Type the letter q.
On Sunday, April 24, 2011, Richard Chan rspc...@starhub.net.sg wrote:
This must be a really easy question, but how do you interrupt the --- More
---
prompt on an ASA? Sometimes I trigger it using ? and it spews too much
information.
Ctrl-C doesn't work, and of course
Congrats!
On Mar 14, 2011, at 2:39 AM, Jerome Dolphin wrote:
Hi all,
Just a quick note to help motivate those slaving away - after 13 months of
solid study I passed my security lab on the first attempt in Sydney today.
OEQs were no problem - not as bad as the IPexpert practice OEQs.
This may help:
In acs go to system configuration and ensure that the acs server started.
On Feb 19, 2011, at 10:22 AM, Pemasiri Devanarayana pemas...@gmail.com wrote:
Hi All,
I'm running Windows (2003) ACS server on my lab. Most of the time when I try
to test aaa I used to get No
cases it's
not going to be about how you got there just that it matches. In this case I'd
assume they want an actual redundant interface and configure accordingly.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone
Back in the days when I taught Clean Access NAC CCA refereed to or was the
shorthand for the Clean Access Agent. That's been some time though so things
may be different now.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone
That's exactly what the slide is referring to. In phase 1 the clients are p2p
GRE tunnels while the hub is multipoint. In phase 2 and 3 the client is
multipoint just like the hub.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
The rotary number simply ties the vty back to the port defined in the ip ssh
port command, so, you would ssh to the port specified in the command ip ssh
port.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
, so just be
prepared to think out of the box, reason on what's being asked, and perform
accordingly. - Boy if it was that easy right? :)
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please
another and
anotheryou get the point. Probably not what you intended to do here, but
Tyson is right, you would use all three ports since you used a low and high
rotary number, provided you assign a different rotary number to each line.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical
in as well.
http://www.cisco.com/en/US/docs/ios/12_2t/12_2t2/feature/guide/ftdfipsc.html
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax
/cliInter.html#wp1033986
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video
You might look at the SNMP object navigator:
http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=ensubstep=2translate=Translatetree=NO
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance
Hi Terry,
The task wants you to advertise the 7.77.77.77 route into BGP on R7.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
Nice note Kings.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video
. Being able to remove the commands is not required, however if we don't
break the rules of the task we can have additional configuration that should
not be counted against us.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone
that if they ask for 10MB
and you round it off you will not lose the points.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert
I said, I'll have to
revisit this, but I think this may be the case. I don't think routing protocol
traffic actually uses the priority queue on Cisco routers, unless you
classify the traffic and put it there.
Sorry if I'm off base here, just thinking out loud.
Regards,
Brandon Carroll
I'd need to see what's on the other end of the tunnel. I can see that the KS
is running multicast but what about the GM? Is the GM failing the RPF check
back the to KS?
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone
Also Check out this one:
http://blog.ipexpert.com/2010/05/12/introduction-to-fpm/
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
/sec_ipsec_virt_tunnl_ps6441_TSD_Products_Configuration_Guide_Chapter.html
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video on Demand
}
Then the connection should work as configured.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study
Sumit is right on here:
crypto map MYMAP 10 ipsec-isakmp
match address 101
set peer X.X.X.X
set transform-set TRANS
!
crypto map MYMAP 20 ipsec-isakmp
match address 102
set peer Y.Y.Y.Y
set transform-set TRANS
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
In that case I may look into the VTI's.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study
http://www.cisco.com/en/US/docs/ios/sec_secure_connectivity/configuration/guide/sec_ipsec_virt_tunnl_ps6441_TSD_Products_Configuration_Guide_Chapter.html
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live
Is this Volume 1? If so, Task 1.5 has the static default routes with route
tracking that is configured on the ASA.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit
You should be ok. As long as the required commands have been added and can be
executed. You will not lose points for what is there my default.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance
PL is up now guys. This was an unexpected issue with the server. I apologize
for the inconvenience.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax
You are running a routing protocol on the inside. Task 1.2 is where this is
accomplished.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax
Service Finger is what I would use to enable the service. With uRPF watch for
the request of legacy method and this should guide you.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please
will send
routes to the Asa. You also need the no auto command so it sends individual
subnets. I'd verify R5 if you aren't seeing the route to 10.1.1.0 on the ASA.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone
So what does the routing table on R5 and the ASA look like?
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier
You do not use port-security on trunk interfaces. When you think about the
multitude of MAC addresses you would see on a trunk it makes sense not to use
it.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
for the earlier response. From time to time I too will make
mistakes and speak too soon. :)
.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax
Kingsley is correct. You need to use the AIC.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self
Any resolution? What's the debug output you are getting?
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier
Sounds like you've found the issue. I will say that the only time I have had
issues with it was when I failed to schedule the sla.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please
I agree. The only reason I wouldn't Is if the task prohibited.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
::Message Sent from
Jimmy
Did you get in? I can resolve fine from here.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider
is in the table,
then add the redistribution back in. Without trying it I'd say based on the
outputs below that the ASA thinks its doing a summarization for eigrp be it on
the interface or something.
HTH
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr
This is FANTASTIC news. Congrats Michael!
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
::Message Sent from iPhone::
IPexpert
There should be a different code version in flash. Boot to the other
version and it should be there.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
-15.T12.bin
For some reason this command kinda disappears. Not sure why but it's in this
version.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax
You can tell the routers to ignore this: ip ospf mtu-ignore
or on the ASA's ospf mtu-ignore
Both are interface commands.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit
:)
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio
You can set the media type to SFP on r2 I believe, or, set it to rj45 and use
fa0/2 on the switch. I usually do the later.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit
Yep. NP.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video on Demand
.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio
Tools
that issue, but maybe you haven't tried
these.
Like Sumit said, paste your configs here and maybe someone can spot an issue.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit
On the Spoke...
ip nhrp map multicast hub-physical-ip-address
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier
Sumit,
Move that configuration to s0/1/0 on R2 and that will get you to the frame
cloud. HTH
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax
You can use a GRE tunnel to get the multicast through the ASA.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier
Yes, I would do a sub-interface in that case.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self
. I've had mixed results with inspecting
the ISAKMP though so I usually pass it.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert
The route-map says to match traffic from 10.7.7.8 to 7.6.6.6 and when you do,
set the next hop to 7.56.0.6 and translate 10.7.7.8 to 7.56.0.8. Take a look
at your routing. There is more than one path you can take to get to 7.6.6.6
and this makes sure you go a certain way.
Regards,
Brandon
See inline...
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video on Demand
It's stateful.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video
authorization list. At least thats
how I've always looked at it.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier
You're showing line console 0 on R1 not line vty 0 4.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier
the connection?
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video
.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio
Tools
and see if your
password of cisco works then.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self
Actually I was wrong in saying that it looked like aaa was enabled. I misread.
Try to do a no login on R1 and set the priv level to 15 on the line and see
what happens after you authenticate thru the ASA.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto
an ibgp neighbor.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video on Demand
no the network command is needed. do /32 network statements.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier
on the switch then you must do it on the
router.
HTH
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study
Move the commands you require to a lower level and let the view authorize them.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
Cisco IOS 12.4TCisco IOS Network Management Configuration Guide 12.4TBasic
System managementPerforming Basic System Management.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit
,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio
Tools, Online Hardware
Learning Solution -
http://www.ipexpert.com/Cisco/CCIE/Security/Self-Study-Bundle. Do you own the
BLS? If not I highly recommend it. Aside from those recommendations and
links, like I said, Ill make sure the redundant GET VPN solution is complete in
lab 4.
Regards,
Brandon Carroll - CCIE
In the acs interface under system control is the service stopped or is
that where you are restarting the services?
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit
Kings,
You said thy you were starting the services in windows. Did you verify
it in the acs interface? You can't control th acs services from
windows. You have to do it in the interface if acs.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr
Load the initial configs in the proctorlabs interface. Then log into all the
devices. The ones without hostnames just close and ignore. I think that should
get you matched up pretty well.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr
earlier.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio
Good Point Kingsley. I try to make it a habit of enabling logging on most
everything during lab sessions. Sure it's noisy but don't you want to see
what's happening? It's a great way to learn!
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr
topics.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio
Mohamed,
Did you get a response to this? I may have missed it if you did. If not, let
me know and I will respond to your queries.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please
Johan,
In that task, R4 should telnet to port 23 on R5, and R2 should telnet to port
3025 on R5. Therefore R4 does not need to use the virtual telnet to
authenticate.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone
Kings,
Your statements below are correct.
For both CBAC or ZBF, ip port-map should be used for matching portocols on
non-standard ports.
ip nbar port-map can't be used for ZBF.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
to the virtual telnet address you cant authenticate. Once
you do that, from R2, then you can telnet to the 3025 port on R5.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit
Hey Kings,
Looks like Tyson covered the query on RFC2827.
As far as the ACL goes, it looks good.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax
I'd recommend a read of this chapter:
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/filter.html
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit
as much about the addresses that you use. If you
use ACLs on ingress you do. The reason you've probably seen differences in the
ACLs probably relates to the networks used in the examples.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr
Kings,
Off the top of my head if I were asked to route traffic to a Black Hole or a
Sink Hole I would think of using something along the lines of PBR setting the
next hop to null0.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Johan,
Thanks. That's great to hear! I appreciate the feedback and am glad you found
it useful.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax
as the outer headers. The entire packet would then be +20 bytes.
Regards,Brandon Carroll - CCIE #23837Senior Technical Instructor - IPexpertMailto: bcarr...@ipexpert.comTelephone: +1.810.326.1444Live Assistance, Please visit: www.ipexpert.com/chateFax: +1.810.454.0130IPexpert is a premier provider of Self
)
Is that what you're looking for?
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video
by the original IP header, followed by the Data.Regards,Brandon Carroll - CCIE #23837Senior Technical Instructor - IPexpertMailto: bcarr...@ipexpert.comTelephone: +1.810.326.1444Live Assistance, Please visit: www.ipexpert.com/chateFax: +1.810.454.0130IPexpert is a premier provider of Self-Study
ip host 10.1.1.5 any (hitcnt=0)
0x7b7029e2
ciscoasa(config)#
Hope that helps.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
Cat1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Cat1(config)#int f0/1
Cat1(config-if)#spanning-tree guard root
Works here. Did you get it going Kings?
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr
Jimmy,
Are you in the Amsterdam Class next month? If so, on day 1 we will discuss
time management.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax
Typically, the lower the level the more severe the messages are and their
effect on the device is. Also, there are usually fewer messages seen at lower
levels. The higher the number the more information you will usually get.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical
Check ios 12.2.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video
Kings,
Why redistribute a default route? In OSPF just use the default-information
command and in eigrp use a summary on the interface. I cant see why you would
redistribute a default. What are you trying to accomplish?
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor
unless I wanted to
be specific to a prefix. Hope this helps in some way.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert
It works Kings. In fact, you can use it as a tool to get routes into the table
where you cant use a static route.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit
with the area know if that's a
good plan?
Also, for those of you that are not scheduled for the class in May I think we
may have 1 seat left. Better hurry up and book it.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone
I can answer that in one word: repetition. You're not going to remember
everything, but you should understand the general process. Everything else will
come with repetition and a familiarity with the documentation.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
I have run into this issue even with them being on the same subnet. Try the
route solution I mentioned. If it doesn't work then nothing lost right? I had
a student in class last week with the exact same issue and it was in fact the
routes.
Regards,
Brandon Carroll - CCIE #23837
Senior
No problem. Believe me I don't want you to waste your time. If that doesn't
work let me know and we can look at other options.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert
Mailto: bcarr...@ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit
I'm assuming you're using this document:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t15/ft_vrfip.htm
It shows the VRF applied to the interface as well as some examples with isakmp
profiles.
Regards,
Brandon Carroll - CCIE #23837
Senior Technical
1 - 100 of 273 matches
Mail list logo
