Welcome back!For those of you not familiar with learning credits you may be missing out on training. Check out this page over at Cisco.com that details the program, then go see if you have any that are about to expire. Contact Ascolta, Cisco Learning Partner of the Year- 2007, and register for the class you [...]
Entries from December 2008
Year End- time to snag some training!
December 16th, 2008 · No Comments
Tags: CCNA Corner · CCNP Study · CCSP Study · General Information · General Training
Per-Flow Policing on ASA VPN
December 16th, 2008 · No Comments
Tonight I worked on the ASA Per-flow policing. The configuration is fairly straight forward. After ensuring that the VPN works create a class-map to match the tunnel-group and the destination-address like so:
class-map vpn_data
match flow ip destination-address
match tunnel-group ezvpn
Next create the policy map to police based on the class we just created:
policy-map outside
class vpn_voice
priority
class vpn_data
police output [...]
Tags: CCIE Security · IE Labs · SNAF · SNPA
IPexpert CCIE Security Lab 1
December 13th, 2008 · 1 Comment
Not a bad lab night. I only did 2 sections of lab 1, so I am going to continue this post later. The one thing that was good to be reminded of has to do with Reflexive ACLs.
TIP:
When testing Reflixive ACLs the /source-interface option does not cause the ACL to evaluate. To test use a [...]
Tags: CCIE Security · IPExpert Labs