Troubleshooting and Maintaining Cisco Networks-exam 300-135

نمونه سوالات آزمون
Troubleshooting and Maintaining Cisco Networks -exam 300-135

Ticket 1: Switch Port Trunk

Topology Overview (Actual Troubleshooting lab design is for below network design)

The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the ISP’s network. Because the company’s address space is in the private range.
R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside (209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1 and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a ‘proof-of-concept’ on several implementations. This involved changing the configuration on one or more of the devices. You will be presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution

Client is unable to ping IP 209.65.200.241
Solution
Steps need to follow as below:-
* When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4
Ipconfig ----- Client will be getting 169.X.X.X
* On ASW1 port Fa1/0/ 1 & Fa1/0/2 access port VLAN 10 was assigned which is using IP address 10.2.1.0/24
Sh run ------- & check for running config of int fa1/0/1 & fa1/0/2
====================================================
interface FastEthernet1/0/1switchport mode accessswitchport access vlan 10 interface FastEthernet1/0/2switchport mode accessswitchport access vlan 10
====================================================
We need to check on ASW 1 trunk port the trunk Po13 & Po23 were receiving VLAN 20 & 200 but not VLAN 10 so that switch could not get DHCP IP address and was failing to reach IP address of Internet.

Change required: On ASW1 below change is required for switch-to-switch connectivity.. int range portchannel13,portchannel23 switchport trunk allowed vlan none switchport trunk allowed vlan 10,200

QUESTION NO: 21

Use the supported commands to Isolated the cause of this fault and answer the following questions.

On which device is the fault condition located?

A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
H. ASW2

Answer: G
Explanation:

Since the Clients are getting an APIPA we know that DHCP is not working. However, upon closer examination of the ASW1 configuration we can see that the problem is not with DHCP, but the fact that the trunks on the port channels are only allowing VLANs 1-9, when the clients belong to VLAN 10. VLAN 10 is not traversing the trunk on ASW1, so the problem is with the trunk configuration on ASW1.

QUESTION NO: 22

Use the supported commands to isolated the cause of this fault and answer the following questions.

The fault condition is related to which technology?

A. NTP
B. Switch-to-Switch Connectivity
C. Access Vlans
D. Port Security
E. VLAN ACL / Port ACL
F. Switch Virtual Interface

Answer: B
Explanation:

QUESTION NO: 23

Use the supported commands to isolated the cause of this fault and answer the following questions.

What is the solution to the fault condition?

A. In Configuration mode, using the interface port-channel 13 command, then configure switchport trunk allowed vlan none followed by switchport trunk allowed vlan 20,200 commands.
B. In Configuration mode, using the interface port-channel 13, port-channel 23, then configure switchport trunk none allowed vlan none followed by switchport trunk allowed vlan 10,200 commands.
C. In Configuration mode, using the interface port-channel 23 command, then configure switchport trunk allowed vlan none followed by switchport trunk allowed vlan 20,200 commands.
D. In Configuration mode, using the interface port-channel 23, port-channel, then configure switchport trunk allowed vlan none followed by switchport trunk allowed vlan 10,20,200 commands.

Answer: B

Explanation:

We need to allow VLANs 10 and 200 on the trunks to restore full connectivity. This can be accomplished by issuing the “switchport trunk allowed vlan 10,200” command on the port channels used as trunks in DSW1.

Ticket 2 : ACCESS VLAN

Topology Overview (Actual Troubleshooting lab design is for below network design)

* Client Should have IP 10.2.1.3
* EIGRP 100 is running between switch DSW1 & DSW2
* OSPF (Process ID 1) is running between R1, R2, R3, R4
* Network of OSPF is redistributed in EIGRP
* BGP 65001 is configured on R1 with Webserver cloud AS 65002
* HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the ISP’s network. Because the company’s address space is in the private range.
R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside (209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1 and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a ‘proof-of-concept’ on several implementations. This involved changing the configuration on one or more of the devices. You will be presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.
Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution

====================================================
* Here we are not able to see access Vlan10 configured for Port Fa1/0/1 & Fa1/0/2
* Change required: On ASW1, for configuring Access Vlan under interface fa1/0/1 & 1/0/2 we have to enable command switchport access vlan 10

QUESTION NO: 24

The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.

Use the supported commands to isolated the cause of this fault and answer the following questions.

What is the solution to the fault condition?

A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
H. ASW2

Answer: G
Explanation:

The problem here is that VLAN 10 is not configured on the proper interfaces on switch ASW1.

QUESTION NO: 25

Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to switch technology?

A. NTP
B. Switch-to-Switch Connectivity
C. Loop Prevention
D. Access Vlans
E. VLAN ACL Port ACL
F. Switch Virtual Interface
G. Port Security

Answer: D
Explanation:

The problem here is that VLAN 10 is not configured on the proper interfaces on switch ASW1.

QUESTION NO: 26

Use the supported commands to isolated the cause of this fault and answer the following questions.
What is the solution to the fault condition?

A. In Configuration mode, using the interface range Fastethernet 1/0/1 – 2, then switchport mode access vlan 10 command.
B. In Configuration mode, using the interface range Fastethernet 1/0/1 – 2, then switchport access mode vlan 10 command.
C. In Configuration mode, using the interface range Fastethernet 1/0/1 – 2, then switchport vlan 10 access command.
D. In Configuration mode, using the interface range Fastethernet 1/0/1 – 2, then switchport access vlan 10 command.

Answer: D
Explanation:

The problem here is that VLAN 10 is not configured on the proper interfaces on switch ASW1.

Ticket 3 : OSPF Authentication

Topology Overview (Actual Troubleshooting lab design is for below network design)
* Client Should have IP 10.2.1.3

* EIGRP 100 is running between switch DSW1 & DSW2
* OSPF (Process ID 1) is running between R1, R2, R3, R4
* Network of OSPF is redistributed in EIGRP

* BGP 65001 is configured on R1 with Webserver cloud AS 65002
* HSRP is running between DSW1 & DSW2 Switches

Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution
========================================================

* Client is unable to ping IP 209.65.200.241

Solution
Steps need to follow as below:-
* When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4
Ipconfig ----- Client will be receiving IP address 10.2.1.3
* IP 10.2.1.3 will be able to ping from R4 , R3, R2 but not from R1

* Check for neighborship of ospf
sh ip ospf nei ----- Only one neighborship is forming with R2 & i.e. with R3
Since R2 is connected to R1 & R3 with routing protocol ospf than there should be 2 neighbors seen but only one is seen
* Need to check running config of R2 & R3 for interface
Sh run -------------------------- Interface Serial0/0/0/0.12 on R2

Sh run -------------------------- Interface Serial0/0/0/0 on R1
* Change required: On R1, for IPV4 authentication of OSPF command is missing and required to configure------ ip ospf authentication message-digest

QUESTION NO: 27

Use the supported commands to isolated the cause of this fault and answer the following questions.
On which device is the fault condition located?

A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1
H. ASW2

Answer: A
Explanation:

On R1, for IPV4 authentication of OSPF the command is missing and required to configure------ ip ospf authentication message-digest

QUESTION NO: 28

Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to which technology?

A. BGP
B. NTP
C. IP NAT
D. IPv4 OSPF Routing

E. IPv4 OSPF Redistribution
F. IPv6 OSPF Routing
G. IPv4 layer 3 security

Answer: D
Explanation:

On R1, for IPV4 authentication of OSPF the command is missing and required to configure------ ip ospf authentication message-digest

QUESTION NO: 29

Use the supported commands to isolated the cause of this fault and answer the following questions.
What is the solution to the fault condition?

A. Enable OSPF authentication on the s0/0/0 interface using the ip ospf authentication messagedigest command
B. Enable OSPF routing on the s0/0/0 interface using the network 10.1.1.0 0.0.0.255 area 12 command.
C. Enable OSPF routing on the s0/0/0 interface using the network 209.65.200.0 0.0.0.255 area 12 command.
D. Redistribute the BGP route into OSPF using the redistribute BGP 65001 subnet command.

Answer: A
Explanation:

On R1, for IPV4 authentication of OSPF the command is missing and required to configure------ ip ospf authentication message-digest

Topic 9, Ticket 4 : BGP Neighbor

Topology Overview (Actual Troubleshooting lab design is for below network design)

Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and solution.

Each ticket has 3 sub questions that need to be answered & topology remains same.

Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution

Client is unable to ping IP 209.65.200.241

Solution
Steps need to follow as below:

* When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4
ipconfig ----- Client will be receiving IP address 10.2.1.3
* IP 10.2.1.3 will be able to ping from R4 , R3, R2, R1
* Look for BGP Neighbourship
Sh ip bgp summary ----- No O/P will be seen
* Check for interface IP & ping IP 209.65.200.225 ---- Reply will be received from Webserver interface
* Look for peering IP address via sh run on R1 interface serial 0/0/1

* Since we are receiving icmp packets from Webserver interface on R1 so peering IP address under router BGP is configured wrong IP but with correct AS nos.
* Change required: On R1 under router BGP Change neighbor 209.56.200.226 remote-as 65002 statement to neighbor 209.65.200.226 remote-as 65002

QUESTION NO: 30

The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing schemes, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.

Use the supported commands to isolated the cause of this fault and answer the following questions.
On which device is the fault condition located?

A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1

Answer: A
Explanation:

The BGP neighbor statement is wrong on R1.

QUESTION NO: 31

Use the supported commands to isolated the cause of this fault and answer the following questions.
The fault condition is related to which technology?

A. BGP
B. NTP
C. IP NAT
D. IPv4 OSPF Routing
E. IPv4 OSPF Redistribution
F. IPv6 OSPF Routing
G. IPv4 layer 3 security

Answer: A
Explanation:

On R1 under router the BGP process Change neighbor 209.56.200.226 remote-as 65002 statement to neighbor 209.65.200.226 remote-as 65002

QUESTION NO: 32

Use the supported commands to isolated the cause of this fault and answer the following questions.
What is the solution to the fault condition?

A. Under the BGP process, enter the bgp redistribute-internal command.
B. Under the BGP process, bgp confederation identifier 65001command.
C. Deleted the current BGP process and reenter all of the command using 65002 as the AS number.
D. Under the BGP process, delete the neighbor 209.56.200.226 remote-as 65002 command and enter the neighbor 209.65.200.226 remote-as 65002 command.

Answer: D
Explanation:

On R1 under router BGP change neighbor 209.56.200.226 remote-as 65002 statement to neighbor 209.65.200.226 remote-as 65002

Ticket 5 : NAT ACL

Topology Overview (Actual Troubleshooting lab design is for below network design)
* Client Should have IP 10.2.1.3
* EIGRP 100 is running between switch DSW1 & DSW2
* OSPF (Process ID 1) is running between R1, R2, R3, R4
* Network of OSPF is redistributed in EIGRP
* BGP 65001 is configured on R1 with Webserver cloud AS 65002
* HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.
This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.
DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the ISP’s network. Because the company’s address space is in the private range.
R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside (209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1 and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.
DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the underlying IPv4 OSPF domain. Redistrution is enabled where necessary.
Recently the implementation group has been using the test bed to do a ‘proof-of-concept’ on several implementations. This involved changing the configuration on one or more of the devices. You will be presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and solution.
Each ticket has 3 sub questions that need to be answered & topology remains same.

Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution

Client is unable to ping IP 209.65.200.241
Solution
Steps need to follow as below:-
* When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4
Ipconfig ----- Client will be receiving IP address 10.2.1.3
* IP 10.2.1.3 will be able to ping from R4 , R3, R2, R1
* Look for BGP Neighbourship
Sh ip bgp summary ----- State of BGP will be in established state & will be able to receive I prefix (209.65.200.241)
* As per troubleshooting we are able to ping ip 10.2.1.3 from R1 & BGP is also receiving prefix of webserver & we are able to ping the same from R1. Further troubleshooting needs to be done on R1 on serial 0/0/1
* Check for running config. i.e sh run for interface serial 0/0/1.

From above snapshot we are able to see that IP needs to be PAT to serial 0/0/1 to reach web server IP (209.65.200.241). But in access-list of NAT IP allowed IP is 10.1.0.0/16 is allowed & need 10.2.0.0/16 to
As per troubleshooting we are able to ping ip 10.2.1.3 from R1 & BGP is also receiving prefix of web server & we are able to ping the same from R1. Its should be checked further for running config of interface for stopping
Change required: On R1 we need to add the client IP address for reachability to server to the access list that is used to specify which hosts get NATed.

QUESTION NO: 33

The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing schemes, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.

Use the supported commands to isolated the cause of this fault and answer the following questions.
On which device is the fault condition located?

A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1

Answer: A

Explanation:

On R1 we need to add the client IP address for reachability to server to the access list that is used to specify which hosts get NATed.

QUESTION NO: 34

The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing schemes, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.

Use the supported commands to isolated the cause of this fault and answer the following questions.
On which device is the fault condition located?

A. BGP
B. NTP
C. IP NAT
D. IPv4 OSPF Routing

E. IPv4 OSPF Redistribution
F. IPv6 OSPF Routing
G. IPv4 layer 3 security

Answer: C
Explanation:

On R1 we need to add the client IP address for reachability to server to the access list that is used to specify which hosts get NATed.

QUESTION NO: 35

The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing schemes, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.

Use the supported commands to isolated the cause of this fault and answer the following questions.
On which device is the fault condition located?

A. Under the interface Serial0/0/0 configuration enter the ip nat inside command.
B. Under the interface Serial0/0/0 configuration enter the ip nat outside command.
C. Under the ip access-list standard nat_trafic configuration enter the permit 10.2.0.0 0.0.255.255 command.
D. Under the ip access-list standard nat_trafic configuration enter the permit 209.65.200.0 0.0.0.255 command.

Answer: C
Explanation:

On R1 we need to add the client IP address for reachability to server to the access list that is used to specify which hosts get NATed.

Ticket 6 : R1 ACL

Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution

Client is unable to ping IP 209.65.200.241…

Solution
Steps need to follow as below:-
* When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4
* Ipconfig ----- Client will be receiving IP address 10.2.1.3
* IP 10.2.1.3 will be able to ping from R4 , R3, R2, R1
* Look for BGP Neighbourship
* Sh ip bgp summary ----- State of BGP will be in active state. This means connectivity issue between serial
* Check for running config. i.e sh run --- over here check for access-list configured on interface as BGP is down (No need to check for NAT configuration as its configuration should be right as first need to bring BGP up)

* In above snapshot we can see that access-list of edge_security on R1 is not allowing wan IP network
* Change required: On R1, we need to permit IP 209.65.200.222/30 under the access list.

QUESTION NO: 36

Use the supported commands to isolated the cause of this fault and answer the following questions.
On which device is the fault condition located?

A. R1
B. R2
C. R3
D. R4
E. DSW1
F. DSW2
G. ASW1

Answer: A

Explanation:

On R1, we need to permit IP 209.65.200.222/30 under the access list.

QUESTION NO: 37

A. BGP
B. NTP
C. IP NAT
D. IPv4 OSPF Routing
E. IPv4 OSPF Redistribution
F. IPv6 OSPF Routing
G. IPv4 layer 3 security

Answer: G
Explanation:

On R1, we need to permit IP 209.65.200.222/30 under the access list.

QUESTION NO: 38

A. Under the interface Serial0/0/1 enter the ip access-group edge_security out command.
B. Under the ip access-list extended edge_security configuration add the permit ip 209.65.200.224 0.0.0.3 any command.
C. Under the ip access-list extended edge_security configuration delete the deny ip 10.0.0.0.0 0.255.255.255 any command.
D. Under the interface Serial0/0/0 configuration delete the ip access-group edge_security in command and enter the ip access-group edge_security out command.

Answer: B
Explanation:

On R1, we need to permit IP 209.65.200.222/30 under the access list.

Ticket 7 : Port Security

Topology Overview (Actual Troubleshooting lab design is for below network design)

Client is unable to ping IP 209.65.200.241

Solution
Steps need to follow as below:-
* When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4 ipconfig ----- Client will be getting 169.X.X.X
* On ASW1 port Fa1/0/ 1 & Fa1/0/2 access port VLAN 10 was assigned but when we checked interface it was showing down
Sh run ------- check for running config of int fa1/0/1 & fa1/0/2 (switchport access Vlan 10 will be there with switch
port security command). Now check as below
Sh int fa1/0/1 & sh int fa1/0/2

As seen on interface the port is in err-disable mode so need to clear port.
Change required: On ASW1, we need to remove port-security under interface fa1/0/1 & fa1/0/2.