Archive for May, 2009


Hi everyone!

We are excited to announce our newest release of IEWB-VO VOL1 labs covering the new CCIE Voice blueprint, which becomes effective as of July this year. The first of the CCIE Voice v3.0 labs are now out in beta format, in addition to new Voice Racks available to rent covering the new topology! All current customers who have purchased IEWB-VO VOL1 will automatically receive the new updates in their members account at no additional cost. Each section of the new VOL1 includes technology-focused labs with explanations, verifications, further reading links, and dedicated troubleshooting sections.

The initial release covers Cisco Unified Communications Manager Express (CUCME, formally known as Call Manager Express or CME). We will continue releasing new voice content covering all new blueprint topics, with a new section being released each week. The next release will include more CUCME labs, as well as Unity Express tasks, followed by the first of the new Unified Communications Manager Labs! The initial VOL1 release covers the following topics:

CUCME Basic Configuration
Phone Registration & Number Assignment (SCCP Phones)
SIP Phones
IOS Call Routing
Voice Translation Rules
Shared Line
Night Service
After-Hours Setup
Single Number Reach
Softkey Customization – SCCP
Softkey Customization – SIP
Conference Resources
Transcoding Resources
Voice Hunt Groups
Ephone Hunt groups
Dynamic Hunt groups

The new voice racks are fully compliant with the CCIE Voice hardware specification posted at Cisco’s website: CCIE Voice Hardware Specification. To many folks out there, the new hardware lists is a huge relief, as the many old and expensive devices including the 6500 switch and the VG248 are now gone. Plus, the addition of SIP phones allows for more flexible choice of softphone software, not limited to the small set of SCCP-compatible products available on the market.

As for the people preparing using the old blueprint, our rack rentals support the old CCIE Voice hardware specification as well. Nothing will change until the lasts days the old blueprint remains valid.

Thank you, and be sure to check back often for more updates!

Tags: , , , , , , ,


Hi Everyone,

As you have probably noticed, OER (or PfR for PerFormance Routing as they call it now) is the part of the new CCIE RS blueprint, which becomes effective as of October 2009. In short, OER is the technology that enables selecting a best exit/entry point in the network for various classes of traffic (e.g. VoIP, HTTP, streaming video and so on) based on traffic performance metrics. We are already working on the new updates, and now presenting you with a free sample of our IEWB-RS VOL1 product (technology-focused labs). The sample covers all five phases of OER, including OER profiling, measuring, policy application, control and verification. You can download the sample here VOL1 OER Sample along with the initial configuration files suited for Rack1 of our RS topology OER Initial Configuration. All scenarios are designed to be working on existing racks running IOS version 12.4. Advanced features introduced in 12.4T are to be covered in further VOL1 updates. Even if you are not interested in OER, you may still want to download the sample just to get the feeling of VOL1 tasks and upcoming new updates.

Happy studying!

Tags: , , , ,


Module 4 IP RoutingLesson 3 OSPF Adjacencies and Troubleshooting of the CCIE R/S Written Bootcamp has been updated to include an interactive demonstration of the configuration of NBMA mode in a hub and spoke Frame Relay environment. The interactive demonstration occurs just after the discussion of the various OSPF Network Types. Remember, you can use the Class On Demand controls at the bottom of the interface to fast forward to this new content if you prefer.

As always, enjoy your studies!

Tags: , , , , ,


Looking over the questions asked to Maurilio Gorito during the latest R&S Ask The Expert Session, I tried to summarize some information and outline the new exam format. Here is how it looks to me so far.

The exam consists of three sections. A candidate must obtain the PASS mark in *every* section in order to pass the exam. All three sections are tested in sequence and grading occurs in the end of the exam. Even if the candidate fails in any of the section, he won’t know about this until the exam ends and grading has been performed. A candidate may finish any section in advance and move forward to the next section, which might be considered a time-management strategy. However, the candidate is not allowed to return to any previous section after it’s finished.

The following is the list of the exam sections:

(1) Open Ended Questions (OEQ) (0.5 hours): Four questions in total; A candidate needs to answer three questions out of four correctly to get the PASS mark in this section. A human grades the results. Most times, an answer could be as short as two or three words. Questions deal with the understanding of the theoretical concepts of the lab exam and don’t require intensive memorizing. The only tool the candidate has access to will be Windows Notepad, and no access to the DocCD is provided during this section.

(2) Troubleshooting Section (2 hours). Initial configurations are loaded in the candidate’s rack, and the candidate is presented with a troubleshooting scenario, formatted as a series of trouble-tickets. Additionally, L2/L3 & IGP diagrams are presented for reference. The section consists of approximately 10-15 tickets. Every ticket has point value associated with it and tickets DO NOT depend on each other (this is important to avoid cascading effects). The results are graded by the verification script and confirmed by a human. A relative score of 80% of the total section score must be obtained to get the PASS mark for this section. It is important to understand that this section is completely independent of Configuration section that follows.

(3) Configuration Section (5,5 hours). This is a new scenario on a new logical topology, different from the one presented during the Troubleshooting section. Of course, this section has its own initial configuration, which most likely includes IP addressing and basic IGP/BGP settings. The formatting is similar to the old exam, with the tasks, point allocation per task, diagrams and so on. 
The approximate number of tasks here is 25-30. The section results are graded by the verification script and confirmed by a human. A relative score of 80% must be obtained to get the PASS mark for this section.

It is rumored, by not confirmed officially that the OEQ section has 21 points and the Troubleshooting + Configuration section has 79 points allocated. This allocating may probably change with time, but apparently the fact that all task points sum to 100 remains true. And again, you have to obtain approximately 80% points in every section (around 80 points total) to pass the exam.

Finally, for the new topics being added to the exam. It appears that major stress will be on new routing features, such as MPLS VPN and EIGRPv6. However, the MPLS VPN tasks will be pretty basic, not covering any advanced scenarios such as CsC, InterAS VPN, mVPN, MPLS TE and so forth. For the other new technologies added to the lab:

1) PfR (Performance Routing). Should be pretty basic, and does not require any deep knowledge of PfR. Will not appear in all labs.
2) Security feautures: IPS and Zone-Based Firewall are NOT covered in-deph as well. Only basic configuration of the IPS feature is required with no deep understanding of the signature engines and signature tuning. Most likely you just need to know the basic configuration scenarios and be able to copy-adapt-paste the configuration samples from the DocCD.
3) 802.1x IBNS. All you need is to know how to set up the 802.1X control. No RADIUS server will be present in the lab, so this part is pretty basic as well.
4) SDM will not be present in the lab ISRs, so all configurations are purely CLI-based.

I’ll be updating this post to reflect any new information posted in the NetPro forum thread.

Tags: , , ,


Hi everyone,

Although I’m usually making tech posts only, it won’t hurt to mention that we extended our Memorial Day offer for another 24 hours. Why? just because we can :) So if you’ve been thinking of buying any of our products, today is the perfect day. And yes, the discount applies to ALL offers. Contact our sales for more details using the information at IE contacts or just use the code MEMDAY09 when making any purchase.

Have fun and good luck with your studies!

Anticipating the questions about the RS and SC updates – more to come this week! Not to mention the brand new VO updates (v3.0 blueprint) to be delivered this week as well!

Tags: , ,


Hi Everyone,

we’ve just posted the remaining labs in the BGP sections and the content should be available to all subscribed accounts. There are now 61 feature-focused labs in total, listed below. From now on, we will focus on the new blueprint topics for CCIE R&S track, as outlined in New CCIE R&S Reload. The updates for VOL1 and VOL2 will go in parallel. Anyone preparing to the new lab according to the new blueprint could safely use the current labs for their practice and practice the new material as it being posted.

Happy studying!

The list of BGP topics follows:

Establishing iBGP Peerings
Establishing EBGP Peerings
BGP Update Source Modification
Multihop EBGP Peerings
Neighbor Disable-Connected-Check
Authenticating BGP Peerings
iBGP Route Reflection
Large Scale iBGP Route Reflection with Clusters
iBGP Confederation
BGP Next-Hop Processing – Next-Hop-Self
BGP Next-Hop Processing – Manual Modification
iBGP Synchronization
BGP over GRE
BGP Redistribute Internal
BGP Peer Groups
BGP Network Statement
BGP Auto-Summary
BGP Bestpath Selection – Weight
BGP Bestpath Selection – Local Preference
BGP Bestpath Selection – AS-Path Prepending
BGP Bestpath Selection – Origin
BGP Bestpath Selection – MED
BGP Bestpath Selection – Always Compare MED
BGP Bestpath Selection – AS-Path Ignore
BGP Bestpath Selection – Router-IDs
BGP Bestpath Selection – DMZ Link Bandwidth
BGP Bestpath Selection – Maximum AS Limit
BGP Backdoor
BGP Aggregation
BGP Aggregation – Summary Only
BGP Aggregation – Suppress Map
BGP Aggregation – Unsuppress Map
BGP Aggregation – AS-Set
BGP Aggregation – Attribute-Map
BGP Aggregation – Advertise Map
Continue Reading

Tags: , , , , ,


Some things never change. CCENT and CCNA candidates still have the roughest time in the curriculum with the topic of subnetting.

Hey! No problem! We have all been there. Just remain patient, remain calm, and keep working through examples and practice problems.

Do you want a quick quiz to see if your skills are up to speed? Check out this blog post:

Subnetting Practice Quiz 1

Let’s walkthrough a common subnetting question type in this blog entry. Here is the question, followed by how I would solve it in the written exam on my scratch paper.

“You run the ipconfig command and discover your IP address and subnet mask are: What is your network address?”

Continue Reading

Tags: , , ,


On June 15, 2009, the CCIE Security Lab Exam receives the new Core Knowledge section. To help prepare students for this critical new lab exam component, the CCIE Security Core Knowledge Simulation is now available for purchase.

For more information, or to add the product to your shopping cart, use the link below:

CCIE Security Core Knowledge Simulation

Tags: , , , , ,


Hi Everyone,

We’ve just posted a number of new SC and RS VOL1 labs updates (VPN and BGP sections respectively). It’s obviously taking some time to update the existing IEWB-SC VOL1 labs, as we’re adding a lot of new topics and breakdown material. Therefore, we’re changing the update model by focusing primarily on the new topics, as an addition to the existing v3.0 labs. After the “host” stuff has been all covered, we’ll continue updating the existing material. As for the new labs posted under the IEWB-SC VPN section, here is the list:

IOS ezVPN Server
IOS ezVPN Server using VTI
IOS ezVPN Server: Group Lock
IOS ezVPN Server: RADIUS Authorization
IOS ezVPN Server: Per User AAA download with PKI
IOS ezVPN Remote: Client Mode
IOS ezVPN Remote: NEM
IOS ezVPN Remote: VTI
IOS ezVPN Remote: Digital Signatures
ASA ezVPN Server
ASA ezVPN Server: DHCP Address Allocation
ASA ezVPN Server: RADIUS Authorization
ASA ezVPN Server: Per User AAA download with PKI
ASA Clientless SSL VPN
ASA Clientless SSL VPN: Port Forwarding
ASA Clientless SSL VPN: Smart Tunnel

The next “scattered” update will probably focus on the (imho overrated ;) GET VPN, ZFW, DAP, Virtual Sensors, IPs Anomaly Detection and some other “hot” topics. Also, VOL2 Lab3 is coming soon as well. Happy studying!



In this blog post we are going to review and compare the ways in which IOS and ASA Easy VPN servers perform ezVPN attribute authorization via RADIUS. The information on these procedure is scattered among the documentation and technology examples, so I thought it would be helpful to put the things together.

To begin with, let’s establish some sort of equivalence between the IOS and ASA terminology. Even though ASA inherited most of it’s VPN configuration concepts from the VPN3000 platform it is still possible to find similarities between the IOS and the ASA configurations. Recall that IOS ezVPN configuration defines local ezVPN group policy by means of the crypto isakmp client configuration group command. This could be viewed as a rough equivalent to the ASA’s group-policy type internal command, though the ASA’s command scope is much broader. IOS ISAKMP profiles could be viewed as an equivalent to the ASA’s tunnel-group command defining a connection profile.

Continue Reading

Tags: , , , , ,


CCIE Bloggers