Thanks for the response, I assume i would need to add the ACL so that traffic
can be redirected?
access-list <name> permit tcp any host 45.45.45.10 eq telnet, then apply this
acl to the interface.
Thanks.
Tarik
________________________________
From: Samarth Chidanand <[email protected]>
To: 'Tarik Admani' <[email protected]>; 'IPX Forums'
<[email protected]>
Sent: Tuesday, May 28, 2013 9:56 PM
Subject: RE: [OSL | CCIE_Security] WB1 Lab 4 Task 20
Hi Tarik,
You cant enable telnet on the outside interface because it has a security level
of 0, unless it is protected by IPSec. You don’t need to do that.
Samarth Chidanand
Sr Instructor / Developer – IPexpert
CCIE #18535 (R&S, Security)
CCSI #34585
From:[email protected]
[mailto:[email protected]] On Behalf Of Tarik Admani
Sent: Wednesday, May 29, 2013 6:15 AM
To: IPX Forums
Subject: [OSL | CCIE_Security] WB1 Lab 4 Task 20
Hi,
The following section involves configuring static pat on ASA-1 so that all
telnet requests to the outside interface on the ASA are redirected to a
loopback on R7.
After cross-referencing the DSG I had to add an acl which would allow telnet
traffic to the outside interface so that it can be redirected to R7's loopback.
The DSG doesnt mention this but then goes through the verification steps. I
tried to enable telnet access (telnet 0 0 outside), however the static PAT
would fail to download policy.
I just wanted to make sure if that is the proper approach and that I am not
doing this incorrectly.
Thanks,
Tarik
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
