Paul,
Did you check the IOS version running on the device. There should be two version of IOS in the flash of all the routers. 12.4(15)T9 and 12.4(24)T2. I would suggest testing with both. I haven't had any problems with the later image. Most likely you would fail the script but it should be caught on the manual grading if you are close enough to passing. Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Technical Instructor - IPexpert, Inc. Mailto: [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Classroom and Self-Study Cisco CCNA (R&S, Voice & Security), CCNP, CCVP, CCSP and CCIE (R&S, Voice, Security & Service Provider) Certification Training with locations throughout the United States, Europe and Australia. Be sure to check out our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com From: [email protected] [mailto:[email protected]] On Behalf Of Paul Alexander Sent: Friday, January 22, 2010 4:26 PM To: [email protected] Subject: [OSL | CCIE_Security] What if? Evening all, I just did Yusufs LAB1 today and ran into an all too common problem. Right configs that don't work... I spent a good amount of time on the FPM task which I knew was right. It was a basic config, match specific destination IP of telnet traffic and drop it. Only difference was that it was on the control-plane rather than an interface. It just wouldn't match anything. I rebooted the device, re-added config, and even stripped it back to a simpler policy. When I reviewed the lab, my config was identical to the solution. Did anyone else have problems with this task? It's a long shot but do all racks run the same IOS versions? How would this be marked in the real lab if my config was right? The actual result would have been that telnet still gets through...Is this taken into consideration do you think when its a known fact that some of the security technologies are renowned for behaving strangely? If you're sure that you had something right that clearly wasn't working, what would you do? I'm wondering if its worth screwing around with it once my other tasks are completed, or just spend 20 minutes checking other tasks - hoping that they mark based on config rather than result? Look forward to any ones thoughts on the matter, Paul
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
