Jimmy,
Thanks, makes for very good read. In task 2 you wanted to deny 10.11.11.11 but in the acl you denied 10.13.13.13 for icmp, which is a mistake. Right? Johan From: [email protected] [mailto:[email protected]] On Behalf Of Jimmy Larsson Sent: 04 February 2010 22:59 To: shawn mesiatowsky Cc: [email protected] Subject: Re: [OSL | CCIE_Security] Zone-based policy firewall and interface acl:s? Thanks everyone for helping me understand this class-map/policy-map/inspect-mess. As a step in the learning-path I did a post about ZBFW on my blog. I would very much like to have feedback. Have I understood the stuff correctly or not? Please have a look. <http://blogg.kvistofta.nu/> http://blogg.kvistofta.nu Br Jimmy Larsson
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
