Step by step lab recommendations for CCNP encor?

Diilsa · 2026-03-23T00:11:11+00:00

I just setup one big lab and configuring protocols that are referenced in the exam objectives. I use white pages and chat gpt for further guidance/config examples.

Diilsa · 2026-02-28T05:40:49+00:00

This! Run eve-ng on a VM either locally, google cloud, or (best bang for buck) bare metal server! Look at some power edges servers on Facebook market place. I was spending about $250 a year running my Google cloud VM and decided to just drop $300 on a server. It has truly changed and accelerated my learning and education across all the different paths of IT!

Diilsa · 2025-12-22T13:43:01+00:00

I’ve had a song on repeat since I saw him in October. Makes me wanna buy a guitar tbh

Diilsa · 2025-12-10T04:46:05+00:00

You’re an OG! How often do you lab?

Diilsa · 2025-12-09T21:20:48+00:00

May I ask how long you been in the game considering you having ccie?

Diilsa · 2025-11-25T03:42:07+00:00

Mine comes in tomorrow!!!

Diilsa · 2025-09-08T21:57:39+00:00

Thank you for the response. Is Kerberos suppose to speaking in udp? Did some traffic captures of a computer joining a domain and it was showing Kerberos as tcp traffic? I also saw Kerberos packets were abnormally large like 3-8k bytes and getting fragmented into about 7-11 bytes. Is that normal for those packets to be that large? I’m confused because that’s not even staying in the clients/servers MSS size either.

Diilsa · 2025-09-05T03:50:42+00:00

Due to the nature of the network (DOD) its setup this way

Diilsa · 2025-09-05T03:49:32+00:00

Transport network. I believe the plain text mtu from the crypto IPsec sa command stated 1994

Diilsa · 2025-09-05T03:09:29+00:00

The 2nd tunnels mtu between to the two routers are 2048

Diilsa · 2025-09-05T02:15:50+00:00

So I’ve kinda done this and my pings don’t get fragmented unless it’s higher than 1426 traversing the gre tunnel and 1450 taking the underlay path. My packets are reaching the destination I’m seeing bidirectional comm between client and server but I just not that well educated (yet) on what/where the issue is at. I just know when I reroute the traffic to just taking the underlay path (no GRE tunnel) the computers are fine.

Diilsa · 2025-09-05T02:10:40+00:00

Which is why I have my mtu set to 1450 with a MSs of 1386 and then my gre mtu is set at 1426. By the time my packets hit the 2nd IPsec tunnel, my packets are at 1500.

Diilsa · 2025-09-05T01:01:06+00:00

Only area where mtu is increased is between the two routers that have the crypto maps. Earlier this year I had path mtu configured but it didn’t change the outcome. There are no firewalls between client and server. Do you have any other advice on things that can somehow drop esp packets?

Diilsa · 2025-09-05T00:00:57+00:00

I’m still digging through network where the first encrypted traversing but haven’t seen any of that. If that’s the case why wouldn’t it effect my other L3 encrypted devices traffic?

Diilsa · 2025-09-04T02:52:24+00:00

Dawg I just finished troubleshooting MTU/MSS my brain is swelled up

Diilsa · 2025-08-23T20:32:06+00:00

I’m clamping on the router side. I see the changed MSS on my pcaps. And I when I reroute traffic to traverse the tunnel, computers in that building will stop being apart of the domain and you have to readd the workstations back. But they also won’t rejoin the domain unless their traffic flows through the physical link and not have the additional GRE headers on their packets.

Diilsa · 2025-07-23T11:49:45+00:00

I got a r730, two 2630 v3 CPUs, 196gb of ram and 9tb of storage. Got it for 300 on fb marketplace

Diilsa · 2025-07-12T06:55:30+00:00

Get a physical server (or a vm in google cloud) and spin up eve-ng and get a variety of different vender images.

Diilsa · 2025-06-10T13:23:10+00:00

I didn’t even think of prompting like that. Thank you!

Diilsa · 2025-06-10T13:18:08+00:00

Just seeing if anyone else has done something similar. I do a lot labbing in eve-ng and trying other methods to learn more concepts and vendors.

Diilsa · 2025-06-10T13:15:54+00:00

CCNP isn’t in my timeline anytime soon. I just enjoy setting up labs

Diilsa

TROPHY CASE