Cisco Logo Cisco Technical Assistance Center (TAC)
Newsletter
TAC Certified
Vol. 2, No. 5, May, 2000 Unmatched Online Technical Support www.cisco.com/tac
Cisco Newsletter image In This Issue:
What's Hot
Spotlight
High-End Routers
Access
LAN
WAN
Network Mgmt. Syst.
IP Routing
IBM
Security
Voice and Telephony
Web Scaling
Optical Transport

Cisco IOS Software
About This Newsletter

These links may not work in
all e-mail clients. You can also
scroll down to read these sections.

Update your Cisco TAC profile today and begin receiving personalized delivery of the latest breaking TAC News Flashes!
Update Registered user profile
Update Guest user profile

If you are a new customer and would like to subscribe to the newsletter, click here. To unsubscribe, please reply to this message with the word "REMOVE" in the subject line.

Click here if you would like to receive future newsletters in plain text.

 

What's Hot
Voice Over IP (VoIP) Technical Support Information Recently Uploaded to the Cisco TAC Technology Pages
 

The Cisco TAC Voice and Telephony Technology Pages now bring you VoIP technical content in the area of voice packet networking, configuration cookbook containing numerous voice network sample configurations, voice network design and implementation guide, voice network signaling and control documentation, and many more. Find out how you can stay ahead of the competition by becoming more knowledgeable and self-sufficient in designing, deploying, troubleshooting, and support your voice networks.

For more information on the new Voice and Telephony Technology Pages, please visit:
http://www.cisco.com/tac/technologies

New IBM DLSw TAC Advanced Troubleshooting Guide Launched
 

The Cisco TAC is pleased to announce the TAC Advanced Troubleshooting Guide for data-link switching (DLSw). This new technical resource provides you solutions to complex DLSw networking issues by allowing you to use flow-chart analysis to quickly isolate symptoms and causes. The TAC Advanced Troubleshooting Guide is designed by Cisco TAC engineers to help you to become self-sufficient in resolving complex DLSw networking issues anytime, anywhere.

Check out the TAC Advanced Troubleshooting Guide for DLSw under the IBM Technology Pages at:

http://www.cisco.com/warp/customer/697/dlswts1.html
(available to registered users only)

http://www.cisco.com/warp/public/697/dlswts1.html
(available to non-registered users only)

IBM Technology Solutions for DLSw Now Available on the Cisco TAC Technology Pages
 

The Cisco TAC Technology Pages now bring you IBM technical content in the area of data-link switching (DLSw). Within this newly posted information, you will also be able to search for some of the most frequently occurring Systems Network Architecture (SNA) problems, including sessions that are not establishing properly. The IBM Technology Pages will now help you configure, verify, troubleshoot, and learn more about IBM networking technologies and peer-based networking.

For more information on DLSw and the new IBM Technology Pages, please visit: http://www.cisco.com/tac/technologies

Simple Network Management Protocol (SNMP) and Remote Monitoring (RMON) Technical Information Added to the Network Management Systems Technology Pages
 

The Cisco TAC Technology Pages now offer Network Management Systems information on simple network management protocol (SNMP) and remote monitoring (RMON). The SNMP content contains detailed insights from Cisco TAC engineers on how to enable SNMPv1 and SNMPv2 on agents, thereby allowing an NMS to collect network performance information. Find out how to maximize your network performance and ensure reliability through comprehensive fault diagnosis, planning, and performance tuning with RMON. This new NMS content can also help you locate information on Cisco Management Information Bases (MIBs) and network traffic monitoring products such as TrafficDirector™ software, SwitchProbe, and NAM cards. Resolve network problems and plan for network growth and optimization by utilizing the NMS Technology Pages.

Click here to access SNMP and RMON technical information on the new NMS Technology Pages: http://www.cisco.com/tac/technologies

FDDI, Gigabit Ethernet, and Fast Ethernet Technology Now Added to the LAN Technology Pages
 

The Cisco TAC LAN Technology Pages is now enhanced to include support in the area of Fiber Distributed Data Interface (FDDI), Gigabit Ethernet, and Fast Ethernet technologies. Find out how you can become self-sufficient in configuring, verifying, troubleshooting, and learning more about LAN networking by using the same set of information that Cisco TAC engineers use daily. Other technologies supported under the LAN Technology Pages include: virtual LANs (VLANs) and trunking (InterSwitch Link [ISL] and 802.1Q),EtherChannel® technology, MultiLayer Switching (MLS), multicast, and Spanning-Tree Protocol (STP).

For more information on the newly enhanced LAN Technology Pages, please visit: http://www.cisco.com/tac/technologies

T1 Networking Information Added to the Access Technology Pages
 

The Cisco TAC Access Technology Pages are now enhanced to include technical support information in the area of T1 networking. There, you will find some of the latest TAC Certified troubleshooting documentation on T1 networking, specifically in the area of T1 alarm, primary rate interface (PRI), layer 1, error events and hard plug loopback test. Other technologies supported under the Access Technology Pages include: DSL, Dial on Demand Routing (DDR), ISDN, modems, and Point-to-Point protocol (PPP).

Check out the latest T1 troubleshooting data (found under the T1/T3/E1/E3 sub-category of Access Technology) at: http://www.cisco.com/tac/technologies

TAC Web Tools Showcase: Learn How the Cisco TAC Web Site Can Help You Quickly Resolve Networking Challenges!
 

The Cisco TAC Web Tools Showcase is currently doing a nationwide and European tour. Upcoming locations for May and June are: Washington D.C., Raleigh, Atlanta, London, Brussels, San Diego, Irvine, Seattle, and Portland.

The Cisco TAC Web Tools Showcase provides training on how to use the new features of the Cisco TAC Web site to save time, save money and improve networking skills. By attending the Cisco TAC Web Tools Showcase, you can learn how to use the TAC Web site to find critical information, troubleshoot issues, increase your expertise, and support your networks. Response to the Cisco TAC Web Tools Showcase has been overwhelmingly positive. Ninety-eight percent of Showcase attendees said that the event was an excellent use of their time and that the information they received would help them to do their jobs more effectively.

For more information as well as specific dates and locations, visit: http://www.cisco.com/tac/showcase

Come Meet the Industry Experts and Learn More About the Latest Internetworking Technologies at the 11th Cisco Systems Networkers 2000
 

The Cisco Systems Networkers 2000 conference brings you face to face with top Cisco networking professionals in an opportunity to learn about the hottest Cisco products and technologies, as well as review industry trends and obtain vital networking updates. This year's program includes presentations on all the newest IP-based technologies and business strategies. Also new this year are Power sessions, which offer in-depth, full-day tutorials providing coverage of today's most challenging networking issues. The 11th Networkers 2000 is being held in Las Vegas, Nevada, (June 26–29) and Orlando, Florida (July 12–15).

For session topics and registration information, please visit: http://www.cisco.com/networkers/g1

New CCIE Track in Network Design
 

Cisco now offers a CCIE™ Track for Network Design to help address the planning and design aspects of a network life cycle, as well as implementation, operation, and optimization. This CCIE Design track will require a two-hour qualification exam and a two-day design lab. This track is valuable to anyone who creates or reviews designs for enterprise networks. This Network Design track requires candidates to have a thorough understanding of campus design, multiservice, SNA-IP, and network management-related design issues.

For more information on this new CCIE Design track, please visit: http://www.cisco.com/go/ccie

Back to top
Spotlight
Fully Documented Troubleshooting Solutions for Your Network Issues Available at the Cisco TAC Product and Technology Pages
 

The Cisco TAC Product and Technology Pages provides you a single Web interface that allows you to easily access all technical support content available on Cisco Connection Online (CCO) such as techtips, samples configurations, white papers, FAQs, and field notices for all key Cisco products and technologies critical to your everyday troubleshooting and technical support needs. The TAC Product and Technology Pages also includes numerous TAC Certified documentations that have been written by Cisco TAC engineers and completely tested in the lab for accuracy. Visit the TAC Product and Technology Pages today to obtain all the answers for your network issues without having to open a TAC case.

To locate technical support information by product categories, please visit the TAC Product Pages at: http://www.cisco.com/tac/products

To locate technical support information for technology categories in the area of LAN, security, voice and telephony, NMS, access, IP routing, IBM, or ATM content, please visit the TAC Technology Pages at: http://www.cisco.com/tac/technologies.

Keep posted for new product and technology page releases in the coming months.

Selected Core Routing, IP Routing, Access, and ATM Show Commands Offered in Output Interpreter Tool
 

The Cisco TAC Output Interpreter tool helps you troubleshoot a number of router issues by copying selected core routing, IP routing, access, and ATM router "show" commands into a text box. The tool automatically diagnoses the problem, delivers a customized report, and offers suggestions for resolution. Cisco TAC engineers continually update the information that tells the TAC Output Interpreter tool how to interpret commands so that you will receive the accurate analyses you need.

Check out the Output Interpreter tool at: http://www.cisco.com/support/OutputInterpreter
(available to registered users only)

Back to top
High-end Routers
 

Tech Tip:
Troubleshooting High CPU Utilization on Cisco Routers

This document describes common symptoms, causes of, and solutions to high CPU utilization on Cisco routers.

http://www.cisco.com/warp/customer/63/highcpu.html
(available to registered users)

http://www.cisco.com/warp/public/63/highcpu.html
(available to non-registered users)

 

Field Notice:
250-MHz R5000 CPU Problem

Under certain conditions, a small percentage of the line-card CPUs are experiencing failures due to noise inside the CPU. Line cards with this problem may experience the following symptoms: line-card spurious alignment errors, line-card crashes, and spurious alignment log messages.

http://www.cisco.com/warp/customer/770/fn7991_01052000.shtml
(available to registered users)

http://www.cisco.com/warp/public/770/fn7991_01052000.shtml
(available to non-registered users)

 

Field Notice:
TX GigaTranslator External Interface Parity Error

Excessive phase-locked-loop (PLL) jitter on one of the data-path chips may cause parity errors on the data bus feeding it. This is not a memory-related parity error.

http://www.cisco.com/warp/customer/770/fn7030_09161999.shtml
(available to registered users)

http://www.cisco.com/warp/public/770/fn7030_09161999.shtml
(available to non-registered users)

Back to top
Access Products & Technologies
  GENERAL
 

Sample Configurations:
Bundling Cable Interfaces Sample Configuration and Verification

The Bundling Cable Interfaces feature allows multiple cable interfaces to share a single IP subnet. Without the use of this feature, each interface must be configured with a separate IP subnet.

http://www.cisco.com/warp/customer/620/bundling_cable_interfc.html
(available to registered users)

http://www.cisco.com/warp/public/620/bundling_cable_interfc.html
(available to non-registered users)

  AS5800
 

Tech Tip:
Cisco IOS® Software Commands for Cisco AS5800 Hardware Inspection

This document shows you how to collect Cisco AS5800 access server hardware data for analysis. The logs collected can be used to assist with technical support.

http://www.cisco.com/warp/customer/471/as5800_inspection.html
(available to registered users)

http://www.cisco.com/warp/public/471/as5800_inspection.html
(available to non-registered users)

  CABLES
 

Tech Tip:
Hard Plug Loopback Tests for T1/56K Lines

The hardware loopback plug test is used to see if the router has any faults. If a router passes a hardware loopback plug test, then the problem exists elsewhere on the line.

http://www.cisco.com/warp/customer/471/hard_loopback.html
(available to registered users)

http://www.cisco.com/warp/public/471/hard_loopback.html
(available to non-registered users)

  DSL/AGGREGATION
 

Field Notice:
Cisco 6100 Series DSLAM with Software Release 2.4.x: System Reset Can Cause Subscriber Configuration Loss

In system software Releases 2.4.0 and 2.4.1, a possibility exists for subscriber configuration corruption to occur after a system reset.

http://www.cisco.com/warp/customer/770/fn10711.shtml
(available to registered users)

http://www.cisco.com/warp/public/770/fn10711.shtml
(available to non-registered users)

 

Field Notice:
Cisco 61x0 DSLAM: Chassis with Two-Port DMT2 Cards May Fail to Power on Correctly

This field notice discusses a problem with the two-port discrete multitone 2 (DMT2) line card (ATUC-2-DMT2-DIR-1=). If a chassis containing one or more two-port DMT2 line cards is power cycled either for a new install or because of a power outage, the chassis may fail to power back up correctly. This can also happen if the system controller (SC) is removed and reinserted.

http://www.cisco.com/warp/customer/770/fn10411.html
(available to registered users)

http://www.cisco.com/warp/public/770/fn10411.html
(available to non-registered users)

Back to top
LAN Products & Technologies
 

Tech Tip:
Using Portfast and Other Commands to Fix Workstation Startup Connectivity Delays

This document addresses initial connectivity delays that occur when workstations (that are connected to switches) are unable to log in to a network domain (Windows NT or Novell), or are unable to obtain a Dynamic Host Configuration Protocol (DHCP) address.

http://www.cisco.com/warp/customer/473/12.html
(available to registered users)

http://www.cisco.com/warp/public/473/12.html
(available to non-registered users)

 

Tech Tip:
Configuring EtherChannel® Switch-to-Switch Connections on Catalyst® 4000, 5000, and 6000 Switches

This tech tip provides examples of configuring EtherChannel technology manually and examples of configuring EtherChannel technology using Point Aggregation Protocol (PagP). Also included is how to troubleshoot EtherChannel technology and how to use trunking with this technology.

http://www.cisco.com/warp/customer/793/lan_switching/6.html
(available to registered users)

http://www.cisco.com/warp/public/793/lan_switching/6.html
(available to non-registered users)

 

Tech Tip:
Managing Catalyst Switch-Based and Workgroup Concentrator-Based FDDI Networks

This document describes some of the common issues related to connecting Catalyst® switches and workgroup concentrators to Fiber Distributed Data Interface (FDDI) networks.

http://www.cisco.com/warp/customer/90/23.html
(available to registered users)

http://www.cisco.com/warp/public/90/23.html
(available to non-registered users)

  CATALYST 5000
 

Tech Tip:
Problems with VLAN Trunk Protocol (VTP) Pruning over LAN Emulation

This document explains why you should never use VTP pruning on Catalyst® series switches attached to emulated LANs (ELANs).

http://www.cisco.com/warp/customer/473/11.html
(available to registered users)

http://www.cisco.com/warp/public/473/11.html
(available to non-registered users)

  CATALYST 6000
 

Field Notice:
Potential Problems Converting Catalyst 6xxxs to SUPIA Cisco IOS 12.0(7)XE or 12.1(1)E

When upgrading a Catalyst® 6xxx supervisor with a multilayer switch feature card (MSFC) (WS-X6K-SUP1A-MSFC=) to Cisco IOS® Release 12.0(7)XE1 or 12.1(1)E, a typo in the release note conversion process results in an incomplete Cisco IOS upgrade.

http://www.cisco.com/warp/customer/770/fn12047_04102000.html
(available to registered users)

http://www.cisco.com/warp/public/770/fn12047_04102000.html
(available to non-registered users)

Back to top
WAN Products & Technologies
  CISCO IGX 8400
 

Tech Tip:
Voice Tuning for Cisco WAN Switching Networks

This document describes how to tune a Cisco voice network using Cisco IGX™ 8400 series switches and switch software Releases 8.2.5x and later.

http://www.cisco.com/warp/customer/74/voicetuning202.html
(available to registered users)

http://www.cisco.com/warp/public/74/voicetuning202.html
(available to non-registered users)

Back to top
Network Management Systems Products & Technologies
 

Tech Tip:
How to Mark the Priority of an Incoming Mail Message in Cisco eMail Manager

Cisco eMail Manager (CeM) does not assign priorities to incoming e-mail messages based on the priority chosen by the sender. Most e-mail applications have different priority levels, and there is no Simple Mail Transfer Protocol (SMTP) standard for message priorities across applications. However, you can create rules using the X-Priority field in the e-mail header to specify the priority shown in CeM.

http://www.cisco.com/warp/customer/640/5.html
(available to registered users)

http://www.cisco.com/warp/public/640/5.html
(available to non-registered users)

 

Tech Tip:
How to Find Cisco eMail Manager Log Files

When troubleshooting problems with the Cisco eMail Manager (CeM), it is important to retrieve the relevant log files. Any significant system messages and events are stored in the log files. The following figure shows which directories contain the most commonly used log files.

http://www.cisco.com/warp/customer/640/4.html
(available to registered users)

http://www.cisco.com/warp/public/640/4.html
(available to non-registered users)

 

Tech Tip:
Uppercase Characters in the RME Username Cannot Be Deleted and Then Recreated in Lowercase

In Resource Manager Essentials (RME) 2.2, you cannot delete and recreate the same username if the original username had uppercase characters in it. This document provides a workaround solution.

http://www.cisco.com/warp/customer/477/RME/rme22_uppercase.shtml
(available to registered users)

http://www.cisco.com/warp/public/477/RME/rme22_uppercase.shtml
(available to non-registered users)

 

FAQ:
Dialout Utility Frequently Asked Questions

This document contains questions that customers frequently ask about the Cisco Dialout Utility.

http://www.cisco.com/warp/customer/110/dialout_faq.html
(available to registered users)

http://www.cisco.com/warp/public/110/dialout_faq.html
(available to non-registered users)

Back to top
IP Routing Products & Technologies
 

Tech Tip:
NAT Order of Operation

This document illustrates that the order in which transactions are processed using Network Address Translation (NAT) is based on whether a packet is going from the inside network to the outside network, or from the outside network to the inside network.

http://www.cisco.com/warp/customer/556/5.html
(available to registered users)

http://www.cisco.com/warp/public/556/5.html
(available to non-registered users)

 

Tech Tip:
How Does Unequal-Cost-Path Load Balancing (Variance) Work in IGRP and EIGRP?

Every routing protocol supports equal-cost-path load balancing. Interior Gateway Routing Protocol (IGRP) and Enhanced IGRP (EIGRP) also support unequal-cost- path load balancing, which is known as variance. The variance command instructs the router to include routes with a metric smaller than n times the minimum metric route for that destination, where n is the number specified by the variance command. For example, variance <n>. Traffic is also distributed among the links with respect to the metric.

http://www.cisco.com/warp/customer/103/19.html
(available to registered users)

http://www.cisco.com/warp/public/103/19.html
(available to non-registered users)

 

Tech Tip:
Redistributing between Classful and Classless Protocols: EIGRP or OSPF into RIP or IGRP

This document explains two common problems with redistributing routes between Routing Information Protocol (RIP) and Open Shortest Path First (OSPF) or Interior Gateway Routing Protocol (IGRP) and Enhanced IGRP (EIGRP). RIP and IGRP will not advertise routes out an interface if those routes are on the same major network but have a different mask than that particular interface.

http://www.cisco.com/warp/customer/105/52.html
(available to registered users)

http://www.cisco.com/warp/public/105/52.html
(available to non-registered users)

 

Tech Tip:
Why Don't RIP and IGRP Support Variable-Length Subnet Mask?

The ability to specify a different subnet mask for the same network number on different subnets is called variable-length subnet mask (VLSM). Routing Information Protocol (RIP) and Interior Gateway Routing Protocol (IGRP) are classful protocols and are incapable of carrying subnet mask information in their updates. Before RIP or IGRP sends out an update, it performs a check against the subnet mask of the network that is about to be advertised and, in case of VLSM, the subnet gets dropped.

http://www.cisco.com/warp/customer/105/53.html
(available to registered users)

http://www.cisco.com/warp/public/105/53.html
(available to non-registered users)

 

Tech Tip:
Behavior of RIP and IGRP when Sending and Receiving Updates

When RIP or IGRP sends out a routing update, they perform certain checks before including a network or subnet in the update.

http://www.cisco.com/warp/customer/105/54.html
(available to registered users)

http://www.cisco.com/warp/public/105/54.html
(available to non-registered users)

 

Tech Tip:
Why Don't RIP or IGRP Support Discontiguous Networks?

A discontiguous network comprises a major net separated by another major net. Routing Information Protocol (RIP) and Interior Gateway Routing Protocol (IGRP) are classful protocols. Whenever RIP advertises a network across a different major net boundary, RIP summarizes the advertised network at the major net boundary.

http://www.cisco.com/warp/customer/105/55.html
(available to registered users)

http://www.cisco.com/warp/public/105/55.html
(available to non-registered users)

 

Tech Tip:
IP Contact Center Troubleshooting Guide

This document describes symptoms, causes, and solutions to common problems with the IP Contact Center (IPCC).

http://www.cisco.com/warp/customer/78/41.html
(available to registered users)

http://www.cisco.com/warp/public/78/41.html
(available to non-registered users)

 

Tech Tip:
NAT: Local and Global Definitions

This document defines and clarifies the following Network Address Translation (NAT) terms: inside local, inside global, outside local, and outside global.

http://www.cisco.com/warp/customer/556/8.html
(available to registered users)

http://www.cisco.com/warp/public/556/8.html
(available to non-registered users)

 

Sample Configurations:
Sample Configuration for Authentication in RIPv2

This document shows sample configurations for Routing Information Protocol version 2 (RIPv2) authentication.

http://www.cisco.com/warp/customer/105/50.html
(available to registered users)

http://www.cisco.com/warp/public/105/50.html
(available to non-registered users)

 

Sample Configurations:
Sample Configuration of Triggered Extensions to RIP

This document shows sample configurations using the ip rip triggered interface configuration command.

http://www.cisco.com/warp/customer/105/51.html
(available to registered users)

http://www.cisco.com/warp/public/105/51.html
(available to non-registered users)

Back to top
IBM Products & Technologies
 

Sample Configurations:
Enterprise Extender (HPR-IP) Sample Configuration

The sample configuration illustrates High Performance Routing (HPR) using IP.

http://www.cisco.com/warp/customer/100/snasw.html
(available to registered users)

http://www.cisco.com/warp/public/100/snasw.html
(available to non-registered users)

 

Tech Tip:
T1 Alarm Troubleshooting

This document explains common alarm types that may appear during T1 operation. An explanation of the alarms and common troubleshooting techniques are provided.

http://www.cisco.com/warp/customer/116/T1_alarms.html
(available to registered users)

http://www.cisco.com/warp/public/116/T1_alarms.html
(available to non-registered users)

 

Tech Tip:
T1 Error Events Troubleshooting

This document describes various error events that occur on T1 lines and provides troubleshooting information to fix these errors.

http://www.cisco.com/warp/customer/116/T1_error.html
(available to registered users)

http://www.cisco.com/warp/public/116/T1_error.html
(available to non-registered users)

 

Tech Tip:
T1 Layer 1 Troubleshooting

This document describes the techniques and procedures to troubleshoot T1 Layer 1 problems.

http://www.cisco.com/warp/customer/116/T1_layer1.html
(available to registered users)

http://www.cisco.com/warp/public/116/T1_layer1.html
(available to non-registered users)

 

Tech Tip:
T1 PRI Troubleshooting

When troubleshooting a Primary Rate Interface (PRI), ensure that the T1 is running properly on both ends. If Layer 1 problems have been resolved, look for problems on Layers 2 and 3. Use the show controller t1 command to verify that the configuration of the line matches that of the remote end.

http://www.cisco.com/warp/customer/116/T1_pri.html
(available to registered users)

http://www.cisco.com/warp/public/116/T1_pri.html
(available to non-registered users)

Back to top
Security Products & Technologies
 

Tech Tip:
IPSec over GRE Tunnels

This document illustrates an IP Security (IPSec) configuration using a generic routing encapsulation (GRE) tunnel between two routers. IPSec can be configured over GRE tunnels to provide network-layer security for non-IP traffic, such as Novell Internetwork Packet Exchange (IPX), AppleTalk, and so forth.

http://www.cisco.com/warp/customer/707/33.shtml
(available to registered users)

http://www.cisco.com/warp/public/707/33.shtml
(available to non-registered users)

 

Tech Tip:
Terminating IPSec Tunnels on Multiple Cisco Secure PIX Firewall Interfaces with Xauth

This document illustrates an IP Security (IPSec) configuration with the following elements: crypto maps applied to multiple interfaces on the PIX™ Firewall, extended authentication (xauth) of virtual private network (VPN) clients, dynamic assignment of a private IP address from a pool to VPN clients, and nat 0 access-list functionality. Nat 0 access-list functionality allows hosts on a LAN to use private IP addresses with a remote user and still get a Network Address Translation (NAT) address from the PIX Firewall to visit an untrusted network.

http://www.cisco.com/warp/customer/110/40.html
(available to registered users)

http://www.cisco.com/warp/public/110/40.html
(available to non-registered users)

 

Tech Tip:
Benefits and Limitations of Context-Based Access Control

This document defines Context-Based Access Control (CBAC), explains CBAC terminology, and describes its benefits and limitations.

http://www.cisco.com/warp/customer/110/36.html
(available to registered users)

http://www.cisco.com/warp/public/110/36.html
(available to non-registered users)

 

Tech Tip:
IPSec: Simple PIX Firewall –to PIX Firewall VPN Configuration

This configuration allows two Cisco Secure PIX™ Firewall boxes to run a simple virtual private network (VPN) tunnel from PIX Firewall A to PIX Firewall B over the Internet or any public network using IP Security (IPSec).

http://www.cisco.com/warp/customer/110/38.html
(available to registered users)

http://www.cisco.com/warp/public/110/38.html
(available to non-registered users)

 

Tech Tip:
Cisco Secure PIX Firewall FTP Vulnerabilities

The Cisco Secure PIX™ Firewall interprets File Transfer Protocol (FTP) commands out of context and inappropriately opens temporary access through the firewall. This is an interim notice describing two related vulnerabilities.

http://www.cisco.com/warp/customer/707/pixftp-pub.shtml
(available to registered users)

http://www.cisco.com/warp/public/707/pixftp-pub.shtml
(available to non-registered users)

 

Sample Configurations:
IPSec Router to PIX Configuration: Using the nat 0 access-list Command

This document illustrates an IP Security (IPSec) configuration between a router and a Cisco Secure PIX™ Firewall. It is desirable to use private internal IP addresses when passing traffic between the headquarters LAN and the remote LANs, and to translate the LAN hosts to routable IP addresses when users access the Internet.

http://www.cisco.com/warp/customer/110/39.html
(available to registered users)

http://www.cisco.com/warp/public/110/39.html
(available to non-registered users)

 

Sample Configurations:
IPSec between Cisco Secure PIX™ Firewall and a VPN Client with Extended Authentication

This document illustrates an IP Security (IPSec) configuration that includes both gateway-to-gateway and remote-user functionality. With extended authentication (Xauth), the device is authenticated through the preshared key and the user is authenticated through a username/password challenge.

http://www.cisco.com/warp/customer/110/37.html
(available to registered users)

http://www.cisco.com/warp/public/110/37.html
(available to non-registered users)

 

FAQ:
Cisco PIX Firewall Manager: Frequently Asked Questions

These are Frequently Asked Questions about the Cisco Secure PIX™ Firewall Manager.

http://www.cisco.com/warp/customer/110/41.shtml
(available to registered users)

http://www.cisco.com/warp/public/110/41.shtml
(available to non-registered users)

 

NetRanger Field Alert:
Cisco Secure IDS/NetRanger 2.2.1.4 Signature Update Now Available for Download

The Cisco Secure Intrusion Detection System (formerly Cisco NetRanger® software) 2.2.1.4 signature update is now available for Cisco Connection Online (CCO) download at:
http://www.cisco.com/cgi-bin/tablebuild.pl/nr221-update

Installation instructions are provided in the nrUpdate-2.2.1.4.readme file.

Note that this signature update will install only on 2.2.1 sensors and directors. The 2.2.1 upgrade software is available for CCO download at:
http://www.cisco.com/cgi-bin/tablebuild.pl/nr221-upgrade

The following new signatures are included in this update:

  • Domain Name System (DNS) NXT overflow
  • DNS SIG overflow
  • amd buffer overflow

This update also includes some enhancements to numerous signatures to address some false positives that have been observed in some environments. The signatures that have been tuned in this release include:

  • Qmail Length Crash
  • WWW IIS Hex View Source Bug
  • IIS DOT DOT VIEW Bug
  • IIS DOT DOT DENIAL Bug
  • Pop Overflow
  • BackOrifice BO2K TCP Non Stealth
  • BackOrifice BO2K TCP Stealth 1
  • BackOrifice BO2K TCP Stealth 2
  • BackOrifice BO2K UDP
  • DNS IQUERY Overflow
  • statd Buffer Overflow
  • ttdb Buffer Overflow
  • mountd Buffer Overflow
  • cmsd Buffer Overflow
 

Sample Configurations:
Cisco Secure: How to Set Up PPP Idle Timeout for Async Using RADIUS

This configuration incorporates a Windows 95/98/NT client with a modem dialing over an analog line into an access server. The user's login is authenticated and authorized by the Remote Authentication Dial-In User Server (RADIUS) server on the Ethernet segment of the router.

http://www.cisco.com/warp/customer/480/15.html
(available to registered users)

http://www.cisco.com/warp/public/480/15.html
(available to non-registered users)

Back to top
Voice and Telephony Products & Technologies
 

Field Notice:
VCO4K BITS Clock Cable Improvement for NEBS Compliancy

A new orderable kit will allow the building integrated timing supply (BITS) clock connector to be accessed from the rear of the unit with no service interruption.

http://www.cisco.com/warp/customer/770/fn11092.html
(available to registered users)

http://www.cisco.com/warp/public/770/fn11092.html
(available to non-registered users)

 

Tech Tip:
Why Is the Bridge CTI Application Unable to Pass Call Data to the Agent's Desktop?

The bridge computer telephony integration (CTI) application is unable to pass call data to the agent's desktop when keying on the agent ID from the CTI server process.

http://www.cisco.com/warp/customer/78/9.html
(available to registered users)

http://www.cisco.com/warp/public/78/9.html
(available to non-registered users)

 

Tech Tip:
Common Discrepancies on Spectrum ACD Reports

Calls status (queued) is not reported on the correct skill group in Cisco Intelligent Contact Management (ICM). In addition, queued agent groups in the call status message contain an invalid agent group, such as 5655, or they report on only five of six queued groups.

http://www.cisco.com/warp/customer/78/12.html
(available to registered users)

http://www.cisco.com/warp/public/78/12.html
(available to non-registered users)

 

Tech Tip:
Why Doesn't Cisco ICM Report All Call Events?

Cisco Intelligent Contact Management (ICM) omits call events when the spectrum class of service "Inform Host Transaction" feature is not enabled on the trunk group or voice response unit (VRU).

http://www.cisco.com/warp/customer/78/43.html
(available to registered users)

http://www.cisco.com/warp/public/78/43.html
(available to non-registered users)

 

Tech Tip:
Why Are There Four Inactive Nodes in the Script Editor Palette?

In Cisco Intelligent Contact Management (ICM) Version 4.0, the following four nodes in the script editor palette are inactive: release call, queue, queue priority, and cancel queuing. Although the functionality of these nodes is unavailable in ICM Version 4.0, the icons still appear grayed out in the script editor palette.

http://www.cisco.com/warp/customer/78/42.html
(available to registered users)

http://www.cisco.com/warp/public/78/42.html
(available to non-registered users)

 

Tech Tip:
Cisco ICM Reports Do Not Include Complete Call Statistics

Cisco Intelligent Contact Management (ICM) reports do not include complete call statistics for average speed of answer (ASA), average handle time (AHT), calls queued, or calls offered.

http://www.cisco.com/warp/customer/78/11.html
(available to registered users)

http://www.cisco.com/warp/public/78/11.html
(available to non-registered users)

 

Sample Configurations:
VoIP with PPP over High-Bandwidth Leased-Line and RTP Priority

This document contains configurations for two Cisco 3640 routers to communicate via voice over IP (VoIP) with Point-to-Point Protocol (PPP) over a high-bandwidth leased line with Real-Time Transport Protocol (RTP) priority.

http://www.cisco.com/warp/customer/793/voip/voip_ppp_highbw_rtp_prio.html
(available to registered users)

http://www.cisco.com/warp/public/793/voip/voip_ppp_highbw_rtp_prio.html
(available to non-registered users)

 

Sample Configurations:
VoIP with PPP over Low-Bandwidth Leased-Line and RTP Priority

The configuration examples in this document are for two Cisco 3640 routers to communicate via voice over IP (VoIP) with Point-to-Point Protocol (PPP) over a low-bandwidth leased line with Real-Time Transport Protocol (RTP) priority.

http://www.cisco.com/warp/customer/793/voip/voip_ppp_lowbw_rtp_prio.html
(available to registered users)

http://www.cisco.com/warp/public/793/voip/voip_ppp_lowbw_rtp_prio.html
(available to non-registered users)

Back to top
Web Scaling
 

FAQ:
Cache Engine Frequently Asked Questions

This tech tip answers questions that customers frequently ask about the Cisco Cache Engine product.

http://www.cisco.com/warp/customer/110/cache-engine-FAQ.html
(available to registered users)

http://www.cisco.com/warp/public/110/cache-engine-FAQ.html
(available to non-registered users)

 

FAQ:
LocalDirector Frequently Asked Questions

This document contains questions and answers about the LocalDirector product.

http://www.cisco.com/warp/customer/110/locdirfaq.shtml
(available to registered users)

http://www.cisco.com/warp/public/110/locdirfaq.shtml
(available to non-registered users)

Back to top
Optical Transport
 

Field Notice:
Field Notice 6: T1s Associated with DS3XM-6 May Loopback in Testing

T1s associated with a DS3XM-6 card may go into loopback during testing.

http://www.cisco.com/warp/customer/770/fn12159.html
(available to registered users)

http://www.cisco.com/warp/public/770/fn12159.html
(available to non-registered users)

 

Field Notice:
Field Notice 5: Release 2.0.0—Deleting VT 1.5 Circuits

Deleting a VT 1.5 level circuit or deleting 1+1 protection groups could affect circuits provisioned on slot 1.

http://www.cisco.com/warp/customer/770/fn12158.html
(available to registered users)

http://www.cisco.com/warp/public/770/fn12158.html
(available to non-registered users)

 

Field Notice:
Field Notice 19: Timing Offset Increases Bit Errors on OC-12 Cards

Bit errors may be seen on an OC-12 card when the incoming line frequency is less than the internal clock of the network element (NE) by more than four pulse phase modulations (PPMs). This can happen as a result of synchronization problems in the network, or if the node is operating in free-running synchronous mode.

http://www.cisco.com/warp/customer/770/fn12023.html
(available to registered users)

http://www.cisco.com/warp/public/770/fn12023.html
(available to non-registered users)

 

Field Notice:
Field Notice 1: Release 1.0—Improperly Generated Protection Switch Channel Mismatch Alarm

The protection switch channel mismatch alarm is improperly generated and the Transaction Language One (TL-1) command retrieve alarm all is not capturing all outstanding alarms.

http://www.cisco.com/warp/customer/770/fn12156.html
(available to registered users)

http://www.cisco.com/warp/public/770/fn12156.html
(available to non-registered users)

 

Field Notice:
Field Notice 12: Release 2.0.1—Upgrade Requires Onsite Cisco Personnel

This field notice is a follow-up to Field Notice 11. Release 2.0.1 was initiated to introduce software maintenance enhancements to Release 2.0 and to introduce some features requested by customers. The software maintenance enhancements were implemented to increase the stability and quality of Release 2.0. It is recommended that all customers replace Releases 1.0 and 2.0 with Release 2.0.1.

http://www.cisco.com/warp/customer/770/fn12164.html
(available to registered users)

http://www.cisco.com/warp/public/770/fn12164.html
(available to non-registered users)

 

Field Notice:
Field Notice 13: Releases 2.0.0 and 2.0.1—Removal of TCC, XC, XCVT

If a working timing communications control (TCC) card, XC, or XCVT is physically removed from the Cisco 15454 (Cerent 454), traffic running on the DS3-12 card could possibly degrade and cause an outage. The problem is random.

http://www.cisco.com/warp/customer/770/fn12165.html
(available to registered users)

http://www.cisco.com/warp/public/770/fn12165.html
(available to non-registered users)

 

Field Notice:
Field Notice 16: Duplicate MAC Address on AIP Boards

Each ONS15454 must have a unique Media Access Control (MAC) address. However, shelf assemblies with specific serial numbers will report their MAC addresses as 00:10:CF:FF:FF:FF. This will cause problems with internode communications when two ONS15454 nodes having the same MAC address are connected.

http://www.cisco.com/warp/customer/770/fn11251.shtml
(available to registered users)

http://www.cisco.com/warp/public/770/fn11251.shtml
(available to non-registered users)

 

Field Notice:
Field Notice 14: GA Announcement of Release 2.0.2— Resolves Field Notice 13

This field notice introduces the general availability of software maintenance Release 2.0.2, which was initiated to introduce software maintenance enhancements to Releases 2.0.0 and 2.0.1. Release 2.0.2 resolves conditions that arise after system software is upgraded to Release 2.0.1 and that could affect traffic. The specific issues addressed are listed in this field notice. It is recommended that customers upgrade all Cisco 15454 systems to Release 2.0.2.

http://www.cisco.com/warp/customer/770/fn12166.html
(available to registered users)

http://www.cisco.com/warp/public/770/fn12166.html
(available to non-registered users)

 

Field Notice:
Field Notice 17: False EC1-12 Alarms

Using Version 2.0.0, 2.0.1, and 2.0.2 software, the EC1-12 card may display a false FAIL light after cold boots (for example, system startup or upgrade). This false alarm does not affect service.

http://www.cisco.com/warp/customer/770/fn11671.html
(available to registered users)

http://www.cisco.com/warp/public/770/fn11671.html
(available to non-registered users)

 

Field Notice:
AIP Class A Upgrade

A change was made to the alarm interface panel (AIP) card to prevent the potential for shorting on the +/-48 VDC power inputs. It has been determined that during the manufacturing process the 8200pF filter component can receive small cracks caused by thermal shock. These cracks cannot be seen during the inspection process. Cracks can produce a gap, creating the potential for current to flow through this part of the circuit, a situation that in turn can cause an arc to frame GND under the AIP.

http://www.cisco.com/warp/customer/770/fn12089.html
(available to registered users)

http://www.cisco.com/warp/public/770/fn12089.html
(available to non-registered users)

 

Field Notice:
BITS Output Error

Using Version 2.0.2 software, the timing communications control (TCC) may not provide correct external building integrated timing supply (BITS) output.

http://www.cisco.com/warp/customer/770/fn11711.shtml
(available to registered users)

http://www.cisco.com/warp/public/770/fn11711.shtml
(available to non-registered users)

Back to top
Cisco IOS Software*
 

Field Notice:
Oversized Cisco 200 Boot Image

Cisco IOS® 12.1, 12.1T, 12.1E, 12.0T, and 12.0XE maintenance releases for the Cisco 7200 boot images (c7200-boot-mz-*) have outgrown the Flash single in-line memory module (SIMM) used to store the boot image on the input/output controllers used in certain Cisco 7200 series routers. Although the present released images are less than 4 MB, after formatting the 4-MB FLASH SIMM, the available space is 3.25 MB.

http://www.cisco.com/warp/customer/770/fn7771.shtml
(available to registered users)

http://www.cisco.com/warp/public/770/fn7771.shtml
(available to non-registered users)

 

Release:
Cisco IOS® Release 11.2(22)P Now Available on Cisco Connection Online (CCO) on Tuesday, April 18

Supports: This early deployment release supports a variety of platforms.

 

Release:
Cisco IOS Release 11.2(22)BC Now Available on CCO on Monday, April 17

Supports: This early deployment release supports the Cisco 7500 platform.

 

Release:
Cisco IOS Release 12.1(1)XA3 Now Available on CCO on Monday, April 17

Supports: This early deployment release supports the Cisco 3810 platform.

 

Release:
Cisco IOS Release 12.0(8)-DA4 Now Available on CCO on Friday, April 14

Supports: This early deployment release supports the Cisco 6130, 6200, and NI2 platforms deferred from the 12.0(8)DA3 release.

 

Release:
Cisco IOS Release 12.1(1)AA1 Now Available on CCO on Thursday, April 13

Supports: This early deployment release supports the Cisco AS5800 access server platform and replaces the deferred 12.1(1)AA release.

 

Release:
Cisco IOS Release 12.1(1)XB Now Available on CCO on Tuesday, April 11

Supports: This early deployment release supports the Cisco 827 and 817-4V platforms.

 

Release:
Cisco IOS Release 11.3(4)HA5 Now Available on CCO on Monday, April 10

Supports: This early deployment release supports the Cisco 15303 and 15304 platforms.

 

Release:
Cisco IOS Release 12.0(8)DA3 Now Available on CCO on Monday, April 10

Supports: This early deployment release supports the Cisco 6200, 6130, and NI2 platforms deferred on 12.0(8)DA2.

 

Release:
Cisco IOS Release 11.2(22) Now Available on CCO on Monday, April 10

Supports: This general deployment release supports a variety of platforms.

 

Release:
Cisco IOS Release 12.1(1a) Now Available on CCO on Tuesday, April 4

Supports: This early deployment release supports the Cisco 7100, 7200, RSP7000/7500 Route Switch Processor, and uBR7200 universal broadband router platforms that were deferred on 12.1(1).

 

Release:
Cisco IOS Release 12.1(1)XA2 Now Available on CCO on Monday, April 3

Supports: This early deployment release supports the Cisco MC3810 multiservice access concentrator platform.

 

Release:
Cisco IOS Release 12.0(10)SC Now Available on CCO on Monday, April 3

Supports: This early deployment release supports the Cisco uBR7200 universal broadband router platform.

 

Release:
Cisco IOS Release 12.0(5)W5(13c) Now Available on CCO on Tuesday, March 28

Supports: This early deployment release supports the Cisco C6MSM mulitlayer switch module platform.

 

Release:
Cisco IOS Release 12.1(1)T Now Available on CCO on Tuesday, March 28

Supports: This early deployment release supports a variety of platforms.

 

Release:
Cisco IOS Release 12.0(5)W5(13c) Now Available on CCO on Tuesday, March 28

Supports: This early deployment release supports the Cisco C6MSM mulitlayer switch module platform.

 

Release:
Cisco IOS Release 12.0(10) Now Available on CCO on Tuesday, March 28

Supports: This general deployment release supports a variety of platforms.

 

Release:
Cisco IOS Release 12.0(10)S Now Available on CCO on Tuesday, March 28

Supports: This early deployment release supports the Cisco 7200, 12000, and RSP7000/7500 Route Switch Processor platforms.

 

Release:
Cisco IOS Release 12.0(7)DB Now Available on CCO on Tuesday, March 28

Supports: This early deployment release supports the Cisco 6400 platform.

 

Release:
Cisco IOS Release 12.1(1)E Now Available on CCO on Tuesday, March 28

Supports: This early deployment release supports the Cisco C6MSFC multilayer switch feature card and the Catalyst® 6000, 7100, and 7200 platforms.

 

Release:
Cisco IOS Release 12.0(7)DC Now Available on CCO on Monday, March 27

Supports: This early deployment release supports the Cisco 6400 platform.

 

Release:
Cisco IOS Release 12.1(1)XC Now Available on CCO on Monday, March 27

Supports: This early deployment release supports the Cisco 1720 and 1750 platforms.

 

Release:
Cisco IOS Release 12.1(1) Now Available on CCO on Monday, March 20

Supports: This early deployment release supports a wide variety of platforms.

 

Release:
Cisco IOS Release 12.0(7)XK1 Now Available on CCO on Monday, March 20

Supports: This early deployment release supports the Cisco 620, 3640, 3660, 7200, and MC3810 multiservice access concentrator platforms.

 

*You can find all these releases at http://www.cisco.com/cgi-bin/iosplanner/iosplanner.cgi? (available to Cisco end users and partner customers with Software Center Access)

Back to top
About The Cisco TAC Newsletter
 

Cisco TAC users automatically receive the TAC Newsletter as a benefit of being a Cisco customer.

Update your Cisco TAC profile today and begin receiving personalized delivery of the latest breaking TAC News Flashes!

http://www.cisco.com/public/news_training/itsnews/subscribe.shtml
(available to guest users)

http://www.cisco.com/kobayashi/news_training/itsnews/subscribe.shtml
(available to registered users)

If you would like to receive future TAC Newsletters in HTML format, please visit this URL: http://w3.0mm.com/cg/html.cgi?e=jeacheng@cisco.com

If you are a new customer and would like to subscribe to the TAC Newsletter, click here: http://www.cisco.com/public/news_training/itsnews/subscribe.shtml

To unsubscribe, please reply to this message with the word "REMOVE" in the subject line.

We are striving to make the TAC Newsletter a valuable source of information. We appreciate any feedback you may have. Please send your comments and suggestions to tacnews@cisco.com. We look forward to hearing from you! Customer permission has been obtained for all quotes appearing in this document.

Click here if you would to receive future newsletters in plain text.

  Copyright © 2000 Cisco Systems, Inc. IGX, PIX, and TrafficDirector are trademarks, and Catalyst, Cisco, Cisco IOS, Cisco Systems, the Cisco Systems logo, EtherChannel, IOS, and NetRanger are registered trademarks in the U.S. or certain other countries worldwide. http://www.cisco.com/tac
   
   
 

Back to top