Like many lab questions, the answer is "it depends on the requirements." Also, we cannot answer questions about specific test questions, as that would violate Cisco's NDA policy and put our own credentials in jeopardy. Therefore, it is best to post either scenarios that you have created and are working through, or refer to scenarios from the IPX workbooks. To more generally answer your questions:
1. If you are talking about managing the WLC, then you need to know the various ways that a WLC can be managed. In my mind, you have missed a key one in terms of management protocols. If encryption is a requirement, remember that SNMP v2c doesn't offer encryption. 2. The authentication method depends on the requirements. Auto (AKM) provides for both WPA/WPA2-Personal as well as auto responding to various supported EAP types as proposed by the RADIUS server. So, if PEAPv0/EAP-MSCHAPv2 is configured on the server, and you have an appropriate username and password configured on the phone, then AKM would respond to accept using PEAPv0/EAP-MSCHAPv2 and would use those credentials as part of the exchange. 3. Keep in mind what the various interfaces will support when applying QoS. I can't stress enough the importance of knowing end-to-end QoS very well. Jason Boyers, CCIE #26024 (Wireless) Blog: netboyers.wordpress.com On Tue, Apr 2, 2013 at 4:16 AM, Lam Adam <[email protected]> wrote: > Dear All, > > I am trying to attempt my 2nd CCIE-W exam. I still got some issues on my > lab and whether I got the right direction or not. > > Question 1. > How to config most secure authentication and encryption to WLC? > > 1. SNMPv3 > 2. Enable SSH only > 3. disable SNMP RO > 4. change the SNMP RW communication key > 5. Disable mgmt via WiFi > > Any others? Is it secure enough? > > Question 2: > What authentication method should setup on the WiFi phone? Auto(AKM) or > PEAP? or both okay? > > Question 3: > Where should I apply the QoS for the WAN connection? remote site L3 > device's external interface out and HQ's WAN interface out? > > Thank you very much. > > Regards, > Adams > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
