|
|
& W- b0 y' L4 c. N1 I* Q" b
Hello folks, 3 Z7 U" O4 W' U3 X3 r
, E# }+ G- @# z% d, @0 e8 g
I arrange to pass this time .. & r+ x3 z; M2 P
+ V# h5 Y5 Z D. Z0 o+ e+ |3 A$ `
My first attempt was before almost 40 days:
% e0 Q7 ~: v8 w0 v2 ~2 \5 w
$ G; h6 u% ?( ^. w
2 F* r/ Y* w6 D; C2 M+ J2 O/ C, zIn 2nd attempt I feel more confident and I learned from previous mistakes. # }- J9 ~) G6 C. b& ^" P% I, M
6 k4 `' T3 H$ C/ d9 pJust before sharing wat I got in I want to tell the guys who are spreading rumores about new lab ** **** ******.. me and the other guys that day we didn't got the new variations they are talking about. its really not nice at all just a lot of more unwanted stress.
; v+ w+ _6 c4 U/ @% v7 `
9 Z! E+ F* h7 I Z3 rAny way ..
% _6 O8 ]( y" E; b, \# o& C' q
' K7 d8 f. \: g$ BTS New:
: n; f! ~1 X$ J; Z( \' e: D0 A2 [; s$ I! `; O- g1 z" s9 u/ M4 l& n: ]
T1:
: d: v5 |) Y% t6 V/ L8 bI got 1 fault# C4 I! V% b! R2 i! _
Access-list was
' I3 X7 L8 j0 n. ^% A: y4 Hdeny ... ; E! L, G- k& a7 r; F
deny ... / S2 L8 H! N2 `- o% O4 c3 Q
per ip any any
$ w3 u) H& t9 e& g& A" s. o- G
- x: \4 z) z2 R, ^6 ?; MI add deny ospf,esp,udp,icmp and change per ip any any to deny.+ K8 ]& y4 \# w2 |2 ~0 J; h
8 k1 a. h( q, l% \$ [6 g3 D. Y2 z
--------8 m8 T& p$ C5 X8 p9 |
( q( [" _2 K! A+ B9 P) A: CT2:
. {+ v3 V& ^, k+ `7 y" s Iroute-map was not configured so I create it and apply it on R14
$ n5 H/ r6 r, M+ M. [2 u4 @$ M' B$ o. J% }4 f% m' K2 ^
--------
% b' o4 {, N+ f, n# ]" b1 B. Z- n* j' J% ?) s0 R! a
T3! O- {: z- q& j: D( T1 h5 n
on R22 Fix TE route-map same .. * _. Z. S8 R V6 j4 [% ~
R23 lo0 adv in ospf
9 A6 T( }( u6 o9 X% K; Q2 F6 Imanipulate OSPF
4 l% n5 j' ~. V( M# fin this ticket I arrange to have same output for each hop but when trace reach R12,13,22,23 that hop was with diff AS num (29999) and in the question it was 65001 I spent alot of time trying to find from where this 29999 came but I couldnt so I leave it. 3 X2 S9 c7 s- w% N* P
; T' k; u- `: R- p
------. e! m+ r n9 _4 _6 J3 G. x
- l3 R& c6 T* Q% J U6 e9 g2 PT4
& u1 h) }3 M# _0 Rroute-map preconfigured ( DC1 ) just apply it on R21
( `9 |7 C' U) T9 _ O; W1 V( w5 m2 D& ?8 C7 @; r
------0 X) H% I( M. C8 T! v9 D3 v# C- @
* P1 y* x! ?" {T5
4 V3 l- Y w+ PR60 tun0 subnetmask wrong + h: Q7 o. [% g; ]' P2 d% y* f; x( z
Y9 e: |4 V, @) b: M------
$ d6 d! K9 Z, N; E- p
" [# g& n: k9 N Q% mT6) Q$ e) D& G& C2 u$ P& b
int vlan 200 adv in ospfv3
( K0 k& g8 x) {+ P; Z$ ]9 f- w! b/ j3 v L j2 X
------
# e5 \) Y0 o- t: M; H( Q
5 D. t; d1 `/ `8 IT74 \# M7 z) d" b; m- P6 H9 p" I
Mpls missing in R3
e) Q$ ]" }* Q5 h* i6 ~- L4 V0 kR10 distance 3 D" m/ N" I; ]: F F! o5 [: ?2 F/ Y4 ]
when trace from sw500 didnt match so I change ospf cost in R10 and the switch front of it.
1 N* Y# u: ]9 P2 U% @, Q' E" U6 F4 T# N9 K3 L
-----
0 Y9 S- Z; C; I( s' i" o+ `
+ t4 h( O* V1 X) T( [7 E: \T8
0 [+ Z3 a# F6 \5 W6 a* NIP arp inspection missing from int vlan on one of the switches 300 or 301
: H6 w$ f3 [2 @) w% q Q E, J( x3 N- z1 W0 s
-----
a1 V$ d2 Z1 A& S7 Y" `+ ?1 v8 f; Q* |
T9
! h6 i" g6 c% k/ ]! PTun0 mis match ( ip ospf netw P2M )! {, e8 K3 ]% m; J( V3 @
6 Y7 C' D) j0 K
-----
3 \: X% ?8 ?3 Q& t6 w1 i+ C6 L6 Q3 E4 K
T10
: M# H5 U1 D. C( J9 f3 d% V$ H3 X. t6 w+ U
add nat statement in R25 without add route keyword cause it works. 4 s! C! [" s: m* n: ?# t
; i# n" L( y3 c0 Q# d* Q4 G0 c3 \
+ u! `7 |# l! f6 O
2 p8 P, n, f! V) t! W+ ]' |----------
/ p/ B. k, ^6 i2 R7 w. A9 _7 g- K0 b( V0 P9 Q; I% Z
Diag, 2 r$ `" T7 n3 O# g6 q+ f* {
& F# M5 A8 b9 i2 s w
DHCP snooping
6 W+ r% ?; d- }' a
0 h% u" N8 @ _) p1 D: x& ?3 dAttacker
% x# F& c% ^) R% J7 R( |7 n( da lot of confusing statements all most same so here I got lucky ..
$ U. L2 c' @0 O3 X# v! Q+ `! B0 j; s1 ?) Z7 o7 ~* r
--------
# E, r) \3 T4 o3 t# Q" G* P4 D& r K- ~* o6 U0 H( Y; g
New LAB: , _$ A' B1 }! {
2 G8 E4 E' o! [" V% s2 x, J7 R
In general Same only few notes:
# v; x5 P6 X; g* l2 ]+ M$ |' q; l
1)the table they provide for layer2 :% ^; V8 A2 I. m' Y
+ {+ U+ B1 e; I' g. Q6 Svlan Switch ports , D+ |' f- }( T3 l6 F9 `" O
& P! e( e2 [/ Q7 G: H2) alot of interfaces was shuting down from both ends routers and switches so in each router once I log in I do sh ip int brie | ex unass and then enable any port with ip configured.
! e' v+ q8 F9 O8 h' ~+ u
3 a5 b0 r+ ^8 }* A: o3) trunk ports shut down also .. there is a diagram telling you which ports are the trunks. 0 m7 `2 H& Y- r& U9 H8 ~
1 M8 ?- c$ ]1 d8 l% |4) a lot of preconfigurations all over the topology just they trick me with MPLS pre config .. but its not pre config in Jacob so I add it there and in per config they didnt put mpls ldp router id lo0 force so I added it also. ' x5 z- x! `" C1 c8 Q
4 p; G7 I/ Z7 C7 F$ X; j
5) there pre config its always missing something so I double check all pre config they add.
, |' y( }2 s, e+ f5 T) m8 Z' j. v" c% y
* e7 O& ?+ ~! N' ?
; X7 L0 i6 n: b/ M _
All the best guys .. enjoy ur studies and keep practicing.
& I0 C1 y4 y+ T3 ~- I, X& XGood Luck |
|
简体中文
英语
日语
韩语
法语
西班牙语
越南语
泰语
阿拉伯语
俄语
葡萄牙语
德语
意大利语
希腊语
荷兰语
波兰语
保加利亚语
爱沙尼亚语
丹麦语
芬兰语
捷克语
罗马尼亚语
斯洛文尼亚语
瑞典语
匈牙利语
繁体中文
文言文
发表于 2017-4-5 13:29:33
置顶卡
喧嚣卡
变色卡
千斤顶
发表于 2017-4-5 13:32:05
