With ASA you need not memorize as you can see the attributes name in account. But for IOS be you may need memorize the important ones like tunnel password, pool name, split tunneling ACL.
It's there in ccie docs, memorizing might save sometime in the lab http://www.cisco.com/en/US/docs/ios/sec_secure_connectivity/configuration/guidesec_easy_vpn_srvr_ps6441_TSD_Products_Configuration_Guide_Chapter.html cisco-avpair = "ipsec:tunnel-type*ESP" cisco-avpair = "ipsec:key-exchange=ike" * cisco-avpair = "ipsec:tunnel-password=lab"* * cisco-avpair = "ipsec:addr-pool=pool1"* cisco-avpair = "ipsec:default-domain=cisco" * cisco-avpair = "ipsec:inacl=123"* cisco-avpair = "ipsec:access-restrict=fastethernet 0/0" cisco-avpair = "ipsec:group-lock=1" * cisco-avpair = "ipsec:dns-servers=10.1.1.1 10.2.2.2"* cisco-avpair = "ipsec:firewall=1" cisco-avpair = "ipsec:include-local-lan=1" cisco-avpair = "ipsec:save-password=1" cisco-avpair = "ipsec:wins-servers=10.3.3.3 10.4.4.4" cisco-avpair = "ipsec:split-dns=green.com" cisco-avpair = "ipsec:ipsec-backup-gateway=10.1.1.1" cisco-avpair = "ipsec:ipsec-backup-gateway=10.1.1.2" cisco-avpair = "ipsec:pfs=1" cisco-avpair = "ipsec:cpp-policy="Enterprise Firewall" cisco-avpair = "ipsec:auto-update="Win http://www.example.com 4.0.1" cisco-avpair = "ipsec:browser-proxy=bproxy_profile_A" cisco-avpair = "ipsec:banner=Xauth banner text here" With regards Kings On Wed, Sep 15, 2010 at 7:06 PM, Bruno <[email protected]> wrote: > Is that true that we have to memorize the authorization attributes used in > vpn configuration like ipsec:xxxx or what we put within attribute 25 (class) > or anything related with attributes? > Is there a official doc it will be available during the lab containing such > attributes to be seen during the lab? > > I ain't found nothing official or helpful towards that > > -- > Bruno Fagioli (by Jaunty Jackalope) > Cisco Security Professional > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
