jddla
Members-
Posts
3 -
Joined
-
Last visited
jddla's Achievements
-
To Pass CCIE Security v6.1 Deploy discussion - Real Attempt
jddla replied to Glavin's topic in CCIE Security
I found a design dump from rahulk (CCIESEC ninja) that seem to match the questions I got. -
To Pass CCIE Security v6.1 Deploy discussion - Real Attempt
jddla replied to Glavin's topic in CCIE Security
Hi, I failed my 1st attempt in Brussels and looking for some information on how to tackle some of the task aspects, mainly on how to route to/from the management network. Multiple questions about VPN (RA and S2S) mention NTP of the client should be synced. How does the NTP server send back the traffic? Is it required to add static routes to the NTP router or configure NAT for NTP traffic on the device that has an interface in the management network? Similar question for DNS with the difference that the DNS server is Windows. Are we supposed to configure routes on the AD server to get the DNS response to the client? The RA question has some discrepancies between the task requirements for the DACL and split routing. If the task requirements are taken literally, one of the 2 user types cannot access their specific server. Are we supposed to enable this connectivity by allowing it non-encrypted? Similarly the DACL mentions DNS is to be allowed but DNS is not supposed to be encrypted. Can the client machine use it's own interface directly attached to the management network to perform DNS queries? -
Hi, I'm also interested. Please invite me.