Hi Samarth, In Section 7 (volume 1) , tasks given related to Flex VPN setup. However I don;t find flex VPN in Cisco CCIE security checklist. Just curious to know if we need to prepare this as well. long complex commands, not easy to remember.:):)
On Tue, Apr 30, 2013 at 1:38 PM, Mike Rojas <[email protected]> wrote: > Sam and Piotr > > Thanks a lot for the clarification :) > > Mike > > Sent from my iPhone > > On Apr 29, 2013, at 10:03 PM, "Samarth Chidanand" <[email protected]> > wrote: > > Hi Mike,**** > > ** ** > > Good question. This really depends on the task. If they explicitly tell > you to use global ACL’s, then you must use it. Else you can use the > interface ACL’s. If they don’t specify or indicate global ACL feature, then > choose a solution which is simple and not complicated and the solution > should not break other tasks. Finally, you can ask the proctor for further > clarification.**** > > ** ** > > The DSG for volume 1 should be released within a week for the remaining > sections. **** > > ** ** > > ** ** > > *Samarth Chidanand* > > *Sr Instructor / Developer – IPexpert* > > *CCIE #18535 (R&S, Security)* > > *CCSI #34585* > > ** ** > > ** ** > > ** ** > > ** ** > > *From:* [email protected] [ > mailto:[email protected]<[email protected]>] > *On Behalf Of *Mike Rojas > *Sent:* Tuesday, April 30, 2013 5:13 AM > *To:* [email protected] > *Subject:* [OSL | CCIE_Security] ACL order of Operation**** > > ** ** > > Sam and Team, > > I was checking the VoDs (They are good) and a question pops up. In normal > circumstances the ASA is going to allow everything from a higher to lower > security level. > > This is where I got confused the other day. If we are tasked to configure > a global ACL, all the packets from a higher to lower security level are > going to be dropped unless allowed by the global ACL. So the big question, > if in the test, and something like this pops up, what do we do? Do we allow > the protocols needed for the lab or we allow it based on the behavior it > should be? > > Thats kinda of where the question goes... > > (Btw, I still dont see the DSG for the remaining workbooks, ie ASA). > > Regards. > > Mike. **** > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
