Académique Documents
Professionnel Documents
Culture Documents
Solution:
R1
OSPF
ip ospf authentication message-digest command must be given on s0/0/0/0.12
Explanation:
Authentication types:
- 0 means that there is a null authentication.
- 1 means that the authentication type is plain text.
- 2 means that the authentication type is MD5.
Troubleshooting:
R1#show ip ospf interface fastEthernet 0/0
FastEthernet0/0 is up, line protocol is up
Internet Address 12.0.0.1/24, Area 0
Process ID 1, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State BDR, Priority 1
Designated Router (ID) 2.2.2.2, Interface address 12.0.0.2
Backup Designated router (ID) 1.1.1.1, Interface address 12.0.0.1
R1#
R1# debug ip ospf adj
*Mar 1 01:03:07.207: OSPF: Rcv pkt from 12.0.0.2, FastEthernet0/0 :
Mismatch Authentication Key - No message digest key 0 on interface
*Mar 1 01:04:57.311: OSPF: Rcv pkt from 12.0.0.2, FastEthernet0/0 :
Mismatch Authentication Key - Message Digest Key 1
*Mar 1 01:06:57.287: OSPF: Rcv pkt from 12.0.0.2, FastEthernet0/0 :
Mismatch Authentication type. Input packet specified type 1, we use
type 2
*Mar 1 01:09:00.419: OSPF: Rcv pkt from 12.0.0.1, FastEthernet0/0 :
Mismatch Authentication Key - Clear Text
Solution:
DSW1
HSRP
Delete the command with track 1 and enter the command with track 10 (standby 10 track
10 decrement 60).
Explanation:
Router(config-if)# standby 39 ip 10.0.0.1
Router(config-if)# stand 2 authentication md5 key-string cisco
Router(config-if)# standby 39 priority 150
Troubleshooting:
R2#show standby
FastEthernet0/0 - Group 0
State is Standby
3 state changes, last state change 00:22:00
Virtual IP address is 10.0.0.254
Active virtual MAC address is 0000.0c07.ac00
Local virtual MAC address is 0000.0c07.ac00 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.000 secs
Preemption enabled
Active router is 10.0.0.1, priority 99 (expires in 7.960 sec)
Standby router is local
Priority 67 (default 100)
Track object 1 state Down decrement 33
IP redundancy name is "hsrp-Fa0/0-0" (default)
R2#show track 1
Track 1
IP route 200.0.0.0 255.255.255.0 metric threshold
Metric threshold is Down (EIGRP/409600/160)
2 changes, last change 00:22:28
Metric threshold down 150 up 100
First-hop interface is FastEthernet0/1
Tracked by:
HSRP FastEthernet0/0 0
R1
router bgp 65001
no synchronization
bgp log-neighbor-changes
network 209.65.200.224 mask 255.255.255.252
neighbor 209.56.200.226 remote-as 65002
no auto-summary
Solution:
R1
BGP
Delete the wrong neighbor statement and enter the correct neighbor address in the
neighbor command (change neighbor 209.56.200.226 remote-as 65002 to neighbor
209.65.200.226 remote-as 65002)
Explanation:
Troubleshooting:
*Mar 1 00:18:55.191: %BGP-3-NOTIFICATION: received from neighbor 1.1.1.1 2/2
(peer in wrong AS) 2 bytes 0001
Used as multipath:
n/a
Outbound Inbound
Local Policy Denied Prefixes: -------- ------Total:
0
0
Number of NLRIs in the update sent: max 0, min 0
Connections established 0; dropped 0
Last reset never
External BGP neighbor may be up to 10 hops away.
No active TCP connection
R2#
Solution:
R1
NAT
Add the command permit 10.2.0.0 in the nat_pool access-list
Explanation:
R2(config)#ip nat ?
Stateful
Stateful NAT configuration commands
create
Create flow entries
inside
Inside address translation
log
NAT Logging
outside
Outside address translation
pool
Define pool of addresses
service
Special translation for application using non-standard port
source
Source address translation
translation NAT translation entry configuration
R2(config)#ip nat inside source list 1 interface fastEthernet 0/1
overload
Troubleshooting:
R2#show ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 20.0.0.1:2
11.0.0.1:2 33.0.0.1:2 33.0.0.1:2
icmp 20.0.0.1:3
11.0.0.1:3 33.0.0.1:3 33.0.0.1:3
R2#show ip nat statistics
Total active translations: 0 (0 static, 0 dynamic; 0 extended)
Outside interfaces:
FastEthernet0/1
Inside interfaces:
FastEthernet0/0
Hits: 18 Misses: 2
CEF Translated packets: 20, CEF Punted packets: 0
Expired translations: 2
Dynamic mappings:
-- Inside Source
[Id: 1] access-list 1 interface FastEthernet0/1 refcount 0
Appl doors: 0
Normal doors: 0
Queued Packets: 0
Ticket 5 R1 ACL
Configuration:
R1
router bgp 65001
no synchronization
bgp log-neighbor-changes
network 209.65.200.224 mask 255.255.255.252
neighbor 209.65.200.226 remote-as 65002
no auto-summary
!
access-list 30 permit host 209.65.200.241
access-list 30 deny 10.1.0.0 0.0.255.255
access-list 30 deny 10.2.0.0 0.0.255.255
!
interface Serial0/0/0/1
ip address 209.65.200.224 255.255.255.252
ip nat outside
ip access-group 30 in
Solution:
R1
IP Access list
Add permit 209.65.200.224 0.0.0.3 to R1s ACL
Explanation:
Routing protocols and BGP will fail due to this ACL
Troubleshooting:
R2#show ip access-lists
R2#show ip bgp neighbors
R2#show ip bgp summary
DSW1
vlan access-map test1 10
drop
match ip address 10
!
vlan filter test1 vlan-list 10
!
ip access-list standard 10
permit 10.2.0.0 0.0.255.255
!
interface VLAN10
ip address 10.2.1.1 255.255.255.0
Solution:
DSW1 (but in the exam maybe you have to choose ASW1)
Vlan access map
Remove VLAN filter test1 from DSW1
Explanation:
Switch(config)# vlan access-map Drop101 10
Switch(config-access-map)# match ip address 101
Switch(config-access-map)# action drop
!
Switch(config-access-map)# vlan access-map Drop101 20
Switch(config-access-map)# action forward
!
Switch(config)# vlan filter Drop101 vlan-list 10
Troubleshooting:
show vlan access-map vacl_name or show vlan filter access-map
Vlan access-map access_map_example_1
match: ip address 13
action: forward capture
ASW1
interface fa1/0/1
switchport mode access
switchport port-security
switchport port-security mac-address 0000.0000.0001
Solution:
ASW1
Port security
issue no switchport port-security mac-address 0000.0000.0001 command followed by shutdown
& no shutdown commands on port fa1/0/1 on ASW1
Explanation:
Troubleshooting:
Switch# show port-security interface fa 1/0/15
Port Security : Enabled
Port Status : Secure-Up
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 2
Total MAC Addresses : 0
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : 0000.0000.0000:0
Security Violation Count : 0
ASW1
interface FastEthernet1/0/1
switchport mode access
switchport access vlan 1
!
interface FastEthernet1/0/2
switchport mode access
switchport access vlan 1
Solution:
ASW1
Vlan
Give command: interface range fa1/0/1-/2 & switchport access vlan 10
Explanation:
Creating a VLAN and Assigning Ports
(config)# vlan 12
(config-vlan)# name MYVLAN
(config-if)# switchport mode access
(config-if)# switchport access vlan 12
Troubleshooting:
Verifying VLAN Configuration
ASW# show vlan brief
VLAN Name Status Ports
1 default active Fa0/1, Fa0/2, Fa0/3,
Fa0/10,Fa0/11,Fa0/12
20 VLAN0020 active Fa0/5,Fa0/6,Fa0/7
21 VLAN0021 active Fa0/8,Fa0/9
1002 fddi-default active
1003 trcrf-default active
1004 fddinet-default active
1005 trbrf-default active
ASW# show run interface fa0/5
Building configuration...
Current configuration 64 bytes
Configuration:
ASW1
interface PortChannel13
switchport mode trunk
switchport trunk allowed vlan 1-9
!
interface PortChannel23
switchport mode trunk
switchport trunk allowed vlan 1-9
!
interface FastEthernet1/0/1
switchport mode access
switchport access vlan 10
!
interface FastEthernet1/0/2
switchport mode access
switchport access vlan 10
Solution:
ASW1
Switch to switch connectivity
Int range portchannel13, portchannel23 switchport trunk allowed vlan
none,
switchport trunk allowed vlan 10,200
Explanation:
By default, a trunk carries traffic for all VLANs. You can change that
behavior for a particular trunk link by giving thefollowing command at
the interface config mode:
switchport trunk allowed vlan vlans
Troubleshooting:
ASW# show interfaces fastethernet 0/1 trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 desirable n-802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1-150
<further output omitted>
Ticket 10 EIGRP AS
Configuration:
DSW1 can ping fa0/1 of R4 but cant ping s0/0/0/0.34
Solution:
R4
EIGRP
Change EIGRP AS number from 1 to 10
Explanation:
EIGRP AS Numbers have to match.
Troubleshooting:
R2#show ip eigrp interfaces
IP-EIGRP interfaces for process 1
Xmit Queue Mean Pacing Time Multicast Pending
Interface
Peers Un/Reliable SRTT Un/Reliable Flow Timer Routes
Fa0/0
0
0/0
0
0/2
50
0
Lo1
0
0/0
0
0/1
0
0
R2#show ip eigrp neighbors
IP-EIGRP neighbors for process 1
H Address Interface Hold
Uptime SRTT RTO Q Seq
(sec)
(ms)
Cnt Num
0 12.0.0.1 Fa0/0 14 00:00:01
137 822
0
18
R2#show ip eigrp traffic
IP-EIGRP Traffic Statistics for AS 1
Hellos sent/received: 15/15
Updates sent/received: 11/13
Queries sent/received: 0/0
Replies sent/received: 0/0
Acks sent/received: 4/5
SIA-Queries sent/received: 0/0
SIA-Replies sent/received: 0/0
Hello Process ID: 157
PDM Process ID: 155
IP Socket queue: 0/2000/5/0 (current/max/highest/drops)
Eigrp input queue: 0/2000/5/0 (current/max/highest/drops)
R4
router eigrp 10
network 10.1.4.5 0.0.0.0
no auto-summary
redistribute ospf 1 metric 100 10 255 1 1500 route-map EIGRP_to_OSPF
!
router ospf 1
network 10.1.1.8 0.0.0.0 area 34
redistribute eigrp 10 subnets
!
route-map EIGRP->OSPF
match ip address 1
Solution:
R4
Route redistribution
Change the name of the route-map under the router EIGRP or router
OSPF process from EIGRP_to_OSPF to EIGRP->OSPF.
Explanation:
Route-map name has to be the same
Troubleshooting:
R2#show route-map
route-map TEST, permit, sequence 10
Match clauses:
ip address (access-lists): 1
Set clauses:
tag 2
Policy routing matches: 0 packets, 0 bytes
R2
ipv6 router ospf 6
router-id 2.2.2.2
!
interface s0/0/0/0.23
ipv6 address 2026::1:1/122
Configuration of R3
ipv6 router ospf 6
router-id 3.3.3.3
!
interface s0/0/0/0.23
ipv6 address 2026::1:2/122
ipv6 ospf 6 area 0
Solution:
R2
OSPFv3
On the serial interface of R2, enter the command ipv6 ospf 6 area 0
(notice that it is area 0, not area 12)
Explanation:
IP addresses are already in place, the commands to implement basic OSPFv3
are shown in the following example.
Router(config)# ipv6 router ospf process-id
Router(config-rtr)# router-id 32bit-address
!
Router(config-rtr)# interface type number
Router(config-if)# ipv6 ospf process-id area area
Troubleshooting:
R2#show ipv6 interface fastEthernet 0/0
FastEthernet0/0 is up, line protocol is up
*Mar
Solution:
R4
DHCP
On R4 delete ip dhcp exclude 10.2.1.1-10.2.1.253 and apply ip dhcpexcluded 10.2.1.1-10.2.1.2
Explanation:
ip dhcp excluded-address 192.168.100.0 192.168.100.100
!
ip dhcp pool TEST
network 192.168.100.0 255.255.255.0
dns-server 80.80.160.80
default-router 192.168.100.254
!
Troubleshooting:
R2#show ip dhcp pool
Pool TEST :
Utilization mark (high/low) : 100 / 0
Subnet size (first/next)
:0/0
Total addresses
: 254
Leased addresses
:1
Pending event
: none
1 subnet is currently in the pool :
Current index
IP address range
Leased addresses
192.168.100.102 192.168.100.1 - 192.168.100.254
1
R2#show ip dhcp binding
Bindings from all pools not associated with VRF:
IP address
Client-ID/
Lease expiration
Type
Hardware address/
User name
192.168.100.101 0063.6973.636f.2d63. Mar 02 2002 12:15 AM Automatic
030.302e.3063.3263.
2e30.3030.302d.4661.
302f.30
router eigrp 10
passive-interface default
redistribute ospf 1 route-map OSPF->EIGRP
network 10.1.4.4 0.0.0.3
network 10.1.4.8 0.0.0.3
default-metric 10000 100 255 1 10000
no auto-summary
Solution:
R4
IPv4 EIGRP Routing
Remove Passive interface under EIGRP 10 (or in Interface f0/1 and f0/0, something like this)
Explanation:
R1(config-router)#passive-interface fastEthernet 0/1
R1(config-router)#passive-interface default
R1(config-router)#no passive-interface fastEthernet 0/2
Troubleshooting:
R1#show ip protocols
Routing Protocol is "eigrp 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Default networks flagged in outgoing updates
Default networks accepted from incoming updates
EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
EIGRP maximum hopcount 100
EIGRP maximum metric variance 1
Redistributing: eigrp 1
EIGRP NSF-aware route hold timer is 240s
Automatic network summarization is not in effect
Maximum path: 4
Routing for Networks:
192.168.100.0
200.0.0.0
Passive Interface(s):
FastEthernet0/1
Routing Information Sources:
Gateway
Distance
Last Update
Distance: internal 90 external 170
D Protocol Management
E Security Management
Answer: B C E (Fault, Configuration & Security Management) Notice that A stands for
Accounting, not Action.
2) Which alerts will be seen on the console when running
the command: logging console warnings.
A warnings only
B warnings, notifications, error, debugging, informational
C warnings, errors, critical, alerts, emergencies
D notifications, warnings, errors
E warnings, errors, critical, alerts
Answer: C (warning, critical, alert, emergencies)
Explanation
The Message Logging is divided into 8 levels as listed below
Level
Keyword
Description
emergencies
System is unusable
alerts
critical
errors
warnings
notification
informational
Informational messages
debugging
Debugging messages
The highest level is level 0 (emergencies). The lowest level is level 7. If you specify a level with
the logging console level command, that level and all the higher levels will be displayed. For
example, by using the logging console warnings command, all the logging of emergencies,
alerts, critical, errors, warnings will be displayed.
In this question, E is also correct but it is less information -> C is the best answer.
3) You have 2 commands used for ftp:
ip ftp username xxxxxx
ip ftp password yyyyyy
Which two commands will be used when switching from ftp to http?
Answer:
ip http client username xxxxxx
ip http client password yyyyyy
4) Which two of the following options are categories of Network Maintenance tasks?
A Firefighting
B Interrupt-driven
C Policy-based
D Structured
E Foundational
Answer: B D
5) The following commands are issued on a Cisco router:
Router(config)#access-list 199 permit tcp host 10.1.1.1 host 172.16.1.1
Router(config)#access-list 199 permit tcp host 172.16.1.1 host 10.1.1.1
Router#debug ip packet 199
6) You have two NTP servers 10.1.1.1 & 10.1.1.2 and want to configure a router to use 10.1.1.2
as its NTP server before falling back to 10.1.1.1. Which command will you use?
Answer:
ntp server 10.1.1.1
ntp server 10.1.1.2 prefer
Configuration Management C
Accounting Management A
Question 2
FCAPSmodel defined by the International Organization for Standardization (ISO).
ITIL framework for it prof
TNMnetwork management model is the Telecommunications Standardization Sectors
(ITU-T)
Cisco lifecyclemodel is often referred to as the PPDIOO model
Question 3
EEM CLI based for Management and Monitoring
SDM provide a GUI for Administration
FTP Used for Backup and restore