The answer to everything think below is it depends on the requirements.
Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Managing Partner / Sr. Instructor - IPexpert, Inc. Mailto: [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com <http://www.ipexpert.com/> From: [email protected] [mailto:[email protected]] On Behalf Of kamran shakil Sent: Saturday, February 05, 2011 12:24 PM To: [email protected] Subject: [OSL | CCIE_Security] [imp] ACS 4.2(0) build 124 well, following 2 questions are striaght away from CCIE SEC. LAB perspective: 1> If in the exam, the question says users to be created in ACS and Router should use TACACS+ for authentication and authorization to AAA/ACS server , then if by mistake i put local in additon to the group tacacs+ , wouild that be considered wrong , for eg, : aaa authentication login CHECKING-ACS group tacacs+ local < ------ here i used the word local which was not asked in the question, would that be acceptable ! aaa authorization exec CHECKING-ACS group tacacs+ local < ---------------- same issue as above , is it wrong for lab perspective or not ? 2> This might be strange question but i want to be sure of it ! If question asks me to configure TACACS+ throughout the LAB, is it important or compulsory for me to go to ACS > Network Configuration > AAA Server and change the setting value of AAA server-type from Cisco ACS to TACACS+ ???? since by default we only add AAA Clients , and i have not seen any lab so far doing this AAA server value changes..... Please let me know . Additionally, if you select RADIUS in the ACS that i have ( the ACS Release 4.2(0) Build 124) , it is opting for 1645 and 1646 ..well, as per new RFC it is 1812 and 1813...NOW, In exam, do i have to change these 16xx values to 18xx or unless told, it is wise NOT to disturb them !!!! regards and truly, Kamran.
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
