13
Dec

IPexpert CCIE Security Lab 1

Written by Brandon Carroll  |  under CCIE Security, IPExpert Labs

Welcome back!

Not a bad lab night.  I only did 2 sections of lab 1, so I am going to continue this post later.  The one thing that was good to be reminded of has to do with Reflexive ACLs.

TIP:

When testing Reflixive ACLs the /source-interface option does not cause the ACL to evaluate.  To test use a different device.

I’ll continue to work through IPexperts lab guide.  The last time I went through this lab was 4/15/07.  I guess It was due.

More later.  :)

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

COMMENTS

  1. Paul Stewart December 14, 2008 8:29 am

    That’s a good point. Seems counter-intuitive that packets egressing a router are not matched against the outbound acl thus reflexive entry isn’t created.

Leave a feedback:

Name (required)

Email (required)

Website

Comments

2008 (c) GlobalConfig.net, Using the Minimalistic Theme : Powered by WordPress

Switch to our mobile site