A guide for the TSHOOT Exam

For the TSHOOTv2 exam we will encounter:

+ Multiple Choice Questions

+ 12 Troubleshooting Tickets (check them at the right-side menu)
+ BGP Simlet
+ HSRP Simlet

Below is a summary of 17 Tickets you may see in the exam:

Device Error Description

1. Access port not in VLAN 10 (removed)
2. Port Channel not allowing VLAN 10
ASW1
3. Ports should be in access mode instead of trunking
4. Port security in fa1/0/1, fa1/0/2 interfaces
1. HSRP track 10 (removed)
DSW1 2. VLAN filter
3. DHCP IP Helper-address (APIPA addresses on clients)
1. Wrong IP of BGP neighbor
2. NAT Outside misconfigured
R1
3. WAN access-list statement missing
4. OSPF Authentication
R2 1. IPv6: enable OSPF
R3 1. IPv6: remove ―tunnel mode ipv6‖
1. EIGRP – wrong AS (removed)
2. Redistribute Route-map
R4
3. EIGRP Passive Interface (removed)
4. missing Redistribution from RIPng to OSPFv3

Notice that in the exam, the tickets are randomly given so the best way to troubleshooting is to
try pinging to all the devices from nearest to farthest from the client until you don‘t receive the
replies.

In each ticket you will have to answers three types of questions:

+ Which device causes problem

+ Which technology is used
+ How to fix it

One more thing to remember: you can only use ―show‖ commands to find out the problems and
you are not allowed to make any changes in the configuration. In fact, in the exam you can not
enter the global configuration mode!
Multiple Choice Questions
http://www.networktut.com/multiple-choice-questions

Question 1

Which protocol can be added into MPP? (Choose two)

A. telnet
B. scp
C. tftp
D. smtp

Answer: A C

Explanation

Following are the management protocols that the MPP feature supports. These management
protocols are also the only protocols affected when MPP is enabled.
+ Blocks Extensible Exchange Protocol (BEEP)
+ FTP
+ HTTP
+ HTTPS
+ SSH, v1 and v2
+ SNMP, all versions
+ Telnet
+ TFTP

Reference:
https://www.cisco.com/c/en/us/td/docs/ios/security/configuration/guide/sec_mgmt_plane_prot.h
tml

Question 2

OSPF neighbor not forming. Exhibit shows DBD packets are being re-transmitted to the
neighbor. Debug shows that Exstart state to Down. What is the reason?

A. MTU mismatch
B. The router did not receive a Hello packet
C. OSPF is not running on the other router
D. The packet does not have RID

Answer: A

Explanation
After two OSPF neighboring routers establish bi-directional communication and complete
DR/BDR election (on multi-access networks), the routers transition to the exstart state. In this
state, the neighboring routers establish a master/slave relationship and determine the initial
database descriptor (DBD) sequence number to use while exchanging DBD packets.

Neighbors Stuck in Exstart/Exchange State

The problem occurs most frequently when attempting to run OSPF between a Cisco router and
another vendor‘s router. The problem occurs when the maximum transmission unit (MTU)
settings for neighboring router interfaces don‘t match. If the router with the higher MTU sends a
packet larger that the MTU set on the neighboring router, the neighboring router ignores the
packet.

Reference: https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13684-
12.html

Question 3

Question about PPTP tunnel is not forming. There is a NAT device. Which two filters should be
captured to check all the tunnel traffic? (Choose two)

A. UDP port 500

B. protocol ESP (or protocol 50)
C. GRE
D. protocol 47
E. TCP port 1723

Answer: D E

Explanation

The Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables the secure
transfer of data from a remote client to an enterprise server by creating a VPN across TCP/IP-
based data networks. PPTP encapsulates PPP packets into IP datagrams for transmission over
the Internet or other public TCP/IP-based networks.
PPTP establishes a tunnel for each communicating PPTP network server (PNS)-PPTP Access
Concentrator (PAC) pair. After the tunnel is set up, PPP packets are exchanged using enhanced
generic routing encapsulation (GRE). A call ID present in the GRE header indicates the session
to which a particular PPP packet belongs.
Network Address Translation (NAT) translates only the IP address and the port number of a
PPTP message. Static and dynamic NAT configurations work with PPTP without the
requirement of the PPTP application layer gateway (ALG). However, Port Address Translation
(PAT) configuration requires the PPTP ALG to parse the PPTP header and facilitate the
translation of call IDs in PPTP control packets. NAT then parses the GRE header and translates
call IDs for PPTP data sessions. The PPTP ALG does not translate any embedded IP address in
the PPTP payload. The PPTP ALG is enabled by default when NAT is configured.
NAT recognizes PPTP packets that arrive on the default TCP port, 1723, and invokes the PPTP
ALG to parse control packets. NAT translates the call ID parsed by the PPTP ALG by assigning
a global address or port number. Based on the client and server call IDs, NAT creates two doors
based on the request of the PPTP ALG. ( A door is created when there is insufficient
information to create a complete NAT-session entry. A door contains information about the
source IP address and the destination IP address and port.) Two NAT sessions are created (one
with the server call ID and the other with the client call ID) for two-way data communication
between the client and server. NAT translates the GRE packet header for data packets that
complies with RFC 2673.

Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-
16/nat-xe-16-book/iadnat-pptp-pat.html

Question 4

The user was able to access the router via line vty 5 min ago. But he is no longer able to log in
now. No change in the network. What is the issue?

A. exec-timeout 0 0
B. all line vty in use.
C. SSH is not configured
D. Console line is in use by someone else

Answer: B

Question 5

Drag drop question about debug commands.

Answer:

Debug ..standby -> hsrp

Debug ..glbp -> virtual mac
Debug…aaa authentication -> identify who
Debud—aaa authorization -> permission

Question 6

The command ―ip verify unicast source reachable-via any‖ is configured on the interface.
Router received with source IP address 172.16.100.10. Routing table shows a valid route to
172.16.100.0/24 is learned via OSPF.
There is a null static route to 172.16.0.0/16.
Question is what the router will do that packet?

A. The packet is dropped

B. The packet is allowed to route to the destination
Answer: B

Explanation

Unicast Reverse Path Forwarding (uRPF) examines the source IP address of incoming packets.
If it matches with the interface used to reach this source IP then the packets are allowed to enter
(strict mode).

The syntax of configuring uRPF in interface mode is:

ip verify unicast source reachable-via {rx | any} [allow-default] [allow-self-ping] [access-list-

number]

The any option enables a Loose Mode uRPF on the router. This mode allows the router to
reach the source address via any interface.

The rx option enables a Strict Mode uRPF on the router. This mode ensures that the router
reaches the source address only via the interface on which the packet was receive.

In this case the router was configured with uRPF in loose mode.

Question 7

After applying below config on one router, OTHER router started showing authentication errors
(you will see output log with errors).

Applied configuration:
Standby 100
Standby 100 vip 172.x.x.x
Standby 100 md5 authentictaion cisco123!

What is likely the cause?

A. Configure ―standby 100 authentication md5 keyword cisco123!‖ on both routers

B. Configure ―standby 100 authentication md5 keyword cisco123!‖ on all HSRP groups on both
routers
Answer: A

Question 8

High CPU utilization of the router. How to display the lines including a process name Or
beginning with CPU from show proc cpu output.

A. show proc cpu | include process_name | begin CPU

B. show proc cpu | include process_name |$CPU
C. show xxx | include process_name |^CPU

Answer: C

Explanation

Below is an example of the ―show process cpu‖ output:

Let‘s check various ―show process cpu‖ with pipe commands

In the above output we only see the pipe ―^CPU‖ displays the ―CPU utilization for five seconds
…‖ line so this is the correct answer.

Question 9

Someone has changed the password for a router and saved the configuration, anyway he forget
the password and unable to access the router anymore. Which actions needed to solve the issue?

A. Change configuration register to 0x2102

B. Change configuration register to 0x2142
C. Reboot the router

Answer: B

Explanation

With the value 0x2142, the device will bypass the startup configuration stored in NVRAM
during its boot sequence.

Question 10

Refer to the exhibit about GRE tunnel0 interface:.

R1#show ip interface brief

Interface IP-Address OK? Method Status
Protocol
...
Tunnel0 unassigned YES manual up
down

What is required to solve the issue?

A. assign IP to the tunnel interface

B. define tunnel source and destination IP

Answer: B

Explanation

In order to make a Point-to-Point GRE Tunnel interface in up/up state, two requirements must
be met:
+ A valid tunnel source (which is in up/up state and has an IP address configured on it) and
tunnel destination must be configured
+ A valid tunnel destination is one which is routable. However, it does not have to be reachable.

Question 11
Router L ==== Router C ==== Router R

L and R routers were showing GRE and IPSec configurations, questions is an ACL applied in
router C is blocking all IP traffic, which protocol should be allowed in the ACL to allow traffic.

A. ESP
B. GRE
C. ICMP
D. UDP

Answer: D

Explanation

GRE with IPSec traffic will be encrypted/encapsulated inside an ESP packet. ESP packet, in
turn, will be encapsulated inside a UDP port 500 (or UDP port 4500 in case of NAT) datagram.

Therefore we have to permit UDP port 500/4500 on the middle routers so that GRE with IPSec
traffic can flow through.

Question 12

Refer to the exhibit.

There is a time-range acl but the query is to resolve a ping issue from interface eth0/0 to a host
on 172.16.10.100 with an ACL line. The ACL is applied inbound of the router. The question
asks what ACL line needs to be added in order to allow ping access from the local router to
server 172.16.10.100.

A. access-list 101 permit icmp host 172.16.10.100 10.1.1.0 0.0.0.15

B. access-list 101 permit icmp host 172.16.10.100 10.1.1.x 0.0.0.3
C. access-list 101 permit icmp 10.1.1.0 0.0.0.15 172.16.10.100 0.0.0.255
D. access-list 101 permit icmp 10.1.1.0 0.0.0.255 host 172.16.10.100
E. access-list 101 permit icmp host 172.16.10.100 10.1.1.0 0.0.0.31

Answer: E

Explanation

This ACL was applied to the inbound direction of e0/0 interface so we need to permit the ICMP
reply packet to go through. Therefore the source IP address must be the server IP address and
the destination IP address range must cover the e0/0 interface IP address. In this case only
answer E with the destination wildcard mask of 0.0.0.31 covers 10.1.1.25 so it is the correct
answer. Notice that answer A has similar solution but its wildcard mask of 0.0.0.15 does not
cover 10.1.1.25.

============================ Tickets ===========================

Note: There are two cases for ticket 11 so please check them carefully

Ticket 1 – OSPF Authentication

1.Client is unable to ping R1‘s serial interface from the client.

Problem was disable authentication on R1, check where authentication is not given under router
ospf of R1. (use ipv4 Layer 3)

Configuration of R1:

interface Serial0/0/0
description Link to R2
ip address 10.1.1.1 255.255.255.252
ip nat inside
encapsulation frame-relay
ip ospf message-digest-key 1 md5 TSHOOT
ip ospf network point-to-point
!
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
network 10.1.2.0 0.0.0.255 area 12
network 10.1.10.0 0.0.0.255 area 12
default-information originate always
!

Configuration of R2:
interface Serial0/0/0.12 point-to-point
ip address 10.1.1.2 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 TSHOOT
!

Answer: on R1 need command “ip ospf authentication message-digest‖

Ans1) R1
Ans2) IPv4 OSPF Routing
Ans3) Enable OSPF authentication on the s0/0/0 interface using the ―ip ospf authentication
message-digest‖ command.
Ticket 2 – HSRP Track (removed)
HSRP was configured on DSW1 & DSW2. DSW1 is configured to be active but it does not
become active.

Configuration of DSW1:

track 1 ip route 10.2.21.128 255.255.255.224 metric threshold

threshold metric up 1 down 2
!
track 10 ip route 10.1.21.128 255.255.255.224 metric threshold
threshold metric up 63 down 64
!

interface Vlan10
ip address 10.2.1.1 255.255.255.0
standby 10 ip 10.2.1.254
standby 10 priority 200
standby 10 preempt
standby 10 track 1 decrement 60

Answer: (use IPv4 Layer 3 Topology)

On DSW1 interface vlan 10 mode, type these commands:

no standby 10 track 1 decrement 60
standby 10 track 10 decrement 60
(ip for track command not exact for real exam)

Note: 10.1.21.129 is the IP address of a loopback interface on R4. This IP belongs to subnet
10.1.21.128/27.

Ans1) DSW1
Ans2) HSRP
Ans3) delete the command with track 1 and enter the command with track 10 (standby 10 track
10 decrement 60).

Note: For more information about IP route tracking and why the command ―threshold metric up
63 down 64″ is used here please read this tutorial: http://networktut.iptut.com/hsrp-ip-route-
tracking.

Ticket 3 – BGP Neighbor

Problem: Client 1 is able to ping 209.65.200.226 but can‘t ping the Web Server 209.65.200.241.

Configuration of R1:
router bgp 65001
no synchronization
bgp log-neighbor-changes
network 209.65.200.224 mask 255.255.255.252
neighbor 209.56.200.226 remote-as 65002
no auto-summary

check bgp neighborship. **** show ip bgp sum****

The neighbor‘s address in the neighbor command is wrong under router BGP. (use ipv4 Layer
3)

Answer: need change on router mode on R1 neighbor 209.65.200.226

Ans1) R1
Ans2) BGP
Ans3) delete the wrong neighbor statement and enter the correct neighbor address in the
neighbor command (change ―neighbor 209.56.200.226 remote-as 65002″ to ―neighbor
209.65.200.226 remote-as 65002″)

Ticket 4 – NAT ACL

Configuration of R1

!
interface Serial0/0/1
ip address 209.65.200.225 255.255.255.252
ip nat inside
!
interface Serial0/0/0
ip address 10.1.1.1 255.255.255.252
ip nat inside
ip ospf message-digest-key 1 md5 TSHOOT
ip ospf authentication message-digest

Ans1) R1
Ans2) NAT
Ans3) Under interface Serial0/0/1 delete the ip nat inside command and add the ip nat outside
command.

Ticket 5 – R1 ACL
Configuration on R1
interface Serial0/0/1
description Link to ISP
ip address 209.65.200.224 255.255.255.252
ip nat outside
ip access-group edge_security in
!
ip access-list extended edge_security
deny ip 10.0.0.0 0.255.255.255 any
deny ip 172.16.0.0 0.15.255.255 any
deny ip 192.168.0.0 0.0.255.255 any
deny 127.0.0.0 0.255.255.255 any
permit ip host 209.65.200.241 any
!

Answer:

Ans1) R1
Ans2) IPv4 layer 3 security
Ans3) Under the ‗ip access-list extended edge_security‘ configuration add the ‗permit ip
209.65.200.224 0.0.0.3 any‘ command.

Note:

+ This is the only ticket the extended access-list edge_security exists. In other tickets, the
access-list 30 is applied to the inbound direction of S0/0/1 of R1.

+ Although host 209.65.200.241 is permitted to go through the access-list (permit ip host

209.65.200.241 any) but clients cannot ping the web server because R1 cannot establish BGP
session with neighbor 209.65.200.226.

Ticket 6 – VLAN filter

Client 1 is not able to ping the server. Unable to ping DSW1 or the FTP Server(Use L2
Diagram).

Vlan Access map is applied on DSW1 blocking the ip address of client 10.2.1.3

Configuration on DSW1
vlan access-map test1 10
action drop
match ip address 10
vlan access-map test1 20
action drop
match ip address 20
vlan access-map test1 30
action forward
match ip address 30
vlan access-map test1 40
action forward
!
vlan filter test1 vlan-list 10
!
access-list 10 permit 10.2.1.3
access-list 20 permit 10.2.1.4
access-list 30 permit 10.2.1.0 0.0.0.255
!
interface VLAN10
ip address 10.2.1.1 255.255.255.0

Ans1) DSW1
Ans2) VLAN ACL/Port ACL
Ans3) Under the global configuration mode enter no vlan filter test1 vlan-list 10 command.

Note: After choosing DSW1 for Ans1, next page (for Ans2) you have to scroll down to find the
VLAN ACL/Port ACL option. The scroll bar only appears in this ticket and is very difficult to
be seen. Also make sure you choose DSW1 (not ASW1) for the first question as there is also
"VLAN ACL/Port ACL" option for answer 2 if you choose ASW1 but it is wrong.

Ticket 7 – Port Security

Client 1 is unable to ping Client 2 as well as DSW1. The command ‗sh interfaces fa1/0/1′ will
show following message in the first line
‗FastEthernet1/0/1 is down, line protocol is down (err-disabled)‘

On ASW1 port-security mac 0000.0000.0001, interface in err-disable state

Configuration of ASW1
interface fa1/0/1
switchport access vlan 10
switchport mode access
switchport port-security
switchport port-security mac-address 0000.0000.0001

Answer: on ASW1 delele port-security & do on interfaces shutdown, no shutdown

Ans1) ASW1
Ans2) Port security
Ans3) In Configuration mode, using the interface range Fa1/0/1 – 2, then no switchport port-
security, followed by shutdown, no shutdown interface configuration commands.

Ticket 8 – Switchport VLAN 10 (removed)

Configuration of ASW1
interface FastEthernet1/0/1
switchport mode access
!
interface FastEthernet1/0/2
switchport mode access
!
Answer:

Ans1) ASW1
Ans2) Access Vlans
Ans3) In Configuration mode, using the ‗interface range Fastethernet 1/0/1 – 2‘, then
‗switchport access vlan 10‘ command.

Ticket 9 – Switchport trunk

Configuration of ASW1
interface PortChannel13
switchport mode trunk
switchport trunk allowed vlan 20,200
!
interface PortChannel23
switchport mode trunk
switchport trunk allowed vlan 20,200
!
interface FastEthernet1/0/1
switchport mode access
switchport access vlan 10
shutdown
!
interface FastEthernet1/0/2
switchport mode access
switchport access vlan 10

Ans1)ASW1
Ans2)Switch to switch connectivity
Ans3)Under interface Port-Channel 13, 23, add vlan 10,200 and then no shutdown interface
fa1/0/1

Ticket 10 – EIGRP AS (removed)

Client 1 is not able to ping the Webserver
DSW1 can ping fa0/1 of R4 but can‘t ping s0/0/0.34

Check ip eigrp neighbors from DSW1 you will not see R4 as neighbor.(use ipv4 Layer 3)
‗Show ip route‘ on DSW1 you will not see any 10.x.x.x network route.

On DSW1 & DWS2 the EIGRP AS number is 10 (router eigrp 10) but on R4 it is 1 (router eigrp
1)

Answer: change router AS on R4 from 1 to 10

Ans1) R4
Ans2) EIGRP
Ans3) Change EIGRP AS number from 1 to 10

Ticket 11a – Redistribution Route-map

On R4:
router eigrp 10
redistribute ospf 1 route-map OSPF->EIGRP
network 10.1.4.0 0.0.0.255
network 10.1.10.0 0.0.0.255
network 10.1.21.128 0.0.0.3
default-metric 100000 100 100 1 1500
no auto-summary
!
route-map OSPF->EIGRP deny 10
match tag 90
route-map OSPF->EIGRP deny 20
set tag 110

Ans1) R4
Ans2) IPv4 Route Redistribution
Ans3) Change the ―route-map OSPF->EIGRP deny 20‖ to ―route-map OSPF->EIGRP permit
20‖

Explanation for this ticket:

In this topology, we are doing mutual redistribution at multiple points (between OSPF and
EIGRP on R4, DSW1 & DSW2), which is a very common cause of network problems,
especially routing loops so you should use route-map to prevent redistributed routes from
redistributing again into the original domain.

In this ticket, route-map is also used for this purpose. For example, the route-map ―EIGRP-
>OSPF‖ is used to prevent any routes that have been redistributed into OSPF from redistributed
again into EIGRP domain by tagging these routes with tag 90. These routes are prevented from
redistributed again by route-map OSPF->EIGRP by denying any routes with tag 90 set.

Ticket 11b – Redistribution Route-map

On R4:
router eigrp 10
redistribute ospf 1 route-map OSPF->EIGRP
network 10.1.4.0 0.0.0.255
network 10.1.10.0 0.0.0.255
network 10.1.21.128 0.0.0.3
default-metric 100000 100 100 1 1500
no auto-summary
!
route-map OSPF_to_EIGRP deny 10
match tag 90
route-map OSPF_to_EIGRP permit 20
set tag 110

Ans1) R4
Ans2) IPv4 Route Redistribution
Ans3) Under the EIGRP process, delete the ‗redistribute ospf 1 route-map OSPF->EIGRP‘
command and enter ‗redistribute ospf 1 route-map OSPF_to_EIGRP‘ command.

Ticket 12 – IPv6 OSPF

DSW1 & R4 can‘t ping R2‘s loopback interface or s0/0/0.12 IPv6 address.
R2 is not an OSPFv3 neighbor on R3
Situation: ipv6 ospf was not enabled on R2‘s serial interface connecting to R3. (use ipv6 Layer
3)

Configuration of R2
ipv6 router ospf 6
!
interface s0/0/0.23
ipv6 address 2026::1:1/122

Configuration of R3
ipv6 router ospf 6
router-id 3.3.3.3
!
interface s0/0/0.23
ipv6 address 2026::1:2/122
ipv6 ospf 6 area 0

Answer:

In interface configuration mode of s0/0/0.23 on R2:

ipv6 ospf 6 area 12

Ans1) R2
Ans2) IPv6 OSPF Routing
Ans3) on the serial interface of R2, enter the command ipv6 ospf 6 area 0 (notice that it is ―area
0″, not ―area 12″)

Ticket 13 – DHCP Helper-address

Note: Currently the link above is not up-to-date. We will update it soon.

Configuration on DSW1:
!
interface Vlan 10
ip address 10.2.1.1 255.255.255.0
ip helper-address 10.2.21.129
!

Note: In this ticket you will find port-security configured on ASW1 but it is not the problem.

Ans1) DSW1
Ans2) IP DHCP Server (or DHCP)
Ans3) on DSW1 delete ―ip helper-address 10.2.21.129‖ and apply ―ip helper-address
10.1.21.129‖ command

Ticket 14 – EIGRP Passive Interface

the neighborship between R4 and DSW1 wasn‘t establised. Client 1 can‘t ping R4
Configuration on R4:
router eigrp 10
passive-interface default
redistribute ospf 1 route-map OSPF->EIGRP
network 10.1.4.4 0.0.0.3
network 10.1.4.8 0.0.0.3
network 10.1.21.128 0.0.0.3
default-metric 10000 100 255 1 10000
no auto-summary

Answer 1) R4
Answer 2) IPv4 EIGRP Routing
Answer 3) enter no passive interface for interfaces connected to DSW1 under EIGRP process
(or in Interface f0/1 and f0/0, something like this)

Note: There is a loopback interface on this device which has an IP address of 10.1.21.129 so we
have to include the ―network 10.1.21.128 0.0.0.3‖ command.

* Just for your information, in fact Clients 1 & 2 in this ticket CANNOT receive IP addresses
from DHCP Server because DSW1 cannot reach 10.1.21.129 (an loopback interface on R4)
because of the ―passive-interface default‖ command. But in the exam you will see that Clients 1
& 2 can still get their IP addresses! It is a bug in the exam.

Ticket 15 – IPv6 GRE Tunnel

Problem: Loopback address on R1 (2026::111:1) is not able to ping the loopback address on
DSW2 (2026::102:1).

Configuration of R3:
!
interface Tunnel34
no ip address
ipv6 address 2026::34:1/122
ipv6 enable
ipv6 ospf 6 area 34
tunnel source Serial0/0/0.34
tunnel destination 10.1.1.10
tunnel mode ipv6
!

Configuration of R4:
interface Tunnel34
no ip address
ipv6 address 2026::34:2/122
ipv6 enable
ipv6 ospf 6 area 34
tunnel source Serial0/0/0
tunnel destination 10.1.1.9
!

Answer:
Ans1) R3
Ans2) Ipv4 and Ipv6 Interoperability
Ans3) Under the interface Tunnel34, remove ‗tunnel mode ipv6′ command

Ticket 16 – IPv6 RIPng OSPFv3

Redistribution
Problem: Loopback address on R1 (2026::111:1) is not able to ping the loopback address on
DSW2 (2026::102:1).

Configuration of R4:
ipv6 router ospf 6
log-adjacency-changes
!
ipv6 router rip RIP_ZONE
redistribute ospf 6 metric 2 include-connected
!

Answer:
Ans1) R4
Ans2) Ipv6 OSPF Routing
Ans3) Under ipv6 ospf process add the ‗redistribute rip RIP_Zone include-connected‘ command

Ticket 17 – Switchport Encapsulation

On ASW1:
interface fa1/0/1
switchport access vlan 10
switport mode trunk
switport trunk encapsulation dot1q
interface fa1/0/2
switchport access vlan 10
switport mode trunk
switport trunk encapsulation dot1q

Answer:

Ans1) ASW1
Ans2) Access VLANs
Ans3) In configuration mode, use ‗interface range fa1/0/1-2‘ then ‗switchport mode access‘,
then ‗no switchport trunk encapsulation dot1q‘