Your partner for Success

CCIE Security v5 Lab Access Guide

Version 1.7

Author: Cloudmylab Support

Contents
Introduction .................................................................................................................................................................. 3
Audience ....................................................................................................................................................................... 3
Disclaimer ..................................................................................................................................................................... 3
Legal Liability ................................................................................................................................................................ 3
Topology ....................................................................................................................................................................... 3
Devices Used................................................................................................................................................................. 7
Physical Devices ................................................................................................................................................ 747
Virtual Devices .................................................................................................................................................... 87
Getting Access to the POD............................................................................................................................................ 8
DEVICE ACCESS ............................................................................................................................................................. 9
How to access the devices ........................................................................................................................................ 9
Guest Machine Reload ............................................................................................................................................. 9
Retrieve Snapshots ................................................................................................................................................. 12
Setup ISE for Lab ..................................................................................................................................................... 13
Accessing the Devices console ............................................................................................................................... 13
Device List ........................................................................................................................................................... 13
Devices CLI Credentials ....................................................................................................................................... 15
Quick Device access ................................................................................................................................................ 16
Virtual Device Access .............................................................................................................................................. 16
Example Method 1 for Virtual Devices with CLI access ...................................................................................... 17
Example Method 2 for Virtual Devices with CLI Access ..................................................................................... 18
Accessing Windows Based machines ..................................................................................................................... 18
Example Method 1 for windows based Device: ................................................................................................. 18
Example Method 2 for windows based Device .................................................................................................. 20
LAB Devices IP Details ................................................................................................................................................. 20
Lab Shortcuts .............................................................................................................................................................. 21
Introduction
Cloudmylab offers a platform to run any lab topology. CCIE Security v5 lab has been adopted from various vendors
and is built on the topology and configuration provided by them. We have designed this lab with customers and
online forum feedback. The Lab topology mentioned below is mostly virtual and it aligns with Cisco’s CCIE V5
blueprint.

Audience
This lab guide is intended for the students who are preparing for CCIE Security V5 and wish to use our platform for
practicing the CCIE labs.

Disclaimer
These labs have been designed and built by topology provided by vendors selling CCIE workbooks and online
student forums. Cloudmylab is not responsible for the accuracy of the labs or workbooks. Cloudmylab does not
endorse any CCIE workbook vendor or company. We have designed our platform per Cisco’s blueprint and it can
be used for any lab scenario. Students will be responsible for loading any pre-configuration.

Cloudmylab does not sell any workbooks or CCIE topology.

Legal Liability
Cloudmylab is an IAAS (Infrastructure as a service), PAAS (Platform as a service) and LAAS (LAB as a service)
provider. Cloudmylab either owns or lease the equipment used in the certification labs or proof of concept labs.
Cloudmylab uses all genuine software either procured or evaluation from the manufacturer. Cloudmylab
encourages its users to use their own licensing and/or lease it from Cloudmylab. Cloudmylab doesn’t resell
hardware, software or licensing.

Cloudmylab has no liability for software and licensing used by the customer in their purchased service instance.

Cloudmylab doesn’t endorse any Cisco Certification labs workbook Vendors.

Cloudmylab doesn’t endorse any Juniper Certification labs workbook Vendors.
Cloudmylab doesn’t endorse any Microsoft Certification labs workbook Vendors.
Cloudmylab doesn’t endorse any VMware Certification labs workbook Vendors.

Topology

The following topology has been adopted from CCIE University, this is a topology available on online forums and
vendors page. Cloudmylab offers a platform to run topologies and in no way own or endorse any vendor topology.
Figure 1
Figure 2
Figure 3
Devices Used

Physical Devices
This section details physical devices and software version in the topology.

Device Name Device Model Software Version

ASA1 ASA5515X 9.6.1
ASA2 ASA5515X 9.6.1
ASA3 ASA5512X 9.6.1
ASA4 ASA5512X 9.6.1
SW1 C3750X 12.2 58(SE)
SW2 C3750X 12.2 58(SE)
Table 1

Virtual Devices
This section details virtual devices and the software version used in the topology.

Device Name Device Model Software Version

R1 CSR1000v 03.16.06.S
R2 CSR1000v 03.16.06.S
R3 CSR1000v 03.16.06.S
R4 CSR1000v 03.16.06.S
R5 CSR1000v 03.16.06.S
R6 CSR1000v 03.16.06.S
R7 CSR1000v 03.16.06.S
R8 CSR1000v 03.16.06.S
R9 CSR1000v 03.16.06.S
R10 CSR1000v 03.16.06.S
R11 CSR1000v 03.16.06.S
R12 CSR1000v 03.16.06.S
R13 CSR1000v 03.16.06.S
R14 CSR1000v 03.16.06.S
R15 CSR1000v 03.16.06.S
R16 CSR1000v 03.16.06.S
R17 CSR1000v 03.16.06.S
R18 CSR1000v 03.16.06.S
ASAv1 ASAv 9.6.2
ASAv11 ASAv 9.6.2
ASAv2 ASAv 9.6.2
ASAv22 ASAv 9.6.2
ISE ISE-VM-K9 2.1
vWLC WLC-VM 8.5
WSA WSA-VM 9.1.1-041
NGIPS FP-NGIPS 6.1
FMC FP-FMC 6.1
AMP FP-AMP 6.1
Table 2
Getting Access to the POD

1. There are two methods you can get access to the access detail as mentioned below:

a.) Check for the URL and Port Number in the email from support@cloudmylab.com

Figure 4

b.) You can alternatively log in to your account and under ‘my account’ > Rack access, you will see the details

Figure 5
2. Please login with the credentials provided.

Figure 6

3. After logging in successfully, you will see a customized Desktop from where you can access all the devices.

DEVICE ACCESS
This section details how to access the physical and virtual devices.

How to access the devices

Starting the lab environment: https://www.youtube.com/watch?v=rYMvbJci70E (Needs updating)

Guest Machine Reload

1. Once you get the access to the Guest Desktop Environment,

A.) Open the VMware vSphere client and login with the details in table below:

Rack Rack-1 Rack-2

IP Address/hostname 192.168.130.37 192.168.130.38
Username ccisesec ccisesec
Password Ccie123! Ccie123!
Table 3
 Figure 7

2. Reload the Guest Virtual Machines in the table below using the VMware vSphere Client before you start your
lab.

Windows machine
Wireless-PC
MS-AD
MAB-CLIENT
DOT1X-PC
Table 4

The steps below explain how to reload a Virtual Machine:

Step 1: After your successful login to ESX host, select the guest machine.

Figure 8
Step 2: Right Click on the guest machine, click on power and select Power Off.

Figure 9

Step 3: Wait for VM to power off, then right click on the guest machine, click on power and select Power On

Figure 10
Retrieve Snapshots
1. Retrieve the snapshot for the Guest Virtual Machines in the table below using the VMware
vSphere Client before you start your lab.

Virtual Machines
NGIPS
FMC
AMP
WSA
vWLC
Table 5

Step1: Right Click on the machine -Snapshotsnapshot manager

Figure 11

Step2: Under Snapshot Manager Click on the BASE-CONF -GO To

Figure 12
 Setup ISE for Lab
This section defines how to setup ISE for the lab use. Please follow the steps carefully.

1. Go to Administration > Backup & Restore.

2. Select FTP from the drop-down menu for ‘History for Repository’.
3. Select the lab you want to restore to. When prompted for encryption key, type ISEisC00L and select
‘Restore ADE-OS configuration’.

Figure 13

Note: You will have to again join the AD and re-generate the CA certificates.

Accessing the Devices console

A.) Device Access – All the devices are pre-setup for console access and follow the screenshots for a quick access.
Device List

The table below contains the list of devices and their console access details. Terminal Server is a server which
host the console connections, do not confuse this with actual device IP.

Device Name Rack-1 Rack-2

Port No Terminal IP address Port No IP address
R1 1501 192.168.130.37 1501 192.168.130.38
R2
Device 1502 192.168.130.37 1502 192.168.130.38
R3 1503 192.168.130.37 1503 192.168.130.38
R4 1504 192.168.130.37 1504 192.168.130.38
R5 1505 192.168.130.37 1505 192.168.130.38
R6 1506 192.168.130.37 1506 192.168.130.38
R7 1507 192.168.130.37 1507 192.168.130.38
R8 1508 192.168.130.37 1508 192.168.130.38
R9 1509 192.168.130.37 1509 192.168.130.38
R10 1510 192.168.130.37 1510 192.168.130.38
R11 1511 192.168.130.37 1511 192.168.130.38
R12 1512 192.168.130.37 1512 192.168.130.38
R13 1513 192.168.130.37 1513 192.168.130.38
R14 1514 192.168.130.37 1514 192.168.130.38
R15 1515 192.168.130.37 1515 192.168.130.38
R16 1516 192.168.130.37 1516 192.168.130.38
R17 1517 192.168.130.37 1517 192.168.130.38
R18 1518 192.168.130.37 1518 192.168.130.38
SW1 2079 192.168.190.156 2079 192.168.190.157
SW2 2078 192.168.190.156 2078 192.168.190.157
ASA1 2074 192.168.190.156 2074 192.168.190.157
ASA2 2075 192.168.190.156 2075 192.168.190.157
ASA3 2076 192.168.190.156 2076 192.168.190.157
ASA4 2077 192.168.190.156 2077 192.168.190.157
AP1 2080 192.168.190.156 2080 192.168.190.157
Terminal Server 23 192.168.190.156 23 192.168.190.157
ASAv1 1539 192.168.130.37 1539 192.168.130.38
ASAv11 1540 192.168.130.37 1540 192.168.130.38
ASAv2 1538 192.168.130.37 1538 192.168.130.38
ASAv22 1537 192.168.130.37 1537 192.168.130.38
ASAv1 1539 192.168.130.37 1539 192.168.130.38
ISE 1534 192.168.130.37 1534 192.168.130.38
vWLC 1522 192.168.130.37 1522 192.168.130.38
WSA 1533 192.168.130.37 1533 192.168.130.38
NGIPS 1520 192.168.130.37 1520 192.168.130.38
FMC 1519 192.168.130.37 1519 192.168.130.38
AMP 1536 192.168.130.37 1536 192.168.130.38
Table 6
Devices CLI Credentials

Table below contains the credentials to access CLI for the undermentioned devices:

Device Name Username Password

R1 cisco cisco
R2 cisco cisco
R3 cisco cisco
R4 cisco cisco
R5 cisco cisco
R6 cisco cisco
R7 cisco cisco
R8 cisco cisco
R9 cisco cisco
R10 cisco cisco
R11 cisco cisco
R12 cisco cisco
R13 cisco cisco
R14 cisco cisco
R15 cisco cisco
R16 cisco cisco
R17 cisco cisco
R18 cisco cisco
SW1 cisco cisco
SW2 cisco cisco
ASA1 cisco cisco
ASA2 cisco cisco
ASA3 cisco cisco
ASA4 cisco cisco
AP1 Cisco Cisco
Terminal Server cisco cisco
ASAv1 cisco cisco
ASAv11 cisco cisco
ASAv2 cisco cisco
ASAv22 cisco cisco
ASAv1 cisco cisco
ISE Admin Ccie123
vWLC Admin Ccie123
WSA Admin ironport
NGIPS Admin Ccie123
FMC Admin Ccie123
AMP Admin Ccie123
Table 7
 Quick Device access
This section details on how to access the devices via CLI:

1. Click on SecureCRT.

Figure 14

Virtual Device Access

Virtual devices can be accessed using two methods:

1. Using Secure CRT CLI. Its strongly recommended to use terminal emulator to access all the Virtual Routers and
Firewall.
2. Using the vSphere Console
 Example Method 1 for Virtual Devices with CLI access

Open SecureCRT >> Click on the Plus Sign against Virtual Device >> Select the relevant device

Figure 15
 Example Method 2 for Virtual Devices with CLI Access
Open Vmware Vsphere Client >> right click on the relevant machine >> click open console

Figure 16

Accessing Windows Based machines

There are 4 Windows Based machines as follows:

Machine Rack-1 MGMT IP Rack-2 MGMT IP Username Password

Wireless-PC 150.1.7.204 150.1.7.204 admin Ccie123
Windows Server 150.1.7.200 150.1.7.200 admin Ccie123
Dot1x
ADPC 150.1.7.202 150.1.7.202 admin Ccie123
MAB-PC 150.1.7.203 150.1.7.203 admin Ccie123
Table 8

Example Method 1 for windows based Device:

Click on the remote desktop shortcut on the desktop, you will see 4 shortcuts and named appropriately.

Enter the username and password when prompted

Figure 17
Example Method 2 for windows based Device

Open Vmware Vsphere Client >> right click on the relevant machine >> click open console

Figure 18

LAB Devices IP Details

This section details the management IP assigned to the following virtual machines in the table below.
Please do refer to the topology as well.

IP Address Device Name

150.1.7.200 AD
150.1.7.201 Candidate PC
150.1.7.204 Wireless PC
150.1.7.206 NGIPS
150.1.7.211 FMC
150.1.7.212 ISE
150.1.7.213 WSA
150.1.7.214 vWLC
150.1.7.215 CUCM
150.1.7.216 AMP
150.1.7.217 AMP
Table 9
Lab Shortcuts

1. Starting a lab with Specific configuration:

Open the physical device console > login > dir flash:

#copy flash: lab1.cgf startup

Reload

Check out the video: https://www.youtube.com/watch?v=I72ExquNIFA

2. Clearing console line to get access: Under SecureCRT click on the plus sign against

Clear line and Select relevant device to clear

3. Reloading the devices: All the devices are connected to managed power PDU and you can use the
shortcut to boot the devices

To get support open a ticket on Support Page or send an email to support@cloudmylab.com.

Please check the documentation and FAQs beforehand.

-------------------------------------------------------END OF Document-------------------------------------------------------