Evening all, I just did Yusufs LAB1 today and ran into an all too common problem. Right configs that don't work...
I spent a good amount of time on the FPM task which I knew was right. It was a basic config, match specific destination IP of telnet traffic and drop it. Only difference was that it was on the control-plane rather than an interface. It just wouldn't match anything. I rebooted the device, re-added config, and even stripped it back to a simpler policy. When I reviewed the lab, my config was identical to the solution. Did anyone else have problems with this task? It's a long shot but do all racks run the same IOS versions? How would this be marked in the real lab if my config was right? The actual result would have been that telnet still gets through...Is this taken into consideration do you think when its a known fact that some of the security technologies are renowned for behaving strangely? If you're sure that you had something right that clearly wasn't working, what would you do? I'm wondering if its worth screwing around with it once my other tasks are completed, or just spend 20 minutes checking other tasks - hoping that they mark based on config rather than result? Look forward to any ones thoughts on the matter, Paul
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
