CCIE Security v5 LAB
Moderator: mike
-
- Posts: 5148
- Joined: Wed Mar 15, 2017 4:44 pm
- Location: London
- Contact:
Re: CCIE Security v5 LAB
You can but result will be very bad, slow.
Specially if use slow SATA like 7.2K RPM
Specially if use slow SATA like 7.2K RPM
-
- Posts: 4
- Joined: Tue Oct 31, 2017 7:06 pm
Re: CCIE Security v5 LAB
Hello guys it´s possible to run multicontext on ASAV or ASA? I´m getting problem as it appears to have license problem. Thanks
-
- Posts: 5148
- Joined: Wed Mar 15, 2017 4:44 pm
- Location: London
- Contact:
Re: CCIE Security v5 LAB
asav does not support multiconetxt at all.
but mcontext active/active works fine on asa 8.4.2 or 9.1.5
but mcontext active/active works fine on asa 8.4.2 or 9.1.5
-
- Posts: 4
- Joined: Tue Oct 31, 2017 7:06 pm
Re: CCIE Security v5 LAB
Ok Thansk for reply. Another question is, i´ve tried to add ACS accoridng to the tutorial provided, but when i start it in the lab and connect via console(telnet) nothing is showing... But if i start the VM in the VMWare it appears the setup, so i think the vm is ok...
I did the steps:
1) downloaded .iso from cisco
2) created and installed vm
3) exported ovf and got vmdk file
4) send it to eve via filezila
5) converted according commands provided
6) add the acs to topology and telnet to it, but nothing is showing on console.
Thanks for helping.
I did the steps:
1) downloaded .iso from cisco
2) created and installed vm
3) exported ovf and got vmdk file
4) send it to eve via filezila
5) converted according commands provided
6) add the acs to topology and telnet to it, but nothing is showing on console.
Thanks for helping.
-
- Posts: 4
- Joined: Tue Oct 31, 2017 7:06 pm
Re: CCIE Security v5 LAB
Guys jut found the problem, in the tutorial the command is missing the number 2 here: /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 ACS-disk1.vmdk hda.qcow <----
I add it and converted again, now its working. correct command: /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 ACS-disk1.vmdk hda.qcow2 <----------
I add it and converted again, now its working. correct command: /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 ACS-disk1.vmdk hda.qcow2 <----------
-
- Posts: 6
- Joined: Sat Jan 06, 2018 9:06 am
Re: CCIE Security v5 LAB
Hi All,
Any idea why i am getting this error when i give a command " crypto ikev1 enable outside ". I am condigurinig IPSec Site to Site VPN on ASA to ASA, version 9.15.
ERROR: CTM ipsec poll ctl DU_IOCTL_RESUME_POLL ioctl failed
Regards
Az
Any idea why i am getting this error when i give a command " crypto ikev1 enable outside ". I am condigurinig IPSec Site to Site VPN on ASA to ASA, version 9.15.
ERROR: CTM ipsec poll ctl DU_IOCTL_RESUME_POLL ioctl failed
Regards
Az
-
- Posts: 6
- Joined: Sat Jan 27, 2018 11:30 pm
Re: CCIE Security v5 LAB
@ cciessj4 : It might be worth noting that the 'word on the street' from current CCIE Security candidates is that ACS is not present in the Lab. The Focus is on ISE. Given that, it might not be worth trying to get ACS installed and demo licenced.
-
- Posts: 4
- Joined: Tue Oct 31, 2017 7:06 pm
Re: CCIE Security v5 LAB
Hello guys, I´m trying to do some ACL logging on the lab, but it´s not showing tcp/udp ports on that. In the past i was able to see when a packte was drop by acl, now I don´t no why it´s not showing. Any one have experienced that? It´s important for tshoot purpouses... Look, it appears as port zero. I´ve tried to do a telnet by the way. See:
Router(config)#
*Feb 10 16:33:13.652: %SEC-6-IPACCESSLOGP: list 100 denied tcp 10.3.0.1(0) -> 10.3.0.40(0), 1 packet
Router(config)#
*Feb 10 16:39:12.885: %SEC-6-IPACCESSLOGP: list 100 denied tcp 10.3.0.1(0) -> 10.3.0.40(0), 1 packet
Router(config)#
*Feb 10 16:39:43.130: %SEC-6-IPACCESSLOGP: list 100 denied udp 10.3.0.101(0) -> 10.3.0.255(0), 1 packet
I´ve changed the iol versions and tried on l2/l3 images, but got the same.
Thanks.
Router(config)#
*Feb 10 16:33:13.652: %SEC-6-IPACCESSLOGP: list 100 denied tcp 10.3.0.1(0) -> 10.3.0.40(0), 1 packet
Router(config)#
*Feb 10 16:39:12.885: %SEC-6-IPACCESSLOGP: list 100 denied tcp 10.3.0.1(0) -> 10.3.0.40(0), 1 packet
Router(config)#
*Feb 10 16:39:43.130: %SEC-6-IPACCESSLOGP: list 100 denied udp 10.3.0.101(0) -> 10.3.0.255(0), 1 packet
I´ve changed the iol versions and tried on l2/l3 images, but got the same.
Thanks.
-
- Posts: 6
- Joined: Sat Jan 06, 2018 9:06 am
Re: CCIE Security v5 LAB
Hi Ramindia,
Can you please guide us how to integrate real switch with your lab. I have a ready setup with everything which is required to start this lab.
Best Regards,
vbo
Can you please guide us how to integrate real switch with your lab. I have a ready setup with everything which is required to start this lab.
Best Regards,
vbo