RE: OSPF on VPN

From: Larry Roberts (groupstudy@american-hero.com)
Date: Sun Aug 01 2004 - 11:55:53 GMT-3

• Next message: Scott Morris: "RE: OSPF on VPN"
• Previous message: EdmondsSG@aol.com: "Re: Failed first attempt"
• Maybe in reply to: thunai: "RE: OSPF on VPN"
• Next in thread: Scott Morris: "RE: OSPF on VPN"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Is it fair game for the R&S? I didn't think a VPN Concentrator was on the
eq. list?

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Scott Morris
Sent: Sunday, August 01, 2004 8:10 AM
To: 'marc van hoof'; 'thunai'; 'Larry Roberts'; security@groupstudy.com
Cc: ccielab@groupstudy.com
Subject: RE: OSPF on VPN

While they technically fall within the "anything is fair game" rule, things
like this are not plausible for the R&S lab. So, personally, I would not
spend a whole lot of time fretting over this unless you are taking your
Security CCIE lab.

While IPSec wouldn't be a bad thing to be familiar with in general, it's my
opinion that the more detailed configurations and "oddities" will be
concentrated on in the more appropriate CCIE track.

 
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, CISSP,
JNCIP, et al.
IPExpert CCIE Program Manager
IPExpert Sr. Technical Instructor
swm@emanon.com/smorris@ipexpert.net
http://www.ipexpert.net
 
 

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of marc
van hoof
Sent: Sunday, August 01, 2004 7:12 AM
To: 'thunai'; 'Larry Roberts'; security@groupstudy.com
Cc: ccielab@groupstudy.com
Subject: RE: OSPF on VPN

Just out of interest, are VPN scenarios valid for the R&S lab, or just the
Security lab ?

-marc.

> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of thunai
> Sent: Sunday, 1 August 2004 4:02 PM
> To: 'Larry Roberts'; security@groupstudy.com
> Cc: ccielab@groupstudy.com
> Subject: RE: OSPF on VPN
>
> Thanks Robert , I have not added the filter rules. Is there any Easy
> way I can configure the filter(assign rule ) using menu. It seems to
> very difficult.
>
>
> Regds
> Thunai
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of Larry Roberts
> Sent: Sunday, August 01, 2004 10:03 AM
> To: 'thunai'; security@groupstudy.com
> Cc: ccielab@groupstudy.com
> Subject: RE: OSPF on VPN
>
>
> Does OSPF work to the inside?
>
> Can you remove the filter from the outside completely and see if it
> pass's packets? ( obviously not on the internet !)
>
> Did you use the same area under the interface as you defined in the ip
> routing section?
>
> What do you mean by #6 ? By default ospf is filtered by the "public
> default" filter, so you would need to add it to the filter. I didn't
> understand if you added it, or if you thought it was already added. It
> should appear on the left side of the filters list for it to be active.
>
> Other than those questions, it sounds like it should work. I run OSPF
> on my concentrators at work, and it was pretty simple to setup.
> Biggest issue I had was advertising my remote ospf networks into OSPF.
> Took me several hours before the check mark for ASBR jumped out at me!
>
>
> -----Original Message-----
> From: thunai [mailto:thunai@cisco.com]
> Sent: Saturday, July 31, 2004 11:09 PM
> To: 'Larry Roberts'; security@groupstudy.com
> Cc: ccielab@groupstudy.com
> Subject: RE: OSPF on VPN
>
> Hai
> I have done the following steps .
>
> 1. Set OSPF Router ID
> 2. Enable OSPF
> 3. Defined the area
> 4. Enable ospf on the outside interface
> 5. Assigned Public defacult filter to Ouside Interface
> 6. Checked the filters for OSPF in / OSPF out.
>
>
> But still VPN is not sending any packets to the outside.. I did a
> debug on the router I am not receiving any packet on the router from
> VPN concentrator
>
> If any body has any clue please help me
>
>
> Regds
> Thunai
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of Larry Roberts
> Sent: Saturday, July 31, 2004 9:03 PM
> To: 'thunai'; security@groupstudy.com
> Subject: RE: OSPF on VPN
>
>
> What all have you done to enable it?
>
> You need to enable ospf and provide its parameters under the interface
> itself, and you also need to to enable OSPF under ip routing as well.
>
> Does it work to the inside?
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of thunai
> Sent: Saturday, July 31, 2004 6:16 AM
> To: security@groupstudy.com
> Subject: OSPF on VPN
>
> Hai
> I trying to enable OSPF on the public interface , I could not
> succseed. Is there any way i can trouble shoot ospf on VPN
> concentrator .
>
> I have i r3-------(public inter face )----vpn---(rip)-----r2. I am
> getting rip routes on r2. But i am not getting any packets from vpn
> concetrator to r3.
>
>
> Please help me
>
>
> Regds
> Thunai
>
> ______________________________________________________________________
> _ Please help support GroupStudy by purchasing your study materials
> from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Scott Morris: "RE: OSPF on VPN"
• Previous message: EdmondsSG@aol.com: "Re: Failed first attempt"
• Maybe in reply to: thunai: "RE: OSPF on VPN"
• Next in thread: Scott Morris: "RE: OSPF on VPN"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Sep 03 2004 - 07:02:31 GMT-3