Hi Group, Does anyone know why Virtual Telnet was used in Workbook 1, item 1.8? The outside-in Cut Through Proxy ACL entries were all for Telnet to different IPs. Seems as though any one of those could've triggered the proxy authentication process. I don't see any verbiage in the task stating to use that specific IP versus actual Telnet destination addresses (NAT'd addresses anyway).
The solution used seems perfectly viable. I just want to make sure the use of Virtual Telnet was not *needed* for this task and that I didn't miss key verbiage in the task requirements somewhere. For those in the group who may not have access to this task, it essentially required some Static NAT and required Telnet traffic from different interfaces to first be authenticated before communicating with the destination device. A random IP was used for Virtual Telnet on the ASA, and this IP was not mentioned in the requirements. Seems as though just specifying the "interesting" traffic ACL and referencing it to the "aaa match" statement could've been enough. Thanks, Jason
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
