it is strange , if we setup Get VPN First and that port is open already then firewalls hould not block that port on using match closed-port command did you try testing that port after closed port command
Kashif From: [email protected] Date: Wed, 18 May 2011 12:08:17 +0400 To: [email protected] Subject: [OSL | CCIE_Security] Yusuf Bhaiji LAB 2 - Section 6.1 Dear All, Section which i mentioned in the subject is related to control plane port filtering. In the question he mentioned to drop all the closed-ports. Prior to this section there is a GETVPN tunnel running. When i applied the control-plain protection (with match any closed-port) , my GETVPN tunnel goes down. But when i not matched udp 848 in the class map for portfilter class-map type portfilter CM4-PF-CONTROL match closed-port match not udp port 848 tunnel came up. But in the solution of Yusuf Bhaiji , it shows only match closed-port and no udp port 848 . Is it that i a missing something or the solution has a typo? regards, Parvees _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
