Jump to content

Search the Community

Showing results for tags '6.1'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • ANNOUNCEMENTS
    • ANNOUNCEMENTS
  • CERTIFICATION - - - - - NO REQUESTS IN THESE FORUMS - - - - -
    • CISCO SYSTEMS
    • COMPTIA
    • LINUX
    • MICROSOFT
    • ORACLE
    • PROJECT MANAGEMENT
    • SECURITY CERTIFICATIONS
    • SUN MICROSYSTEMS
    • WIRELESS
    • OTHER CERTIFICATIONS
  • CISCO TECHNICAL SECTION
    • CISCO LABS
    • GNS3
    • NETWORK INFRASTRUCTURE
    • SECURITY
    • WIRELESS
    • SERVICE PROVIDERS
    • COLLABORATION, VOICE AND VIDEO
    • DATA CENTER
    • SMALL BUSINESS
  • MICROSOFT TECHNICAL SECTION
  • OTHER TECHNICAL SECTION
  • TRAINING OFFERS & REQUESTS
  • CERTCOLLECTION MALL
  • GENERAL FORUMS
  • COMMUNITY CENTER

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 1 result

  1. Hi All! Referring to CSL solution "CCIE Security v4 Lab 5 Solution - 3rd Release - 01-11-2014" from bysync.. I see some major errors in the solution for question 6.1 - 1. Default authentication rule should only allow ONLY PAP as per task requirement - CSL solution uses Default Network Access here!! >>>>> I think correct configuration should be to create a new "Service List" under Policy > Results > Authentication > Allowed Protocols > +ADD and allow only PAP in there. Then, we need to chose this "Allowed Protocol Service list" in the Default Authentication Policy for "SW1Admin" Identity Source..does that seem right? 2. Errors in Authorization Policy Rule - - In the Authrorization Policy Rule named Admin, somehow they are setting SW1Admin as the Identity Group, which is not possible as no Identity group named SW1Admin was created >>>>> correct configuration would be to use AdminUser Identity Group here. - there is NO configuration in all the steps that selects TELNET traffic in the authorization policy. This is a REQUIREMENT in the task. >>>>> correct configuration is to create a SIMPLE condition called Admin_Condition & configure "RADIUS:NAS-Port-type Equals Virtual" in there. Then we use this "Admin_Condition" in the Authroziation Policy rule - there is NO configuration that matches the actual SW1Admin user >>>>> correct config would be to add an Expression - "InternalUser:Name" Equals "SW1Admin" under Conditions in AND logic with the Admin_condition Does anyone else see the same problems?
×
×
  • Create New...