Task 6.1 / 9.2

I got this wrong with the proctor saying ..

does not work because of error in task 9.2.

I got 9.2 correct with the config below..  just cannot see how the 2 are related..? Maybe should have  per pim any inbound.  

But the question states allow all necessary routing protocol traffic in - PIM is not routing traffic. 

 

ip access-list extended INB
 permit ospf any any
 permit icmp any any echo-reply
 evaluate REF
ip access-list extended OUTB
 permit tcp any any reflect REF
 permit udp any any reflect REF
 permit icmp any any reflect REF

Comments

  • <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">





    Labs will often give you a list of things to permit...  But if you
    break something else that you did before, that kinda messes things up!



    So yes, inbound access-lists will kill lots of traffic.  It's up to you
    to remember to permit PIM coming in there (or IGMP too if it's a "user"
    LAN).






     



    Scott Morris, CCIEx4
    (R&S/ISP-Dial/Security/Service Provider) #4713,

    JNCIE-M #153, JNCIS-ER, CISSP, et al.

    JNCI-M, JNCI-ER

    [email protected]



    Internetwork Expert, Inc.

    http://www.InternetworkExpert.com

    Toll Free: 877-224-8987

    Outside US: 775-826-4344



    Knowledge is power.

    Power corrupts.

    Study hard and be Eeeeviiiil......






    lee_maynard2003 wrote:

    I got this wrong with the proctor saying ..

    does not work because of error in task 9.2.

    I got 9.2 correct with the config below..  just cannot see how the
    2 are related..? Maybe should have  per pim any inbound.  

    But the question states allow all necessary routing protocol
    traffic in - PIM is not routing traffic. 

     

    ip access-list extended INB

     permit ospf any any

     permit icmp any any echo-reply

     evaluate REF

    ip access-list extended OUTB

     permit tcp any any reflect REF

     permit udp any any reflect REF

     permit icmp any any reflect REF







    Internetwork Expert - The Industry Leader in CCIE Preparation

    http://www.internetworkexpert.com



    Subscription information may be found at:

    http://www.ieoc.com/forums/ForumSubscriptions.aspx

Sign In or Register to comment.