From: tycampbell@comcast.net
Date: Tue Aug 10 2004 - 12:54:30 GMT-3
y'all might want to look at this.
2 websites are listed on this post from symantec that I know are CCIE related
www.vconsole.net and www.ccbootcamp.com
here is the post from symantec for those that have not seen it
http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.ao@mm.html
> Hi guys,
>
> From IE lab 11, task 1.16 and 1.17
>
> Problem:
>
> Allow only ip traffic on vlan 56, however, if other behind the scenes traffic
> is NOT allowed, there'll be big trouble in Cisco lab city.
>
>
> Solution:
>
> ip access-list extended IPONLY
> permit ip any any
> !
> mac access-list extended IP_ARP
> permit any any 0x806 0x0 < --- Can this found on Doc CD?
>
> mac access-list extended IS-IS
> permit any any lsap 0xFEFE 0x0 < ---- Can this found on Doc CD?
>
> mac access-list extended IEEE-STP
> permit any any lsap 0x4242 0x0 < ---- Can this found on Doc CD?
> !
> vlan access-map IPONLY 10
> action forward
> match ip address IPONLY
>
> vlan access-map IPONLY 20
> action forward
> match mac address IP_ARP
>
> vlan access-map IPONLY 30
> action forward
> match mac address IS-IS
>
> vlan access-map IPONLY 40
> action forward
> match mac address IEEE-STP
>
> vlan access-map IPONLY 50
> action drop
> vlan filter IPONLY vlan-list 56
>
> vlan filter IPONLY vlan-list 56
>
> Question: Does anybody know where on the Doc-CD the codes used match these
> traffic types can be found? I've looked but came up empty.
>
> Also, cdp traffic will be dropped by the above vlan filter. Is that a good
> idea?
>
> Thanks, Tim
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Sep 03 2004 - 07:02:36 GMT-3