Scribd
Upload
45 views7 pages

Points

Uploaded by

kaung khant zaw
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
45 views7 pages

Points

Uploaded by

kaung khant zaw
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 7

Day-1

=====
- Question Type
1. MCQ
2. Drag and drop
3. Lab Simulation

- "Next" Only
- Valid for 3 years
- NRC / License / Passport
- Example Test Question in Test Begin
- Survey Questions in Test Last
- Reschedule Time (within 1 year)
- Spoto (680Q+ within 1 month)

On the Exam Day


---------------
Need to arrive 30 mins before the exam

During Exam
===========
**** #do wr or #wr after configured
**** during Lab, default password id "cisco"
**** need to check with #sh run | begin or #sh interface trunk or #sh ip interface
brief
**** if "Verify" keyword in question, please check the ping from PC.
**** if "Traffic on all trunks should be restricted to only active VLANs" in
question, please add the "#sw trunk allowed vlans xxx".

Switch Lab
----------
Lab-1
1. #spanning-tree mode rapid-pvst
2. #switchport mode trunk
3. #switchport mode trunk

Lab-2
1. #spanning-tree pathcost method long (Spanningtree default is 16 bits that
changed to 32 bits)
2. #no switchport access vlan 400 (to delete the original configured access port)
#switchport trunk encapsulation dot1q
#switchport mode trunk
3. #int range e0/2-3
#switchport trunk allowed vlan 1,400
#channel-group-10 mode active

Lab-3
#int e0/0
1. #switchport trunk encapsulation dot1q
#switchport mode trunk
2. #udld port aggressive
3. #interface range e0/2-3
#switchport trunk ecapsulation dot1q
#switchport trunk allowed vlan 1,300
#switchport mode trunk
#channel-group 10 mode active

Lab-4
1. #interface e0/1
#sw m access
#sw acc vlan 100
#spanning-tree portfast

Route Lab(OSPF)
---------------
***** if add network range in ospf, use wildcard mask. If add network range with
summarize as area 10 range x.x.x.x x.x.x.x, use subnet mask
Lab-5
#sh run | section ospf
1.#router ospf 10
#router-id 1.1.1.1
#interface range e0/0-1
#ip ospf 10 area 0
2.#router ospf 10
#area 10 range 10.1.0.0 255.255.0.0
3.#router ospf 10
#area 20 range 10.2.0.0 255.255.0.0

Lab-6
***** if not want the nodes to participate in DR/BDR election process, add the
relative interface #ip ospf network point-to-point or set priority no 0 #ip ospf
priority 0
#show ip ospf neighbour (Full/-)
1.#int e0/1
#ip ospf network point-to-point
#clear ip ospf process
2.#int e0/0
#ip ospf network point-to-point
#clear ip ospf process
3.#int e0/0
#ip ospf priority 255
#clear ip ospf process

Lab-7
****
#sh ip int br
#show run | section interface
#show run | section ospf
1.#ip prefix-list Name seq 1 deny 10.0.1.1/24
#router ospf 10
#area 10 filter-list prefix Name in
#clear ip ospf process
2.#ip prefix-list Name seq 1 deny 10.2.1.1/24
#router ospf 10
#area 10 filter-list prefix Name out
#clear ip ospf process

Lab-8
**** when add the vrf to interface, need to re-configure the IP address to
interface.
**** when add ipsec to gre tunnel, use #tunnel protection ipsec profile XXX
**** If there is no VRF CORP, create VRF #vrf definition CORP
Step
----
Create VRF -> Create GRE Tunnel0 -> Add VRF in GRE Tunnel0 -> Reconfigure the GRE
Tunnel0 -> Add the GRE Tuneel0 in IPSec Profile
#show run | section interface
#show run | section vrf
#show run | section ipsec
#show ip int br
R1
#config t
#ip route vrf CORP 10.100.2.0 255.255.255.0 10.100.100.2
#interface Tunnel 0
#vrf forwarding CORP
#ip address 10.100.100.1 255.255.255.0
#tunnel source Ethernet 0/1
#tunnel destination 10.10.2.1
#tunnel protection ipsec profile XXX
#exit
#interface Ethernet 0/0.100
#vrf forwarding CORP
#ip address 10.100.1.1 255.255.255.0
#end
R2
#config t
#ip route vrf CORP 10.100.1.0 255.255.255.0 10.100.100.1
#interface Tunnel 0
#vrf forwarding CORP
#ip address 10.100.100.2 255.255.255.0
#tunnel source Ethernet 0/2
#tunnel destination 10.10.1.1
#tunnel protection ipsec profile XXX
exit
#interface 0/0.101
#vrf forwarding CORP
#ip address 10.101.2.1 255.255.255.0
#end

Lab-9
#sh run
#sh ip int br
R1
#config t
#ip route vrf CORP 10.100.1.0 255.255.255.0 10.100.100.2
#interface Tunnel 0
#vrf forwarding CORP
#ip address 10.100.100.1 255.255.255.0
#tunnel source Ethernet 0/1
#tunnel destination 10.10.2.1
#tunnel protection ipsec profile XXX
#end
R2
#config t
#ip route vrf CORP 10.101.2.0 255.255.255.0 10.100.100.1
#interface Tunnel 0
#vrf forwarding CORP
#ip address 10.100.100.2 255.255.255.0
#tunnel source Ethernet 0/2
#tunnel destination 10.10.1.1
#tunnel protection ipsec profile XXX
#end

Lab-10
**** In OSPF, add VRF to OSP with #route ospf 100 vrf CORP
Step
----
Add router ospf 100 vrf CORP -> create crypto keyring XXX vrf CORP and built pre-
shared-key address x.x.x.x x.x.x.x key XXX -> add CORP vrf to WAN Int,
#sh run
#sh ip int br
#sh route ospf
R1
#config t
#no router ospf 100
#router ospf 100 vrf CORP
#router-id 10.10.10.10
#exit
#crypto keyring test vrf CORP
#pre-shared key address 10.10.2.1 0.0.0.0 key cisco
#interface Ethernet 0/1
#vrf forwarding CORP
#ip address 10.10.1.1 255.255.255.0
#ip ospf network point-to-point
#ip ospf 100 area 0
#interface Tunnel 0
#tunnel vrf CORP
#tunnel protection ipsec profile XXX
R2
#config t
#no router ospf 100
#router ospf 100vrf CORP
#router-id 20.20.20.20
#exit
#crypto keyring test vrf CORP
#pre-shared key address 10.10.1.1 0.0.0.0 key cisco
#interface Ethernet Ethernet 0/2
#vrf forwarding CORP
#ip address 10.10.21 255.255.255.0

Lab-11 (BGP-1)
****** (Watch carefully address-family)
#sh run
#sh ip int br
#sh router bgp summary
R2
#config t
#router bgp 500
#bgp router-id LOOPBACK ID
#neighbor 209.165.200.225 remote-as 400
#neighbor 209.165.200.229 remote-as 500
#network 209.165.201.9 mask 255.255.255.255
#network 209.165.201.10 mask 255.255.255.255
#end
#wr

Lab-12 (BGP-2)
****** (Watch Carefully address-family)
#sh ip int br
#sh router bgp summary
#sh run | section bgp
R1
#en
#config t
#router bgp 100
#bgp router-id 10.1.1.100
#neighbor 209.165.200.226 remote-as 200
#neighbor 209.165.202.129 remote-as 300
#address-family ipv4
#network 10.1.1.100 mask 255.255.255.255
#network 209.165.201.0 mask 255.255.255.248
#network 209.165.201.8 mask 255.255.255.248
#end
#wr

Lab-13 (Security-1)
******* virtual-link = line vty 0 4
#sh run | section aux
R2
#en
#config terminal
#line aux 0
#password Cisco!
#exit
#service password-encryption
#line vty 0 4
#transport input ssh
#exec-timeout 25 0
#end
#wr

Lab-14 (Etherchannel and trunk)


****** Fewst Priority Number is Root Bridge(Value = 0)
#sh run
#show etherchannel summary
Sw10
#en
#config t
#no int po21
#default int range eth0/0-1
#interface range eth0/0-1
#channel-group 21 mode passive
#interface int range eth0/0-1,po21
#switchport trunk encapsulation dot1q
#switchport mode trunk
#no shutdown
#exit
#spanning-tree vlan 12 priority 0
#end
#wr

Lab-15 (CoPP)
****** ACL > class-map > policy-map > apply in control-plane
#show run
#show ip access-list
R10
#en
#config t
#ip access-list extended 120
#5 permit ospf any any
#end
#wr
R30
#en
#config t
#ip access-list extended TELNET
#permit tcp 192.168.24.0 0.0.0.255 any eq telnet
#exit
#class-map match-any TelnetClass
#match access-group name TELNET
#exit
#policy-map COPP
#class TelnetClass
#police 8000 conform-action transmit exceed-action drop
#control-plane
#service-policy input COPP
#end
#wr

Lab-16 (OSPF4)
******
R30
#show run
#show router ospf
#show ip int br
#config t
#router ospf 30
#router-id 10.0.1.30
#network 10.0.1.30 0.0.0.0 area 0
#network 10.10.30.0 0.0.0.255 area 0
#network 10.20.30.0 0.0.0.255 area 0
#network 10.50.40.0 0.0.0.255 area 50
#area 50 range 10.50.0.0 255.255.128.0
#end
#wr

Lab-17 (NetworkFlow and SPAN)


******
R1
#sh run
#config t
#flow exporter NetFlow
#destination 10.10.1.110
#exit
#ip sla 10
#http get http://10.10.1.100
#frequency 300
#exit
#ip sla schedule 10 life forever start-time now
#end
#wr
Sw1
#en
#sh run
#config t
#monitor session 7 source interface eth0/0 both
#monitor session 7 destination interface eth1/1
#end
#wr

LAB-18 (VPN and VRF4)


******
R11
#show run | section vrf
#config t
#int e0/0
#vrf forwarding FINANCE
#ip address 209.165.200.226 255.255.255.252
#exit
#int e0/1
#vrf forwarding FINANCE
#ip address 10.11.11.1 255.255.255.252
#exit
#int tu0
#vrf forwarding FINANCE
#ip add 10.11.22.1 255.255.255.252
#tunnel source 209.165.200.226
#tunnel destination 209.165.201.2
#exit
#ip route vrf FINANCE 10.10.222.0 255.255.255.0 10.11.22.2
#end
#wr

Lab-19 (Security2)
****** higest level of privilege = 15
R2
#en
#sh run
#config t
#username NetworkAdmin privilege 15 password CiscoENCOR
#line vty 0 4
#transport input telnet
#login local
#line aux 0
#exec-timeout 20 0
#end
#wr

You might also like