Open Cisco lab access (featuring Linux)

[Bob George]

I know a few folks on this list have mentioned pursuing Cisco
certifications. Having gone through this process (CCNP, now doing CSS1), I
know access to a lab can be tricky at times, and often costly. With that in
mind, I'd like to announce public access to my router pod on a test basis.
If I'm not using the equipment, others might as well get some use out of it.
If this sounds interesting, take a look at
http://openlab.ttlexceeded.com:8201 (note the port number!) and you can read
up on all the details.

Perhaps more relevant to the list, the lab is based on a Linux server that
provides (hopefully) secured access to a controlled lab environment. I've
set up a very restrictive set of iptables rules that basically let anyone
ssh in on port 8200, and allows access to the lab network itself, while
restricting outbound flows to return traffic, and e-mail to my server (no
external DNS). Default (unauthenticated) user accounts are limited to a
restricted bash shell. Within the lab, the Linux server provides tftp, ssh,
tacacs+ and other services within the lab environment (to be expanded as
needs are identified). There are some issues still to be worked out (i.e.
aborting telnet sessions ties up a port until the connection times out, lack
of reservation system), but I think the basics are in place.

I'd appreciate any feedback -- particularly regarding security! The HTML is
horrid-ugly, I know.

My hope is that this might evolve into a distributed learning collective,
where Linux can be used to expand individual job skills and opportunities,
and cut back on some of the ghastly costs of privately obtaining basic
competency in critical job functions like network administration and
support.

If you're after access to live (though modest) Cisco gear, by all means feel
free to use it! There should be plenty there for CCNA and CCNP candidates.

All feedback appreciated.

- Bob