well, following 2 questions are striaght away from CCIE SEC. LAB
perspective:
*1>* If in the exam, the question says users to be created in ACS and Router
should use TACACS+ for authentication and authorization to AAA/ACS server ,
then if by mistake i put local in additon to the group tacacs+ , wouild that
be considered wrong , for eg, :
aaa authentication login CHECKING-ACS group
tacacs+ local < ------ here i used the word local which was not asked in
the question, would that be acceptable !
aaa authorization exec CHECKING-ACS group
tacacs+ local < ---------------- same issue as above , is it wrong for lab
perspective or not ?
*2> *This might be strange question but i want to be sure of it ! If
question asks me to configure TACACS+ throughout the LAB, is it important or
compulsory for me to go to ACS > Network Configuration > AAA Server and
change the setting value of AAA server-type from Cisco ACS to TACACS+ ????
since by default we only add AAA Clients , and i have not seen any lab so
far
doing this AAA server value changes..... Please let me know .
Additionally, if you select RADIUS in the ACS that i have* ( the ACS
Release 4.2(0) Build 124) , it is opting for 1645 and 1646 ..well, as per
new RFC it is 1812 and 1813...NOW, In exam, do i have to change these 16xx
values to 18xx or unless told, it is wise NOT to disturb them !!!! *
**
regards and truly,
Kamran.
*
*
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
