Jump to content

Site Offline

The community is currently offline and only accessible to those with permission.

Sadikhov IT Certification forums


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About theevilmuffin

  • Rank
    Advanced Member
  1. theevilmuffin

    When is your CCIE Lab date?

    Darby, I don't want to teach you to suck eggs, only pass the lab. ;-) Here's the current equipment list. https://learningnetwork.cisco.com/docs/DOC-3241 Get the CCSP IPS guide and go over that for the IPS. I did all my IPS studies on an IDSM-2, as I'm sure that you are aware, you can do everything bar virtual-interfaces with that. You only need 2 ASA's for the lab, bin the other PIX's - they are dead wood, unless your ASA's don't support A/A. Make sure that you know all ASA technologies very very well, this includes knowing CCO inside out - for my OEQ studies I found a number of errors on CCO that the US TAC lads corrected for me, if I hadn't have studied for many many hours I would not have breezed the OEQs. Also cover SSL VPN on the ASA, from memory only one version of PIX code supported it and then it got pulled, another reason for binning them unless you ae personnaly attached to them ;-) Go for 3560s, 3550s are no longer in the lab blueprint and lack a number of features that the 3560s support. I'd personally bin the ACS appliance, 5.2 is out now and 5.1 will be in the lab on the next upgrade. You can use the demo for the lab, this is enough to pass. Good luck and if you need any pointers feel free to pm me, but I must warn you that I don't break the NDA, so no funny business. cheers
  2. theevilmuffin

    When is your CCIE Lab date?

    did you pass?
  3. theevilmuffin

    replacing supervisor enginer for 6509 vss chassis

  4. theevilmuffin

    CCIE SECURITY LAB: Best Workbook?

    Hi Recently I forked out for some stuff from IP Expert and the ccbootcamp workbook. I have big issues printing in work - we cant use the adobe plugin so i got the printed ccbootcamp workbook - I've started going through this and it's really good. IMO IPExpert is lacking behind a bit - there's only a few v3 amendments to the workbooks - hopefully they will bring out more soon. Not having a paper copy is a pain. Can't somment on INE, but I hear good things ;-)
  5. theevilmuffin

    simple problem driving me nuts!

    don't fully understand you, sorry. Are you inspecting icmp in the MPF? policy-map global_policy class inspection_default inspect dns migrated_dns_map_1 inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect icmp
  6. theevilmuffin

    simple problem driving me nuts!

    are you sure - your pix has outside set to, check the other router IP address. you also need to allow icmp on the outside interface icmp permit outside (assuming this is the IP of the router) cheers
  7. theevilmuffin

    CCSP Equipment List

    nice rack mate never thought i'd hear myself saying that to a bloke!??!!?
  8. theevilmuffin

    let IPsec vpn client out thru pix 501

    probably best to post your config - blank out any real ip addresses ;-)
  9. theevilmuffin

    let IPsec vpn client out thru pix 501

    are you natting? you need to also allow esp and AH (AH wont work if you are natting unless you use NAT-T) and cut out that text language, it makes your sexulaity seem not str8 ;-)
  10. Post your config mate, Do you have keepalives set? cheers
  11. theevilmuffin

    failover question

    post config please =
  12. theevilmuffin

    NMAP Scanning tool

    what's the Q?
  13. theevilmuffin

    Cisco PIX Problem - Plz Help asap

    can you post your config please??? I *think* that this will inspect ftp traffic on port 4099. access-list inspect_ftp permit tcp any host eq 4099 class-map inspect_ftp match access-list inspect_ftp policy-map global_policy class-map inspect_ftp inspect ftp * replace with your server IP address
  14. theevilmuffin

    Checkpoint versus ASA as VPN Site-to-Site Gateway

    I was under the impression that the manageability of checkpoints were amazing - you could easily push policies to many many boxes. ditto both above.
  15. theevilmuffin

    UDP port 500 - hidden port

    have you got isakmp enable configured??