From: Joseph Brunner (joe@affirmedsystems.com)
Date: Sat Jul 26 2008 - 23:05:57 ART
You don't need to allow eigrp...
A client called me last year and said he didn't allow eigrp in an acl, how
is the ASA learning routes from a router on an outside interface?
Assuming they would have 900000 tac cases about this, it just works!
Of course this is when the ASA is running eigrp, not when the ASA is in
transparent/bitw mode. I'll test that later ;)
LOL
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Muhammad Nasim
Sent: Saturday, July 26, 2008 10:02 PM
To: Dane Newman
Cc: GS CCIE-Lab
Subject: Re: Security lab access-lists
Be as specific as as possible in the exam.
2008/7/27 Dane Newman <dane.newman@gmail.com>
> I'm sure this has been asked before but will I get in trouble with stuff
> like
> access-list 101 permit eigrp any any on outside interfaces of pix and
asa?
>
>
> If I am not specific and just at the start of the lab allow all routing
> protocols will I get really dinged? Do you guys think allowing routing
> protocols any any is different then allowing say esp any any or udp 500
any
> any because they are not testing on routing protocols but they are testing
> on vpn's?
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
-- Muhammad Nasim Network Engineer Saudi Arabia
This archive was generated by hypermail 2.1.4 : Mon Aug 04 2008 - 06:11:57 ART