eugene apologies for the delay in replying to you but many thanks for your reply, its greatly appreciated
i'm not sure why the solution didn't address the [Bb][Aa] ....... issue as i think the task requires it thanks again Michael Mulholland CISSP CCSP JNCIA-FWV ________________________________ From: Eugene Pefti [mailto:[email protected]] Sent: 22 June 2012 01:06 To: Mulholland, Michael; [email protected] Subject: RE: lab 1a - task 1.11 Hello Michael, I'd say that the solution guide missed a definition of SMTP class-map that matches for ACL SMTP. Your solution is correct and it uses the default class "inspection_default" and applies the L7 inspection to the global policy. Task 1.11 solution gives an option to apply SMTP inspection to the interface and hence they classify the traffic with SMTP ACL, miss the corresponding class-map and then call it in the policy that should be applied to the outside interface Eugene From: [email protected] [mailto:[email protected]] On Behalf Of Mulholland, Michael Sent: Thursday, June 21, 2012 2:48 PM To: [email protected] Subject: [OSL | CCIE_Security] lab 1a - task 1.11 folks i have a query on lab 1 a task 1.11 the first part of the task asks to create a policy to check smtp for the domain badspammer.com and then reset the connection my config is as follows: regex BadMail "[Bb][Aa][Dd][Ss][Pp][Aa][Mm][Mm][Ee][Rr]\.[Cc][Oo][Mm]" policy-map type inspect esmtp BadMail-l7pmap parameters match sender-address regex BadMail reset policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect icmp inspect esmtp BadMail-l7pmap the lab solution is regex SPAMMER "badspammer.com" access-list SMTP permit tcp any any eq smtp policy-map type inspect esmtp SMTP_INSPECT parameters match sender-address regex SPAMMER reset policy-map outside class smtp inspect esmtp SMTP_INSPECT I can't see where the acl SMTP is used and I'm curious if my configuration meets the requirements? I'd be grateful for your views please thanks to anyone taking the time to read or to reply to this
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
