This will be a short post, there are lot's of little things that I am finding need to be finished off, but thats the way it is as the topology changes.
So now we will do a couple of little fixes to the network, so that we can try and access the CCIE Security WWW server, from the LAN.
LA1(config)#int gi0/1.99 LA1(config-subif)#encap dot 99 LA1(config-subif)#ip vrf for 802101 LA1(config-subif)#ip add 198.250.99.1 255.255.255.0 LA1(config-subif)# LA-SW(config)#int gi0/2 LA-SW(config-if)#swi mo acc LA-SW(config-if)#swi acc vl 99 LA-SW(config-if)#no sh LA-SW(config-if)# LA1(config)#router eigrp LA LA1(config-router)#address-family ipv4 unicast vrf 802101 autonomous-system 300 LA1(config-router-af)#network 198.250.99.0 LA1(config-router-af)#After a while (for BGP to do its thing), we should be able to access this from within the LAN, with a quick hosts entry we can get to both of the websites:
This means that we can use the WSA to block or deny access to these websites. But that will be a different post.
Related Posts
CCIE Security lab: IPS Part 1 - Wake up IPS, why are you sleeping?Man, I hate Java. It sucks. It gets updated due to Security issues, and access to ASA and
ISAKMP profiles: When you need them and when you do not.Through setting up an IPSec VPN between an ASA and an IOS router, Dual-hub DMVPN, GET VPN
CCIE Security Lab: IPS - CLI to GUI and back againI started on the IPS a little while ago, in this post, and then in this post. Then went a
CCIE Security lab - recap, redesign, restartIt's been a long time since I have written about the CCIE Security lab I have started. A
:)
:(
hihi
:-)
:D
=D
:-d
;(
;-(
@-)
:P
:o
:>)
(o)
:p
:-?
(p)
:-s
(m)
8-)
:-t
:-b
b-(
:-#
=p~
$-)
(y)
(f)
x-)
(k)
(h)
cheer