Today was a great day. We started off with a really short blast about access control lists(ACLs), policy generation, and object groups; then we jumped right into the configuration of the firewalls.
Last night I worked on reading a little bit about the basic command structure by flipping through the book that Steve gave me for the course. I felt much more comfortable today about the basic command structure of the firewalls and spent much less time stumbling as we configured the basic parameters.
The structure of the lab was basically permitting traffic from the inside our network to the DMZ web hosts, so that our imaginary web developers can update their web servers. As well we configured ACLs to allow traffic from outside to the web servers for HTTP and FTP, restricted FTP so that only get traffic would be allowed through the firewall, built bogon object groups and configured our NAT so that there were static mappings for our DMZ web farm.
All in all this was a very good day. We spent most of the day working on this one lab to get all the ACLs setup between the different parts of the network and the outside of our network. All in all it was a very instructional day and we got a lot of hands on.
For the day I felt that I got a lot of good experience working with the IOS. I spent a lot of time just banging around in the configuration trying to get things to work, trying different ways to get what I wanted to happen, happen. I feel much more comfortable with interacting with the IOS and talking to other people about what is going on.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment