Sorry Kingsley. I tried this link but it didn't work. It says "The page you have requested is not available". Did I do anything wrong? Yes, I was talking about IOS.
On Wed, Sep 15, 2010 at 10:45 AM, Kingsley Charles < [email protected]> wrote: > With ASA you need not memorize as you can see the attributes name in > account. But for IOS be you may need memorize the important ones like tunnel > password, pool name, split tunneling ACL. > > It's there in ccie docs, memorizing might save sometime in the lab > > > http://www.cisco.com/en/US/docs/ios/sec_secure_connectivity/configuration/guidesec_easy_vpn_srvr_ps6441_TSD_Products_Configuration_Guide_Chapter.html > > cisco-avpair = "ipsec:tunnel-type*ESP" > > cisco-avpair = "ipsec:key-exchange=ike" > > * cisco-avpair = "ipsec:tunnel-password=lab"* > > * cisco-avpair = "ipsec:addr-pool=pool1"* > > cisco-avpair = "ipsec:default-domain=cisco" > > * cisco-avpair = "ipsec:inacl=123"* > > cisco-avpair = "ipsec:access-restrict=fastethernet 0/0" > > cisco-avpair = "ipsec:group-lock=1" > > * cisco-avpair = "ipsec:dns-servers=10.1.1.1 10.2.2.2"* > > cisco-avpair = "ipsec:firewall=1" > > cisco-avpair = "ipsec:include-local-lan=1" > > cisco-avpair = "ipsec:save-password=1" > > cisco-avpair = "ipsec:wins-servers=10.3.3.3 10.4.4.4" > > cisco-avpair = "ipsec:split-dns=green.com" > > cisco-avpair = "ipsec:ipsec-backup-gateway=10.1.1.1" > > cisco-avpair = "ipsec:ipsec-backup-gateway=10.1.1.2" > > cisco-avpair = "ipsec:pfs=1" > > cisco-avpair = "ipsec:cpp-policy="Enterprise Firewall" > > cisco-avpair = "ipsec:auto-update="Win http://www.example.com 4.0.1" > > cisco-avpair = "ipsec:browser-proxy=bproxy_profile_A" > > cisco-avpair = "ipsec:banner=Xauth banner text here" > > > > With regards > Kings > > On Wed, Sep 15, 2010 at 7:06 PM, Bruno <[email protected]> wrote: > >> Is that true that we have to memorize the authorization attributes used in >> vpn configuration like ipsec:xxxx or what we put within attribute 25 (class) >> or anything related with attributes? >> Is there a official doc it will be available during the lab containing >> such attributes to be seen during the lab? >> >> I ain't found nothing official or helpful towards that >> >> -- >> Bruno Fagioli (by Jaunty Jackalope) >> Cisco Security Professional >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> > -- Bruno Fagioli (by Jaunty Jackalope) Cisco Security Professional
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
