Welcome back!I know most of you have heard already, but if not, I passed the CCIE Security exam in RTP on March 13th, 2009. I wanted to take a moment to recap my journey.
I have been a Cisco Instructor for 8 years now. I have been teaching the CCSP track since it’s inception, [...]
Entries Tagged as 'IE Labs'
Recap of my journey CCIE Security
March 17th, 2009 · 17 Comments
Tags: CCIE Security · General Information · IE ATC-CoD · IE Information · IE Labs · IPExpert Information · IPExpert Labs · Rants
VPN3k CLI only
December 18th, 2008 · No Comments
It is possible to configure a L2L session on a VPN3k using CLI only. It is a completley different configuration. Here is the summation of it:
Create an SA
Create inbound and Outbound rules for the hosts to be encrypted.
Apply the rules to the public filter with the action of “Apply IPSec” and attach the Security Association.
Create [...]
Tags: CCIE Security · IE Labs · Studies In VPN
Per-Flow Policing on ASA VPN
December 16th, 2008 · No Comments
Tonight I worked on the ASA Per-flow policing. The configuration is fairly straight forward. After ensuring that the VPN works create a class-map to match the tunnel-group and the destination-address like so:
class-map vpn_data
match flow ip destination-address
match tunnel-group ezvpn
Next create the policy map to police based on the class we just created:
policy-map outside
class vpn_voice
priority
class vpn_data
police output [...]
Tags: CCIE Security · IE Labs · SNAF · SNPA