If you configured this correctly as shown in Example 6-52, you have scored 2 points. Here we have an OSPF interface authentication configuration. The authentication is starting here intentionally to exercise with something that can break your network. This require-ment could be found also under the specific IGP section but has been left to this stage within the lab. Example 6-52. R1 and R5 OSPF Interface AuthenticationR1#sh run int e0/1 Building configuration... Current configuration : 119 bytes ! interface Ethernet0/1 ip address 160.10.25.1 255.255.255.0 ip ospf message-digest-key 1 md5 ccie half-duplex end R1# R1# R1#sh run | b router ospf router ospf 1 log-adjacency-changes area 25 authentication message-digest ! R1# ! R5#sh run int fa0/1 Building configuration... Current configuration : 135 bytes ! interface FastEthernet0/1 ip address 160.10.25.5 255.255.255.0 ip ospf message-digest-key 1 md5 ccie duplex auto speed auto end R5# R5#sh run | b router ospf router ospf 1 log-adjacency-changes area 25 authentication message-digest ! R5# !
If you configured this correctly as shown in Example 6-53, you have scored 2 points. Example 6-53. R3, R5, and R6 IS-IS Interface AuthenticationR3#sh run int fa0/0 Building configuration... Current configuration : 188 bytes ! interface FastEthernet0/0 ip address 160.10.22.3 255.255.255.0 ip router isis isis password ccie end R3# ! ________________________________________________________________ R5#sh run int fa0/0 Building configuration... Current configuration : 188 bytes ! interface FastEthernet0/0 ip address 160.10.22.5 255.255.255.0 ip router isis isis password ccie end R5# ! ________________________________________________________________ R6#sh run int e0/0 Building configuration... Current configuration : 172 bytes ! interface Ethernet0/0 ip address 160.10.22.6 255.255.255.0 ip router isis isis password ccie end R6#
This is basically an access list configuration on Sw2. If you configured this correctly as shown in Example 6-54, you have scored 2 points. Example 6-54. Sw2 Access List Configuration to Permit R3-lo0 AddressSw2#sh run ! b line vty 0 4 Building configuration... Current configuration : 2633 bytes ! ! ! ip access-list standard ccie permit 160.10.3.3 log deny any log ! ! line vty 0 4 access-class ccie in exec-timeout 0 0 password cisco end Sw2# ________________________________________________________________ R3#telnet 160.10.33.10 /source-interface fastEthernet 0/0 Trying 160.10.33.10 ... % Connection refused by remote host R3# ! ________________________________________________________________ Sw2# 5d05h: %SEC-6-IPACCESSLOGS: list ccie denied 160.10.22.3 ! Sw2# ! ! ________________________________________________________________ R3#telnet 160.10.33.10 /source-interface loopback 0 Trying 160.10.33.10 ... Open User Access Verification Password: Sw2> ! ! ________________________________________________________________ Sw2# 5d05h: %SEC-6-IPACCESSLOGS: list ccie permitted 160.10.3.3 1 packet |