Hi Tarik,
You cant enable telnet on the outside interface because it has a security level of 0, unless it is protected by IPSec. You don't need to do that. Samarth Chidanand Sr Instructor / Developer - IPexpert CCIE #18535 (R&S, Security) CCSI #34585 From: [email protected] [mailto:[email protected]] On Behalf Of Tarik Admani Sent: Wednesday, May 29, 2013 6:15 AM To: IPX Forums Subject: [OSL | CCIE_Security] WB1 Lab 4 Task 20 Hi, The following section involves configuring static pat on ASA-1 so that all telnet requests to the outside interface on the ASA are redirected to a loopback on R7. After cross-referencing the DSG I had to add an acl which would allow telnet traffic to the outside interface so that it can be redirected to R7's loopback. The DSG doesnt mention this but then goes through the verification steps. I tried to enable telnet access (telnet 0 0 outside), however the static PAT would fail to download policy. I just wanted to make sure if that is the proper approach and that I am not doing this incorrectly. Thanks, Tarik
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
