
>set interface ethernet0/0 protocol ospf area 0.0.0.144 set interface
>ethernet0/0 protocol ospf enable set interface ethernet0/0 protocol ospf
>priority 0 set interface ethernet0/0 protocol ospf cost 1 set vrouter
>"untrust-vr"
>exit
>set vrouter "trust-vr"
>exit
>
>
>
>
>## 15:54:09 : ospf: send hello pkt on ethernet0/0 len 44 ## 15:54:09 :
>ospf: process rx pak len 44 from 10.32.124.100 on ethernet0/0 in vr
>trust-vr router-id 10.32.124.100 ## 15:54:11 : ospf: process rx pak len 60
>from 10.32.124.20 on ethernet0/0 in vr trust-vr router-id 10.32.134.10 ##
>15:54:11 : ospf: recv pkt on ethernet0/0, 10.32.124.20->224.0.0.5 ##
>15:54:11 : ospf: invalid IP pak len 80, should be (ospf 48 + lls 3072 + IP
>20) ## 15:54:19 : ospf: send hello dr 0.0.0.0 bdr 0.0.0.0 active neighbors:
>## 15:54:19 : ospf: send hello pkt on ethernet0/0 len 44 ## 15:54:19 :
>ospf: process rx pak len 44 from 10.32.144.10 on ethernet0/0 in vr trust-vr
>router-id 10.32.134.20 ## 15:54:21 : ospf: process rx pak len 60 from
>10.90.10.1on ethernet0/0 in vr trust-vr router-id 10.132.134.10 ## 15:54:21
>: ospf: recv pkt on ethernet0/0, 10.90.10.1->224.0.0.5 ## 15:54:21 : ospf:
>invalid IP pak len 80, should be (ospf 48 + lls 3072 + IP 20) ## 15:54:29 :
>ospf: send hello dr 0.0.0.0 bdr 0.0.0.0 active neighbors:
>## 15:54:29 : ospf: send hello pkt on ethernet0/0 len 44 ## 15:54:29 :
>ospf: process rx pak len 44 from 10.32.144.10 on ethernet0/0 in vr trust-vr
>router-id 10.32.144.10 ## 15:54:31 : ospf: process rx pak len 60 from
>10.90.10.1on ethernet0/0 in vr trust-vr router-id 10.32.144.10 ## 15:54:31
>: ospf: recv pkt on ethernet0/0, 10.132.14.2->224.0.0.5 ## 15:54:31 : ospf:
>invalid IP pak len 80, should be (ospf 48 + lls 3072 + IP 20) ## 15:54:39 :
>ospf: send hello dr 0.0.0.0 bdr 0.0.0.0 active neighbors:
>## 15:54:39 : ospf: send hello pkt on ethernet0/0 len 44 ## 15:54:39 :
>ospf: process rx pak len 44 from 10.102.12.1 on ethernet0/0 in vr trust-vr
>router-id 10.32.144.10 ## 15:54:41 : ospf: process rx pak len 60 from
>10.90.10.1on ethernet0/0 in vr trust-vr router-id 10.32.144.10 ## 15:54:41
>: ospf: recv pkt on ethernet0/0, 10.132.124.2->224.0.0.5 ## 15:54:41 :
>ospf: invalid IP pak len 80, should be (ospf 48 + lls 3072 + IP 20) ##
>15:54:49 : ospf: send hello dr 0.0.0.0 bdr 0.0.0.0 active neighbors:
>## 15:54:49 : ospf: send hello pkt on ethernet0/0 len 44 ## 15:54:49 :
>ospf: process rx pak len 44 from 10.132.124.10 on ethernet0/0 in vr
>trust-vr router-id 10.32.144.10 ## 15:54:51 : ospf: process rx pak len 60
>from 10.90.10.1on ethernet0/0 in vr trust-vr router-id 10.132.142.10 ##
>15:54:51 : ospf: recv pkt on ethernet0/0, 10.2.114.2->224.0.0.5 ## 15:54:51
>: ospf: invalid IP pak len 80, should be (ospf 48 + lls 3072 + IP 20)
>
>_________________________________________________________________
>On the road to retirement? Check out MSN Life Events for advice on how to
>get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Sep 01 2006 - 15:41:57 ART