|
Author
|
Topic: VPN tasks to be taken first or last in lab
|
Kingsley Charles (CCSP, CCNP, CCIP)
Brainiac
Member # 29872
Member Rated:
|
posted April 27, 2012 11:06 PM
Hi all
VPN always takes time compared to other tasks though points are nearly the same. I looking for advantages and disadvantages for taking VPN at the last.
Please share your experience.
With regards
Kings
Posts: 887 | From: India | Registered: Jun 2010
| IP: Logged
|
|
theevilmuffin
I need a life
Member # 23191
Member Rated:
|
posted April 28, 2012 01:29 AM
you're over thinking the lab kings. Trsut me, you will nail the lab, i'd be surprised you are not done by 2pm.
Posts: 1065 | From: UK | Registered: Sep 2007
| IP: Logged
|
|
Kingsley Charles (CCSP, CCNP, CCIP)
Brainiac
Member # 29872
Member Rated:
|
posted April 28, 2012 01:40 AM
Theevilmuffin, I have put lot of effort for past 3 years and really am tired. Need to pass this time and hence wanted to make sure, I go with right strategy :-)
VPN is one task that is lengthy and sometimes, though our config is correct, IOS issues doesn't makes them work.
For instance, yesterday in a mock lab, I configured a site to site VRF VPN but it was falling because of mis-match keys in keyring.
Spent nearly 30 mins and atlast decided to change the key from cisco to cisco123 and it worked.
Many times, this has happened to me. Issue is not due to config but the IOS. So, if VPN doesn't work, I am not sure whether it is config issue or IOS issues. Though IOS issue probability is very less, it is likely to come, if that I am unlucky that day.
So I am thinking why don't I take VPN at the last.
With regards
Kings
Posts: 887 | From: India | Registered: Jun 2010
| IP: Logged
|
|
theevilmuffin
I need a life
Member # 23191
Member Rated:
|
posted April 29, 2012 07:58 AM
Kings, we all know you have put a lot of effort into this - anyone who is a serious IE candidate from the last 3 years would know who you are.
You wont realise your reward, but you have it already - a deep knowledge that you can only gain from hard study.
For the VPN my advice would be know ike debugging very well, if you know where in the exchange is failing you can usually spot what is wrong. I think that this can only be obtained from lots of study and troubleshooting. There's a few good docs on VPN troubleshooting on netpro by Marcin and also the ciscopress vpn book.
I must admit i had an issue between an ASA and IOS in the lab that was very very tricky, just make sure you know all combinations of VPNs and that the config will be reloaded, so it needs to work on a reload...
cheers
Posts: 1065 | From: UK | Registered: Sep 2007
| IP: Logged
|
|
Kingsley Charles (CCSP, CCNP, CCIP)
Brainiac
Member # 29872
Member Rated:
|
posted April 29, 2012 09:35 AM
Thanks Theevilmuffin.
I can handle troubleshooting but time management is the one which always keep pricking me :-)
With regards
Kings
Posts: 887 | From: India | Registered: Jun 2010
| IP: Logged
|
|
theevilmuffin
I need a life
Member # 23191
Member Rated:
|
posted April 29, 2012 09:41 AM
quote:
Originally posted by Kingsley Charles (CCSP, CCNP, CCIP):
Thanks Theevilmuffin.
I can handle troubleshooting but time management is the one which always keep pricking me :-)
With regards
Kings
I know what you mean, I remember I was chasing my tail with a 3 point Q and had to call it a day after spending 30 mins on it. I guess it's managing yourself :-)
Posts: 1065 | From: UK | Registered: Sep 2007
| IP: Logged
|
|
ccietobe9
Member
Member # 31901
Rate Member
|
posted April 29, 2012 01:21 PM
There are quite a few VPN questions, but not all of them are complete configuration questions, some of them are straight troubleshooting ones. The faults may not be obvious and you could count something as a fault but in reality it isnt a fault and may take time. If you know VPN very well, and know the DOC CD very well as well, then you can surely nail that portion.
The thing that gets me each time is the advance security portion, because most of the solutions are knowledge checkers and not verifiable. So being good in theory in those sections is very important. From what I have seen from you, you are already very good in a lot of those topics. The forums are full with you asking some of the very best questions I have seen.
Posts: 37 | From: US | Registered: Jan 2012
| IP: Logged
|
|
Aziz Islam
Guru
Member # 21310
Rate Member
|
posted April 29, 2012 06:54 PM
Kings,
In my personal opinion, you should try and nail the VPN earlier than at the very last.
The VPN portion of the lab is the most difficult (at least for the level of complexity and detail in troubleshooting) as compared to the rest and nailing it down may give onself a lot of confidence and boost....enough to breeze you past the rest.
Remember, a feeling of confidence (only after you are a 100% sure that you have killed a topic with thorough testing and verification) is very important in the CCIE Security and other discipline labs......this confidence may work wonders for the remainder of the lab as well.
And Kings, after seeing the depth of your knowledge and the magnitude of your effort, you may soon be eligible for a CCIE Security Proctor......all the best.
Aziz S. Islam.
Posts: 141 | From: Toronto, CANADA | Registered: Jan 2007
| IP: Logged
|
|
Kingsley Charles (CCSP, CCNP, CCIP)
Brainiac
Member # 29872
Member Rated:
|
posted April 29, 2012 09:34 PM
Thanks to all of you :-)
With regards
Kings
Posts: 887 | From: India | Registered: Jun 2010
| IP: Logged
|
|
|
UBBFriend: Email this page to someone!
Printer-friendly view of this topic