Home > Articles > Cisco Certification > CCIE > CCIE Security Practice Labs

CCIE Security Practice Labs

Section 4.0: PIX Configuration (5 points)

4.1: Basic PIX Configuration (2 points)

  1. Configure PIX inside and outside interface and respectively. Do not configure a default route on PIX. All routes should be learned via RIP as per Section 2.4.

  2. You should be able to ping all routers in the network from the PIX, including the AAA server and R6 networks behind the pix.

4.2: Network Address Translation (NAT) (2 points)

  1. Configure static NAT translation and an access list on PIX to receive reliable syslog messages for a server behind R6. NAT as

4.3: Advanced Configuration (1 point)

  1. A workstation on VLAN 6 is failing to ping a server on the same VLAN. Both PCs are in the same VLAN. Upon investigating, it is determined that the workstation is seeing the PIX inside MAC address for the server. When ethernet1 on PIX is shut down, the workstation can ping successfully. Resolve this without shutting down the ethernet1.

8. Section 5.0: IPSec/GRE Configuration (10 points) | Next Section Previous Section