Jason, this is not fair - why do you keep us waiting so long :)? Are you in a christmas mood ;)? Anyway, I am also working through your exercises at the moment, and I'm sure there will be a lot discussion like this soon! I'm really looking forward to this.
Regards Stefan Von: Jason Boyers [mailto:[email protected]] Gesendet: Dienstag, 21. Dezember 2010 17:51 An: Stefan Angerer; 'Stalder Dominic'; 'Raul Manzano'; [email protected] Betreff: RE: [CCIE Wireless] Doubts about labs 3 and 4 of workbook 1. I like the dialogue! Thinking through options is vital to passing this exam. We'll see what you think of my answer once the DSGs come out (yes, I am working on them diligently...) Jason Boyers - CCIE #26024 (Wireless) Technical Instructor - IPexpert [email protected]<mailto:[email protected]> From: [email protected] [mailto:[email protected]] On Behalf Of Stefan Angerer Sent: Tuesday, December 21, 2010 11:37 AM To: Stalder Dominic; Raul Manzano; [email protected] Subject: Re: [CCIE Wireless] Doubts about labs 3 and 4 of workbook 1. The reason why I think this might not be sufficient is this: If you disable later DHCP proxy for any reason, then DHCP requests are relayed to the wired network, no matter what DHCP IP address you enter in the SSID config. So blocking with an ACL is the only way to be completely sure? Regards Stefan Von: Stalder Dominic [mailto:[email protected]] Gesendet: Dienstag, 21. Dezember 2010 16:59 An: Stefan Angerer; Raul Manzano; [email protected] Betreff: Re: [CCIE Wireless] Doubts about labs 3 and 4 of workbook 1. > - Ensure that any client does not get an IP via DHCP As you Raul Manzano said correctly, you can disable DHCP Addr. Required AND set the IP adress of the DHCP override in the WLAN to 0.0.0.0, then all the DHCP packets are discarded by the controller. This is because the WLAN override - as it says - overrides the per-interface settings. You can find this in the WLC 4.2 configuration guide on 6-7. Regards Dominic ________________________________ Von: Stefan Angerer <[email protected]> Datum: Tue, 21 Dec 2010 14:34:47 +0000 An: Raul Manzano <[email protected]>, "[email protected]" <[email protected]> Betreff: Re: [CCIE Wireless] Doubts about labs 3 and 4 of workbook 1. - I think disabling aironet extensions makes sure that any non cisco device can connect - I guess the only way to be sure DHCP is not used is applying an ACL to the specific SSID appreciate any other opinions on this :) so long Stefan Von: [email protected] [mailto:[email protected]] Im Auftrag von Raul Manzano Gesendet: Dienstag, 21. Dezember 2010 15:10 An: [email protected] Betreff: [CCIE Wireless] Doubts about labs 3 and 4 of workbook 1. Hi guys. Working with the material of lab workbook 1 from ipexpert I come up several doubts, I hope someone can help me. - In some tasks it is required that any non-cisco device can not connect to the ssid; I´m suppose they are talking about to enable client MFP since both Cisco ip phone 7921G and CB21 devices are CCX v5 compliant devices; this taks normaly is required for exclusive Cisco´s 7921 voice-ready ssid. Am i right?? - Ensure that any client does not get an IP via DHCP: I can think of two ways; the first one is uncheck the both box in advanced tab in the SSID configuration ( DHCP required and override dhcp) but this one does not ensure against any change at the interface level; the second one is to use an IP for a non-existent DHCP server in the box "override dhcp"; In this way, ensure that any change made at the interface level about the DHCP server can not affect me and the clients can not use any DHCP server to obtain an IP. Best Regards. ________________________________ _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com<http://www.ipexpert.com>
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
