Config Flashcards Preview

ICND2 configs > Config > Flashcards

Flashcards in Config Deck (57)
Loading flashcards...
1
Q

Enable EIGRP for IPv6 on AS 100, make sure it works correctly. Assign both the Ethernet0/0 and Loopback0 interfaces to AS 100. R1

A

By default, IPv6 traffic forwarding is disabled, so:

R1(config)#ipv6 unicast-routing

R1(config)#ipv6 router eigrp 100

R1(config)#interface ethernet0/0

R1(config-if)#ipv6 eigrp 100

R1(config-if)#exit

R1(config)#interface loopback0

R1(config-if)#ipv6 eigrp 100

2
Q

Initialize the OSPF process number 10 and set R2’s OSPF router ID to 0.0.0.2

Include the interfaces with IP addresses in the 10.0.0.0/16 address range in Area 0 and in Area 1

A

R2(config)# router ospf 10

R2(config-router)# router-id 0.0.0.2

3
Q

Commands to verify PPPoE

A

show ip interface brief

show pppoe session

4
Q

Change R1 HSRP priority to 101, of HSRP group 1

A

R1(config)#interface ‘interface from show command’

R1(config-if)#standby 1 priority 101

5
Q

Create EtherChannel and configure trunk on SW1 and SW2. Add VLAN 1, 2, and 20 on Ethernet trunk port.

A
6
Q

Configure OSPFv3 process 10 on the Serial 0/1 interface on RouterA to operate in Area 0

A

RouterA(config)#interface serial 0/1

RouterA(config-if)#ipv6 ospf 10 area 0

7
Q

Commands to verify GRE tunnels

A

-Determine whether the tunnel interface is up or down.

Router# show ip interface brief Tunnel tunnel-id

-Verify the state of the GRE tunnel.

Router# show interface tunnel tunnel-id

-Verify that the tunnel network is seen as directly connected in the routing table.

Router# show ip route

8
Q

Configure extended IPv6 ACL named Example6 and apply to Ethernet1/1 interface in the inbound direction

The ACL should have the following four statements:

The first should deny all UDP traffic.

The second should permit TCP from PC2 to any destination as long as the destination port is 23 (Telnet).

The third should deny all other TCP traffic from PC2.

The last should explicitly permit all IPv6 traffic.

A

R1(config)# ipv6 access-list Example6

R1(config-ipv6-acl)# deny udp any any

R1(config-ipv6-acl)# permit tcp host ‘IPv6 address found from ‘show ipv6 interface brief’ command’ any eq 23

R1(config-ipv6-acl)# deny tcp host ‘IPv6 address found from ‘show ipv6 interface brief’ command’ any

R1(config-ipv6-acl)# permit ipv6 any any

Then,

R1(config)# interface Ethernet1/1

R1(config-if)# ipv6 traffic-filter Example6 in

9
Q

Configure an extended IPv4 ACL(access control list). It should be named Example

IT should have these 4 statements:

  • Should deny all UDP traffic.
  • Should permit TCP from PC1 to any destination as long as the destination port is 23 (Telnet).
  • Should deny all other TCP traffic from PC1.
  • Should explicitly permit all IP traffic.

Then apply to interface Ethernet1/1 in the inbound direction

A

R1(config)#ip access-list extended Example

R1(config-ext-nacl)#deny udp any any

R1(config-ext-nacl)#permit tcp host ‘PC1 IP address’ any eq 23

R1(config-ext-nacl)#deny tcp host ‘PC1 IP address’ any

R1(config-ext-nacl)#permit ip any any

R1(config)#interface Ethernet1/1

R1(config-if)#ip access-group Example in

10
Q

What configures the backup root for specified VLAN

A

“spanning-tree vlan ‘vlan-number’ root secondary”

11
Q
  1. ) Verify IP SLA configuration on a device
  2. ) Verify IP SLA statistics
A
  1. ) Router#show ip sla configuration
  2. ) Router#show ip sla statistics
12
Q

Place router in OSPFv2 in configuration mode. Also, OSPFv3 in configuration mode.

A

router ospf ‘process-id’

ipv6 router ospf ‘process-id’

13
Q

Configure Multilink PPP (MLP) on R1 with these criteria:

Group number: 1

IP address: 10.1.1.1/24

Enable the MLP feature.

Restrict physical links with the multilink group 1 only to join this bundle.

A

R1(config)#interface Serial 0/0/0

R1(config-if)#encapsulation ppp

R1(config-if)#exit

R1(config)#interface Serial 0/1/0

R1(config-if)#encapsulation ppp

R1(config)#interface multilink 1

R1(config-if)#ip address 10.1.1.1 255.255.255.0

R1(config)#interface Serial 0/0/0

R1(config-if)#ppp multilink group 1

R1(config)#interface Serial 0/1/0

R1(config-if)#ppp multilink group 1

14
Q

What forces the switch to be the root bridge for the specified VLAN

A

“spanning-tree vlan ‘vlan-number’ root primary”

15
Q

Enable EIGRP AS number 1 and include the network 10.0.0.0/8 on R1.

A

R1(config)#router eigrp 1

R1(config-router)#network 10.0.0.0

16
Q

Define the OSPv3 process ID 10 on R1, and assign to it the router ID 1.1.1.1

Enable OSPFv3 on the R1 Ethernet0/0, Ethernet0/1, and Loopback0 interfaces. All interfaces should be assigned to Area 0

A

Enable IPv6 Routing:

R1(config)# ipv6 unicast-routing

R1(config)# ipv6 router ospf 10

R1(config-rtr)# router-id 1.1.1.1

R1(config-rtr)# interface Loopback0

R1(config-if)# ipv6 ospf 10 area 0

R1(config-if)# interface Ethernet0/0

R1(config-if)# ipv6 ospf 10 area 0

R1(config-if)# interface Ethernet0/1

R1(config-if)# ipv6 ospf 10 area 0

17
Q

R1. Configure the OSPF process ID 1. Include all the networks that are associated with each of the three active interfaces(10.0.1.0 /24, 10.1.1.0 /24, 10.10.11.0 /24) for R1 in area 0. Also, configure the router ID to 1.1.1.1.

A

R1(config)# router ospf 1

R1(config-router)# router-id 1.1.1.1

R1(config-router)# network 10.0.1.0 0.0.0.255 area 0

R1(config-router)# network 10.1.1.0 0.0.0.255 area 0

R1(config-router)# network 10.10.11.0 0.0.0.255 area 0

R1(config-router)# end

18
Q

Verify single-area OSPF

A

Router# show ip protocols

Router# show ip ospf interface brief

Router# show ip ospf interface ‘interface’

Router# show ip ospf neighbor

Router# show ip route

19
Q

Configure OSPF process 10 to advertise the 192.168.10.0/24 network in Area 0

(3 ways)

A

router ospf 10

RouterA(config-router)#network 192.168.10.0 0.0.0.255 area 0

RouterA(config-if)#ip ospf 10 area 0.0.0.0

RouterA(config-if)#ip ospf 10 area 0

20
Q

Steps to configure CHAP authentication for PPP on R1, interface Serial1/1.

A

R1(config)#username “R2” password “cisco or anything”

R1(config)#interface serial1/1

R1(config-if)#ppp authentication chap

21
Q

Commands to verify and troubleshoot EIGRP

A

show ip eigrp neighbors

show ip route

show ip eigrp topology

22
Q

Configure the client (R1) to use an IP address provided by the PPPoE server.

Set the encapsulation type to PPP.

Specify the dialing pool that the dialer interface uses to connect to a specific destination subnetwork to “1.”

Assign the interface Ethernet0/1 to a newly created PPPoE dial group 1. Also, make sure that no IP address is manually assigned to the Ethernet0/1 interface.

A

R1(config)# interface Dialer1

R1(config-if)# ip address negotiated

R1(config-if)# encapsulation ppp

R1(config-if)# dialer pool “1”

R1(config)# interface Ethernet0/1

R1(config-if)# no ip address

R1(config-if)# pppoe-client dial-pool-number “1”

23
Q

Commands to troubleshoot IPv6 Network Connectivity

A

show ipv6 route

show ipv6 interface ‘interface’

show ipv6 access-list

24
Q

Set the encapsulation protocol on the R1 Serial1/1 interface to PPP

A

R1(config)# interface Serial1/1

R1(config-if)# encapsulation ppp

25
Q

How to check for root bridge and map out the whole STP status for VLAN 10

A

S1#show spanning-tree vlan 10

26
Q

Configure HSBR on SW1 and SW2.

A
27
Q

How do you create a VLAN?

A

vlan ‘number of vlan’

28
Q

Commands to verify OSPFv3

A

Router# show ipv6 protocols

Router# show ipv6 ospf interface brief

Router# show ipv6 ospf interface interface slot/number

Router# show ipv6 ospf neighbor

Router# show ipv6 route

Router# show ipv6 ospf

29
Q

Create GRE tunnels

On R1, define the interface Tunnel0. Assign it the IP address 172.16.99.1/24. The R1 Ethernet0/0 interface (10.10.1.1) should be the source and the R4 Ethernet 0/0 interface (10.10.3.2) should be the destination.

A

R1(config)# interface tunnel0

R1(config-if)# ip address 172.16.99.1 255.255.255.0

R1(config-if)# tunnel source 10.10.1.1

R1(config-if)# tunnel destination 10.10.3.2

(Just switch source and destination address on R4, to complete tunnel)

30
Q

How do you name a VLAN?

A

name ‘name of vlan’ (in config-vlan mode)

31
Q

What command is used to check for HSRP errors

A

For most errors:

R1# show standby

To see if IP addresses and ports are permitted in inbound access lists:

show ip interface

32
Q

Configure RADIUS for Console and VTY Access. R1.

Set username as “admin”

Password as “Cisco123”

The radius server name should be “myRadiusSRV1”

IP address of the server is 10.1.1.10

Shared key should be radiusPassword

Radius server group should be named “MyRadiusGroup”

A

R1(config)# username “admin” password “Cisco123”

R1(config)#aaa new-model

R1(config)#radius server “myRadiusSRV1”

R1(config-sg-radius)#address ipv4 “10.1.1.10”

R1(config-sg-radius)#key “radiusPassword”

R1(config)#aaa groups server radius “MyRadiusGroup”

R1(config-sg-radius)#server name “myRadiusSRV1”

R1(config)#aaa authentication login default group “MyRadiusGroup” local

33
Q

Troubleshoot IPv4 connectivity issues, commands

A

show ip interface brief

show ip route

show ip access-lists

34
Q

Command sequence on SwitchA to ensure that hosts connected to the FastEthernet0/1 port are authenticated by using 802.1x before the hosts are allowed to send traffic through the switch

(look at boson example 802.1x and AAA example)

A
35
Q

Commands to verify Multilink PPP (MLP)

A

show ppp multilink

show interfaces multilink1

show ip route

36
Q

Put interface fa0/1 in VLAN 50

A

interface fa0/1 switchport access vlan 50

37
Q

Commands to verify EBGP

A

1.) Display the BGP status and lists all configured neighbors.

Router# show ip bgp summary

2.) Display TCP and BGP connections to neighbors.

Rouetr# show ip bgp neighbors ‘neighbor-address’

3.) Display all routing information that is received from all neighbors.

Router# show ip bgp

38
Q

Steps to configure PAP authentication for PPP

A

Router(config)# username ‘username’ password ‘password’

Router(config-if)# ppp authentication pap

(Optional) Enable outbound PAP authentication. To authenticate itself to a remote device, the local router uses the username and password that the ppp pap sent-username command specifies.

Router(config-if)# ppp pap sent-username ‘username(must be same as what other router input as it’s user, same for the password side)’ password ‘password’

39
Q

Commands to verify and troubleshoot IPv6 EIGRP

A

Router# show ipv6 eigrp topology

Router# show ipv6 eigrp neighbors

Router# show ipv6 route eigrp

Router#show ip eigrp interfaces

40
Q

Configure TACACS+ for Console and VTY Access. R1.

Set username as “admin”

Password as “Cisco123”

The Tacacs server name should be “myTacacsSRV1”

IP address of the server is 10.1.1.10

Shared key should be tacacsPassword

Tacacs server group should be named “MyTacacsGroup”

A

R1(config)# username “admin” password “Cisco123”

R1(config)#aaa new-model

R1(config)#tacacs server “myTacacsSRV1”

R1(config-sg-radius)#address ipv4 “10.1.1.10”

R1(config-sg-radius)#key “tacacsPassword”

R1(config)#aaa groups server tacacs+ “MyTacacsGroup”

R1(config-sg-radius)#server name “myTacacsSRV1”

R1(config)#aaa authentication login default group “MyTacacsGroup” local

41
Q

Commands to verify multiarea OSPF

A

Router# show ip protocols

Router# show ip ospf interface brief

Router# show ip ospf neighbor

Router# show ip route

42
Q
  1. ) Configure an IP SLA ICMP Echo test to target IP address 10.10.3.30 and set frequency to 10 seconds
  2. ) Then schedule IP SLA 2 to perform an ICMP Echo test forever and to start running immediately
A

R1(config)ip sla 1

R1(config-ip-sla)#icmp-echo 10.10.3.30

R1(config-ip-sla-echo)#frequency 10

2.) Then,

R1(config)#ip sla schedule “2” life “forever” start-time “now”

43
Q

Change HSRP version from 2 to 1 on R2 router and change the HSRP group from 2 to 1 for the virtual IP address 10.10.1.1

A

R2(config)#interface ‘interface’

R2(config-if)#no standby version 2

R2(config-if)#no standby 2 ip 10.10.1.1

R2(config-if)#standby 1 ip 10.10.1.1

HSRP is version 1 by default

44
Q

How to create trunk between two switches

A

Go into interface of each switch and put:

“switchport mode trunk”

If there is an error, go into interface and:

“switchport trunk encapsulation dot1q”

“switchport mode trunk”

45
Q

Configure Single Homed EBGP

Enable BGP on ISP1 and configure both external neighbors, the R1 and R2 routers. Use the following information:

ISP1 is in AS 1.

R1 is in AS 100 and has IP address 192.168.1.11.

R2 is in AS 200 and has IP address 192.168.2.11.

Then,

Configure ISP1 to announce the Loopback0 network with the IP address 10.0.0.0/24 in the BGP process

A

ISP1(config)# router bgp 1

ISP1(config-router)# neighbor 192.168.1.11 remote-as 100

ISP1(config-router)# neighbor 192.168.2.11 remote-as 200

ISP1(config)# router bgp 1

ISP1(config-router)# network 10.0.0.0 mask 255.255.255.0

46
Q

Configure Time Based Access List

Block traffic to TCP port 80 on 192.168.23.3 but only for weekdays. On interface 0/0

A

R2(config)#time-range WORK_HOURS

R2(config-time-range)#periodic weekdays

Then,

R2(config)#ip access-list extended ‘access-list name’

R2(config-ext-nacl)#deny tcp any host 192.168.23.3 eq 80 time-range WORK_HOURS

R2(config-ext-nacl)#permit ip any any

Then activate on interface,

R2(config)#interface FastEthernet 0/0

R2(config-if)#ip access-group ‘access-list name’ in

47
Q

VTP

Configure Switch1 as the VTP server and Switch2 and Switch3 as VTP clients

Set the VTP domain name to cisco

Set the VTP password to cisco

Enable VTP pruning so that inter-switch broadcast replication is minimized

A

vtp mode server

vtp domain cisco

vtp password cisco

vtp pruning

48
Q

Enable portfast on the interface fastethernet0/4

A

interface fastethernet0/4

spanning-tree portfast

no shutdown

49
Q

Enable rapid PVST+ on a switch

A

spanning-tree mode rapid-pvst

50
Q

Configure switch as the primary root for VLAN 1

A

spanning-tree vlan 1 root primary

51
Q

Configure the switch with the second-lowest possible priority

Assume that Extended System IDs are used

STP

A

spanning-tree vlan 1 priority 4096

52
Q

Configure the switch with a default gateway of 10.1.1.1

A

ip default-gateway 10.1.1.1

53
Q

Make trunk link on each interface and then use Port Channel 12. First do with no dynamic EtherChannel negotiation

Then if you want to use PagP -or- LACP

A

Go into each interface:

switchport trunk encapsulation dot1q

switchport mode trunk

Then go into interfaces again:

For no dyanmic EtherChannel negotiation:

channel-group 12 mode on

-or-

For PagP:

channel-protocol pagp

channel-group 12 mode desirable

For LACP:

channel-protocol lacp

channel-group 12 mode active

54
Q

Configure plain-text authentication for OSPF

A

In interface:

ip ospf authentication

ip ospf authentication-key ‘password’

55
Q

OSPF config with default route

For Router 1:

Ethernet 0: 192.168.1.1/28

Serial 0: 10.1.1.1/30

Loopback 0: 172.16.1.1/32

A

configure terminal

router ospf 1

network 192.168.1.0 0.0.0.15 area 1

network 10.1.1.0 0.0.0.3 area 0

network 172.16.1.1 0.0.0.0 area 0

default-information originate

56
Q

Configure OSPf with process id 1

Configure OSPF to load balance over 10 equal paths

A

router ospf 1

maximum-paths 10

57
Q

Set the clocking 64kbps on Router

Set the bandwidth to 64kbps

Set the encapsulation to ppp

A

In interface:

clock rate 64000

bandwidth 64

encapsulation ppp