CCIE Security lab: Access to the WWW server


This will be a short post, there are lot's of little things that I am finding need to be finished off, but thats the way it is as the topology changes.

So now we will do a couple of little fixes to the network, so that we can try and access the CCIE Security WWW server, from the LAN.
LA1(config)#int gi0/1.99
LA1(config-subif)#encap dot 99
LA1(config-subif)#ip vrf for 802101
LA1(config-subif)#ip add 198.250.99.1 255.255.255.0
LA1(config-subif)#

LA-SW(config)#int gi0/2
LA-SW(config-if)#swi mo acc
LA-SW(config-if)#swi acc vl 99
LA-SW(config-if)#no sh
LA-SW(config-if)#

LA1(config)#router eigrp LA
LA1(config-router)#address-family ipv4 unicast vrf 802101 autonomous-system 300        
LA1(config-router-af)#network 198.250.99.0
LA1(config-router-af)#
After a while (for BGP to do its thing), we should be able to access this from within the LAN, with a quick hosts entry we can get to both of the websites:

Linux webserver in UNetLab for CCIE Security

This means that we can use the WSA to block or deny access to these websites. But that will be a different post.

CCIE #49337, author of CCNA and Beyond, BGP for Cisco Networks, MPLS for Cisco Networks, VPNs and NAT for Cisco Networks.

Related Posts

Previous
Next Post »