Cisco 642-832 Certification Material Provider, Latest Updated Cisco 642-832 Preparation Materials On Our Store

Flydumps ensures Cisco 642-832 study guide are the newest and valid enough to help you pass the test.Please visit Flydumps.com and get valid Cisco 642-832 PDF and VCE exam dumps with free new version.100% valid and success.

Exam A
QUESTION 1
The following commands are issued on a Cisco Router:
Router(configuration)#access-list 199 permit tcp host 10.1.1.1 host 172.16.1.1
Router(configuration)#access-list 199 permit tcp host 172.16.1.1 host 10.1.1.1
Router(configuration)#exit
Router#debug ip packet 199
What will the debug output on the console show?
A. All IP packets passing through the router
B. Only IP packets with the source address of 10.1.1.1
C. All IP packets from 10.1.1.1 to 172.16.1.1
D. All IP Packets between 10.1.1.1 and 172.16.1.1
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
In this example, the “debug ip packet” command is tied to access list 199, specifying which IP packets
should be debugged. Access list 199 contains two lines, one going from the host with IP address 10.1.1.1
to 172.16.1.1 and the other specifying all TCP packets from host 172.16.1.1 to 10.1.1.1.

QUESTION 2
What level of logging is enabled on a Router where the following logs are seen?
%LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
A. alerts
B. critical
C. errors
D. notifications
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
Cisco routers, switches, PIX and ASA firewalls prioritize log messages into 8 levels (0-7), as shown below: LevelLevel NameDescription 0 Emergencies System is unusable 1 Alerts Immediate action needed 2 Critical Critical conditions 3 Errors Error conditions 4 Warnings Warning conditions 5 Notifications Informational messages 6 Informational Normal but significant conditions 7 Debugging Debugging messages
When you enable logging for a specific level, all logs of that severity and greater (numerically less) will be logged. In this case we can see that logging level of 3 (as seen by the 3 in “LINK-3- UPDOWN”) and level 5 (as seen by the 5 in “LINEPROTO-5-UPDOWN”) are shown, which means that logging level 5 must have been configured. As shown by the table, logging level 5 is Notifications.
QUESTION 3
You have the followings commands on your Cisco Router:
ip ftp username admin
ip ftp password backup
You have been asked to switch from FTP to HTTP. Which two commands will you use to replace the existing commands?
A. ip http username admin
B. ip http client username admin
C. ip http password backup
D. ip http client password backup
E. ip http server username admin
F. ip http server password backup
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
Explanation: Configuring the HTTP Client Perform this task to enable the HTTP client and configure optional client characteristics. The standard HTTP 1.1 client and the secure HTTP client are always enabled. No commands exist to disable the HTTP client. For information about configuring optional characteristics for the HTTPS client, see the HTTPS-HTTP Server and Client with SSL 3.0, Release 12.2(15)T, feature module. SUMMARY STEPS enable configure terminal ip http client cache {ager interval minutes | memory {file file-size-limit | pool pool-size-limit} ip http client connection {forceclose | idle timeout seconds | retry count | timeout seconds} ip http client password password ip http client proxy-server proxy-name proxy-port port-number 7. ip http client response timeout seconds ip http client source-interface type number ip http client username username Reference: HTTP 1.1 Web Server and Client
. http://www.cisco.com/en/US/docs/ios/netmgmt/configuration/guide/nm_http_web.html
QUESTION 4
You have 2 NTP servers in your network – 10.1.1.1 and 10.1.1.2. You want to configure a Cisco router to use 10.1.1.2 as its NTP server before falling back to 10.1.1.1. Which commands will you use to configure the router?
A. ntp server 10.1.1.1 ntp server 10.1.1.2
B. ntp server 10.1.1.1 ntp server 10.1.1.2 primary
C. ntp server 10.1.1.1 ntp server 10.1.1.2 prefer
D. ntp server 10.1.1.1 fallback ntp server 10.1.1.2
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: Preferred server
A router can be configured to prefer an NTP source over another. A preferred server’s responses are discarded only if they vary dramatically from the other time sources. Otherwise, the preferred server is used for synchronization without consideration of the other time sources. Preferred servers are usually specified when they are known to be extremely accurate. To specify a preferred server, use the prefer keyword appended to the ntp server command. The following example tells the router to prefer TimeServerOne over TimeServerTwo: Router#config terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#ntp server TimeServerOne prefer Router(config)#ntp server TimeServerTwo Router(config)#^Z
QUESTION 5
The following command is issued on a Cisco Router:
Router(configuration)#logging console warnings
Which alerts will be seen on the console?
A. Warnings only
B. debugging, informational, notifications, warnings
C. warnings, errors, critical, alerts, emergencies
D. notifications, warnings, errors
E. warnings, errors, critical, alerts

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: Cisco routers prioritize log messages into 8 levels (0-7), as shown below: LevelLevel NameDescription 0 Emergencies System is unusable 1 Alerts Immediate action needed 2 Critical Critical conditions 3 Errors Error conditions 4 Warnings Warning conditions 5 Notifications Informational messages 6 Informational Normal but significant conditions 7 Debugging Debugging messages
When you enable logging for a specific level, all logs of that severity and greater (numerically less) will be logged. In this case, when you enable console logging of warning messages (level 4), it will log levels 0-4, making the correct answer warnings, errors, critical, alerts, and emergencies.
QUESTION 6
Which two of the following options are categories of Network Maintenance tasks?
A. Firefighting
B. Interrupt-driven
C. Policy-based
D. Structured
E. Foundational

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
Explanation:
Proactive Versus Reactive Network Maintenance:
Network maintenance tasks can be categorized as one of the following:
Structured tasks: Performed as a predefined plan.
Interrupt-driven tasks: Involve resolving issues as they are reported.
Reference: CCNP TSHOOT Official Certification Guide, Kevin Wallace, Chapter 1, p.7

QUESTION 7
You enabled CDP on two Cisco Routers which are connected to each other. The Line and Protocol status for the interfaces on both routers show as UP but the routers do not see each other a CDP neighbors. Which layer of the OSI model does the problem most likely exist?
A. Physical
B. Session
C. Application
D. Data-Link
E. Network

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
CDP is a protocol that runs over Layer 2 (the data link layer) on all Cisco routers, bridges, access servers,
and switches. CDP allows network management applications to discover Cisco devices that are neighbors
of already known devices, in particular, neighbors running lower-layer, transparent protocols. With CDP,
network management applications can learn the device type and the SNMP agent address of neighboring
devices. This feature enables applications to send SNMP queries to neighboring devices. In this case, the
line protocol is up which means that the physical layer is operational (layer 1) but the data link layer is not.
Reference: “Configuring CDP”

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/configuration/guide/c dp.html

QUESTION 8
FCAPS is a network maintenance model defined by ISO. It stands for which of the following ?
A. Fault Management
B. Action Management
C. Configuration Management
D. Protocol Management
E. Security Management

Correct Answer: ACE Section: (none) Explanation
Explanation/Reference:
Explanation:
FCAPS -> Fault, Configuration, Accounting, Performance and Security (ISO)

QUESTION 9
Which three management categories are contained in the FCAPS network maintenance model? (Choose three.)
A. Config
B. Fault
C. Storage
D. Accounting
E. Redundancy
F. Telecommunications

Correct Answer: ABD Section: (none) Explanation
Explanation/Reference:
Explanation:
FCAPS -> Fault, Configuration, Accounting, Performance and Security (ISO)
“Pass Any Exam. Any Time.” – www.actualtests.com 7
Cisco 642-832 Exam

QUESTION 10
What is the result of configuring the logging console warning command?
A. Messages with a severity level of 4 and higher will be logged to all available TTY lines.
B. Only warning messages will be logged on the console.
C. Warning, error, critical, and informational messages will be logged on the console.
D. Warning, critical, alert, and emergency messages will be logged on the console.
E. The logging console warning command needs to be followed in the configuration with logging buffered byte size to specify the message buffer size for the console.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 11
Refer to the shown below. %PIX|ASA-3-105010: (Primary) Failover message block alloc failed · %PIX|ASA-3-106010: Deny inbound protocol src interface_name:dest_address/dest_port dst
interface_name:source_address/source_port · %PIX|ASA-3-106011: Deny inbound (No xlate) string · %PIX|ASA-3-106014: Deny inbound icmp src interface_name: IP_address dst interface_name:
IP_address (type dec, code dec) · %PIX-3-107003: RIP: Attempted reference of stale data encountered in function, line: line_num · %PIX|ASA-3-109010: Auth from inside_address/inside_port to outside_address/outside_port failed (too
many pending auths) on interface interface_name. · %PIX|ASA-3-109013: User must authenticate before using this service · %PIX|ASA-3-109016: Can’t find authorization ACL acl_ID for user ‘user’ · %PIX|ASA-3-109018: Downloaded ACL acl_ID is empty · %PIX|ASA-3-109019: Downloaded ACL acl_ID has parsing error; ACE string · %PIX|ASA-3-109020: Downloaded ACL has config error; ACE
· %PIX|ASA-3-109023: User from source_address/source_port to dest_address/dest_port on interface outside_interface must authenticate before using this service.
What statement is correct regarding the output shown in the graphic?
A. These two log messages will not have a severity level. They are not errors but are just informational messages.
B. The first log message is categorized as a warning message.
C. These messages regarding interface status are normal output and will always be displayed when you exit config mode.
D. The first log message is an error message with a severity level of 3.
E. The second message would be shown if the logging console warning command had been issued.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 12
Refer to the configuration statements shown in the graphic above. R1(config)#access-list 199 permit tcp host 10.1.1.1 host 172.16.1.1 R1(config)#access-list 199 permit tcp host 172.16.1.1 host 10.1.1.1 R1(config)#end R1#debug ip packet 199 detail Which statement reflects what the effect is of this configuration sequence?
A. These commands will generate an error message because you cannot use an access list with any debug commands.
B. These commands will have no effect at all. The debug ip packet command will work as normal and display info for all IP packets.
C. These commands turn on debug ip packet only for packets between hosts 10.1.1.1 and 172.16.1.1.
D. These commands will only work when you specify only one host rather than two.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
“Pass Any Exam. Any Time.” – www.actualtests.com 9 Cisco 642-832 Exam
QUESTION 13
What is the result if you configure two devices with the ntp server command?
A. Nothing will happen until one of the devices is configured with the prefer parameter.
B. The NTP protocol will determine which server is most reliable and will synchronize to that server.
C. The device with the highest priority will become the active server and the other device will become the backup server.
D. The device with the lowest MAC address will become the active server and the other device will become the backup server.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 14
A technician is troubleshooting connectivity problems between two routers that are directly connected through a serial line. The technician notices that the serial line is up, but cannot see any neighbors displayed in the output of the show cdp neighbors command.
In which OSI layer is the problem most likely occurring?
A. physical
B. data link
C. network
D. transport
E. application

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 15
What are two approaches to maintaining a network? (Choose two.)
A. PPDIOO
B. structured
C. bottoms up
D. interrupt-driven
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
Explanation:
Topic 2, Drag Drop Questions
QUESTION 16
DRAG DROP
FCAPS is a network maintenance model defined by ISO. FCAPS stands for: A.

B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:

F-> Fault Management C-> Configuration Management A -> Accounting Management
FCAPS -> Fault, Configuration, Accounting, Performance and Security (ISO)
“Pass Any Exam. Any Time.” – www.actualtests.com 11 Cisco 642-832 Exam
QUESTION 17
DRAG DROP
There are many Network Maintenance models. Match the model names on the left to the options on the right: A.

B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:

Explanation: FCAPS -> Fault, Configuration, Accounting, Performance and Security (ISO) ITIL -> A collection of best practice recommendations Cisco Lifecycle -> Often referred to as the PPDIOO model TMN -> Telecommunications Management Network
Well Known Network Maintenance Models Maintenance models Model Explanation FCAPS Fault-, Configuration-, Accounting-, Performance- and Security management defined by ISO ITIL IT Infrastructure Library Defines a collection of best-practice recommendations that work together to meet business goals. TMN Telecommunications Management Network ITU-T variation of FCAPS – See above – specially targeted towards Tele Communication Networks
PPDIOO
Also called Cisco Lifecycle Services (See drawing below)
PPDIOO Life Cycle Reference: http://mars.tekkom.dk/mediawiki/index.php/CCNP_TSHOOT_642-832/Chapter_1
“Pass Any Exam. Any Time.” – www.actualtests.com 13 Cisco 642-832 Exam
QUESTION 18
DRAG DROP Match the items on the left to their purpose on the right

A.
B.
C.
D.

Correct Answer:
Section: (none) Explanation

Explanation:
EEM -> CLI based Management and Monitoring
SDM -> Provides a GUI for Administration
FTP -> Used for Backup and Restore

Cisco IOS Embedded Event Manager (EEM) is a powerful and flexible CLI based subsystem that provides
real-time network event detection and onboard automation. It gives you the ability to adapt the behavior of
your network devices to align with your business needs.

Cisco SDM is an intuitive, Web-based device-management tool for Cisco IOS. Software-based routers.
The Cisco SDM simplifies router and security configuration through smart wizards, which help customers
and Cisco partners quickly and easily deploy, configure, and monitor a Cisco router without requiring
knowledge of the command-line interface (CLI). The Cisco SDM is supported on a wide range of Cisco
routers and Cisco IOS Software releases.

Cisco devices can use FTP to backup and restore configuration files and IOS software. Some examples of
this are shown below:

Example 1: Backing up manually
R1# copy startup-config ftp://kevin:[email protected] Address or name of remote host
[ 192.168.22.33]?
Destination file name [r1-confg]?
Writing R1-confg !!!
3458 bytes copied in 3.443 secs (1243 bytes/sec)

Example 2: Backing up automatically
The configuration below will make a backup:
write-memory Trigger backup when running-config is copied to nvram time-period 1440 Trigger backup
every 1440 minuttes. 60*24=1440 !
ip ftp username kevin
ip ftp password dj7jS
!
archive
path ftp://192.168.2.33/R1-config
write-memory
time-period 1440Viewing

R1#show archive
The next archive file will be named ftp://192.168.2.33/R1-confg-4 Archive # Name
1 ftp://192.168.2.33/R1-confg-1
2 ftp://192.168.2.33/R1-confg-2
3 ftp://192.168.2.33/R1-confg-3 <- Most Recent
Ticket 1 QUESTION 1
Topic 3, Ticket 1 : Switch Port Trunk
Topology Overview (Actual Troubleshooting lab design is for below network design)

-Client Should have IP 10.2.1.3

-EIGRP 100 is running between switch DSW1 & DSW2

-OSPF (Process ID 1) is running between R1, R2, R3, R4

-Network of OSPF is redistributed in EIGRP

-BGP 65001 is configured on R1 with Webserver cloud AS 65002

-HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
“Pass Any Exam. Any Time.” – www.actualtests.com 15 Cisco 642-832 Exam

In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the

ISP’s network. Because the company’s address space is in the private range.

R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside
(209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1

and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the

underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a `proof-of-concept’ on several

implementations. This involved changing the configuration on one or more of the devices. You will be
presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and

solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
========================================================================== =====
“Pass Any Exam. Any Time.” – www.actualtests.com 16 Cisco 642-832 Exam
Client is unable to ping IP 209.65.200.241
A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Solution Steps need to follow as below:-
-When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4 Ipconfig —– Client will be getting 169.X.X.X
-On ASW1 port Fa1/0/ 1 & Fa1/0/2 access port VLAN 10 was assigned which is using IP address 10.2.1.0/24 Sh run ——- & check for running config of int fa1/0/1 & fa1/0/2
==================================================== interface FastEthernet1/0/1 switchport mode access switchport access vlan 10 interface FastEthernet1/0/2 switchport mode access switchport access vlan 10
====================================================
-We need to check on ASW 1 trunk port the trunk Po13 & Po23 were receiving VLAN 20 & 200 but not VLAN 10 so that switch could not get DHCP IP address and was failing to reach IP address of Internet

-Change required: On ASW1 below change is required for switch-to-switch connectivity.. int range portchannel13,portchannel23 switchport trunk allowed vlan none switchport trunk allowed vlan 10,200
So in ticket Answer to the fault condition will be as :
QUESTION 2
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, and FHRP services, a trouble ticket has been operated indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to Isolated the cause of this fault and answer the following questions.
On which device is the fault condition located?
A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
H. ASW2
Correct Answer: G Section: (none) Explanation
Explanation/Reference:
Explanation: Since the Clients are getting an APIPA we know that DHCP is not working. However, upon closer examination of the ASW1 configuration we can see that the problem is not with DHCP, but the fact that the trunks on the port channels are only allowing VLANs 1-9, when the clients belong to VLAN
10. VLAN 10 is not traversing the trunk on ASW1, so the problem is with the trunk configuration on ASW1.
QUESTION 3
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, and FHRP services, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to which technology?

A. NTP
B. Switch-to-Switch Connectivity
C. Access Vlans
D. Port Security
E. VLAN ACL / Port ACL
F. Switch Virtual Interface

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: Since the Clients are getting an APIPA we know that DHCP is not working. However, upon closer examination of the ASW1 configuration we can see that the problem is not with DHCP, but the fact
“Pass Any Exam. Any Time.” – www.actualtests.com 19 Cisco 642-832 Exam
that the trunks on the port channels are only allowing VLANs 1-9, when the clients belong to VLAN
10. VLAN 10 is not traversing the trunk on ASW1, so the problem is with switch to switch connectivity, specifically the trunk configuration on ASW1.
QUESTION 4
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, and FHRP services, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
What is the solution to the fault condition?
A. In Configuration mode, using the interface port-channel 13 command, then configure switchport trunk allowed vlan none followed by switchport trunk allowed vlan 20,200 commands.
B. In Configuration mode, using the interface port-channel 13, port-channel 23, then configure switchport trunk none allowed vlan none followed by switchport trunk allowed vlan 10,200 commands.
C. In Configuration mode, using the interface port-channel 23 command, then configure switchport trunk allowed vlan none followed by switchport trunk allowed vlan 20,200 commands.
D. In Configuration mode, using the interface port-channel 23, port-channel, then configure switchport trunk allowed vlan none followed by switchport trunk allowed vlan 10,20,200 commands.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
We need to allow VLANs 10 and 200 on the trunks to restore full connectivity. This can be accomplished
by issuing the “switchport trunk allowed vlan 10,200” command on the port channels used as trunks in
DSW1.

========================================================================== ====
Ticket 2 QUESTION 1
Topic 4, Ticket 2 : ACCESS VLAN
Topology Overview (Actual Troubleshooting lab design is for below network design)

-Client Should have IP 10.2.1.3

-EIGRP 100 is running between switch DSW1 & DSW2

-OSPF (Process ID 1) is running between R1, R2, R3, R4

-Network of OSPF is redistributed in EIGRP

-BGP 65001 is configured on R1 with Webserver cloud AS 65002

-HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the

ISP’s network. Because the company’s address space is in the private range.

R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside
(209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1

and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the

underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a `proof-of-concept’ on several

implementations. This involved changing the configuration on one or more of the devices. You will be
presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and

solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
========================================================================== =====
“Pass Any Exam. Any Time.” – www.actualtests.com 22 Cisco 642-832 Exam

Client is unable to ping IP 209.65.200.241
A.
B.
C.
D.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Solution Steps need to follow as below:-
-When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4 Ipconfig —–Client will be getting 169.X.X.X
-On ASW1 port Fa1/0/ 1 & Fa1/0/2 access port VLAN 10 was assigned which is using IP address 10.2.1.0/24
Sh run ——- & check for running config of int fa1/0/1 & fa1/0/2 ====================================================

“Pass Any Exam. Any Time.” – www.actualtests.com 23 Cisco 642-832 Exam ====================================================
-Here we are not able to see access Vlan10 configured for Port Fa1/0/1 & Fa1/0/2
-Change required: On ASW1, for configuring Access Vlan under interface fa1/0/1 & 1/0/2 we have to enable command switchport access vlan 10
So in ticket Answer to the fault condition will be as:
QUESTION 2
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
What is the solution to the fault condition?

“Pass Any Exam. Any Time.” – www.actualtests.com 22 Cisco 642-832 Exam

A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
H. ASW2
Correct Answer: G Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 3
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to switch technology?

“Pass Any Exam. Any Time.” – www.actualtests.com 22 Cisco 642-832 Exam

A. NTP
B. Switch-to-Switch Connectivity
C. Loop Prevention
D. Access Vlans
E. VLAN ACL Port ACL
F. Switch Virtual Interface
G. Port Security

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 4
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
What is the solution to the fault condition?

“Pass Any Exam. Any Time.” – www.actualtests.com 22 Cisco 642-832 Exam

A. In Configuration mode, using the interface range Fastethernet 1/0/1 2, then switchport mode access vlan 10 command.
B. In Configuration mode, using the interface range Fastethernet 1/0/1 2, then switchport access mode vlan 10 command.
C. In Configuration mode, using the interface range Fastethernet 1/0/1 2, then switchport vlan 10 access command.
D. In Configuration mode, using the interface range Fastethernet 1/0/1 2, then switchport access vlan 10 command.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: ========================================================================== =====

Ticket 3 QUESTION 1
Topic 5, Ticket 3 : OSPF Authentication
Topology Overview (Actual Troubleshooting lab design is for below network design)

-Client Should have IP 10.2.1.3

-EIGRP 100 is running between switch DSW1 & DSW2

-OSPF (Process ID 1) is running between R1, R2, R3, R4

-Network of OSPF is redistributed in EIGRP

-BGP 65001 is configured on R1 with Webserver cloud AS 65002

-HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the

ISP’s network. Because the company’s address space is in the private range.

R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside
(209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1

and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the

underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a `proof-of-concept’ on several

implementations. This involved changing the configuration on one or more of the devices. You will be
presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and

solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
========================================================================== =====
“Pass Any Exam. Any Time.” – www.actualtests.com 27 Cisco 642-832 Exam

Client is unable to ping IP 209.65.200.241
A.
B.
C.
D.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Solution Steps need to follow as below:-
-When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4 Ipconfig —–Client will be receiving IP address 10.2.1.3
-IP 10.2.1.3 will be able to ping from R4 , R3, R2 but not from R1

-Check for neighborship of ospf sh ip ospf nei —– Only one neighborship is forming with R2 & i.e. with R3
Since R2 is connected to R1 & R3 with routing protocol ospf than there should be 2 neighbors seen but only one is seen
-Need to check running config of R2 & R3 for interface Sh run ————————– Interface Serial0/0/0/0.12 on R2
“Pass Any Exam. Any Time.” – www.actualtests.com 28 Cisco 642-832 Exam Sh run ————————– Interface Serial0/0/0/0 on R1

-Change required: On R1, for IPV4 authentication of OSPF command is missing and required to configure—— ip ospf authentication message-digest
So in ticket Answer to the fault condition will be as below for
QUESTION 2
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
On which device is the fault condition located? ========================================================================== =====

“Pass Any Exam. Any Time.” – www.actualtests.com 27 Cisco 642-832 Exam

A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
H. ASW2
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 3
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to which technology? ========================================================================== =====

“Pass Any Exam. Any Time.” – www.actualtests.com 27 Cisco 642-832 Exam

A. BGP
B. NTP
C. IP NAT
D. IPv4 OSPF Routing
E. IPv4 OSPF Redistribution
F. IPv6 OSPF Routing
G. IPv4 layer 3 security

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 4
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
What is the solution to the fault condition?
========================================================================== =====

“Pass Any Exam. Any Time.” – www.actualtests.com 27 Cisco 642-832 Exam

A. Enable OSPF authentication on the s0/0/0 interface using the ip ospf authentication message- digest command
B. Enable OSPF routing on the s0/0/0 interface using the network 10.1.1.0 0.0.0.255 area 12 command.
C. Enable OSPF routing on the s0/0/0 interface using the network 209.65.200.0 0.0.0.255 area 12 command.
D. Redistribute the BGP route into OSPF using the redistribute BGP 65001 subnet command.
Correct Answer: A Section: (none) Explanation
Explanation/Reference: Ticket 4 QUESTION 1

Topic 6, Ticket 4 : BGP Neighbor
Topology Overview (Actual Troubleshooting lab design is for below network design)

-Client Should have IP 10.2.1.3

-EIGRP 100 is running between switch DSW1 & DSW2

-OSPF (Process ID 1) is running between R1, R2, R3, R4

-Network of OSPF is redistributed in EIGRP

-BGP 65001 is configured on R1 with Webserver cloud AS 65002

-HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the

ISP’s network. Because the company’s address space is in the private range.

R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside
(209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1

and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the

underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a `proof-of-concept’ on several

implementations. This involved changing the configuration on one or more of the devices. You will be
presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and

solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
========================================================================== =====
“Pass Any Exam. Any Time.” – www.actualtests.com 32 Cisco 642-832 Exam
Client is unable to ping IP 209.65.200.241
A.
B.
C.
D.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Solution Steps need to follow as below:-
-When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4 ipconfig —–Client will be receiving IP address 10.2.1.3
-IP 10.2.1.3 will be able to ping from R4 , R3, R2, R1
-Look for BGP Neighbourship Sh ip bgp summary —– No O/P will be seen
-Check for interface IP & ping IP 209.65.200.225 —- Reply will be received from Webserver interface
-Look for peering IP address via sh run on R1 interface serial 0/0/1

-Since we are receiving icmp packets from Webserver interface on R1 so peering IP address under router BGP is configured wrong IP but with correct AS nos.
-Change required: On R1 under router BGP Change neighbor 209.56.200.226 remote-as 65002 statement to neighbor 209.65.200.226 remote-as 65002
So in ticket Answer to the fault condition will be as below for
QUESTION 2
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client
1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network
addressing, routing schemes, DHCP services, NTP services, layer 2 connectivity, FHRP services, and
device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241
address.

“Pass Any Exam. Any Time.” – www.actualtests.com 34 Cisco 642-832 Exam
Use the supported commands to isolated the cause of this fault and answer the following questions.

On which device is the fault condition located?

A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 3
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to which technology?
A. BGP
B. NTP
C. IP NAT
D. IPv4 OSPF Routing
E. IPv4 OSPF Redistribution
F. IPv6 OSPF Routing
G. IPv4 layer 3 security

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 4
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
What is the solution to the fault condition?

A. Under the BGP process, enter the bgp redistribute-internal command.
B. Under the BGP process, bgp confederation identifier 65001command.
C. Deleted the current BGP process and reenter all of the command using 65002 as the AS number.
D. Under the BGP process, delete the neighbor 209.56.200.226 remote-as 65002 command and enter the neighbor 209.65.200.226 remote-as 65002 command.
Correct Answer: D Section: (none) Explanation
Explanation/Reference: Ticket 5 QUESTION 1

Topic 7, Ticket 5 : NAT ACL
Topology Overview (Actual Troubleshooting lab design is for below network design)

-Client Should have IP 10.2.1.3

-EIGRP 100 is running between switch DSW1 & DSW2

-OSPF (Process ID 1) is running between R1, R2, R3, R4

-Network of OSPF is redistributed in EIGRP

-BGP 65001 is configured on R1 with Webserver cloud AS 65002

-HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
“Pass Any Exam. Any Time.” – www.actualtests.com 36 Cisco 642-832 Exam

In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the

ISP’s network. Because the company’s address space is in the private range.

R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside
(209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1

and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the

underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a `proof-of-concept’ on several

implementations. This involved changing the configuration on one or more of the devices. You will be
presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and

solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
========================================================================== =====
Client is unable to ping IP 209.65.200.241
A.
B.
C.
D.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Solution
Steps need to follow as below:-
-When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4 Ipconfig —–Client will be receiving IP address 10.2.1.3
-IP 10.2.1.3 will be able to ping from R4 , R3, R2, R1
-Look for BGP Neighbourship Sh ip bgp summary —– State of BGP will be in established state & will be able to receive I prefix
(209.65.200.241)
-As per troubleshooting we are able to ping ip 10.2.1.3 from R1 & BGP is also receiving prefix of webserver & we are able to ping the same from R1. Further troubleshooting needs to be done on R1 on serial 0/0/1
-Check for running config. i.e sh run for interface serial 0/0/1..

!
! From above snapshot we are able to see that IP needs to be PAT to serial 0/0/1 to reach web server IP (209.65.200.241). But in access-list of NAT IP allowed IP is 10.1.0.0/16 is allowed & need 10.2.0.0 /16 to
-As per troubleshooting we are able to ping ip 10.2.1.3 from R1 & BGP is also receiving prefix of web server & we are able to ping the same from R1. Its should be checked further for running config of interface for stopping
-Change required: On R1, In natting we need to add client IP address for reachability to server.
So in ticket Answer to the fault condition will be as below for
QUESTION 2
“Pass Any Exam. Any Time.” – www.actualtests.com 39 Cisco 642-832 Exam The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing schemes, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
On which device is the fault condition located? ========================================================================== =====
A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 3
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to which technology? ========================================================================== =====

A. BGP

B. NTP
C. IP NAT
D. IPv4 OSPF Routing
E. IPv4 OSPF Redistribution
F. IPv6 OSPF Routing
G. IPv4 layer 3 security

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
“Pass Any Exam. Any Time.” – www.actualtests.com 40 Cisco 642-832 Exam
Explanation:
QUESTION 4
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
What is the solution to the fault condition? ========================================================================== =====
A. Under the interface Serial0/0/0 configuration enter the ip nat inside command.
B. Under the interface Serial0/0/0 configuration enter the ip nat outside command.
C. Under the ip access-list standard nat_trafic configuration enter the permit 10.2.0.0 0.0.255.255 command.
D. Under the ip access-list standard nat_trafic configuration enter the permit 209.65.200.0 0.0.0.255 command.
Correct Answer: C Section: (none) Explanation
Explanation/Reference: Ticket 6 QUESTION 1

Topic 8, Ticket 6 : R1 ACL
Topology Overview (Actual Troubleshooting lab design is for below network design)

-Client Should have IP 10.2.1.3

-EIGRP 100 is running between switch DSW1 & DSW2
“Pass Any Exam. Any Time.” – www.actualtests.com 41 Cisco 642-832 Exam

-OSPF (Process ID 1) is running between R1, R2, R3, R4

-Network of OSPF is redistributed in EIGRP

-BGP 65001 is configured on R1 with Webserver cloud AS 65002

-HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the

ISP’s network. Because the company’s address space is in the private range.

R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside
(209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1

and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the

underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a `proof-of-concept’ on several

implementations. This involved changing the configuration on one or more of the devices. You will be
presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and

solution.

“Pass Any Exam. Any Time.” – www.actualtests.com 42 Cisco 642-832 Exam
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
========================================================================== =====
“Pass Any Exam. Any Time.” – www.actualtests.com 43 Cisco 642-832 Exam Client is unable to ping IP 209.65.200.241…

A.
B.
C.
D.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Solution Steps need to follow as below:-
-When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4
-Ipconfig —– Client will be receiving IP address 10.2.1.3
-IP 10.2.1.3 will be able to ping from R4 , R3, R2, R1
-Look for BGP Neighbourship
-Sh ip bgp summary —– State of BGP will be in active state. This means connectivity issue between serial
-Check for running config. i.e sh run — over here check for access-list configured on interface as BGP is down (No need to check for NAT configuration as its configuration should be right as first need to bring BGP up)

“Pass Any Exam. Any Time.” – www.actualtests.com 44 Cisco 642-832 Exam

-In above snapshot we can see that access-list of edge_security on R1 is not allowing wan IP network
-Change required: On R1, we need to permit IP 209.65.200.222/30 under access list.
So in ticket Answer to the fault condition will be as below for
QUESTION 2
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
On which device is the fault condition located? ========================================================================== =====

“Pass Any Exam. Any Time.” – www.actualtests.com 43 Cisco 642-832 Exam

Client is unable to ping IP 209.65.200.241…
A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
“Pass Any Exam. Any Time.” – www.actualtests.com 45 Cisco 642-832 Exam
QUESTION 3
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to which technology? ========================================================================== =====

“Pass Any Exam. Any Time.” – www.actualtests.com 43 Cisco 642-832 Exam

Client is unable to ping IP 209.65.200.241…
A. BGP
B. NTP
C. IP NAT
D. IPv4 OSPF Routing
E. IPv4 OSPF Redistribution
F. IPv6 OSPF Routing
G. IPv4 layer 3 security

Correct Answer: G Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 4
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
What is the solution to the fault condition? ========================================================================== =====

“Pass Any Exam. Any Time.” – www.actualtests.com 43 Cisco 642-832 Exam

Client is unable to ping IP 209.65.200.241…
A. Under the interface Serial0/0/1 enter the ip access-group edge_security out command.
B. Under the ip access-list extended edge_security configuration add the permit ip 209.65.200.224 0.0.0.3 any command.
C. Under the ip access-list extended edge_security configuration delete the deny ip 10.0.0.0.0
0.255.255.255 any command.
D. Under the interface Serial0/0/0 configuration delete the ip access-group edge_security in command and enter the ip access-group edge_security out command. “Pass Any Exam. Any Time.” – www.actualtests.com 46 Cisco 642-832 Exam

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: ========================================================================== =====

Ticket 7 QUESTION 1
Topic 9, Ticket 7 : Port Security
Topology Overview (Actual Troubleshooting lab design is for below network design)

-Client Should have IP 10.2.1.3

-EIGRP 100 is running between switch DSW1 & DSW2

-OSPF (Process ID 1) is running between R1, R2, R3, R4

-Network of OSPF is redistributed in EIGRP

-BGP 65001 is configured on R1 with Webserver cloud AS 65002

-HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the

ISP’s network. Because the company’s address space is in the private range.

R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside
(209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1

and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
“Pass Any Exam. Any Time.” – www.actualtests.com 47 Cisco 642-832 Exam

DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.

The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the
underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a `proof-of-concept’ on several

implementations. This involved changing the configuration on one or more of the devices. You will be

presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and
solution.

Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
========================================================================== =====
“Pass Any Exam. Any Time.” – www.actualtests.com 48 Cisco 642-832 Exam Client is unable to ping IP 209.65.200.241

A.
B.
C.
D.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Solution Steps need to follow as below:-
-When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4 ipconfig —–Client will be getting 169.X.X.X
-On ASW1 port Fa1/0/ 1 & Fa1/0/2 access port VLAN 10 was assigned but when we checked interface it was showing down Sh run ——- check for running config of int fa1/0/1 & fa1/0/2 (switchport access Vlan 10 will be there with switch
port security command). Now check as below
Sh int fa1/0/1 & sh int fa1/0/2

-As seen on interface the port is in err-disable mode so need to clear port.
-Change required: On ASW1, for port security need command to remove port-security under interface under interface fa1/0/1 & fa1/0/2.
So in ticket Answer to the fault condition will be as below for
QUESTION 2
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
On which device is the fault condition located? ========================================================================== =====

“Pass Any Exam. Any Time.” – www.actualtests.com 48 Cisco 642-832 Exam

Client is unable to ping IP 209.65.200.241
A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
H. ASW2
Correct Answer: G Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 3
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client
1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network
addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and
device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241
address.

“Pass Any Exam. Any Time.” – www.actualtests.com 50 Cisco 642-832 Exam
Use the supported commands to isolated the cause of this fault and answer the following questions.

The fault condition is related to which technology?
========================================================================== =====
“Pass Any Exam. Any Time.” – www.actualtests.com 48 Cisco 642-832 Exam

Client is unable to ping IP 209.65.200.241
A. NTP
B. Switch-to-Switch Connectivity
C. Access Vlans
D. Port Security
E. VLAN ACL / Port ACL
F. Switch Virtual Interface

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 4
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
What is the solution to the fault condition? ========================================================================== =====

“Pass Any Exam. Any Time.” – www.actualtests.com 48 Cisco 642-832 Exam

Client is unable to ping IP 209.65.200.241
A. In Configuration mode, using the interface range Fa 1/0/1 2, then no switchport port-security interface configuration commands. Then in exec mode clear errdisable interface fa 1/01 2 vlan 10 command
B. In Configuration mode, using the interface range Fa 1/0/1 2, then no switchport port-security, followed by shutdown, no shutdown interface configuration commands.
C. In Configuration mode, using the interface range Fa 1/0/1 2, then no switchport port-security interface configuration commands.
D. In Configuration mode, using the interface range Fa 1/0/1 2, then no switchport port-security interface configuration commands. Then in exec mode clear errdisable interface fa 1/0/1, then clear errdisable interface fa 1/0/2 commands.
Correct Answer: B Section: (none) Explanation
Explanation/Reference: Ticket 8
QUESTION 1
Topic 10, Ticket 8 : Redistribution of EIGRP to OSPF
Topology Overview (Actual Troubleshooting lab design is for below network design)

-Client Should have IP 10.2.1.3

-EIGRP 100 is running between switch DSW1 & DSW2

-OSPF (Process ID 1) is running between R1, R2, R3, R4

-Network of OSPF is redistributed in EIGRP

-BGP 65001 is configured on R1 with Webserver cloud AS 65002

-HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the

ISP’s network. Because the company’s address space is in the private range.

R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside
(209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1

and DSW2.

“Pass Any Exam. Any Time.” – www.actualtests.com 52 Cisco 642-832 Exam
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the

underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a `proof-of-concept’ on several

implementations. This involved changing the configuration on one or more of the devices. You will be
presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and

solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
========================================================================== =====
“Pass Any Exam. Any Time.” – www.actualtests.com 53 Cisco 642-832 Exam Client is unable to ping IP 209.65.200.241

A.
B.
C.
D.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Solution Steps need to follow as below:-
-When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4 ipconfig —–Client will be receiving IP address 10.2.1.3
-IP 10.2.1.3 will be able to ping from R4 , but cannot ping from R3, R2, R1
-This clearly shows problem at R4 since EIGRP is between DSW1, DSW2 & R4 and OSPF protocol is running between R4, R3, R2, R1 so routes from R4 are not propagated to R3, R2, R1
-Since R4 is able to ping 10.2.1.3 it means that routes are received in EIGRP & same needs to be advertised in OSPF to ping from R3, R2, R1.
-Need to check the routes are being advertised properly or not in OSPF & EIGRP vice-versa.

“Pass Any Exam. Any Time.” – www.actualtests.com 54 Cisco 642-832 Exam

-From above snap shot it clearly indicates that redistribution done in EIGRP is having problem & by default all routes are denied from ospf to EIGRP… so need to change route-map name.
-Change required: On R4, in redistribution of EIGRP routing protocol, we need to change name of route-map to resolve the issue…
So in ticket Answer to the fault condition will be as below for
QUESTION 2
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
On which device is the fault condition located? ========================================================================== =====

“Pass Any Exam. Any Time.” – www.actualtests.com 53 Cisco 642-832 Exam

Client is unable to ping IP 209.65.200.241
A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
H. ASW2
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
“Pass Any Exam. Any Time.” – www.actualtests.com 55 Cisco 642-832 Exam
Explanation:
QUESTION 3
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to which technology? ========================================================================== =====

“Pass Any Exam. Any Time.” – www.actualtests.com 53 Cisco 642-832 Exam

Client is unable to ping IP 209.65.200.241
A. NTP
B. IP DHCP Server
C. IPv4 OSPF Routing
D. IPv4 EIGRP Routing
E. IPv4 Route Redistribution
F. IPv6 RIP Routing
G. IPv6 OSPF Routing
H. IPv4 and IPv6 Interoperability
I. IPv4 layer 3 security

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 4
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
Which is the solution to the fault condition?
“Pass Any Exam. Any Time.” – www.actualtests.com 56 Cisco 642-832 Exam ========================================================================== =====

“Pass Any Exam. Any Time.” – www.actualtests.com 53 Cisco 642-832 Exam Client is unable to ping IP 209.65.200.241

A. Under the EIGRP process, delete the redistribute ospf 1 route-map OSPF_ to_ E IGRP command and enter the redistribute ospf 1 route-map OSPF – > E IGRP command.
B. Under the EIGRP process, delete the redistribute ospf 1 route-map OSPF_ to_ E IGRP command and enter the redistribute ospf 6 metric route-map OSPF – > E IGRP command.
C. Under the OSPF process, delete the redistribute eigrp10 subnets route-map EIGPR ->OSPF command and enter the redistribute eigrp10 subnets route-map OSPF – > E IGRP command.
D. Under the OSPF process, delete the redistribute eigrp10 subnets route-map EIGPR ->OSPF command and enter the redistribute eigrp10 subnets route-map EIGPR – > OSPF command.
E. Under the EIGRP process, delete the redistribute ospf 1 route-map OSPF _to_ EIGRP command and enter redistribute ospf 1 metric 100000 100 100 1 15000 route_ map OSPF _to _EIGRP command
Correct Answer: A Section: (none) Explanation
Explanation/Reference: Ticket 9 QUESTION 1

Topic 11, Ticket 9 : EIGRP AS number
Topology Overview (Actual Troubleshooting lab design is for below network design)

-Client Should have IP 10.2.1.3

-EIGRP 100 is running between switch DSW1 & DSW2

-OSPF (Process ID 1) is running between R1, R2, R3, R4
“Pass Any Exam. Any Time.” – www.actualtests.com 57 Cisco 642-832 Exam

-Network of OSPF is redistributed in EIGRP

-BGP 65001 is configured on R1 with Webserver cloud AS 65002

-HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the

ISP’s network. Because the company’s address space is in the private range.

R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside
(209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1

and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the

underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a `proof-of-concept’ on several

implementations. This involved changing the configuration on one or more of the devices. You will be
presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and

solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.
“Pass Any Exam. Any Time.” – www.actualtests.com 58 Cisco 642-832 Exam

Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
========================================================================== =====
Client is unable to ping IP 209.65.200.241
A.
B.
C.
D.
E.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Solution Steps need to follow as below:-
-When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4 ipconfig —–Client will be receiving IP address 10.2.1.3
-From Client PC we can ping 10.2.1.254
-But IP 10.2.1.3 is not able to ping from R4, R3, R2, R1
-This clearly shows problem at R4 Kindly check routes in EIGRP there are no routes of eigrp.
-Check the neighborship of EIGRP on R4; there are no neighbor seen from DSW1 & DSW2 check the running config of EIGRP protocol it shows EIGRP AS 1 process…. Now check on DSW1 & DSW2
On DSW1 only one Eigrp neighbour is there with DSW2 but its not with R4…

-From above snapshot & since R4 has EIGRP AS number 1 due to which neighbour is not happening.
-Change required: On R4, IPV4 EIGRP Routing, need to change the EIGRP AS number from 1 to 10 since DSW1 & DSW2 is having EIGRP AS number 10
So in ticket Answer to the fault condition will be as below for
QUESTION 2
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
On which device is the fault condition located?
========================================================================== =====

Client is unable to ping IP 209.65.200.241
A.R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
H. ASW2
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 3
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to which technology? ========================================================================== ===== Client is unable to ping IP 209.65.200.241
A. NTP
B. IP DHCP Server
C. IPv4 OSPF Routing
D. IPv4 EIGRP Routing
E. IPv4 Route Redistribution
F. IPv6 RIP Routing
G. IPv6 OSPF Routing
H. IPv4 and IPv6 Interoperability
I. IPv4 layer 3 security

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 4
“Pass Any Exam. Any Time.” – www.actualtests.com 61 Cisco 642-832 Exam The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
What is the solution to the fault condition? ========================================================================== =====

Client is unable to ping IP 209.65.200.241
A. Disable auto summary on the EIGRP process
B. Enable EIGRP on the FastEthernet0/0 and FastEthernet0/1 interface using the no passive- interface command.
C. Change the AS number on the EIGRP routing process from 1 to 10 to much the AS number used on DSW1 and DSW2.
D. Under the EIGRP process, delete the network 10.1.4.0 0.0.0.255 command and enter the network
10.1.4.4 0.0.0.252 and 10.1.4.8 0.0.0.252 commands.
Correct Answer: C Section: (none) Explanation
Explanation/Reference: Ticket 10 QUESTION 1

Topic 12, Ticket 10 : VLAN Access Map
Topology Overview (Actual Troubleshooting lab design is for below network design)

-Client Should have IP 10.2.1.3
-EIGRP 100 is running between switch DSW1 & DSW2
-OSPF (Process ID 1) is running between R1, R2, R3, R4
-Network of OSPF is redistributed in EIGRP
-BGP 65001 is configured on R1 with Webserver cloud AS 65002
-HSRP is running between DSW1 & DSW2 Switches The company has created the test bed shown in the layer 2 and layer 3 topology exhibits. “Pass Any Exam. Any Time.” – www.actualtests.com 62 Cisco 642-832 Exam
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the

ISP’s network. Because the company’s address space is in the private range.

R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside
(209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1

and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the

underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a `proof-of-concept’ on several

implementations. This involved changing the configuration on one or more of the devices. You will be presented with a series of trouble tickets related to issues introduced during these configurations. Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and
solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
“Pass Any Exam. Any Time.” – www.actualtests.com 63 Cisco 642-832 Exam

========================================================================== =====

Client 1 is unable to ping IP 209.65.200.241
A.
B.
C.
D.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Solution Steps need to follow as below:-
-When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4 ipconfig —–Client will be receiving IP address 10.2.1.3
-From Client PC we can ping 10.2.1.254….
-But IP 10.2.1.3 is not able to ping from R4, R3, R2, R1

-Change required: On DSW1, VALN ACL, Need to delete the VLAN access-map test1 whose action is to drop access-list 10 i.e 10.2.1.3
So in ticket Answer to the fault condition will be as below for
QUESTION 2
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
“Pass Any Exam. Any Time.” – www.actualtests.com 65 Cisco 642-832 Exam
Use the supported commands to isolated the cause of this fault and answer the following questions.

On which device is the fault condition located?
========================================================================== =====

Client 1 is unable to ping IP 209.65.200.241
A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
H. ASW2
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 3
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to which technology? ========================================================================== =====

Client 1 is unable to ping IP 209.65.200.241
A. NTP
B. IP DHCP Helper
C. IPv4 EIGRP Routing
D. IPv6 RIP Routing
E. IPv4 layer 3 security
F. Switch-to-Switch Connectivity
G. Loop Prevention
H. Access Vlans
I. Port Security
J. VLAN ACL / Port ACL
K. Switch Virtual Interface

Correct Answer: J Section: (none) Explanation
Explanation/Reference:
“Pass Any Exam. Any Time.” – www.actualtests.com 66 Cisco 642-832 Exam
Explanation:
QUESTION 4
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to which technology? ========================================================================== =====

Client 1 is unable to ping IP 209.65.200.241
A. Under the global configuration mode enter no access-list 10 command.
B. Under the global configuration mode enter no access-map vlan 10 command.
C. Under the global configuration mode enter no vlan access-map test1 10 command.
D. Under the global configuration mode enter no vlan filter test1 vlan-list 10 command.
Correct Answer: C Section: (none) Explanation
Explanation/Reference: Ticket 11 QUESTION 1

Topic 13, Ticket 11 : IPV6 OSPF
Topology Overview (Actual Troubleshooting lab design is for below network design)

-Client Should have IP 10.2.1.3
-EIGRP 100 is running between switch DSW1 & DSW2
-OSPF (Process ID 1) is running between R1, R2, R3, R4
-Network of OSPF is redistributed in EIGRP
-BGP 65001 is configured on R1 with Webserver cloud AS 65002
-HSRP is running between DSW1 & DSW2 Switches The company has created the test bed shown in the layer 2 and layer 3 topology exhibits. This network consists of four routers, two layer 3 switches and two layer 2 switches. In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process “Pass Any Exam. Any Time.” – www.actualtests.com 67 Cisco 642-832 Exam
number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the

ISP’s network. Because the company’s address space is in the private range.

R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside
(209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1

and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the

underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a `proof-of-concept’ on several

implementations. This involved changing the configuration on one or more of the devices. You will be presented with a series of trouble tickets related to issues introduced during these configurations. Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and
solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
========================================================================== =====

A.
B.
C.
D.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Solution Steps need to follow as below:-
-When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4 ipconfig —–Client will be receiving IP address 10.2.1.3
-From Client PC we can ping 10.2.1.254….
-But IP 10.2.1.3 is able to ping from R4, R3, R2, R1.
-Since the problem is R1 (2026::111:1) is not able to ping loopback of DSW1 (2026::102:1).
-Kindly check for neighbourship of routers as IPV6…. As per design below neighbourship should be present for IPV6 R1 —R2 — R3 — R4— DSW1 & DSW2 —– Neighbourship between devices of IPV6

R2 IPV6 OSPF neighbourship is with R1

R3 IPV6 OSPF neighbourship is with R4
-As per above snapshot we cannot see IPV6 neighbourship between R2 & R3 when checked interface configuration ipv6 ospf area 0 is missing on R2 which is connected to R3
-Change required: On R2, IPV6 OSPF routing, Configuration is required ipv6 ospf 6 area 0 under interface serial 0/0/0.23
So in ticket Answer to the fault condition will be as below for
QUESTION 2
The implementations group has been using the test bed to do a `proof-of-concept’. After several changes to the network addressing, routing schemes, a trouble ticket has been opened indicating that the loopback address on R1 (2026::111:1) is not able to ping the loopback address on DSW2(2026::102:1).
Use the supported commands to isolated the cause of this fault and answer the following questions.
On which device is the fault condition located? ========================================================================== =====
A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
H. ASW2
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 3
The implementations group has been using the test bed to do a `proof-of-concept’. After several changes to the network addressing, routing schemes, a trouble ticket has been opened indicating that the loopback address on R1 (2026::111:1) is not able to ping the loopback address on DSW2(2026::102:1).
Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to which technology?
========================================================================== =====
A. NTP
B. IPv4 OSPF Routing
C. IPv6 OSPF Routing
D. IPv4 layer 3 security

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 4
The implementations group has been using the test bed to do a `proof-of-concept’. After several changes to the network addressing, routing schemes, a trouble ticket has been opened indicating that the loopback address on R1 (2026::111:1) is not able to ping the loopback address on DSW2(2026::102:1).
Use the supported commands to isolated the cause of this fault and answer the following questions.
What is the solution to fault condition? ========================================================================== =====
A. Under the interface Serial 0/0/0.23 configuration enter the ipv6 ospf 6 area 0 command.
B. Under the interface Serial0/0/0.12 configuration enter the ipv6 ospf 6 area 12 command.
C. Under ipv6 router ospf 6 configuration enter the network 2026::1:/122 area 0 command.
D. Under ipv6 router ospf 6 configuration enter no passive-interface default command.
Correct Answer: A Section: (none) Explanation
Explanation/Reference: Ticket 12 QUESTION 1

Topic 14, Ticket 12 : HSRP Issue
Topology Overview (Actual Troubleshooting lab design is for below network design)

-Client Should have IP 10.2.1.3

-EIGRP 100 is running between switch DSW1 & DSW2

-OSPF (Process ID 1) is running between R1, R2, R3, R4

-Network of OSPF is redistributed in EIGRP

-BGP 65001 is configured on R1 with Webserver cloud AS 65002

-HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the

ISP’s network. Because the company’s address space is in the private range.

R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside
(209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1

and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the

underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a `proof-of-concept’ on several

implementations. This involved changing the configuration on one or more of the devices. You will be
presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and

solution.

“Pass Any Exam. Any Time.” – www.actualtests.com 73 Cisco 642-832 Exam
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
========================================================================== =====
“Pass Any Exam. Any Time.” – www.actualtests.com 74 Cisco 642-832 Exam
A.
B.
C.
D.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Solution Steps need to follow as below:-
-Since the problem is raised that DSW1 will not become active router for HSRP group 10
-we will check for the HSRP configuration…
“Pass Any Exam. Any Time.” – www.actualtests.com 75 Cisco 642-832 Exam -From snapshot we see that the track command given needs to be changed under active VLAN10 router
-Change Required: On DSW1, related to HSRP, under vlan 10 change the given track 1 command. & use track 10 command.
So in ticket Answer to the fault condition will be as below for
QUESTION 2
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing schemes, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened DSW1 will not become the active router for HSRP group
10.
Use the supported commands to isolated the cause of this fault and answer the following questions.
On which device is the fault condition located?
========================================================================== =====

“Pass Any Exam. Any Time.” – www.actualtests.com 74 Cisco 642-832 Exam

A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
H. ASW2
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 3
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing schemes, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened DSW1 will not become the active router for HSRP group
10.
Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to which technology? ========================================================================== =====

“Pass Any Exam. Any Time.” – www.actualtests.com 74 Cisco 642-832 Exam

A. NTP
B. HSRP
C. IP DHCP Helper
D. IPv4 EIGRP Routing
E. IPv6 RIP Routing
F. IPv4 layer 3 security
G. Switch-to-Switch Connectivity
H. Loop Prevention
I. Access Vlans

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
“Pass Any Exam. Any Time.” – www.actualtests.com 77 Cisco 642-832 Exam
QUESTION 4
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing schemes, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened DSW1 will not become the active router for HSRP group
10.
Use the supported commands to isolated the cause of this fault and answer the following questions.
What is the solution to the fault condition?

========================================================================== =====
“Pass Any Exam. Any Time.” – www.actualtests.com 74 Cisco 642-832 Exam

A. Under the interface vlan 10 configuration enter standby 10 preempt command.
B. Under the track 1 object configuration delete the threshold metric up 1 down 2 command and enter the threshold metric up 61 down 62 command.
C. Under the track 10 object configuration delete the threshold metric up 61 down 62 command and enter the threshold metric up 1 down 2 command.
D. Under the interface vlan 10 configuration delete the standby 10 track1 decrement 60 command and enter the standby 10 track 10 decrement 60 command.
Correct Answer: D Section: (none) Explanation
Explanation/Reference: Ticket 13 QUESTION 1

Topic 15, Ticket 13 : DHCP IssueTopology Overview (Actual Troubleshooting lab design is for below network design)
-Client Should have IP 10.2.1.3
-EIGRP 100 is running between switch DSW1 & DSW2
-OSPF (Process ID 1) is running between R1, R2, R3, R4
-Network of OSPF is redistributed in EIGRP
-BGP 65001 is configured on R1 with Webserver cloud AS 65002
-HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
“Pass Any Exam. Any Time.” – www.actualtests.com 78 Cisco 642-832 Exam

R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the
ISP’s network. Because the company’s address space is in the private range.
R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside
(209.65.0.0/24) network.

ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1

and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the

underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a `proof-of-concept’ on several

implementations. This involved changing the configuration on one or more of the devices. You will be presented with a series of trouble tickets related to issues introduced during these configurations. Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and
solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
========================================================================== =====

A.
B.
C.
D.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Solution
Steps need to follow as below:
-When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4 ipconfig —–Client will be receiving Private IP address 169.254.X.X
-From ASW1 we can ping 10.2.1.254….
-On ASW1 VLAN10 is allowed in trunk & access command will is enabled on interface but DHCP IP address is not recd.
On R4 DHCP ip address is not allowed for network 10.2.1.0/24 which clearly shows the problem lies on R4 & the problem is of DHCP
QUESTION 2
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing schemes, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolate the cause of this fault and answer the following question.
On which device is the fault condition located? ========================================================================== =====
A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
H. ASW2
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
QUESTION 3
The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client
1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network
addressing, routing schemes, DHCP services, NTP services, layer 2 connectivity, FHRP services, and
device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241
address.

“Pass Any Exam. Any Time.” – www.actualtests.com 81 Cisco 642-832 Exam
Use the supported commands to isolate the cause of this fault and answer the following question.

The fault condition is related to which technology?

We provide Cisco 642-832 help and information on a wide range of issues.Cisco 642-832 is professional and confidential and your issues will be replied within 12 hous.Cisco 642-832 free to send us any questions and we always try our best to keeping our Customers Satisfied.

Cisco 642-832 Exam Demo, Help To Pass Cisco 642-832 Real Exam Will Be More Popular

The 100% valid latest Cisco 642-832 question answers ensure you 100% pass! And now we are offering the free Cisco 642-832 new version along with the VCE format Cisco 642-832 practice test. Free download more new Cisco 642-832 PDF and VCE on Flydumps.com.

Testlet 1

TSHOOT 642-832
TICKET NUMBER 1
CLICK NEXT FOR THE TOPOLOGY & SHOW RUNNING CONFIG
AGAIN CLICK NEXT FOR THE QUESTIONS WHERE YOU WE WILL ALSO GET TOVIEW TOPOLOGY & DEVICE CONFIG
AFTER ANSWERING THE FIRST TICKET CLICK ON ‘END’ FOR THE NEXT TICKET.
ASW1
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ASW1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
interface Port-channel13 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channel23 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto

!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
!
!
interface FastEthernet1/0/1switchport access vlan 10spanning-tree portfastswitchport port-security
!
!
interface FastEthernet1/0/2switchport access vlan 10spanning-tree portfast
!
interface FastEthernet1/0/19switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on
!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on
!
interface Vlan1 no ip address
!
interface Vlan200 ip address 192.168.1.131 255.255.255.224
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
mac-address-table static c20a.01a8.0000 interface FastEthernet1/9 vlan 200
!
!
!
control-plane
!
!
!
!
!
!
! !
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end

ASW2
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ASW2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
interface Port-channel14 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channe24 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface FastEthernet0/1no ip address
shutdown
duplex auto
speed auto

!
interface FastEthernet1/0/1switchport access vlan 20spanning-tree portfast
!
interface FastEthernet1/0/19switchport trunk native vlan 200switchport mode trunkchannel-group 24 mode on
!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 24 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on
!
interface Vlan1 no ip address
!
interface Vlan200 ip address 192.168.1.132 255.255.255.224
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
mac-address-table static c206.1200.0000 interface FastEthernet1/11 vlan 200
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
! end

DSW1
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname DSW1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
spanning-tree vlan 10 priority 4096
spanning-tree vlan 200 priority 4096
!
!
!
track 1 ip route 4.4.4.4 255.255.255.255 metric threshold
threshold metric up 1 down 2
!
track 10 ip route 4.4.4.4 255.255.255.255 metric threshold
threshold metric up 63 down 64
!
!
interface Port-channel13 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channel14 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0ip address 10.1.4.6 255.255.255.252duplex autospeed auto
!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
interface FastEthernet1/0
no switchport
no ip address
shutdown
duplex half

!
interface FastEthernet1/0/19switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on
!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on
!
interface FastEthernet1/13no switchportip address 10.2.4.13 255.255.255.252
! interface FastEthernet1/14! interface FastEthernet1/15! interface Vlan1
no ip address! interface Vlan10
ip address 10.2.1.1 255.255.255.0
ip helper-address 10.1.4.5
standby 10 ip 10.2.1.254
standby 10 priority 150
standby 10 preempt
standby 10 track 10 decrement 60

! interface Vlan20
ip address 10.2.2.2 255.255.255.0! interface Vlan200
ip address 192.168.1.129 255.255.255.224! router eigrp 10
network 10.1.4.4 0.0.0.3
network 10.2.1.0 0.0.0.255
network 10.2.2.0 0.0.0.255
network 10.2.4.12 0.0.0.3
network 192.168.1.128 0.0.0.31
no auto-summary

! ip forward-protocol nd! ! ip access-list standard 10permit 10.2.0.0 0.0.255.255! ! no ip http serverno ip http secure-server !
mac-address-table static c20c.01a8.0000 interface FastEthernet1/10 vlan 1
mac-address-table static c20c.01a8.0000 interface FastEthernet1/13 vlan 10
mac-address-table static c20c.01a8.0000 interface FastEthernet1/13 vlan 20
mac-address-table static c20c.01a8.0000 interface FastEthernet1/13 vlan 200
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end

DSW2
!
! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption! hostname DSW2 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! ! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3!
! ! spanning-tree vlan 20 priority 4096!
!
interface Port-channel23 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channel24 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface FastEthernet0/1ip address 10.1.4.10 255.255.255.252duplex autospeed auto
! interface FastEthernet1/0! interface FastEthernet1/0/19
switchport trunk native vlan 200
switchport mode trunk
channel-group 24 mode on

!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 24 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on
!
interface FastEthernet1/13no switchportip address 10.2.4.14 255.255.255.252
! interface FastEthernet1/14! interface FastEthernet1/15! interface Vlan1
no ip address! interface Vlan10
ip address 10.2.1.2 255.255.255.0
ip helper-address 10.1.4.9
standby 10 ip 10.2.1.254
standby 10 preempt

! interface Vlan20
ip address 10.2.2.1 255.255.255.0! interface Vlan200 ip address 192.168.1.130 255.255.255.224
!
router eigrp 10variance 2 network 10.1.4.8 0.0.0.3 network 10.2.1.0 0.0.0.255 network 10.2.2.0 0.0.0.255 network 10.2.4.12 0.0.0.3 network 192.168.1.128 0.0.0.31 no auto-summary
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end
R4
! ! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption! hostname R4 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! no ip dhcp use vrf connected ip dhcp excluded-address 10.2.1.254ip dhcp excluded-address 10.2.1.1 10.2.1.2! ip dhcp pool VL10
network 10.2.1.0 255.255.255.0
dns-server 209.65.200.241
default-router 10.2.1.254

! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3! ! ! interface Loopback4
ip address 4.4.4.4 255.255.255.255! interface FastEthernet0/0
ip address 10.1.4.5 255.255.255.252
duplex auto
speed auto

!
interface Serial0/0no ip addressencapsulation frame-relayclock rate 2000000
!
interface Serial0/0/0.34 point-to-pointip address 10.1.1.10 255.255.255.252frame-relay interface-dlci 403
!
interface FastEthernet0/1ip address 10.1.4.9 255.255.255.252duplex autospeed auto
!
router eigrp 10redistribute ospf 1 metric 10000 10 255 1 1500 route-map EIGRP_OSPFpassive-interface defaultno passive-interface FastEthernet0/0no passive-interface FastEthernet0/1network 10.1.4.4 0.0.0.3 network 10.1.4.8 0.0.0.3 no auto-summary
!
router ospf 1router-id 4.4.4.4 log-adjacency-changesarea 34 nssa redistribute eigrp 10 subnetsnetwork 4.4.4.4 0.0.0.0 area 34 network 10.1.1.8 0.0.0.3 area 34
! ip forward-protocol nd! ! no ip http serverno ip http secure-server! access-list 1 permit any! route-map EIGRP_OSPF permit 10
match ip address 1! !
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end
R3
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
ipv6 unicast routing
!
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
interface Loopback3ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface Serial0/0
no ip address
encapsulation frame-relay
clock rate 2000000

!
interface Serial0/0/0.23 point-to-pointip address 10.1.1.6 255.255.255.252ipv6 address 2026::1:2/122ipv6 ospf 6 area 0frame-relay interface-dlci 302
!
interface Serial0/0/0.34 point-to-pointip address 10.1.1.9 255.255.255.252frame-relay interface-dlci 304
!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
router ospf 1router-id 3.3.3.3 log-adjacency-changesarea 34 nssa no-summarynetwork 3.3.3.3 0.0.0.0 area 0 network 10.1.1.4 0.0.0.3 area 0 network 10.1.1.8 0.0.0.3 area 34
! ipv6 router ospf 6router-id 3.3.3.3
ip forward-protocol nd! ! no ip http serverno ip http secure-server! ! ! ! control-plane!
! ! line con 0
exec-timeout 0 0
privilege level 15
logging synchronous

line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4
login! ! end
R2
! ! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msec no service password-encryption! hostname R2 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! ! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3ipv6 unicast routing! ! interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto

!
interface Serial0/0no ip addressencapsulation frame-relayclock rate 2000000
!
interface Serial0/0/0.12 point-to-pointip address 10.1.1.2 255.255.255.252ip ospf authentication message-digestip ospf message-digest-key 1 md5 nassframe-relay interface-dlci 201
!
interface Serial0/0/0.23 point-to-pointip address 10.1.1.5 255.255.255.252ipv6 address 2026::1:1/122ipv6 ospf 6 area 0frame-relay interface-dlci 203
!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
router ospf 1router-id 2.2.2.2 log-adjacency-changesnetwork 2.2.2.2 0.0.0.0 area 0 network 10.1.1.0 0.0.0.3 area 12 network 10.1.1.4 0.0.0.3 area 0
! ipv6 router ospf 6router-id 2.2.2.2 ! ip forward-protocol nd! ! no ip http serverno ip http secure-server !
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end
R1
! ! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption! hostname R1 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! ! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3!
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface Serial0/0/0no ip address encapsulation frame-relay
clock rate 2000000 ! interface Serial0/0/0.12 point-to-point
ip address 10.1.1.1 255.255.255.252
ip nat inside
ip virtual-reassembly
ip ospf message-digest-key 1 md5 nass
frame-relay interface-dlci 102

!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
interface Serial0/0/0/1ip address 209.65.200.225 255.255.255.252ip access-group 30 inip nat outsideip virtual-reassemblyclock rate 2000000
!
router ospf 1router-id 1.1.1.1 log-adjacency-changesnetwork 10.1.1.0 0.0.0.3 area 12 default-information originate always
!
router bgp 65001no synchronizationbgp log-neighbor-changesnetwork 209.65.200.224 mask 255.255.255.252 neighbor 209.65.200.226 remote-as 65002no auto-summary
! ip forward-protocol nd! ! no ip http serverno ip http secure-serverip nat inside source list nat_pool interface Serial0/0/0/1 overload! ip access-list standard nat_pool
permit 10.1.0.0 0.0.255.255
permit 10.2.0.0 0.0.255.255! access-list 30 permit host 209.65.200.241access-list 30 deny 10.1.0.0 0.0.255.255 access-list 30 deny 10.2.0.0 0.0.255.255 access-list 30 permit 209.65.200.224 0.0.0.3! ! ! control-plane! ! ! ! ! ! ! ! ! ! line con 0
exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end

Layer2_3_Topology (exhibit): IPv6 Layer3 Topology (exhibit):

QUESTION 1
Clients are is unable to ping 209.65.200.241 webserver. Clientshave IP 10.2.1.5 & 10.2.1.6

Check the devices running config & answer the below questions -In which device the fault condition is located ?
The fault is related to which technology ?

What command needs to apply for solution ?
A. R1
B. R2
C. DSW1
D. Clients
E. NAT
F. OSPF
G. Static Routing
H. Switch to Switch Connectivity
I. ip nat outside must be added on S0/0/0/0.12
J. ip ospf authentication message-digest command has to be added on S0/0/0/0.12
K. ip ospf authentication message-digest command has to be added under the OSPF routing process
L. A static route to 10.1.1.4 must be added on R1
Correct Answer: AFJ
Section: [none]
Explanation

Explanation/Reference:
Use show run on R1 and R2:

Configuration on R1:

router ospf 1 log-adjacency-changes network 10.1.1.0 0.0.0.3 area 12 default-information originate always ! interface Serial0/0/0/0.12 point-to-point ip address 10.1.1.1 255.255.255.252 ip nat inside ip ospf message-digest-key 1 md5 TSHOOT

Configuration on R2:
router ospf 1 log-adjacency-changes network 10.1.1.0 0.0.0.3 area 12 ! interfaceSerial0/0/0/0.12 point-to-point ip address 10.1.1.2 255.255.255.252 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 TSHOOT
Testlet 2

TSHOOT 642-832
TICKET NUMBER 2
CLICK NEXT FOR THE TOPOLOGY & SHOW RUNNING CONFIG
AGAIN CLICK NEXT FOR THE QUESTIONS WHERE YOU WE WILL ALSO GET TOVIEW TOPOLOGY & DEVICE CONFIG

AFTER ANSWERING THE FIRST TICKET CLICK ON ‘END’ FOR THE NEXT TICKET.
ASW1
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ASW1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
interface Port-channel13 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channel23 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto

!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
!
!
interface FastEthernet1/0/1switchport access vlan 10spanning-tree portfastswitchport port-security
!
!
interface FastEthernet1/0/2switchport access vlan 10spanning-tree portfast
!
interface FastEthernet1/0/19switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on
!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on
!
interface Vlan1 no ip address
!
interface Vlan200 ip address 192.168.1.131 255.255.255.224
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
mac-address-table static c20a.01a8.0000 interface FastEthernet1/9 vlan 200
!
!
!
control-plane
!
!
!
!
!
!
! !
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end

ASW2
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ASW2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
interface Port-channel14 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channe24 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface FastEthernet0/1no ip address
shutdown
duplex auto
speed auto

!
interface FastEthernet1/0/1switchport access vlan 20spanning-tree portfast
!
interface FastEthernet1/0/19switchport trunk native vlan 200switchport mode trunkchannel-group 24 mode on
!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 24 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on
!
interface Vlan1 no ip address
!
interface Vlan200 ip address 192.168.1.132 255.255.255.224
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
mac-address-table static c206.1200.0000 interface FastEthernet1/11 vlan 200
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
! end

DSW1
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname DSW1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
spanning-tree vlan 10 priority 4096
spanning-tree vlan 200 priority 4096
!
!
!
track 1 ip route 4.4.4.4 255.255.255.255 metric threshold
threshold metric up 1 down 2
!
track 10 ip route 4.4.4.4 255.255.255.255 metric threshold
threshold metric up 63 down 64
!
!
interface Port-channel13 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channel14 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0ip address 10.1.4.6 255.255.255.252duplex autospeed auto
!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
interface FastEthernet1/0
no switchport
no ip address
shutdown
duplex half

!
interface FastEthernet1/0/19switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on
!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on
!
interface FastEthernet1/13no switchportip address 10.2.4.13 255.255.255.252
! interface FastEthernet1/14! interface FastEthernet1/15! interface Vlan1
no ip address! interface Vlan10
ip address 10.2.1.1 255.255.255.0
ip helper-address 10.1.4.5
standby 10 ip 10.2.1.254
standby 10 priority 150
standby 10 preempt
standby 10 track 1 decrement 60

! interface Vlan20
ip address 10.2.2.2 255.255.255.0! interface Vlan200
ip address 192.168.1.129 255.255.255.224! router eigrp 10
network 10.1.4.4 0.0.0.3
network 10.2.1.0 0.0.0.255
network 10.2.2.0 0.0.0.255
network 10.2.4.12 0.0.0.3
network 192.168.1.128 0.0.0.31
no auto-summary

! ip forward-protocol nd! ! ip access-list standard 10permit 10.2.0.0 0.0.255.255! ! no ip http serverno ip http secure-server !
mac-address-table static c20c.01a8.0000 interface FastEthernet1/10 vlan 1
mac-address-table static c20c.01a8.0000 interface FastEthernet1/13 vlan 10
mac-address-table static c20c.01a8.0000 interface FastEthernet1/13 vlan 20
mac-address-table static c20c.01a8.0000 interface FastEthernet1/13 vlan 200
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end

DSW2
!
! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption! hostname DSW2 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! ! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3!
! ! spanning-tree vlan 20 priority 4096!
!
interface Port-channel23 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channel24 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface FastEthernet0/1ip address 10.1.4.10 255.255.255.252duplex autospeed auto
! interface FastEthernet1/0! interface FastEthernet1/0/19
switchport trunk native vlan 200
switchport mode trunk
channel-group 24 mode on

!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 24 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on
!
interface FastEthernet1/13no switchportip address 10.2.4.14 255.255.255.252
! interface FastEthernet1/14! interface FastEthernet1/15! interface Vlan1
no ip address! interface Vlan10
ip address 10.2.1.2 255.255.255.0
ip helper-address 10.1.4.9
standby 10 ip 10.2.1.254
standby 10 preempt

! interface Vlan20
ip address 10.2.2.1 255.255.255.0! interface Vlan200 ip address 192.168.1.130 255.255.255.224
!
router eigrp 10variance 2 network 10.1.4.8 0.0.0.3 network 10.2.1.0 0.0.0.255 network 10.2.2.0 0.0.0.255 network 10.2.4.12 0.0.0.3 network 192.168.1.128 0.0.0.31 no auto-summary
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end
R4
! ! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption! hostname R4 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! no ip dhcp use vrf connected ip dhcp excluded-address 10.2.1.254ip dhcp excluded-address 10.2.1.1 10.2.1.2! ip dhcp pool VL10
network 10.2.1.0 255.255.255.0
dns-server 209.65.200.241
default-router 10.2.1.254

! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3! ! ! interface Loopback4
ip address 4.4.4.4 255.255.255.255! interface FastEthernet0/0
ip address 10.1.4.5 255.255.255.252
duplex auto
speed auto

!
interface Serial0/0no ip addressencapsulation frame-relayclock rate 2000000
!
interface Serial0/0/0.34 point-to-pointip address 10.1.1.10 255.255.255.252frame-relay interface-dlci 403
!
interface FastEthernet0/1ip address 10.1.4.9 255.255.255.252duplex autospeed auto
!
router eigrp 10redistribute ospf 1 metric 10000 10 255 1 1500 route-map EIGRP_OSPFpassive-interface defaultno passive-interface FastEthernet0/0no passive-interface FastEthernet0/1network 10.1.4.4 0.0.0.3 network 10.1.4.8 0.0.0.3 no auto-summary
!
router ospf 1router-id 4.4.4.4 log-adjacency-changesarea 34 nssa redistribute eigrp 10 subnetsnetwork 4.4.4.4 0.0.0.0 area 34 network 10.1.1.8 0.0.0.3 area 34
! ip forward-protocol nd! ! no ip http serverno ip http secure-server! access-list 1 permit any! route-map EIGRP_OSPF permit 10
match ip address 1! !
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end
R3
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
ipv6 unicast routing
!
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
interface Loopback3ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface Serial0/0
no ip address
encapsulation frame-relay
clock rate 2000000

!
interface Serial0/0/0.23 point-to-pointip address 10.1.1.6 255.255.255.252ipv6 address 2026::1:2/122ipv6 ospf 6 area 0frame-relay interface-dlci 302
!
interface Serial0/0/0.34 point-to-pointip address 10.1.1.9 255.255.255.252frame-relay interface-dlci 304
!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
router ospf 1router-id 3.3.3.3 log-adjacency-changesarea 34 nssa no-summarynetwork 3.3.3.3 0.0.0.0 area 0 network 10.1.1.4 0.0.0.3 area 0 network 10.1.1.8 0.0.0.3 area 34
! ipv6 router ospf 6router-id 3.3.3.3
ip forward-protocol nd! ! no ip http serverno ip http secure-server! ! ! ! control-plane!
! ! line con 0
exec-timeout 0 0
privilege level 15
logging synchronous

line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4
login! ! end
R2
! ! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msec no service password-encryption! hostname R2 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! ! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3ipv6 unicast routing! ! interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto

!
interface Serial0/0no ip addressencapsulation frame-relayclock rate 2000000
!
interface Serial0/0/0.12 point-to-pointip address 10.1.1.2 255.255.255.252ip ospf authentication message-digestip ospf message-digest-key 1 md5 nassframe-relay interface-dlci 201
!
interface Serial0/0/0.23 point-to-pointip address 10.1.1.5 255.255.255.252ipv6 address 2026::1:1/122ipv6 ospf 6 area 0frame-relay interface-dlci 203
!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
router ospf 1router-id 2.2.2.2 log-adjacency-changesnetwork 2.2.2.2 0.0.0.0 area 0 network 10.1.1.0 0.0.0.3 area 12 network 10.1.1.4 0.0.0.3 area 0
! ipv6 router ospf 6router-id 2.2.2.2 ! ip forward-protocol nd! ! no ip http serverno ip http secure-server !
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end
R1
! ! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption! hostname R1 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! ! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3!
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface Serial0/0/0no ip address encapsulation frame-relay
clock rate 2000000 ! interface Serial0/0/0.12 point-to-point
ip address 10.1.1.1 255.255.255.252
ip nat inside
ip virtual-reassembly
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 nass
frame-relay interface-dlci 102

!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
interface Serial0/0/0/1ip address 209.65.200.225 255.255.255.252ip access-group 30 inip nat outsideip virtual-reassemblyclock rate 2000000
!
router ospf 1router-id 1.1.1.1 log-adjacency-changesnetwork 10.1.1.0 0.0.0.3 area 12 default-information originate always
!
router bgp 65001no synchronizationbgp log-neighbor-changesnetwork 209.65.200.224 mask 255.255.255.252 neighbor 209.65.200.226 remote-as 65002no auto-summary
! ip forward-protocol nd! ! no ip http serverno ip http secure-serverip nat inside source list nat_pool interface Serial0/0/0/1 overload! ip access-list standard nat_pool
permit 10.1.0.0 0.0.255.255
permit 10.2.0.0 0.0.255.255! access-list 30 permit host 209.65.200.241access-list 30 deny 10.1.0.0 0.0.255.255 access-list 30 deny 10.2.0.0 0.0.255.255 access-list 30 permit 209.65.200.224 0.0.0.3! ! ! control-plane! ! ! ! ! ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end

Layer2_3_Topology (exhibit): IPv6 Layer3 Topology (exhibit):

QUESTION 1
HSRP has been configured between DSW1 and DSW2. DSW1 isconfigured to be active router but it never becomes active eventhough the HSRP communication between DSW1 and DSW2 is working
Check the devices running config & answer the below questions -In which device the fault condition is located ? The fault is related to which technology ?What command needs to apply for solution ?

A. R4
B. DSW1
C. DSW2
D. R3
E. GLBP
F. HSRP G. OSPF
H. Switch to Switch Connectivity
I. Change standby priority to 140
J. Change standby priority to 260
K. Change standby 10 track 1 decrement 60 to standby 10 track 10 decrement 60
L. Change standby 10 track 1 decrement 60 to standby 10 track 1 decrement 100
Correct Answer: BFK Section: [none] Explanation
Explanation/Reference: Troubleshoot:
Look for HSRP track
Configuration on DSW1
track 1 ip route 4.4.4.4 255.255.255.255 metric threshold threshold metric up 1 down 2 ! track 10 ip route 4.4.4.4 255.255.255.255 metric threshold threshold metric up 63 down 64 ! interface Vlan10 ip address 10.2.1.1 255.255.255.0 standby 10 ip 10.2.1.254 standby 10 priority 200 standby 10 preempt standby 10 track 1 decrement 60

Configuration on R4
interface loopback0 ip address 4.4.4.4 255.255.255.255
Testlet 3

TSHOOT 642-832
TICKET NUMBER 3
CLICK NEXT FOR THE TOPOLOGY & SHOW RUNNING CONFIG
AGAIN CLICK NEXT FOR THE QUESTIONS WHERE YOU WE WILL ALSO GET TOVIEW TOPOLOGY & DEVICE CONFIG

AFTER ANSWERING THE FIRST TICKET CLICK ON ‘END’ FOR THE NEXT TICKET.
ASW1
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ASW1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
interface Port-channel13 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channel23 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto

!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
!
!
interface FastEthernet1/0/1switchport access vlan 10spanning-tree portfastswitchport port-security
!
!
interface FastEthernet1/0/2switchport access vlan 10spanning-tree portfast
!
interface FastEthernet1/0/19switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on
!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on
!
interface Vlan1 no ip address
!
interface Vlan200 ip address 192.168.1.131 255.255.255.224
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
mac-address-table static c20a.01a8.0000 interface FastEthernet1/9 vlan 200
!
!
!
control-plane
!
!
!
!
!
!
! !
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end

ASW2
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ASW2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
interface Port-channel14 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channe24 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface FastEthernet0/1no ip address
shutdown
duplex auto
speed auto

!
interface FastEthernet1/0/1switchport access vlan 20spanning-tree portfast
!
interface FastEthernet1/0/19switchport trunk native vlan 200switchport mode trunkchannel-group 24 mode on
!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 24 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on
!
interface Vlan1 no ip address
!
interface Vlan200 ip address 192.168.1.132 255.255.255.224
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
mac-address-table static c206.1200.0000 interface FastEthernet1/11 vlan 200
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
! end

DSW1
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname DSW1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
spanning-tree vlan 10 priority 4096
spanning-tree vlan 200 priority 4096
!
!
!
track 1 ip route 4.4.4.4 255.255.255.255 metric threshold
threshold metric up 1 down 2
!
track 10 ip route 4.4.4.4 255.255.255.255 metric threshold
threshold metric up 63 down 64
!
!
interface Port-channel13 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channel14 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0ip address 10.1.4.6 255.255.255.252duplex autospeed auto
!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
interface FastEthernet1/0
no switchport
no ip address
shutdown
duplex half

!
interface FastEthernet1/0/19switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on
!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on
!
interface FastEthernet1/13no switchportip address 10.2.4.13 255.255.255.252
! interface FastEthernet1/14! interface FastEthernet1/15! interface Vlan1
no ip address! interface Vlan10
ip address 10.2.1.1 255.255.255.0
ip helper-address 10.1.4.5
standby 10 ip 10.2.1.254
standby 10 priority 150
standby 10 preempt
standby 10 track 10 decrement 60

! interface Vlan20
ip address 10.2.2.2 255.255.255.0! interface Vlan200
ip address 192.168.1.129 255.255.255.224! router eigrp 10
network 10.1.4.4 0.0.0.3
network 10.2.1.0 0.0.0.255
network 10.2.2.0 0.0.0.255
network 10.2.4.12 0.0.0.3
network 192.168.1.128 0.0.0.31
no auto-summary

! ip forward-protocol nd! ! ip access-list standard 10permit 10.2.0.0 0.0.255.255! ! no ip http serverno ip http secure-server !
mac-address-table static c20c.01a8.0000 interface FastEthernet1/10 vlan 1
mac-address-table static c20c.01a8.0000 interface FastEthernet1/13 vlan 10
mac-address-table static c20c.01a8.0000 interface FastEthernet1/13 vlan 20
mac-address-table static c20c.01a8.0000 interface FastEthernet1/13 vlan 200
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end

DSW2
!
! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption! hostname DSW2 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! ! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3!
! ! spanning-tree vlan 20 priority 4096!
!
interface Port-channel23 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channel24 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface FastEthernet0/1ip address 10.1.4.10 255.255.255.252duplex autospeed auto
! interface FastEthernet1/0! interface FastEthernet1/0/19
switchport trunk native vlan 200
switchport mode trunk
channel-group 24 mode on

!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 24 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on
!
interface FastEthernet1/13no switchportip address 10.2.4.14 255.255.255.252
! interface FastEthernet1/14! interface FastEthernet1/15! interface Vlan1
no ip address! interface Vlan10
ip address 10.2.1.2 255.255.255.0
ip helper-address 10.1.4.9
standby 10 ip 10.2.1.254
standby 10 preempt

! interface Vlan20
ip address 10.2.2.1 255.255.255.0! interface Vlan200 ip address 192.168.1.130 255.255.255.224
!
router eigrp 10variance 2 network 10.1.4.8 0.0.0.3 network 10.2.1.0 0.0.0.255 network 10.2.2.0 0.0.0.255 network 10.2.4.12 0.0.0.3 network 192.168.1.128 0.0.0.31 no auto-summary
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end
R4
! ! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption! hostname R4 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! no ip dhcp use vrf connected ip dhcp excluded-address 10.2.1.254ip dhcp excluded-address 10.2.1.1 10.2.1.2! ip dhcp pool VL10
network 10.2.1.0 255.255.255.0
dns-server 209.65.200.241
default-router 10.2.1.254

! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3! ! ! interface Loopback4
ip address 4.4.4.4 255.255.255.255! interface FastEthernet0/0
ip address 10.1.4.5 255.255.255.252
duplex auto
speed auto

!
interface Serial0/0no ip addressencapsulation frame-relayclock rate 2000000
!
interface Serial0/0/0.34 point-to-pointip address 10.1.1.10 255.255.255.252frame-relay interface-dlci 403
!
interface FastEthernet0/1ip address 10.1.4.9 255.255.255.252duplex autospeed auto
!
router eigrp 10redistribute ospf 1 metric 10000 10 255 1 1500 route-map EIGRP_OSPFpassive-interface defaultno passive-interface FastEthernet0/0no passive-interface FastEthernet0/1network 10.1.4.4 0.0.0.3 network 10.1.4.8 0.0.0.3 no auto-summary
!
router ospf 1router-id 4.4.4.4 log-adjacency-changesarea 34 nssa redistribute eigrp 10 subnetsnetwork 4.4.4.4 0.0.0.0 area 34 network 10.1.1.8 0.0.0.3 area 34
! ip forward-protocol nd! ! no ip http serverno ip http secure-server! access-list 1 permit any! route-map EIGRP_OSPF permit 10
match ip address 1! !
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end
R3
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
ipv6 unicast routing
!
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
interface Loopback3ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface Serial0/0
no ip address
encapsulation frame-relay
clock rate 2000000

!
interface Serial0/0/0.23 point-to-pointip address 10.1.1.6 255.255.255.252ipv6 address 2026::1:2/122ipv6 ospf 6 area 0frame-relay interface-dlci 302
!
interface Serial0/0/0.34 point-to-pointip address 10.1.1.9 255.255.255.252frame-relay interface-dlci 304
!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
router ospf 1router-id 3.3.3.3 log-adjacency-changesarea 34 nssa no-summarynetwork 3.3.3.3 0.0.0.0 area 0 network 10.1.1.4 0.0.0.3 area 0 network 10.1.1.8 0.0.0.3 area 34
! ipv6 router ospf 6router-id 3.3.3.3
ip forward-protocol nd! ! no ip http serverno ip http secure-server! ! ! ! control-plane!
! ! line con 0
exec-timeout 0 0
privilege level 15
logging synchronous

line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4
login! ! end
R2
! ! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msec no service password-encryption! hostname R2 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! ! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3ipv6 unicast routing! ! interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto

!
interface Serial0/0no ip addressencapsulation frame-relayclock rate 2000000
!
interface Serial0/0/0.12 point-to-pointip address 10.1.1.2 255.255.255.252ip ospf authentication message-digestip ospf message-digest-key 1 md5 nassframe-relay interface-dlci 201
!
interface Serial0/0/0.23 point-to-pointip address 10.1.1.5 255.255.255.252ipv6 address 2026::1:1/122ipv6 ospf 6 area 0frame-relay interface-dlci 203
!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
router ospf 1router-id 2.2.2.2 log-adjacency-changesnetwork 2.2.2.2 0.0.0.0 area 0 network 10.1.1.0 0.0.0.3 area 12 network 10.1.1.4 0.0.0.3 area 0
! ipv6 router ospf 6router-id 2.2.2.2 ! ip forward-protocol nd! ! no ip http serverno ip http secure-server !
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end
R1
! ! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption! hostname R1 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! ! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3!
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface Serial0/0/0no ip address encapsulation frame-relay
clock rate 2000000 ! interface Serial0/0/0.12 point-to-point
ip address 10.1.1.1 255.255.255.252
ip nat inside
ip virtual-reassembly
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 nass
frame-relay interface-dlci 102

!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
interface Serial0/0/0/1ip address 209.65.200.225 255.255.255.252ip access-group 30 inip nat outsideip virtual-reassemblyclock rate 2000000
!
router ospf 1router-id 1.1.1.1 log-adjacency-changesnetwork 10.1.1.0 0.0.0.3 area 12 default-information originate always
!
router bgp 65001no synchronizationbgp log-neighbor-changesnetwork 209.65.200.224 mask 255.255.255.252 neighbor 209.56.200.226 remote-as 65002no auto-summary
! ip forward-protocol nd! ! no ip http serverno ip http secure-serverip nat inside source list nat_pool interface Serial0/0/0/1 overload! ip access-list standard nat_pool
permit 10.1.0.0 0.0.255.255
permit 10.2.0.0 0.0.255.255! access-list 30 permit host 209.65.200.241access-list 30 deny 10.1.0.0 0.0.255.255 access-list 30 deny 10.2.0.0 0.0.255.255 access-list 30 permit 209.65.200.224 0.0.0.3! ! ! control-plane! ! ! ! ! ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end

Layer2_3_Topology (exhibit): IPv6 Layer3 Topology (exhibit):

QUESTION 1
Clients are is unable to ping 209.65.200.241 webserver. Clientshave IP 10.2.1.5 & 10.2.1.6

Check the devices running config & answer the below questions -In which device the fault condition is located ? The fault is related to which technology ?What command needs to apply for solution ?

A. R1
B. DSW1
C. R4
D. R2
E. EIGRP
F. HSRP
G. BGP
H. OSPF
I. Enable BGP synchronization
J. Change neighbor 209.56.200.226 remote-as 65002 statement to neighbor 209.56.200.226 remote-as 65001
K. Change neighbor 209.56.200.226 remote-as 65002 statement to neighbor 209.65.200.226 remote-as 65002
L. Change neighbor 209.56.200.226 remote-as 65002 statement to neighbor 209.65.200.226 remote-as 65001
Correct Answer: AGK Section: [none] Explanation
Explanation/Reference:
Expla Initial troubleshooting shows and R1 does not have any BGP routes. R1 also does not show any active BGP neighbor

Troubleshoot:
Check R1 neighbor show bgb summary, nothing is shown
Configuration on R1
router bgp 65001 no synchronization bgp log-neighbor-changes network 209.65.200.224 mask 255.255.255.252 neighbor 209.56.200.226 remote-as 65002 no auto-summary
Testlet 4

TSHOOT 642-832
TICKET NUMBER 4
CLICK NEXT FOR THE TOPOLOGY & SHOW RUNNING CONFIG
AGAIN CLICK NEXT FOR THE QUESTIONS WHERE YOU WE WILL ALSO GET TOVIEW TOPOLOGY & DEVICE CONFIG

AFTER ANSWERING THE FIRST TICKET CLICK ON ‘END’ FOR THE NEXT TICKET.
ASW1
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ASW1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
interface Port-channel13 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channel23 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto

!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
!
!
interface FastEthernet1/0/1switchport access vlan 10spanning-tree portfastswitchport port-security
!
!
interface FastEthernet1/0/2switchport access vlan 10spanning-tree portfast
!
interface FastEthernet1/0/19switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on
!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on
!
interface Vlan1 no ip address
!
interface Vlan200 ip address 192.168.1.131 255.255.255.224
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
mac-address-table static c20a.01a8.0000 interface FastEthernet1/9 vlan 200
!
!
!
control-plane
!
!
!
!
!
!
! !
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end

ASW2
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ASW2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
interface Port-channel14 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channe24 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface FastEthernet0/1no ip address
shutdown
duplex auto
speed auto

!
interface FastEthernet1/0/1switchport access vlan 20spanning-tree portfast
!
interface FastEthernet1/0/19switchport trunk native vlan 200switchport mode trunkchannel-group 24 mode on
!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 24 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on
!
interface Vlan1 no ip address
!
interface Vlan200 ip address 192.168.1.132 255.255.255.224
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
mac-address-table static c206.1200.0000 interface FastEthernet1/11 vlan 200
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
! end

DSW1
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname DSW1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
spanning-tree vlan 10 priority 4096
spanning-tree vlan 200 priority 4096
!
!
!
track 1 ip route 4.4.4.4 255.255.255.255 metric threshold
threshold metric up 1 down 2
!
track 10 ip route 4.4.4.4 255.255.255.255 metric threshold
threshold metric up 63 down 64
!
!
interface Port-channel13 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channel14 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0ip address 10.1.4.6 255.255.255.252duplex autospeed auto
!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
interface FastEthernet1/0
no switchport
no ip address
shutdown
duplex half

!
interface FastEthernet1/0/19switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on
!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on
!
interface FastEthernet1/13no switchportip address 10.2.4.13 255.255.255.252
! interface FastEthernet1/14! interface FastEthernet1/15! interface Vlan1
no ip address! interface Vlan10
ip address 10.2.1.1 255.255.255.0
ip helper-address 10.1.4.5
standby 10 ip 10.2.1.254
standby 10 priority 150
standby 10 preempt
standby 10 track 10 decrement 60

! interface Vlan20
ip address 10.2.2.2 255.255.255.0! interface Vlan200
ip address 192.168.1.129 255.255.255.224! router eigrp 10
network 10.1.4.4 0.0.0.3
network 10.2.1.0 0.0.0.255
network 10.2.2.0 0.0.0.255
network 10.2.4.12 0.0.0.3
network 192.168.1.128 0.0.0.31
no auto-summary

! ip forward-protocol nd! ! ip access-list standard 10permit 10.2.0.0 0.0.255.255! ! no ip http serverno ip http secure-server !
mac-address-table static c20c.01a8.0000 interface FastEthernet1/10 vlan 1
mac-address-table static c20c.01a8.0000 interface FastEthernet1/13 vlan 10
mac-address-table static c20c.01a8.0000 interface FastEthernet1/13 vlan 20
mac-address-table static c20c.01a8.0000 interface FastEthernet1/13 vlan 200
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end

DSW2
!
! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption! hostname DSW2 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! ! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3!
! ! spanning-tree vlan 20 priority 4096!
!
interface Port-channel23 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channel24 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface FastEthernet0/1ip address 10.1.4.10 255.255.255.252duplex autospeed auto
! interface FastEthernet1/0! interface FastEthernet1/0/19
switchport trunk native vlan 200
switchport mode trunk
channel-group 24 mode on

!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 24 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on
!
interface FastEthernet1/13no switchportip address 10.2.4.14 255.255.255.252
! interface FastEthernet1/14! interface FastEthernet1/15! interface Vlan1
no ip address! interface Vlan10
ip address 10.2.1.2 255.255.255.0
ip helper-address 10.1.4.9
standby 10 ip 10.2.1.254
standby 10 preempt

! interface Vlan20
ip address 10.2.2.1 255.255.255.0! interface Vlan200 ip address 192.168.1.130 255.255.255.224
!
router eigrp 10variance 2 network 10.1.4.8 0.0.0.3 network 10.2.1.0 0.0.0.255 network 10.2.2.0 0.0.0.255 network 10.2.4.12 0.0.0.3 network 192.168.1.128 0.0.0.31 no auto-summary
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end
R4
! ! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption! hostname R4 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! no ip dhcp use vrf connected ip dhcp excluded-address 10.2.1.254ip dhcp excluded-address 10.2.1.1 10.2.1.2! ip dhcp pool VL10
network 10.2.1.0 255.255.255.0
dns-server 209.65.200.241
default-router 10.2.1.254

! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3! ! ! interface Loopback4
ip address 4.4.4.4 255.255.255.255! interface FastEthernet0/0
ip address 10.1.4.5 255.255.255.252
duplex auto
speed auto

!
interface Serial0/0no ip addressencapsulation frame-relayclock rate 2000000
!
interface Serial0/0/0.34 point-to-pointip address 10.1.1.10 255.255.255.252frame-relay interface-dlci 403
!
interface FastEthernet0/1ip address 10.1.4.9 255.255.255.252duplex autospeed auto
!
router eigrp 10redistribute ospf 1 metric 10000 10 255 1 1500 route-map EIGRP_OSPFpassive-interface defaultno passive-interface FastEthernet0/0no passive-interface FastEthernet0/1network 10.1.4.4 0.0.0.3 network 10.1.4.8 0.0.0.3 no auto-summary
!
router ospf 1router-id 4.4.4.4 log-adjacency-changesarea 34 nssa redistribute eigrp 10 subnetsnetwork 4.4.4.4 0.0.0.0 area 34 network 10.1.1.8 0.0.0.3 area 34
! ip forward-protocol nd! ! no ip http serverno ip http secure-server! access-list 1 permit any! route-map EIGRP_OSPF permit 10
match ip address 1! !
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end
R3
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
ipv6 unicast routing
!
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
interface Loopback3ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface Serial0/0
no ip address
encapsulation frame-relay
clock rate 2000000

!
interface Serial0/0/0.23 point-to-pointip address 10.1.1.6 255.255.255.252ipv6 address 2026::1:2/122ipv6 ospf 6 area 0frame-relay interface-dlci 302
!
interface Serial0/0/0.34 point-to-pointip address 10.1.1.9 255.255.255.252frame-relay interface-dlci 304
!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
router ospf 1router-id 3.3.3.3 log-adjacency-changesarea 34 nssa no-summarynetwork 3.3.3.3 0.0.0.0 area 0 network 10.1.1.4 0.0.0.3 area 0 network 10.1.1.8 0.0.0.3 area 34
! ipv6 router ospf 6router-id 3.3.3.3
ip forward-protocol nd! ! no ip http serverno ip http secure-server! ! ! ! control-plane!
! ! line con 0
exec-timeout 0 0
privilege level 15
logging synchronous

line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4
login! ! end
R2
! ! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msec no service password-encryption! hostname R2 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! ! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3ipv6 unicast routing! ! interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto

!
interface Serial0/0no ip addressencapsulation frame-relayclock rate 2000000
!
interface Serial0/0/0.12 point-to-pointip address 10.1.1.2 255.255.255.252ip ospf authentication message-digestip ospf message-digest-key 1 md5 nassframe-relay interface-dlci 201
!
interface Serial0/0/0.23 point-to-pointip address 10.1.1.5 255.255.255.252ipv6 address 2026::1:1/122ipv6 ospf 6 area 0frame-relay interface-dlci 203
!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
router ospf 1router-id 2.2.2.2 log-adjacency-changesnetwork 2.2.2.2 0.0.0.0 area 0 network 10.1.1.0 0.0.0.3 area 12 network 10.1.1.4 0.0.0.3 area 0
! ipv6 router ospf 6router-id 2.2.2.2 ! ip forward-protocol nd! ! no ip http serverno ip http secure-server !
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end
R1
! ! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption! hostname R1 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! ! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3!
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface Serial0/0/0no ip address encapsulation frame-relay
clock rate 2000000 ! interface Serial0/0/0.12 point-to-point
ip address 10.1.1.1 255.255.255.252
ip nat inside
ip virtual-reassembly
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 nass
frame-relay interface-dlci 102

!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
interface Serial0/0/0/1ip address 209.65.200.225 255.255.255.252ip access-group 30 inip nat outsideip virtual-reassemblyclock rate 2000000
!
router ospf 1router-id 1.1.1.1 log-adjacency-changesnetwork 10.1.1.0 0.0.0.3 area 12 default-information originate always
!
router bgp 65001no synchronizationbgp log-neighbor-changesnetwork 209.65.200.224 mask 255.255.255.252 neighbor 209.65.200.226 remote-as 65002no auto-summary
! ip forward-protocol nd! ! no ip http serverno ip http secure-serverip nat inside source list nat_pool interface Serial0/0/0/1 overload! ip access-list standard nat_pool
permit 10.1.0.0 0.0.255.255! access-list 30 permit host 209.65.200.241access-list 30 deny 10.1.0.0 0.0.255.255 access-list 30 deny 10.2.0.0 0.0.255.255 access-list 30 permit 209.65.200.224 0.0.0.3! ! ! control-plane! ! ! ! ! ! ! ! ! ! line con 0
exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end

Layer2_3_Topology (exhibit): IPv6 Layer3 Topology (exhibit):

QUESTION 1
Client 1 and Client 2 are not able to reach the WebServer at 209.65.200.241. Initial troubleshooting shows that DSW1, DSW2 and all the routers are able toreach the WebServer

A. R4
B. DSW1
C. DSW2
D. R1
E. BGP
F. HSRP
G. NAT
H. ACCESS LIST
I. Add permit 10.2.0.0 statement in nat_pool access-list
J. Remove permit 10.1.0.0 statement from nat_pool access-list
K. Change ip nat inside source list nat_pool interface Serial0/0/0/1 overload to ip nat inside source list nat_pool interface Serial0/0/0/0.12 overload
L. Change ip nat outside statement under Serial0/0/0/1 configuration to ip nat inside
Correct Answer: DGI Section: [none] Explanation
Explanation/Reference: Troubleshoot:
Client hast 10.2.X.X Router 10.1.X.X

Configuration on R1
ip nat inside source list nat_pool interface Serial0/0/0/1 overload ! ip access-list standard nat_pool
permit 10.1.0.0
ACCESS-LIST NOT ALLOWING 10.2.X.X
Testlet 5

TSHOOT 642-832
TICKET NUMBER 5
CLICK NEXT FOR THE TOPOLOGY & SHOW RUNNING CONFIG
AGAIN CLICK NEXT FOR THE QUESTIONS WHERE YOU WE WILL ALSO GET TOVIEW TOPOLOGY & DEVICE CONFIG

AFTER ANSWERING THE FIRST TICKET CLICK ON ‘END’ FOR THE NEXT TICKET.
ASW1
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ASW1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
interface Port-channel13 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channel23 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto

!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
!
!
interface FastEthernet1/0/1switchport access vlan 10spanning-tree portfastswitchport port-security
!
!
interface FastEthernet1/0/2switchport access vlan 10spanning-tree portfast
!
interface FastEthernet1/0/19switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on
!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on
!
interface Vlan1 no ip address
!
interface Vlan200 ip address 192.168.1.131 255.255.255.224
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
mac-address-table static c20a.01a8.0000 interface FastEthernet1/9 vlan 200
!
!
!
control-plane
!
!
!
!
!
!
! !
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end

ASW2
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ASW2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
interface Port-channel14 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channe24 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface FastEthernet0/1no ip address
shutdown
duplex auto
speed auto

!
interface FastEthernet1/0/1switchport access vlan 20spanning-tree portfast
!
interface FastEthernet1/0/19switchport trunk native vlan 200switchport mode trunkchannel-group 24 mode on
!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 24 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on
!
interface Vlan1 no ip address
!
interface Vlan200 ip address 192.168.1.132 255.255.255.224
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
mac-address-table static c206.1200.0000 interface FastEthernet1/11 vlan 200
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
! end

DSW1
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname DSW1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
spanning-tree vlan 10 priority 4096
spanning-tree vlan 200 priority 4096
!
!
!
track 1 ip route 4.4.4.4 255.255.255.255 metric threshold
threshold metric up 1 down 2
!
track 10 ip route 4.4.4.4 255.255.255.255 metric threshold
threshold metric up 63 down 64
!
!
interface Port-channel13 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channel14 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0ip address 10.1.4.6 255.255.255.252duplex autospeed auto
!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
interface FastEthernet1/0
no switchport
no ip address
shutdown
duplex half

!
interface FastEthernet1/0/19switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on
!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 13 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 14 mode on
!
interface FastEthernet1/13no switchportip address 10.2.4.13 255.255.255.252
! interface FastEthernet1/14! interface FastEthernet1/15! interface Vlan1
no ip address! interface Vlan10
ip address 10.2.1.1 255.255.255.0
ip helper-address 10.1.4.5
standby 10 ip 10.2.1.254
standby 10 priority 150
standby 10 preempt
standby 10 track 10 decrement 60

! interface Vlan20
ip address 10.2.2.2 255.255.255.0! interface Vlan200
ip address 192.168.1.129 255.255.255.224! router eigrp 10
network 10.1.4.4 0.0.0.3
network 10.2.1.0 0.0.0.255
network 10.2.2.0 0.0.0.255
network 10.2.4.12 0.0.0.3
network 192.168.1.128 0.0.0.31
no auto-summary

! ip forward-protocol nd! ! ip access-list standard 10permit 10.2.0.0 0.0.255.255! ! no ip http serverno ip http secure-server !
mac-address-table static c20c.01a8.0000 interface FastEthernet1/10 vlan 1
mac-address-table static c20c.01a8.0000 interface FastEthernet1/13 vlan 10
mac-address-table static c20c.01a8.0000 interface FastEthernet1/13 vlan 20
mac-address-table static c20c.01a8.0000 interface FastEthernet1/13 vlan 200
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end

DSW2
!
! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption! hostname DSW2 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! ! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3!
! ! spanning-tree vlan 20 priority 4096!
!
interface Port-channel23 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface Port-channel24 switchport trunk native vlan 200switchport mode trunkswitchport trunk allowed vlan 1-9,10-20,200
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface FastEthernet0/1ip address 10.1.4.10 255.255.255.252duplex autospeed auto
! interface FastEthernet1/0! interface FastEthernet1/0/19
switchport trunk native vlan 200
switchport mode trunk
channel-group 24 mode on

!
interface FastEthernet1/0/20switchport trunk native vlan 200switchport mode trunkchannel-group 24 mode on! interface FastEthernet1/0/21switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on! interface FastEthernet1/0/22switchport trunk native vlan 200switchport mode trunkchannel-group 23 mode on
!
interface FastEthernet1/13no switchportip address 10.2.4.14 255.255.255.252
! interface FastEthernet1/14! interface FastEthernet1/15! interface Vlan1
no ip address! interface Vlan10
ip address 10.2.1.2 255.255.255.0
ip helper-address 10.1.4.9
standby 10 ip 10.2.1.254
standby 10 preempt

! interface Vlan20
ip address 10.2.2.1 255.255.255.0! interface Vlan200 ip address 192.168.1.130 255.255.255.224
!
router eigrp 10variance 2 network 10.1.4.8 0.0.0.3 network 10.2.1.0 0.0.0.255 network 10.2.2.0 0.0.0.255 network 10.2.4.12 0.0.0.3 network 192.168.1.128 0.0.0.31 no auto-summary
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end
R4
! ! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption! hostname R4 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! no ip dhcp use vrf connected ip dhcp excluded-address 10.2.1.254ip dhcp excluded-address 10.2.1.1 10.2.1.2! ip dhcp pool VL10
network 10.2.1.0 255.255.255.0
dns-server 209.65.200.241
default-router 10.2.1.254

! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3! ! ! interface Loopback4
ip address 4.4.4.4 255.255.255.255! interface FastEthernet0/0
ip address 10.1.4.5 255.255.255.252
duplex auto
speed auto

!
interface Serial0/0no ip addressencapsulation frame-relayclock rate 2000000
!
interface Serial0/0/0.34 point-to-pointip address 10.1.1.10 255.255.255.252frame-relay interface-dlci 403
!
interface FastEthernet0/1ip address 10.1.4.9 255.255.255.252duplex autospeed auto
!
router eigrp 10redistribute ospf 1 metric 10000 10 255 1 1500 route-map EIGRP_OSPFpassive-interface defaultno passive-interface FastEthernet0/0no passive-interface FastEthernet0/1network 10.1.4.4 0.0.0.3 network 10.1.4.8 0.0.0.3 no auto-summary
!
router ospf 1router-id 4.4.4.4 log-adjacency-changesarea 34 nssa redistribute eigrp 10 subnetsnetwork 4.4.4.4 0.0.0.0 area 34 network 10.1.1.8 0.0.0.3 area 34
! ip forward-protocol nd! ! no ip http serverno ip http secure-server! access-list 1 permit any! route-map EIGRP_OSPF permit 10
match ip address 1! !
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end
R3
!
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
ipv6 unicast routing
!
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
interface Loopback3ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface Serial0/0
no ip address
encapsulation frame-relay
clock rate 2000000

!
interface Serial0/0/0.23 point-to-pointip address 10.1.1.6 255.255.255.252ipv6 address 2026::1:2/122ipv6 ospf 6 area 0frame-relay interface-dlci 302
!
interface Serial0/0/0.34 point-to-pointip address 10.1.1.9 255.255.255.252frame-relay interface-dlci 304
!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
router ospf 1router-id 3.3.3.3 log-adjacency-changesarea 34 nssa no-summarynetwork 3.3.3.3 0.0.0.0 area 0 network 10.1.1.4 0.0.0.3 area 0 network 10.1.1.8 0.0.0.3 area 34
! ipv6 router ospf 6router-id 3.3.3.3
ip forward-protocol nd! ! no ip http serverno ip http secure-server! ! ! ! control-plane!
! ! line con 0
exec-timeout 0 0
privilege level 15
logging synchronous

line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4
login! ! end
R2
! ! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msec no service password-encryption! hostname R2 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! ! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3ipv6 unicast routing! ! interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto

!
interface Serial0/0no ip addressencapsulation frame-relayclock rate 2000000
!
interface Serial0/0/0.12 point-to-pointip address 10.1.1.2 255.255.255.252ip ospf authentication message-digestip ospf message-digest-key 1 md5 nassframe-relay interface-dlci 201
!
interface Serial0/0/0.23 point-to-pointip address 10.1.1.5 255.255.255.252ipv6 address 2026::1:1/122ipv6 ospf 6 area 0frame-relay interface-dlci 203
!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
router ospf 1router-id 2.2.2.2 log-adjacency-changesnetwork 2.2.2.2 0.0.0.0 area 0 network 10.1.1.0 0.0.0.3 area 12 network 10.1.1.4 0.0.0.3 area 0
! ipv6 router ospf 6router-id 2.2.2.2 ! ip forward-protocol nd! ! no ip http serverno ip http secure-server !
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0 exec-timeout 0 0 privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end
R1
! ! version 12.4 service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption! hostname R1 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5ip cef! ! ! ! no ip domain lookupip domain name lab.localip auth-proxy max-nodata-conns 3ip admission max-nodata-conns 3!
!
interface FastEthernet0/0no ip addressshutdown duplex autospeed auto
!
interface Serial0/0/0no ip address encapsulation frame-relay
clock rate 2000000 ! interface Serial0/0/0.12 point-to-point
ip address 10.1.1.1 255.255.255.252ip nat insideip virtual-reassemblyip ospf authentication message-digestip ospf message-digest-key 1 md5 nassframe-relay interface-dlci 102!
interface FastEthernet0/1no ip addressshutdown duplex autospeed auto
!
interface Serial0/0/0/1ip address 209.65.200.225 255.255.255.252ip access-group 30 inip nat outsideip virtual-reassemblyclock rate 2000000
!
router ospf 1router-id 1.1.1.1 log-adjacency-changesnetwork 10.1.1.0 0.0.0.3 area 12 default-information originate always
!
router bgp 65001no synchronizationbgp log-neighbor-changesnetwork 209.65.200.224 mask 255.255.255.252 neighbor 209.65.200.226 remote-as 65002no auto-summary
! ip forward-protocol nd! ! no ip http serverno ip http secure-serverip nat inside source list nat_pool interface Serial0/0/0/1 overload! ip access-list standard nat_pool
permit 10.1.0.0 0.0.255.255
permit 10.2.0.0 0.0.255.255! access-list 30 permit host 209.65.200.241
access-list 30 denyaccess-list 30 deny! 10.1.0.0 0.0.255.255 10.2.0.0 0.0.255.255
!
!
control-plane!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0

privilege level 15logging synchronous
line aux 0 exec-timeout 0 0 privilege level 15logging synchronous
line vty 0 4login
!
!
end

Layer2_3_Topology (exhibit): IPv6 Layer3 Topology (exhibit):
Preparing Cisco 642-832 exam is not difficult now.You can prepare from Cisco 642-832 Certification or Cisco 642-832 dumps.Here we have mentioned some sample questions.You can use our Cisco 642-832 study material notes for test preparation.Latest Cisco 642-832 study material available.

Cisco 642-832 certifications Dump, Free Download Real Cisco 642-832 Exam With New Discount

ATTENTION: Get your Cisco 642-832 certification easily with,Flydumps latest Cisco 642-832 exam dumps. All the up-to-date questions and answers were added to the new version. Go to the site Flydumps.com to get more Cisco 642-832 exam
information.

Exam A
QUESTION 1
Which two statements about the Cisco Aironet Desktop Utility (ADU) are true? (Select two)
A. The Aironet Desktop Utility (ADU) profile manager feature can create and manage only one profile for the wireless client adapter.
B. The Aironet Desktop Utility (ADU) can support only one wireless client adapter installed and used at a time.
C. The Aironet Desktop Utility (ADU) can be used to establish the association between the client adapter and the access point, manage authentication to the wireless network, and enable encryption.
D. The Aironet Desktop Utility (ADU) and the Microsoft Wireless Configuration Manager can be used at the same time to configure the wireless client adapter.

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 2
At which layer of the OSI model does the Spanning Tree Protocol (STP) operate at?
A. Layer 5
B. Layer 4
C. Layer 3
D. Layer 2
E. Layer 1

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 3
In computer networking a multicast address is an identifier for a group of hosts that have joined a multicast group. Multicast addressing can be used in the Link Layer (OSI Layer 2), such as Ethernet Multicast, as well as at the Internet Layer (OSI Layer 3) as IPv4 or IPv6 Multicast. Which two descriptions are correct regarding multicast addressing?
A. The first 23 bits of the multicast MAC address are 0x01-00-5E. This is a reserved value that indicates a multicast application.
B. The last 3 bytes (24 bits) of the multicast MAC address are 0x01-00-5E. This is a reserved value that indicates a multicast application.
C. To calculate the Layer 2 multicast address, the host maps the last 23 bits of the IP address into the last 24 bits of the MAC address. The high-order bit is set to 0.
D. The first 3 bytes (24 bits) of the multicast MAC address are 0x01-00-5E. This is a reserved value that indicates a multicast application.

Correct Answer: CD Section: (none) Explanation
Explanation/Reference: QUESTION 4

EIGRP is being used as the routing protocol on the PassGuide network. While troubleshooting some network connectivity issues, you notice a large number of EIGRP SIA (Stuck in Active) messages. What causes these SIA routes? (Select two)
A. The neighboring router stops receiving ACK packets from this router.
B. The neighboring router starts receiving route updates from this router.
C. The neighboring router is too busy to answer the query (generally caused by high CPU utilization).
D. The neighboring router is having memory problems and cannot allocate the memory to process the query or build the reply packet.

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 5

From analyzing the above command output, what is the administrative distance of the external EIGRP routes?
A. 24
B. 32
C. 90
D. 170
E. 27316
F. None of the other alternatives apply

Correct Answer: D Section: (none) Explanation
Explanation/Reference: QUESTION 6
While troubleshooting some connectivity issues, you issue the 搒how ip ospf database?in order to examine the link state database. Which three of the statements below are true regarding the OSPF link state database? (Select three)
A. Each router has an identical link state database.
B. External routes are imported into a separate link state database.
C. Synchronization of link state databases is maintained via flooding of LSAs.
D. Information in the link state database is used to build a routing table by calculating a shortest-path tree.
E. By default, link state databases are refreshed every 10 minutes in the absence of topology changes.

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
QUESTION 7
Which command should you use to verify what networks are being routed by a given OSPF process?
A. show ip ospf
B. show ip route
C. show ip protocol
D. show ip ospf database
E. None of the other alternatives apply

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 8
You have a multi-area OSPF network and you’re concerned because one of the sites is having connectivity problem to resources in a different area. Which IOS privileged mode command would you enter to confirm that your network: A) has a path to its ABR, B) has a path to its ASBR, and C) the SPF calculation is functional?
A. show ip protocols
B. show running-config
C. show ip ospf neighbor
D. show ip ospf border-routers

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 9
An OSPF link can be in multiple states at any given moment (ie. Exstart, exchange, full). Which two IOS commands let you view the state of the link? (Select two)
A. show ip ospf
B. show ip protocols
C. show ip ospf neighbor
D. show ip ospf interface

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 10
Which command would display OSPF parameters such as filters, default metric, maximum paths, and number of areas configured on a router?
A. show ip protocol
B. show ip route
C. show ip ospf interface
D. show ip ospf
E. show ip interface
F. None of the other alternatives apply

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 11
Which IOS command would you use to find out which networks are routed by a particular OSPF process?
A. show ospf
B. show ip route
C. show ip protocols
D. show ip ospf database
E. None of the other alternatives apply

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 12
A problem was reported that the 10.10.10.0/24 prefix was not injected into the local BGP table on a PassGuide router named PG1. The following information is available from this router: PG1 Configuration: router bgp 65001 network 10.0.0.0 neighbor 172.16.1.1 remote-as 65002 no auto-summary Routing table information: show ip route | include 10 O 10.10.10.0/24 [110/11] via 192.168.1.1, 2d00h, Ethernet0/0 Why is this prefix not in the local BGP table of the PG1?
A. The 172.16.1.1 neighbor is down.
B. The prefix 10.10.10.0/24 is not a ‘connected’ route.
C. This route is not a BGP learned route.
D. The network command is wrong.
E. None of the other alternatives apply

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 13
Which IOS command would you enter if you wanted to view a list of IBGP and EBGP neighbor relationships that are configured?
A. show ip bgp
B. show ip bgp paths
C. show ip bgp peers
D. show ip bgp summary
E. show ip bgp protocols

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 14
PassGuide has a BGP network and a BGP route of 197.22.129.0/24 that should be propagated to all of the devices. The route is currently not in any of the routing tables. The PassGuide administrator determines that an access list is the cause of the problem. The administrator changes the access list to allow this route, but the route still does not appear in any of the routing tables. What should be done to propagate this route?
A. Use the service-policy command to adjust the QOS policy to allow the route to propagate.
B. Clear the BGP session.
C. Use the release BGP routing command.
D. Change both the inbound and outbound policy related to this route.
E. None of the other alternatives apply

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 15
The PassGuide network consists of a series of routers that are all configured for IBGP. Which one of the following IBGP characteristics is true?
A. The IBGP routers must always be fully meshed.
B. The IBGP routers can be in a different AS.
C. The IBGP routers must be directly connected.
D. The IBGP routers do not need to be directly connected.
E. None of the other alternatives apply are true.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 16
A BGP router is configured as shown below: interface ethernet 0 ip address 10.10.10.1 255.255.0.0 ! int serial 0 ip address 172.16.1.1 255.255.255.252 ! router bgp 65001 neighbor 192.168.1.1 remote-as 65002 Based on the above configuration, which of the following BGP statements would inject the 10.10.0.0/16 prefix into the BGP routing table?
A. network 10.0.0.0
B. network 10.10.0.0 mask 255.255.0.0
C. network 10.10.10.1 mask 255.255.255.255
D. network 10.10.10.0 mask 255.255.255.0
E. network 10.0.0.0 mask 255.255.0.0

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 17
Router PG-1 is configured for BGP routing as shown below: router bgp 65300 network 27.0.0.0 neighbor 192.23.1.1 remote-as 65300 From the perspective of router PG-1, what kind of router is the router with IP address 192.23.1.1?
A. A peer router running IBGP
B. A peer router running EBGP
C. A community member running IBGP
D. A peer group member running IBGP
E. A peer group member running EBGP

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 18
Which three of the following network features are methods used to achieve high availability? (Select all that apply.)
A. Spanning Tree Protocol (STP)
B. Delay reduction
C. Hot Standby Routing Protocol (HSRP)
D. Dynamic routing protocols
E. Quality of Service (QoS)
F. Jitter management

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
QUESTION 19
Which of the following characteristics describe the BPDU Guard feature? (Choose all that apply.)
A. A BPDU Guard port should only be configured on ports with PortFast enabled.
B. BPDU Guard and PortFast should not be enabled on the same port.
C. BPDU Guard is used to ensure that superior BPDUs are not received on a switch port.
D. A BPDU Guard port receiving a BPDU will go into err-disable state.
E. A BPDU Guard port receiving a BPDU will be disabled.
F. BPDU Guard can be enabled on any switch port.

Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 20
Which of the following are valid modes of accessing the data plane? (Choose all that apply.)
A. Serial connection
B. Secure Shell
C. RADIUS
D. Simple Network Management Protocol
E. HTTP
F. Telnet

Correct Answer: ABDEF Section: (none) Explanation
Explanation/Reference:
QUESTION 21
Which of the following is not an essential prerequisite for AutoQoS to be correctly applied to an interface? (Choose all that apply.)
A. The interface must be configured as a Multilink PPP interface.
B. The correct bandwidth should be configured on the interface.
C. A QoS policy must not be currently attached to the interface.
D. CEF must be enabled.
E. AutoQoS must be enabled globally before it can be enabled on the interface.
F. An IP address must be configured on the interface if its speed is equal to or less than 768 kbps.

Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 22
Which of the following topology situations would be a qood candidate for configuring DMVPN?
A. Extranet VPN
B. Managed overlay VPN topology
C. Hub-and-spoke VPN topology
D. Central-site VPN topology
E. Full mesh VPN topology
F. Remote-access VPN topology

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 23
Which of the following is not considered a common approach to narrow the field of potential problem causes? (Choose the best answer.)
A. Following the traffic path
B. Top-down
C. Comparing configurations
D. Bottom-up
E. Divide and conquer
F. Examine SLAs

Correct Answer: F Section: (none) Explanation
Explanation/Reference:

QUESTION 24
Which of the following best describes the following command: ip flow-export destination
192.168.1.50 1500?
A. it is not a valid NetFlow command.
B. it is an SNMP command that exports 1500-byte packets to IP address 192.168.1.50.
C. it is a NetFlov/ command that v/ill export 1500-byte packets to IP address 192.168.1.50.
D. it is a NetFlov/ command that allows IP address 192.168.1.50 to send traffic to port 1500.
E. It is a NetFlov/ command that v/ill specify that the NetFlov/ collector’s IP address is
192.168.1.50 over UDP port 1500.
F. It is an SNMP command that exports flows to destination address 1Q2.168.1.50 for packets up to an MTU of 1500.

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 25
Which of the following are valid methods of providing a router with information concerning the location of the RP? (Choose all that apply.)
A. Statically defined RP
B. Bootstrap Router
C. Auto-RP
D. RP Discovery Protocol (RDP)
E. RP Helios
F. RPARP(RARP)

Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 26
Which of the following are shared distribution tree characteristics? (Choose all that apply.)
A. Memory requirements are higher for shared distribution tree than for source distribution tree.
B. Creates a tree from a central RP to all last-hop routers.
C. Uses a rendezvous point.
D. An optimal path is created between each source router and each last-hop router.
E. Place (S,G) entry in each router’s multicast routing table.
F. Place (*,G) entry in a router’s multicast routing to table.

Correct Answer: BCF Section: (none) Explanation
Explanation/Reference:
QUESTION 27
Given the multicast IP address of 224.193.5.10, what would the corresponding multicast MAC address be?
A. 00-00-0c-c0-05-0a
B. 00-00-0c-cl-05-0a
C. 01-00-5e-00-00-0c
D. 01-00-5e-41-05-0a
E. 00-00-0c-01-00-5e
F. 01-00-5e-cl-05-0a
Correct Answer: D Section: (none) Explanation

Explanation/Reference:
QUESTION 28
Which of the following is an accurate description of the command copy startup-config ftp://kevin:[email protected]?
A. The configuration on the FTP server is copied to RAM.
B. The command is not valid on a Cisco router.
C. The configuration file in RAM is copied to an FTP server.
D. The configuration file in NVRAM is copied to an FTP server.
E. The configuration on the FTP server is copied to NVRAM.
F. The configuration will be copied from NVRAM to an FTP server with a filename of Kevin.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 29
Which of the following commands can be used to gather information about the AS-PATH of a BGP route? (Choose all that apply.)
A. show ip bgp neighbors
B. debug ip bgp updates
C. show ip route bgp
D. show ip bgp
E. show ip bgp summary
F. sh ip bgp database

Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:

QUESTION 30
How long will a port remain in the listening state by default?
A. Depends on the number of switches in the spanning tree domain
B. 50 seconds
C. 15 seconds
D. Until the root directs it to start forwarding
E. 20 seconds
F. Depends on the pott speed

Correct Answer: C Section: (none) Explanation
Explanation/Reference: QUESTION 31

A new router is added to an existing HSRP standby group. One of the existing routers is in an active state, the other is in a standby state. Under what circumstance will the new router become the active router?
A. The new router will become active immediately because it’s the newest router introduced into the group.
B. The new router can become active only when the existing active router and the existing standby router become unavailable.
C. The new router has a lower priority value.
D. The new router will never become active unless the existing active router becomes unavailable.
E. The new router has preempt configured and a higher priority
F. The new router has a higher priority value.

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 32
Which of the following is not a valid reason for a packet to be punted?
A. The TCAM has reached capacity
B. An unknown destination MAC address
C. A packet being discarded due to a security violation
D. A Telnet packet from a session being initiated with the switch
E. Routing protocols sending broadcast traffic
F. A packet belonging to a GRE tunnel

Correct Answer: C Section: (none) Explanation
Explanation/Reference:

QUESTION 33
Which of the following are not true OSPF LSA rules?
A. OSPF LSA type 5 triggers an LSA type 7 at an ABR between an NSSA and the backbone area.
B. OSPF LSA type 1 triggers an LSA type 3 at an ABR.
C. OSPF LSA type 7 triggers an LSA type 5 at an ABR between an NSSA and the backbone area.
D. OSPF LSA type 3 triggers an LSA type 4 at an ABR.
E. OSPF LSA type 5 triggers an LSA type 7 at an A5BR but only in N5SAs.
F. OSFP LSA type 2 triggers an LSA type 3 at an ABR.

Correct Answer: ADE Section: (none) Explanation
Explanation/Reference:
QUESTION 34
Several troubleshooters are about to work on the same problem. Which of the following troubleshooting methods would be most appropriate to make the best use of the troubleshooters1 time?
A. Bottom up
B. Component swapping
C. Top down
D. Shoot from the hip
E. Divide and conquer
F. Follow the traffic path

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 35
Which of the following are not BGRP data structures? (Choose all that apply.)
A. EIGRP database table
B. EIGRP CEF table
C. EIGRP neighbor table
D. EIGRP adjacency table
E. EIGRP interface table
F. EIGRP topology table

Correct Answer: ABD Section: (none) Explanation
Explanation/Reference:
QUESTION 36
Which of the following is a valid host IPv6 address? (Choose all that apply.)
A. ff02:a:b:c::l/64
B. 2001:aaaa: 1234:456c: 1/64
C. 2001:000a:lb2c::/64
D. 2fff:f:f:f::f/64
E. ff02:33ab:l:32::2/128
F. 2001:bad:2345:a:b::cef/128

Correct Answer: BDF Section: (none) Explanation
Explanation/Reference:
QUESTION 37
You examine the port statistics on a Cisco Catalyst switch and notice an excessive number of frames are being dropped. Which of the following are possible reasons for the drops?
A. Unknown destination MAC address
B. Bad cabling
C. MAC forwarding table is full
D. Port configured for half duplex
E. Port configured for full duplex
F. Network congestion

Correct Answer: BF Section: (none) Explanation
Explanation/Reference:
QUESTION 38
Which of the following would be considered reasonable network maintenance tasks? (Choose all that apply.)
A. Ensuring compliance with legal regulations and corporate policies
B. Troubleshooting problem reports
C. Planning for network expansion
D. Providing support to sales and marketing
E. Giving presentations to management
F. Monitoring and tuning network performance

Correct Answer: ABCF Section: (none) Explanation
Explanation/Reference:
QUESTION 39
Which of the following options represents the correct sequence of DHCP messages after a client initially boots?
A. DHCPREQUEST, DHCPOFFER, DHCPDISCOVER, DHCPACK
B. DHCPDISCOVER, DHCPOFER, DHCPREQUEST, DHCPACK
C. DHCPOFFER, DHCPACK, DHCPREQUEST, DHCPDISCOVER
D. DHCPDISCOVER, DHCPREQUEST, DHCPOFFER, DHCPACK
E. DHCPREQUE5T, DHCPDISCOVER, DHCPOFFER, DHCPACK
F. DHCPDISCOVER, DHCPACK, DHCPREQUEST, DHCPOFFER

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 40
Which of the following statements regarding documentation would not be considered a helpful step in the troubleshooting process?
A. Use the Cisco Auto Configuration tool.
B. Use the Cisco Rollback feature.
C. Automate documentation.
D. Schedule documentation checks.
E. Use the Cisco Configuration Archive tool.
F. Require documentation prior to a ticket being closed out.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 41
Which of the following statements are true concerning the command ip sla monitor responder type tcpconnect ipaddress 10.1.1.1 port 23? (Choose all that apply.)
A. The command will initiate a probe with a destination IP address of 10.1.1.1.
B. The command is used on the IP SLA responder and the IP SLA source.
C. The command will allow only source address 10.1.1.1 to source probes.
D. The command will initiate a probe with a destination Telnet port.
E. The command is used to make the router a responder.
F. The command will initiate a probe with a source port of 23.

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 42
In what situation would the command ip helper-address be required? (Choose the best answer.)
A. Only when there is a duplicate IP address caused by a combination of static and dynamic IP address allocations
B. On each router that exists between the client and the server
C. Only when a router separates the client from the server
D. Only if the DHCP sever issues a DHCPNAK to the initial request
E. Only when the client is on the same subnet as the server
F. Only when the DHCP pool is out of IP addresses

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 43
Which of the following commands will restore a previously archived configuration by replacing the running configuration with the archived configuration?
A. configure archive running-config
B. configure replace
C. copy archive running config
D. copy startup-config running-config
E. copy tftp running-config
F. configure tftp running-config
Correct Answer: B Section: (none) Explanation

Explanation/Reference:
QUESTION 44
Which of the following is not a characteristic of fast switching?
A. Fast switching reduces a routers CPU utilization, compared to process switching.
B. All packets of a flow, except for the first packet, use the information in the fast cache.
C. It can be enabled with the interface command ip route-cache.
D. Fast switching uses a fast cache maintained in a router’s control plane.
E. The fast cache contains information about how traffic from different data flows should be forwarded.
F. Even though the fast switching is enabled, the first packet of a flow is still process switched.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 45
Which of the following commands will display a router’s crypto map IPsec security association settings?
A. show crypto map ipsec sa
B. show crypto map
C. show crypto engine connections active
D. show ipsec crypto map
E. show crypto map sa
F. show ipsec crypto map sa

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 46
Which of the following pieces of information will the command show interface provide? (Choose all that apply.)
A. Layer 1 status
B. Output queue drops
C. Interface CPU utilization
D. Cable type connected to interface
E. Layer 2 status
F. Input queue drops

Correct Answer: ABEF Section: (none) Explanation
Explanation/Reference: QUESTION 47

Which of the following statements concerning IGMP are correct? (Choose all that apply.)
A. With IGMPvl, queries are sent to a specific group.
B. Hosts issuing IGMPvl requests will be correctly interpreted by IGMPv2 hosts due to backward compatibility.
C. An IGMPv2 router will ignore IGMPv2 leave messages when IGMFVl hosts are present.
D. With IGMFV2, a leave message is supported.
E. An IGMPv2 host will send an IGMFVl report on an IGMFVl router.
F. An IGMPv2 router can only allow IGMPv2 hosts to execute a join request.

Correct Answer: CDE Section: (none) Explanation
Explanation/Reference:
QUESTION 48
Which of the following are byproducts of a structured maintenance plan? (Choose all that apply.)
A. Predictable security vulnerabilities
B. Economies of scale
C. Improved expenditure forecasts
D. Increased downtime
E. Predictable equipment obsolescence
F. Consumption of fewer resources

Correct Answer: ABCEF Section: (none) Explanation
Explanation/Reference:

QUESTION 49
Which of the following are correct statements?
A. EIGRP advertises the best routes to its neighbor.
B. EIGRP uses “cost” to determine best path.
C. EIGRP allows unequal cost load balancing.
D. OSPF requires neighbor adjacencies before updates are sent.
E. EIGRP advertises all routes to its neighbor.
F. OSPF allows unequal cost load balancing.

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
QUESTION 50
Which of the following commands will remove all dynamic entries for a router’s NAT table?
A. clear nat translations
B. clear ip nat translations*
C. clear ip nat statistics
D. clear ip nat transactions *
E. clear ip nat translations
F. clear ip nat translations all

Correct Answer: B Section: (none) Explanation
Explanation/Reference: Exam B

QUESTION 1
Which of the following are TACACS+ characteristics? (Choose all that apply.)
A. Cisco proprietary
B. Standards-based protocol
C. Provides separate services for authentication, authorization, and accounting
D. Encrypts only the password
E. Uses UDP for a transport layer
F. Encrypts the entire packet

Correct Answer: ACF Section: (none) Explanation
Explanation/Reference:
QUESTION 2
Which of the following are common issues that should be considered when establishing or troubleshooting site-to-site VPNs? (Choose all that apply.)
A. User authentication
B. Overlapping IP address space
C. GRE or IPsec configuration
D. MTU size
E. VPN client software
F. Authentication server configured ly

Correct Answer: BCD Section: (none) Explanation
Explanation/Reference:
QUESTION 3
Which of the following would provide good baseline documentation to have on hand when analyzing potential problems? (Choose all that apply.)
A. User authentication ID and password
B. User profile
C. Output of debug
D. Output of show interface
E. Result of ping
F. Output of show process cpu

Correct Answer: CDEF Section: (none) Explanation
Explanation/Reference:
QUESTION 4
Which of the following characteristics describe the Root Guard feature? (Choose all that apply.)
A. The port must be put into forwarding state manually after root-inconsistent state has been corrected.
B. A Root Guard port receiving superior BPDU goes into a root-inconsistent state.
C. A Root Guard port receiving inferior BPDU goes into a root-inconsistent state.
D. While the port is in a root-inconsistent state no user data is sent across that port.
E. The port returns to a forwarding state if inferior BPDUs stop.
F. It should be applied to all switch ports.

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 5
Which of the following commands provides data plane information required to forward a packet to a specific ip address?
A. sh ip route
B. sh ip cef <ip_address>
C. sh adjacency <ip_address>
D. sh ip route <ip_addres$>
E. sh ip adjacency </p_address>
F. sh ip cef <mac_addrQss> <ip_address>

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 6
Which of the following management types can be used to deploy appropriate quality-ofservice solutions to make the most efficient use of bandwidth?
A. Fault management
B. Accounting management
C. Operations management
D. Performance management
E. Security management
F. Configuration management

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 7
Whichof the following are valid modes of packet switching on most routers? (Choose all that apply.)
A. Cisco Express Fonvarding
B. FIB switching
C. Cache switching
D. Optimized switching
E. Process switching
F. Fast switching

Correct Answer: AEF Section: (none) Explanation
Explanation/Reference:
QUESTION 8
Which of the following is an unlikely reason for the ARP process to fail?
A. CEF switching is disabled on the switch
B. The source device and destination device are in different VLANs
C. The VLAN is excluded from the trunk
D. The host is connected to the switch through an IP phone
E. A faulty cable from host to switch or between switches
F. The trunking encapsulation type is inconsistent on the two ends of the link

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 9
Which of the following is not a characteristic of Cisco Express Forwarding?
A. The adjacency table is populated from a router’s ARP cache.
B. CEF does not require the first packet of a data flow to be process switched.
C. CEF maintains the Forward Information Base and the adjacency table.
D. CEF can be enabled with the interface command ip cef.
E. The FIB is populated from a router’s IP routing table.
F. On most router platforms CEF is enabled by default.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 10
Which of the following are considered subcomponents of the problem diagnosis step of the troubleshooting flow? (Choose all that apply.)
A. Eliminate potential causes
B. Collect information
C. Document causes
D. Hypothesize underlying causes
E. Verif/ hypothesis
F. Examine collected information

Correct Answer: ABDEF Section: (none) Explanation
Explanation/Reference:
QUESTION 11
Which of the following virtual MAC addresses is correct for the HSRP group 22?
A. 0000.0c70.ac22
B. 0000.0c07.22ac
C. 0000.0c07.acl6
D. 0000.0c07.ac22
E. 0000.0c70.cala
F. 0000.0d22.ac07

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 12
Which of the following procedures are involved in the recommended three-step troubleshooting flow? (Choose the best three answers.)
A. Problem report
B. Problem collaboration
C. Problem diagnosis
D. Problem resolution
E. Problem documentation
F. Probiem authentication

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:

QUESTION 13
Which of the following data structures exist on a router for the OSPF routing protocol?
A. OSPF topology table
B. OSPF interface table
C. OSPF routing information base
D. OSPF link-state database
E. OSPF adjacency table
F. OSPF neighbor table

Correct Answer: BCDF Section: (none) Explanation
Explanation/Reference: QUESTION 14

A router simultaneously receives all the following routes in various routing updates. Which of the following routes would end up in the routing table? (Choose all that apply.)
A. RIP route 10.1.2.0/24
B. EIGRP route 10.1.2.0/24
C. RIP route 10.1.0.0/16
D. OSPF route 10.1.0.0/16
E. RIP route 10.0.0.0/16
F. OSPF route 10.1.2.0/24

Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 15
Which of the following commands would result in the following output: M.M.M
A. Ping 10.1.1.1 Data Pattern M.
B. Ping 10.1.1.1 timeout 0
C. Ping 10.1.1.1 size 1500 df-bit
D. Ping 10.1.1.1 source loopback 0
E. Ping 10.1.1.1 size 1500
F. Ping 10.1.1.1 size 1500 Strict

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 16
Which of the following commands will cause RIPng to originate a default route advertisement while suppressing all other routes?
A. Rl(config-if)#ipv6 default-information originate
B. Rl(config-router)#ipv6 rip <process-name> default-information only
C. Rl(config)#ipv6 route ::/0 null 0
D. Rl(config-if)#ipv6 rip <process-name> default-information only
E. Rl(config-router)#ipv6 rip route ;:/0 originate
F. Rl(config-router)#aggregate-address ::/0 summarize-routes

Correct Answer: D Section: (none) Explanation
Explanation/Reference:

QUESTION 17
The 0SPFv3 process will send hello packets to which of the follov/ing well-known addresses?
A. 255.255.255.255
B. 224.0.0.6
C. FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFF:FFF
D. FF02::10
E. 224.0.0.10
F. FF02::5

Correct Answer: F Section: (none) Explanation
Explanation/Reference:
QUESTION 18
Which of the following commands shows all routes learned via EIGRP? (Choose all that apply.)
A. show ip eigrp topology
B. show ip eigrp adjacency
C. show ip eigrp routes
D. show ip eigrp database
E. show ip route eigrp
F. show ip eigrp forwarding

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 19
Which of the following three port types are valid Spanning Tree port types? (Choose the best three answers.)
A. Designated port
B. Nonswitch port
C. Switch port
D. Nonroot port
E. Nondesignated port
F. Root port

Correct Answer: AEF Section: (none) Explanation
Explanation/Reference:

QUESTION 20
Which of the following is a valid method for defining a seed metric? (Choose all that apply.)
A. The default-metric command configured under the appropriate interface
B. The metric parameter in the network command of a routing process
C. The metric parameter in the redistribute command
D. The default-metric command
E. A route-map containing a seed command F. A route map containing a metric command

Correct Answer: CDF Section: (none) Explanation
Explanation/Reference:

Well-regarded for its level of detail, assessment features, and challenging review questions and hands-on exercises,Cisco 642-832 helps you master the concepts and techniques that will enable you to succeed on the Cisco 642-832 exam the first time.