6.3 Configure, verify, and troubleshoot IPv4 and IPv6 access list for traffic filtering

IPv4 ACLs 6.3.a Standard Using the above topology, we will use standard ACLs to block (1-99) traffic. Using the implicit “deny” at the end of the ACL will reduce the amount of ACLs needed. On R1: interface GigabitEthernet1/0 ip address 10.0.0.1 255.255.255.0 ip access-group 1 out negotiation auto ! interface GigabitEthernet2/0 ip address 10.0.1.1 255.255.255.0 …

6.1 Configure, verify, and troubleshoot port security

Let’s begin with the following topology (download lab here) I have configured this topology with R1 acting as a ROAS and as a DHCP server with the DHCP pools configured for each VLAN. Router#show ip dhcp binding Bindings from all pools not associated with VRF: IP address Client-ID/ Lease expiration Type Hardware address/ User name …

6.4 Verify ACLs using the APIC-EM Path Trace ACL analysis tool

This simple little section took me over 3 weeks to finally complete. Now I wasn’t studying for those whole weeks just failing to get this APIC-EM to boot/install. I eventually had to upgrade my $180 server to a $380 server by buying more RAM ($120 and two cpus $80). Now it has just enough compute …

6.5 Configure, verify, and troubleshoot basic device hardening

6.5.a Local authentication Router> Router>en Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#enable secret cisco // enforces enable password Router(config)#^Z Router#exi *Feb 17 11:47:36.950: %SYS-5-CONFIG_I: Configured from console by console Router#exit Router con0 is now available Press RETURN to get started. Router>en Password: // password is now needed to enter enable …