This will be a short post, there are lot's of little things that I am finding need to be finished off, but thats the way it is as the topology changes.
So now we will do a couple of little fixes to the network, so that we can try and access the CCIE Security WWW server, from the LAN.
LA1(config)#int gi0/1.99 LA1(config-subif)#encap dot 99 LA1(config-subif)#ip vrf for 802101 LA1(config-subif)#ip add 198.250.99.1 255.255.255.0 LA1(config-subif)# LA-SW(config)#int gi0/2 LA-SW(config-if)#swi mo acc LA-SW(config-if)#swi acc vl 99 LA-SW(config-if)#no sh LA-SW(config-if)# LA1(config)#router eigrp LA LA1(config-router)#address-family ipv4 unicast vrf 802101 autonomous-system 300 LA1(config-router-af)#network 198.250.99.0 LA1(config-router-af)#After a while (for BGP to do its thing), we should be able to access this from within the LAN, with a quick hosts entry we can get to both of the websites:
This means that we can use the WSA to block or deny access to these websites. But that will be a different post.