Sie sind auf Seite 1von 18

A guide for the TSHOOT Exam

For the TSHOOTv2 exam we will encounter:

+ Multiple Choice Questions


+ 12 Troubleshooting Tickets (check them at the right-side menu)
+ BGP Simlet
+ HSRP Simlet

Below is a summary of 17 Tickets you may see in the exam:

Device Error Description


1. Access port not in VLAN 10 (removed)
2. Port Channel not allowing VLAN 10
ASW1
3. Ports should be in access mode instead of trunking
4. Port security in fa1/0/1, fa1/0/2 interfaces
1. HSRP track 10 (removed)
DSW1 2. VLAN filter
3. DHCP IP Helper-address (APIPA addresses on clients)
1. Wrong IP of BGP neighbor
2. NAT Outside misconfigured
R1
3. WAN access-list statement missing
4. OSPF Authentication
R2 1. IPv6: enable OSPF
R3 1. IPv6: remove ―tunnel mode ipv6‖
1. EIGRP – wrong AS (removed)
2. Redistribute Route-map
R4
3. EIGRP Passive Interface
4. missing Redistribution from RIPng to OSPFv3

Notice that in the exam, the tickets are randomly given so the best way to troubleshooting is to
try pinging to all the devices from nearest to farthest from the client until you don‘t receive the
replies.

In each ticket you will have to answers three types of questions:

+ Which device causes problem


+ Which technology is used
+ How to fix it

One more thing to remember: you can only use ―show‖ commands to find out the problems and
you are not allowed to make any changes in the configuration. In fact, in the exam you can not
enter the global configuration mode!
Multiple Choice Questions
https://www.networktut.com/multiple-choice-questions

Question 1

Refer to the statement.

The %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing

How to correct it?

A. change the source IP of tu0


B. change the destination IP of tu0
C. add tunnel key
D. add static route to tu0 destination

Answer: D

Explanation

The %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing


error message means that the generic routing encapsulation (GRE) tunnel router has discovered
a recursive routing problem. This condition is usually due to one of these causes:
+ A misconfiguration that causes the router to try to route to the tunnel destination address using
the tunnel interface itself (recursive routing)
+ A temporary instability caused by route flapping elsewhere in the network

So in this question maybe there is something wrong with the tunnel destination so we should
add static route to solve it.

Reference: https://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-
protocol-eigrp/22327-gre-flap.html

Question 2

Something related to a firewall in the middle of the path and how to make it reachable. Which
port should be allowed?

A. port 47
B. port 50
C. TCP port 1723
D. IP protocol 47
Answer: D

Question 3

What is the output of the ―show crypto ipsec sa | in indent‖? (There is an output of the access-
list with ―permit gre any any‖)

A. local ident (addr/mask/prot/port): (20.1.1.1/255.255.255.0/0/47)


remote ident (addr/mask/prot/port): (20.1.1.1/255.255.255.0/0/47)
B. local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)
remote ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)
C. local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/47)
remote ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/47)
D. local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/1723/0)
remote ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/1723/0)
E. local ident (addr/mask/prot/port): (20.1.1.1/255.255.255.0/0/0)
remote ident (addr/mask/prot/port): (20.1.1.1/255.255.255.0/0/0)
F. local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/47/0)
remote ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/47/0)

Answer: B

Explanation

The line ―local ident (addr/mask/prot/port)‖ means local selector that is used for encryption and
decryption.

The answer of this question is based on the ACL applied. Thanks Shaunthesheep for sharing
this:

VPN Tunnel can be established using IPSec or IPSec+GRE. The configuration requires to
define a Crypto map which refers to an ACL for Interesting traffic or the traffic to be encrypted.
Look for the values in the ACL. e.g.

1) permit gre any any —> Answer will be both local and remote indent address entries as 0 and
47 in the protocol field. Like this :

local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/47/0)


remote ident (addr/mask/prqwot/port): (0.0.0.0/0.0.0.0/47/0)

2) Permit ip any any —> Answer will be both local and remote indent address entries as 0 and 0
in the protocol field. Like this :

local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)


remote ident (addr/mask/prqwot/port): (0.0.0.0/0.0.0.0/0/0)

3) Permit ip 10.1.1.0 0.0.0.255 10.10.10.0 0.0.0.255 —> Answer will be both local and remote
indent address entries as in ACL and 0 in the protocol field. Like this :
local ident (addr/mask/prot/port): (10.1.1.1/255.255.255.0/0/0)
remote ident (addr/mask/prot/port): (10.10.10.0/255.255.255.0/0/0)

Update: We cannot explain why all fields are ―0‖ here but our candidates got full mark so please
choose it.

Question 4

What should be the next step after the problem is solved?

A. document it
B. knowledge transfer
C. result analysis
D. ?

Answer: A

Explanation

Cisco has broken this process into eight steps:


1. Define the problem.
2. Gather detailed information.
3. Consider probable cause for the failure.
4. Devise a plan to solve the problem.
5. Implement the plan.
6. Observe the results of the implementation.
7. Repeat the process if the plan does not resolve the problem.
8. Document the changes made to solve the problem.

Although some online document does not mention about step 8 (document the changes) (like
the link http://www.ciscopress.com/articles/article.asp?p=1578504&seqNum=2) but this step is
very important so that repeated issue can be solved quickly in the future.

Question 5

This question have 3 router (R1,R2,R3), (R1_fa0/0====fa0/0_R2_fa0/1====fa0/1_R3) and


have loopback, acl for each a router. Loopback from R1 can‘t ping loopback of R3
(192.168.254.1/24). An ACL is configured on R3 that only permits 192.168.0.0 0.0.0.255. What
changes need to occur so R1 can ping R3 loopback?

A.
ip access-list extended 101
no 30
30 permit 192.168.0.0 0.0.0.255

B.
ip access-list extended 101
no 30
30 permit 192.168.0.0 0.0.255.255

C.
ip access-list extended 101
no 100

Answer: B (Modify access-list , no entry 30 and re-add it changing the netmask to 192.168.0.0
0.0.255.255)

Question 6

A topology with three routers R1, R2 and R3 connected to each other and a list of ACL
statements to choose. The question asks which sequence number prevented connection from R1
to R2 via SSH.

R1 Lo0: x:x::1
R2 Lo0: y:y::2
R3 Lo0: z:z::3

Answer: 20 deny tcp x:x::/64 host y:y::2 eq 22 (so choose the sequence number 20)

Question 7

Which enables Unicast reverse path forwarding?

A. CEF
B. VRF

Answer: A

Question 8

Which command is used to check the SSH version?


A. show ip ssh
B. show crypto key mypubkey rsa
C. show ssh sessions

Answer: A

Explanation

R1# show ip ssh


Connection Version Encryption Username HMAC Server Hostkey IP Address
Inbound:
1 SSH-2 3des-cbc Raymond hmac-sha1 ssh-dss 10.120.54.2
Outbound:
6 SSH-2 aes256-cbc Steve hmac-sha1 ssh-dss 10.37.77.15
SSH-v2.0 enabled; hostkey: DSA(1024), RSA(2048)

Question 9

PMTUD (Path MTU Discovery) not working, what is the issue?

A. Local router MTU is 1500


B. Local router MTU is 1400
C. Router in the path has ―no ip host unreachable‖ configured
D. Router in path has ICMP Redicrects enabled

Answer: C

Question 10

Topology with three switches which are connected to each other via Gi0/0 & Gi0/1. All
interfaces are configured in VLAN 100 and voice VLAN 101. Duplex mismatch between two
switches (one interface in full duplex which the opposite interface in half duplex). Spanning tree
is detecting a loop in the network, what is causing the loop.

A. duplex mismatch
B. speed mismatch
C. vlan missconfiguration

Answer: A

Explanation

Duplex mismatch is a configuration issue where one side of the network is set to one duplex
mode and the other to another duplex mode. Having one bridge on half duplex and the other on
full duplex results in collisions that cause bridging loops
Question 11

Which statement about the INTERNET ACL is true?

ipv6 access-list INTERNET


permit ipv6 2001:DB8:AD59:BA21::/64 2001:DB8:C0AB:BA::/64
permit tcp 2001:DB8:AD59:BA21::/64 2001:DB8:C0AB:BA13::/64 eq telnet
permit tcp 2001:DB8:AD59:BA21::/64 any eq www
permit ipv6 2001:DB8:AD59::/48 any
deny ipv6 any any log

A. NPD is not working correctly because NS and NA messages are being denied
B. A packet with source address of 2001:DB80:AD59:BA21:101:CAB:64:38 destined to port
80 will be permitted
C. HTTPS traffic from the 2001:DB80:AD59:BA21::/64 subnet will automatically be permitted
along with HTTP traffic
D. A packet with source address 2001:DB8:AD59:ACC0:2020:882:DB8:1125 will be denied

Answer: A

Explanation

Answer B and C are not correct as the IPv6 address 2001:DB80:AD59… is different from the
IPv6 address 2001:DB8:AD59… (trailing 0 cannot be omitted).

Answer D is not correct as the source address of 2001:DB8:AD59:ACC0:2020:882:DB8:1125


matches the ACL statement ―permit ipv6 2001:DB8:AD59::/48 any‖ so it will be permitted.

Therefore only answer A is the suitable answer left.

For your information, by default an IPv6 ACL has three implicit statements at the end:
+ permit icmp any any nd-na
+ permit icmp any any nd-ns
+ deny ipv6 any any

The first two statements are required for IPv6 neighbor discovery protocol which are very
important so they are always permitted in an IPv6 ACL. But in this case we explicitly used the
―deny ipv6 any any (log)‖ command so the two above commands must be typed just before the
last statement (―deny ipv6 any any log‖) or that traffic will be blocked.

Question 12

Something related to permit FTP in all management hosts

A. Policy-map
B. Control-plane
C. Access-list
D. Class-map
Answer: B

============================ Tickets ===========================

Note: There are two cases for ticket 11 so please check them carefully

Ticket 1 – OSPF Authentication


1.Client is unable to ping R1‘s serial interface from the client.

Problem was disable authentication on R1, check where authentication is not given under router
ospf of R1. (use ipv4 Layer 3)

Configuration of R1:

interface Serial0/0/0
description Link to R2
ip address 10.1.1.1 255.255.255.252
ip nat inside
encapsulation frame-relay
ip ospf message-digest-key 1 md5 TSHOOT
ip ospf network point-to-point
!
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
network 10.1.2.0 0.0.0.255 area 12
network 10.1.10.0 0.0.0.255 area 12
default-information originate always
!

Configuration of R2:
interface Serial0/0/0.12 point-to-point
ip address 10.1.1.2 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 TSHOOT
!

Answer: on R1 need command “ip ospf authentication message-digest‖

Ans1) R1
Ans2) IPv4 OSPF Routing
Ans3) Enable OSPF authentication on the s0/0/0 interface using the ―ip ospf authentication
message-digest‖ command.

Ticket 2 – HSRP Track (removed)


HSRP was configured on DSW1 & DSW2. DSW1 is configured to be active but it does not
become active.

Configuration of DSW1:

track 1 ip route 10.2.21.128 255.255.255.224 metric threshold


threshold metric up 1 down 2
!
track 10 ip route 10.1.21.128 255.255.255.224 metric threshold
threshold metric up 63 down 64
!

interface Vlan10
ip address 10.2.1.1 255.255.255.0
standby 10 ip 10.2.1.254
standby 10 priority 200
standby 10 preempt
standby 10 track 1 decrement 60

Answer: (use IPv4 Layer 3 Topology)

On DSW1 interface vlan 10 mode, type these commands:


no standby 10 track 1 decrement 60
standby 10 track 10 decrement 60
(ip for track command not exact for real exam)

Note: 10.1.21.129 is the IP address of a loopback interface on R4. This IP belongs to subnet
10.1.21.128/27.

Ans1) DSW1
Ans2) HSRP
Ans3) delete the command with track 1 and enter the command with track 10 (standby 10 track
10 decrement 60).

Note: For more information about IP route tracking and why the command ―threshold metric up
63 down 64″ is used here please read this tutorial: http://networktut.iptut.com/hsrp-ip-route-
tracking.

Ticket 3 – BGP Neighbor


Problem: Client 1 is able to ping 209.65.200.226 but can‘t ping the Web Server 209.65.200.241.

Configuration of R1:
router bgp 65001
no synchronization
bgp log-neighbor-changes
network 209.65.200.224 mask 255.255.255.252
neighbor 209.56.200.226 remote-as 65002
no auto-summary

check bgp neighborship. **** show ip bgp sum****


The neighbor‘s address in the neighbor command is wrong under router BGP. (use ipv4 Layer
3)

Answer: need change on router mode on R1 neighbor 209.65.200.226

Ans1) R1
Ans2) BGP
Ans3) delete the wrong neighbor statement and enter the correct neighbor address in the
neighbor command (change ―neighbor 209.56.200.226 remote-as 65002″ to ―neighbor
209.65.200.226 remote-as 65002″)

Ticket 4 – NAT ACL


Configuration of R1

!
interface Serial0/0/1
ip address 209.65.200.225 255.255.255.252
ip nat inside
!
interface Serial0/0/0
ip address 10.1.1.1 255.255.255.252
ip nat inside
ip ospf message-digest-key 1 md5 TSHOOT
ip ospf authentication message-digest

Ans1) R1
Ans2) NAT
Ans3) Under interface Serial0/0/1 delete the ip nat inside command and add the ip nat outside
command.

Ticket 5 – R1 ACL
Configuration on R1
interface Serial0/0/1
description Link to ISP
ip address 209.65.200.224 255.255.255.252
ip nat outside
ip access-group edge_security in
!
ip access-list extended edge_security
deny ip 10.0.0.0 0.255.255.255 any
deny ip 172.16.0.0 0.15.255.255 any
deny ip 192.168.0.0 0.0.255.255 any
deny 127.0.0.0 0.255.255.255 any
permit ip host 209.65.200.241 any
!

Answer:

Ans1) R1
Ans2) IPv4 layer 3 security
Ans3) Under the ‗ip access-list extended edge_security‘ configuration add the ‗permit ip
209.65.200.224 0.0.0.3 any‘ command.

Note:

+ This is the only ticket the extended access-list edge_security exists. In other tickets, the
access-list 30 is applied to the inbound direction of S0/0/1 of R1.

+ Although host 209.65.200.241 is permitted to go through the access-list (permit ip host


209.65.200.241 any) but clients cannot ping the web server because R1 cannot establish BGP
session with neighbor 209.65.200.226.

Ticket 6 – VLAN filter


Client 1 is not able to ping the server. Unable to ping DSW1 or the FTP Server(Use L2
Diagram).

Vlan Access map is applied on DSW1 blocking the ip address of client 10.2.1.3

Configuration on DSW1
vlan access-map test1 10
action drop
match ip address 10
vlan access-map test1 20
action drop
match ip address 20
vlan access-map test1 30
action forward
match ip address 30
vlan access-map test1 40
action forward
!
vlan filter test1 vlan-list 10
!
access-list 10 permit 10.2.1.3
access-list 20 permit 10.2.1.4
access-list 30 permit 10.2.1.0 0.0.0.255
!
interface VLAN10
ip address 10.2.1.1 255.255.255.0
Ans1) DSW1
Ans2) VLAN ACL/Port ACL
Ans3) Under the global configuration mode enter no vlan filter test1 vlan-list 10 command.

Note: After choosing DSW1 for Ans1, next page (for Ans2) you have to scroll down to find the
VLAN ACL/Port ACL option. The scroll bar only appears in this ticket and is very difficult to
be seen. Also make sure you choose DSW1 (not ASW1) for the first question as there is also
"VLAN ACL/Port ACL" option for answer 2 if you choose ASW1 but it is wrong.

Ticket 7 – Port Security


Client 1 is unable to ping Client 2 as well as DSW1. The command ‗sh interfaces fa1/0/1′ will
show following message in the first line
‗FastEthernet1/0/1 is down, line protocol is down (err-disabled)‘

On ASW1 port-security mac 0000.0000.0001, interface in err-disable state

Configuration of ASW1
interface fa1/0/1
switchport access vlan 10
switchport mode access
switchport port-security
switchport port-security mac-address 0000.0000.0001

Answer: on ASW1 delele port-security & do on interfaces shutdown, no shutdown

Ans1) ASW1
Ans2) Port security
Ans3) In Configuration mode, using the interface range Fa1/0/1 – 2, then no switchport port-
security, followed by shutdown, no shutdown interface configuration commands.

Ticket 8 – Switchport VLAN 10 (removed)


Configuration of ASW1
interface FastEthernet1/0/1
switchport mode access
!
interface FastEthernet1/0/2
switchport mode access
!

Answer:
Ans1) ASW1
Ans2) Access Vlans
Ans3) In Configuration mode, using the ‗interface range Fastethernet 1/0/1 – 2‘, then
‗switchport access vlan 10‘ command.

Ticket 9 – Switchport trunk


Configuration of ASW1
interface PortChannel13
switchport mode trunk
switchport trunk allowed vlan 20,200
!
interface PortChannel23
switchport mode trunk
switchport trunk allowed vlan 20,200
!
interface FastEthernet1/0/1
switchport mode access
switchport access vlan 10
shutdown
!
interface FastEthernet1/0/2
switchport mode access
switchport access vlan 10

Ans1)ASW1
Ans2)Switch to switch connectivity
Ans3)Under interface Port-Channel 13, 23, add vlan 10,200 and then no shutdown interface
fa1/0/1

Ticket 10 – EIGRP AS (removed)


Client 1 is not able to ping the Webserver
DSW1 can ping fa0/1 of R4 but can‘t ping s0/0/0.34

Check ip eigrp neighbors from DSW1 you will not see R4 as neighbor.(use ipv4 Layer 3)
‗Show ip route‘ on DSW1 you will not see any 10.x.x.x network route.

On DSW1 & DWS2 the EIGRP AS number is 10 (router eigrp 10) but on R4 it is 1 (router eigrp
1)

Answer: change router AS on R4 from 1 to 10

Ans1) R4
Ans2) EIGRP
Ans3) Change EIGRP AS number from 1 to 10
Ticket 11a – Redistribution Route-map
On R4:
router eigrp 10
redistribute ospf 1 route-map OSPF->EIGRP
network 10.1.4.0 0.0.0.255
network 10.1.10.0 0.0.0.255
network 10.1.21.128 0.0.0.3
default-metric 100000 100 100 1 1500
no auto-summary
!
route-map OSPF->EIGRP deny 10
match tag 90
route-map OSPF->EIGRP deny 20
set tag 110

Ans1) R4
Ans2) IPv4 Route Redistribution
Ans3) Change the ―route-map OSPF->EIGRP deny 20‖ to ―route-map OSPF->EIGRP permit
20‖

Explanation for this ticket:

In this topology, we are doing mutual redistribution at multiple points (between OSPF and
EIGRP on R4, DSW1 & DSW2), which is a very common cause of network problems,
especially routing loops so you should use route-map to prevent redistributed routes from
redistributing again into the original domain.

In this ticket, route-map is also used for this purpose. For example, the route-map ―EIGRP-
>OSPF‖ is used to prevent any routes that have been redistributed into OSPF from redistributed
again into EIGRP domain by tagging these routes with tag 90. These routes are prevented from
redistributed again by route-map OSPF->EIGRP by denying any routes with tag 90 set.

Ticket 11b – Redistribution Route-map


On R4:
router eigrp 10
redistribute ospf 1 route-map OSPF->EIGRP
network 10.1.4.0 0.0.0.255
network 10.1.10.0 0.0.0.255
network 10.1.21.128 0.0.0.3
default-metric 100000 100 100 1 1500
no auto-summary
!

route-map OSPF_to_EIGRP deny 10


match tag 90
route-map OSPF_to_EIGRP permit 20
set tag 110

Ans1) R4
Ans2) IPv4 Route Redistribution
Ans3) Under the EIGRP process, delete the ‗redistribute ospf 1 route-map OSPF->EIGRP‘
command and enter ‗redistribute ospf 1 route-map OSPF_to_EIGRP‘ command.

Ticket 12 – IPv6 OSPF


DSW1 & R4 can‘t ping R2‘s loopback interface or s0/0/0.12 IPv6 address.
R2 is not an OSPFv3 neighbor on R3
Situation: ipv6 ospf was not enabled on R2‘s serial interface connecting to R3. (use ipv6 Layer
3)

Configuration of R2
ipv6 router ospf 6
!
interface s0/0/0.23
ipv6 address 2026::1:1/122

Configuration of R3
ipv6 router ospf 6
router-id 3.3.3.3
!
interface s0/0/0.23
ipv6 address 2026::1:2/122
ipv6 ospf 6 area 0

Answer:

In interface configuration mode of s0/0/0.23 on R2:


ipv6 ospf 6 area 12

Ans1) R2
Ans2) IPv6 OSPF Routing
Ans3) on the serial interface of R2, enter the command ipv6 ospf 6 area 0 (notice that it is ―area
0″, not ―area 12″)

Ticket 13 – DHCP Helper-address


Note: Currently the link above is not up-to-date. We will update it soon.

Configuration on DSW1:

!
interface Vlan 10
ip address 10.2.1.1 255.255.255.0
ip helper-address 10.2.21.129
!

Note: In this ticket you will find port-security configured on ASW1 but it is not the problem.

Ans1) DSW1
Ans2) IP DHCP Server (or DHCP)
Ans3) on DSW1 delete ―ip helper-address 10.2.21.129‖ and apply ―ip helper-address
10.1.21.129‖ command

Ticket 14 – EIGRP Passive Interface


the neighborship between R4 and DSW1 wasn‘t establised. Client 1 can‘t ping R4
Configuration on R4:
router eigrp 10
passive-interface default
redistribute ospf 1 route-map OSPF->EIGRP
network 10.1.4.4 0.0.0.3
network 10.1.4.8 0.0.0.3
network 10.1.21.128 0.0.0.3
default-metric 10000 100 255 1 10000
no auto-summary

Answer 1) R4
Answer 2) IPv4 EIGRP Routing
Answer 3) enter no passive interface for interfaces connected to DSW1 under EIGRP process
(or in Interface f0/1 and f0/0, something like this)

Note: There is a loopback interface on this device which has an IP address of 10.1.21.129 so we
have to include the ―network 10.1.21.128 0.0.0.3‖ command.

* Just for your information, in fact Clients 1 & 2 in this ticket CANNOT receive IP addresses
from DHCP Server because DSW1 cannot reach 10.1.21.129 (an loopback interface on R4)
because of the ―passive-interface default‖ command. But in the exam you will see that Clients 1
& 2 can still get their IP addresses! It is a bug in the exam.

Ticket 15 – IPv6 GRE Tunnel


Problem: Loopback address on R1 (2026::111:1) is not able to ping the loopback address on
DSW2 (2026::102:1).

Configuration of R3:
!
interface Tunnel34
no ip address
ipv6 address 2026::34:1/122
ipv6 enable
ipv6 ospf 6 area 34
tunnel source Serial0/0/0.34
tunnel destination 10.1.1.10
tunnel mode ipv6
!

Configuration of R4:
interface Tunnel34
no ip address
ipv6 address 2026::34:2/122
ipv6 enable
ipv6 ospf 6 area 34
tunnel source Serial0/0/0
tunnel destination 10.1.1.9
!

Answer:
Ans1) R3
Ans2) Ipv4 and Ipv6 Interoperability
Ans3) Under the interface Tunnel34, remove ‗tunnel mode ipv6′ command

Ticket 16 – IPv6 RIPng OSPFv3


Redistribution
Problem: Loopback address on R1 (2026::111:1) is not able to ping the loopback address on
DSW2 (2026::102:1).

Configuration of R4:
ipv6 router ospf 6
log-adjacency-changes
!
ipv6 router rip RIP_ZONE
redistribute ospf 6 metric 2 include-connected
!

Answer:
Ans1) R4
Ans2) Ipv6 OSPF Routing
Ans3) Under ipv6 ospf process add the ‗redistribute rip RIP_Zone include-connected‘ command

Ticket 17 – Switchport Encapsulation


On ASW1:

interface fa1/0/1
switchport access vlan 10
switport mode trunk
switport trunk encapsulation dot1q
interface fa1/0/2
switchport access vlan 10
switport mode trunk
switport trunk encapsulation dot1q

Answer:

Ans1) ASW1
Ans2) Access VLANs
Ans3) In configuration mode, use ‗interface range fa1/0/1-2‘ then ‗switchport mode access‘,
then ‗no switchport trunk encapsulation dot1q‘

Das könnte Ihnen auch gefallen