Page 6 of 7

Re: CCIE Security v5 LAB

Posted: Sat Jan 06, 2018 4:28 pm
by cassian
hi All,

How I can use this file and create a home lab?

Re: CCIE Security v5 LAB

Posted: Tue Jan 09, 2018 3:07 am
by talentbd
Can we build the machine with SATA drive instead of SSD?

Re: CCIE Security v5 LAB

Posted: Tue Jan 09, 2018 9:48 am
by Uldis (UD)
You can but result will be very bad, slow.
Specially if use slow SATA like 7.2K RPM

Re: CCIE Security v5 LAB

Posted: Mon Jan 29, 2018 1:16 pm
by cciessj4
Hello guys it´s possible to run multicontext on ASAV or ASA? I´m getting problem as it appears to have license problem. Thanks

Re: CCIE Security v5 LAB

Posted: Mon Jan 29, 2018 8:38 pm
by Uldis (UD)
asav does not support multiconetxt at all.

but mcontext active/active works fine on asa 8.4.2 or 9.1.5

Re: CCIE Security v5 LAB

Posted: Fri Feb 02, 2018 1:17 pm
by cciessj4
Ok Thansk for reply. Another question is, i´ve tried to add ACS accoridng to the tutorial provided, but when i start it in the lab and connect via console(telnet) nothing is showing... But if i start the VM in the VMWare it appears the setup, so i think the vm is ok...

I did the steps:

1) downloaded .iso from cisco
2) created and installed vm
3) exported ovf and got vmdk file
4) send it to eve via filezila
5) converted according commands provided
6) add the acs to topology and telnet to it, but nothing is showing on console.

Thanks for helping.

Re: CCIE Security v5 LAB

Posted: Fri Feb 02, 2018 1:25 pm
by cciessj4
Guys jut found the problem, in the tutorial the command is missing the number 2 here: /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 ACS-disk1.vmdk hda.qcow <----
I add it and converted again, now its working. correct command: /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 ACS-disk1.vmdk hda.qcow2 <----------

Re: CCIE Security v5 LAB

Posted: Fri Feb 09, 2018 8:23 am
by locals919@gmail.com
Hi All,

Any idea why i am getting this error when i give a command " crypto ikev1 enable outside ". I am condigurinig IPSec Site to Site VPN on ASA to ASA, version 9.15.

ERROR: CTM ipsec poll ctl DU_IOCTL_RESUME_POLL ioctl failed


Regards
Az

Re: CCIE Security v5 LAB

Posted: Sat Feb 10, 2018 4:18 am
by dan
@ cciessj4 : It might be worth noting that the 'word on the street' from current CCIE Security candidates is that ACS is not present in the Lab. The Focus is on ISE. Given that, it might not be worth trying to get ACS installed and demo licenced.

Re: CCIE Security v5 LAB

Posted: Sat Feb 10, 2018 6:53 pm
by cciessj4
Hello guys, I´m trying to do some ACL logging on the lab, but it´s not showing tcp/udp ports on that. In the past i was able to see when a packte was drop by acl, now I don´t no why it´s not showing. Any one have experienced that? It´s important for tshoot purpouses... Look, it appears as port zero. I´ve tried to do a telnet by the way. See:

Router(config)#
*Feb 10 16:33:13.652: %SEC-6-IPACCESSLOGP: list 100 denied tcp 10.3.0.1(0) -> 10.3.0.40(0), 1 packet
Router(config)#
*Feb 10 16:39:12.885: %SEC-6-IPACCESSLOGP: list 100 denied tcp 10.3.0.1(0) -> 10.3.0.40(0), 1 packet
Router(config)#
*Feb 10 16:39:43.130: %SEC-6-IPACCESSLOGP: list 100 denied udp 10.3.0.101(0) -> 10.3.0.255(0), 1 packet

I´ve changed the iol versions and tried on l2/l3 images, but got the same.

Thanks.