Re: [OSL | CCIE_Security] Passed the Written

Glad to hearat least this round we both know what to expect On Thu, Jun 14, 2012 at 11:27 PM, Steve Di Bias sdib...@gmail.com wrote: Yeah I really wanted to go this year but to no avail :( if you're going for it get excited and energized, take your time and have fun! I'm going for 2 as

Re: [OSL | CCIE_Security] Bootcamp Schedule

Matt The number of bootcamps for this year was reduced due to the upcoming blueprint change. There are still two classes in US, however, just not sure if there are seats available - please contact sales if you are interested. Here is the link (please go to the Schedule tab) :

Re: [OSL | CCIE_Security] aggressive mode with hostname IKE ID

Doesn’t make sense to me either. It's like you mentioned DNS or ip host entry that resolves hostname to IP. Any leftovers crypto isakmp peer hostname by any chance ? Or a wild card 0.0.0.0 pre-shared key ? What happens if you remove the part for aggressive mode ? Does R1 authenticate R7 ? I

Re: [OSL | CCIE_Security] Role Based

Yes, Mike, even though you don't see the pound sign (#) in the prompt it is OK. Just IOS glitches. From: Mike Rojas mike_c...@hotmail.commailto:mike_c...@hotmail.com Date: Thursday, June 14, 2012 8:06 PM To: ccie_security@onlinestudylist.commailto:ccie_security@onlinestudylist.com

Re: [OSL | CCIE_Security] Best option to drop ICMP unreachables

I think ip local policy is for the global setting not to send unreachables. VLAN filter may address only specific VLANs From: Mike Rojas mike_c...@hotmail.commailto:mike_c...@hotmail.com Date: Thursday, June 14, 2012 8:13 PM To:

Re: [OSL | CCIE_Security] Bootcamp Schedule

Need a bootcamp for CCIE Service Provider Lab. With Regards, Olawale Ogunyemi From: Piotr Kaluzny pio...@ipexpert.com To: Matt Hill mayd...@gmail.com Cc: CCIE Security Maillist ccie_security@onlinestudylist.com Sent: Friday, June 15, 2012 8:45 AM Subject:

Re: [OSL | CCIE_Security] Role Based

can you please paste your aaa and line configuration regards From: mike_c...@hotmail.com To: ccie_security@onlinestudylist.com Date: Thu, 14 Jun 2012 21:06:33 -0600 Subject: [OSL | CCIE_Security] Role Based Hello, Is the user sign normal when configuring Role based access? Router1conf t

Re: [OSL | CCIE_Security] Role Based

Do you mean the '' prompt, then yes it's normal. It's dependent inwhere you are applying the privilege 15 I.e at the privilege level box I the user profile or through the aaa attribute priv-lvl=15? On Thursday, June 14, 2012, Mike Rojas wrote: Hello, Is the user sign normal when configuring

Re: [OSL | CCIE_Security] Good economical hotels in Sydney

Hi Kings, Try hotelclub.com, they usually show some good rates. Hotel Urban is still there, rates are something like $140 per night. Try to avoid trains on your way to the lab, they may break and you don't want to take those chances. :-) Get a cab. If you show up well before 8 am, the doors

[OSL | CCIE_Security] IOS IPS Sig Category

Hi all If we are asked to enable ios_basic_sigs, then first thing we need to retire all sigs and then enable the basic set. Now that can be in the following ways: ip ips signature-category category all retired true category ios_ips basic retired false ip ips signature-category

Re: [OSL | CCIE_Security] aggressive mode with hostname IKE ID

I don't have anything else on the routers..interface config and routing, it's a clean setup just to play with the aggressive mode. Even if I had a wildcard preshared key, hostname is used as the IKE identity so should not match on an address based wildcard. At least this is what I would expect.

[OSL | CCIE_Security] IP Options

Hi Guys I have configured ip options drop on my switch, however traceroute still works. Shouldn't this block the traceroute option?? Thanks ___ For more information regarding industry leading CCIE Lab

Re: [OSL | CCIE_Security] Best option to drop ICMP unreachables

Ohh, but you can put vlan-list all... So that is why I wonder if they do the same thing... Mike From: eug...@koiossystems.com To: mike_c...@hotmail.com; ccie_security@onlinestudylist.com Subject: Re: [OSL | CCIE_Security] Best option to drop ICMP unreachables Date: Fri, 15 Jun 2012 08:09:32

Re: [OSL | CCIE_Security] Role Based

It was on the username and the privilege is 15... the list is attached to local database. Mike Date: Fri, 15 Jun 2012 06:47:46 -0400 Subject: Re: [OSL | CCIE_Security] Role Based From: fawa...@gmail.com To: mike_c...@hotmail.com CC: ccie_security@onlinestudylist.com Do you mean the ''

Re: [OSL | CCIE_Security] IOS IPS Sig Category

This is a list of all IOS IPS signature categories R6(config-ips-category)#category ? adware/spyware Adware/Spyware (more sub-categories) allAll Categories attack Attack (more sub-categories) ddos DDoS (more sub-categories)

Re: [OSL | CCIE_Security] IOS IPS Sig Category

What I do, (Prior compiling of course is retire all the signatures) IP ips signature category Category all enable false retire true Compile the signautres IP ips signature category category ios_ips basic enable true retired false If I dont remember wrong, on the old

[OSL | CCIE_Security] Flexible Netfflow

Should Flexible netflow something that we should really focus in? Mike ___ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking