February 6, 2012

Posts Comments

You are here: Home / 2008 / Archives for July 2008

16-days and I'm getting jittery.

July 30, 2008 By Leave a Comment

Yes- I’m now sweating a little bit.  16 days….I’m so gonna bomb!  There is so much that I still feel like I need to learn or even re-learn.

So far this week I have gone over:

  • Rip authentication
  • OSPF authentication
  • Redistribution, Summarization, and Route Filtering
  • ACLs
  • Object Groups
  • Managing ICMP
  • NAT/PAT both static and dynamic
  • SSH, Telnet, and HTTP access
  • DNS Doctoring
  • Advanced Firewall Topics such as contexts, failover, arp inspection and transparent firewalls.
  • DHCP Server Config
  • Multicast with ASA/PIX
  • MPF and advanced Inspecition

Now its on to VPN.  The scary part is that the VPN section is from page 153 to 669.  Ugh! On another note the material that I am working on this week comes from Internetwork Expert.  This Volume 1 is a beast of a book and is packed with a ton of mini-labs.  I am really enjoying it!

Enter your email address:

Delivered by FeedBurner

Filed Under: CCIE Security, IE Information, IE Labs

Static Policy Pat

July 29, 2008 By 1 Comment

I had to blog this out mostly because its one of those things that I have done before but said to myself, “Huh?” when I came across it again.

So here is the short form:

I want to policy Static PAT so that when 10.2.2.2 telnets to the interface of the ASA it is redirected to 10.1.1.2.

You begin with the access-list: 

access-list TELNET permit tcp host 10.1.1.2 eq 23 host 10.2.2.2
Initially thats what gets my mind spinning becuase its not the access-list to permit the traffic its the access-list to define the mapping for the static.  Here is the rest.

Define the static and tie it to the ACL: 

static (i,o) tcp interface 23 access-list TELNET
Allow telnet in: 
access-list OUTSIDE_IN permit tcp any any eq 23



access-group OUTSIDE_IN in int outside
That does it.  Strange huh?  Oh well! It works.

Filed Under: CCIE Security, IE Labs

CCIE Prep in full swing!

July 28, 2008 By Leave a Comment

For those of you that have followed this blog for CCIE prep be sure to subscribe to ccieprep.me or cciestudy.brandonjcarroll.com. 


Only 18 days left till my lab.


Also, if you are linking here for CCIE study you may want to update the like to ccieprep.me or cciestudy.brandonjcarroll.com.  Once the lab is passed tips will be back here but for the final run you’ll find it all there. (here too, a little bit)

If you have no idea what I’m talking about read this post!

Thanks for your support!

Brandon

Filed Under: CCIE Security
« Older Posts
Newer Posts »