On page 46 of the proctor guide, the you will find the policy-map type inspect I am referring. Task 1.15 says to drop protocol violations, but I'm not sure that the post method should be dropped. I am also curious how to determine from the task 1.11 that the policing on the outside should only be outbound. The relevant inspections are listed below.
class-map type inspect http match-all POST_METHOD match request method post policy-map type inspect http MY_HTTP_MAP parameters spoof-server "Apache 1.1" protocol-violation action drop-connection class POST_METHOD drop-connection log class-map HTTP_TO_ACS match access-list HTTP_TO_ACS policy-map OUTSIDE class smtp inspect esmtp SMTP_INSPECT class VOIP priority class ICMP_POLICY inspect icmp police output 56000 class HTTP_TO_ACS inspect http MY_HTTP_MAP On Sat, May 23, 2009 at 9:51 PM, Tyson Scott <[email protected]> wrote: > Paul, > > > > Which part of the lab are you talking about? > > > > Regards, > > > > Tyson Scott - CCIE #13513 R&S and Security > > Technical Instructor - IPexpert, Inc. > > > Telephone: +1.810.326.1444 > Cell: +1.248.504.7309 > Fax: +1.810.454.0130 > Mailto: [email protected] > > > > Join our free online support and peer group communities: > http://www.IPexpert.com/communities > > > > IPexpert - The Global Leader in Self-Study, Classroom-Based, Video On > Demand and Audio Certification Training Tools for the Cisco CCIE R&S Lab, > CCIE Security Lab, CCIE Service Provider Lab , CCIE Voice Lab and CCIE > Storage Lab Certifications. > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Paul Stewart > *Sent:* Saturday, May 23, 2009 7:02 PM > *To:* [email protected] > *Subject:* [OSL | CCIE_Security] Lab1_A > > > > I am trying to understand where in lab 1a that it states something that > would prompt dropping and logging "post" requests to the ACS server. Am I > overlooking it somewhere? Honestly that is quite possible. >
