Here are lab req: ====On R5 allow http and htts destined to web server located at 9.9.45.4 from anywhere coming thru fa0/1.1256. Traffic filtering shold be done on this external facing interface To pretect this web server from tcp syn attacks, configure R5 to protect this server against atacks. R5 should begin to drop conenctions if the amount of half open conenctions exceeds 300. It should teturn to normal after this number falls below 150. when th erouter does enter aggressive mode change the default behaviour for halsp open sessions. Exclude the PAT'd devices behind R2 The above mentioned web server will be taken down for maintenance and backups between 1;00 am and 3.00am every Wednesday. The maintenance schedule will come into effect on the 1st of the months for next 6 months. Do not allow communication during these maintenance windows===
On Wed, Nov 3, 2010 at 2:31 PM, Tyson Scott <[email protected]> wrote: > Debug, > > > > What are the requirements of Task 2.3 and what does 9.9.156.2 correlate > to? It is R2's outside address but what else is using that same address? > > > > Regards, > > > > Tyson Scott - CCIE #13513 R&S, Security, and SP > > Managing Partner / Sr. Instructor - IPexpert, Inc. > > Mailto: [email protected] > > Telephone: +1.810.326.1444, ext. 208 > > Live Assistance, Please visit: www.ipexpert.com/chat > > eFax: +1.810.454.0130 > > > > IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, > Audio Tools, Online Hardware Rental and Classroom Training for the Cisco > CCIE (R&S, Voice, Security & Service Provider) certification(s) with > training locations throughout the United States, Europe, South Asia and > Australia. Be sure to visit our online communities at > www.ipexpert.com/communities and our public website at www.ipexpert.com > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Debug Radius > *Sent:* Wednesday, November 03, 2010 11:09 AM > *To:* [email protected] > *Subject:* [OSL | CCIE_Security] Lab 2A, Task 2.3 > > > > Hello, > > Could someone explaine the purpose of following lines: > > > > ip access-list ext WEB_SERVER > > deny tcp host 9.9.156.2 host 10.0.45.4 - not sure why is this line here. > > permit tcp any host 10.0/45.5 - This line is for web server's nated ip > address. > > > > thanks > > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
