CCNA Exam Topic : Troubleshooting

CCNA Troubleshooting topic explains all the actual and real questions regarding troubleshooting that would be seen on ccna exam.
Question 1:
A network administrator has installed a new router in the Lisbon office and is unable to backup the IOS image of the new router to a TFTP server located in the Gibraltar office. Given the network diagram, identify the source of the problem.


A. incorrect default gateway of the TFTP server
B. incorrect subnet mask of the TFTP server
C. incorrect IP address of the TFTP server
D. incorrect IP address on E0 of the Gibraltar router
E. incorrect subnet mask on the Lisbon router

Answer: B

Explanation:
The correct choice is B because the subnet mask of the TFTP SERVER must be /28 bits as per the E0 INTERFACE NETWORK AND MASK ON ROUTER GIBRALTAR which is equal to mask 255.255.255.240
In the network diagram TFTP server which is connected to E0 of Gibraltar is configured with wrong subnet mask 255.255.255.192 i.e. /26 bits this is causing the Lisbon router from backing up the IOS to TFTP.


Question 2:

Two routers named Atlanta and Brevard are connected by their serial interfaces as illustrated, but there is no connectivity between them. The Atlanta router is known to have a correct configuration. Given the partial configurations, identify the problem on the Brevard router that is causing the lack of connectivity.

A. transmission unit size too large
B. no loopback set
C. an incorrect subnet mask
D. incompatible encapsulation at each end
E. an incorrect IP address
F. incompatible bandwidth bewteen routers

Answer: E

Explanation:
Based on exhibit both Atlanta and Brevard are directly connected over serial link .
Given that Atlanta is configured correctly and its S0 IP address is 192.168.10.1 /24
Whereas problem at Brevard is it is configure with incorrect IP address 192.168.11.2 /24. The IP address must be corrected to 192.168.10.2 /24 so that both routers are configured for same network and establish connectivity.

Question 3:
Users have been complaining that their Frame Relay connection to the corporate site is very slow. The network administrator suspects that the link is overloaded. Based on the partial output of the Router# show frame relay pvc command shown in the graphic, which output value indicates to the local router that traffic sent to the corporate site is experiencing congestion?

A. DLCI=100
B. last time PVC status changed 00:25:40
C. in BECN packets 192
D. in FECN packets 147
E. in DE packets 0

Answer: C

Explanation:
BECN bits are set in frames that travel the opposite direction of the data flow to inform the transmitting DTE device of network congestion.

For the above question in BECN packets 192 identifies that local router receiving the BECN packets from corporate site, which is informing about congestion at its place for traffic sent by local router.

Question 4:
Which router IOS commands can be used to troubleshoot LAN connectivity problems?
(Choose three.)
A. ping
B. tracert
C. ipconfig
D. show ip route
E. winipcfg
F. show interfaces

Answer: ADF

Explanation:
Ping: network tool used to test whether a particular host is reachable across an IP network
Show ip route: Displays the routing table for known networks and can be used to verify any missing routes.
Show interfaces : command displays statistics for the network interfaces and shows the status of link protocol up/down.

Question 5:
The administrator is unable to establish connectivity between two Cisco routers. Upon reviewing the command output of both routers, what is the most likely cause of the problem?

A. Authentication needs to be changed to PAP for both routers.
B. Serial ip addresses of routers are not on the same subnet.
C. Username/password is incorrectly configured.
D. Router names are incorrectly configured.

Answer: C

Explanation:
Configure the usernames and passwords. To do so, issue the username username password password command, where username is the hostname of the peer (neighbor). Ensure that:
· Passwords are identical at both ends.
· The router name and password are exactly the same, because they are case-sensitive.
Example config on RtrA and RtrB would be
RtrA(config)#username RtrB password cisco
RtrB(config)#username RtrA password cisco

Question 6:
Users on the 172.17.22.0 network cannot reach the server located on the 172.31.5.0 network. The network administrator connected to router Coffee via the console port, issued the show ip route command, Based on the output of the show ip route command and the topology shown in the graphic, what is the cause of the failure?

A. The network has not fully converged.
B. IP routing is not enabled.
C. A static route is configured incorrectly.
D. The FastEthernet interface on Coffee is disabled.
E. The neighbor relationship table is not correctly updated.
F. The routing table on Coffee has not updated .

Answer: C

Explanation:

The default route or the static route was configured with incorrect next-hop ip address 172.19.22.2
The correct ip address will be 172.18.22.2 to reach server located on 172.31.5.0 network.
Ip route 0.0.0.0 0.0.0.0 172.18.22.2

Question 7:
A network administrator has configured two switches, named London and Madrid, to use VTP. However, the switches are not sharing VTP messages. Given the command output shown in the graphic, why are these switches not sharing VTP messages?

A. The VTP version is not correctly configured.
B. The VTP operating mode is not correctly configured.
C. The VTP domain name is not correctly configured.
D. VTP pruning mode is disabled.
E. VTP V2 mode is disabled.
F. VTP traps generation is disabled.

Answer: C

Explanation:
Both switches must have same domain name configured to exchange vtp messages. first domain name must match so that switches can start exchanging vtp messages, domain name is like a password.

Question 8:
A network administrator is troubleshooting the OSPF configuration of routers R1 and R2. The routers cannot establish an adjacency relationship on their common Ethernet link. The graphic shows the output of the show ip ospf interface e0 command for routers R1 and R2. Based on the information in the graphic, what is the cause of
this problem?
A. The OSPF area is not configured properly.
B. The priority on R1 should be set higher.
C. The cost on R1 should be set higher.
D. The hello and dead timers are not configured properly.
E. A backup designated router needs to be added to the network.
F. The OSPF process ID numbers must match.

Answer: D

Explanation:
Certain parameters within the OSPF hellos must match in order for two routers to become neighbors. They include:
1 Hello/dead timers
2 Area ID
3 Authentication type and password
4 Stub area flag
Hello and dead intervals are not same on both routers.
Question 9:
After the router interfaces shown in the diagram have been configured, it is discovered that hosts in the Branch LAN cannot access the Internet. Further testing reveals additional connectivity issues. What will fix this problem?

A. Change the address of the Branch router LAN interface.
B. Change the address of the Branch router WAN interface.
C. Change the subnet mask of the HQ router LAN interface.
D. Change the address of the HQ router LAN interface.
E. Change the address of the HQ router interface to the Internet.
F. Change the subnet mask of the HQ router interface to the Internet.

Answer: B

Explanation:
The branch router WAN interface is configured with incorrect IP address .
The correct IP will be 192.168.10.86 /30 because HQ WAN IP(192.168.10.85) is on network 192.168.10.84 /30 and the two usable IP's for this network are 192.168.10.85 and 192.168.10.86.

Question 10:
The network administrator wants to upgrade the IOS of a router. The new image requires 64 MB of RAM and 16 MB for storage of the file. Given the output shown in the graphic, which of the following is true?

A. This router meets the requirements for the new image.
B. This router will require a DRAM upgrade to meet the requirements for the new image.
C. This router will require a flash upgrade to meet the requirements for the new image.
D. This router will require an NVRAM upgrade to meet the requirements for the new image.

Answer: B

Explanation:
In above exhibit the flash memory meets the requirement of new IOS image but fails in RAM requirement has it does not have 64 mb installed on the router.

Question 11:
The network administrator has configured NAT as shown in the graphic. Some clients can access the Internet while others cannot. What should the network administrator do to resolve this problem?

A. Configure an IP NAT pool.
B. Properly configure the ACL.
C. Apply the ACL to the S0 interface.
D. Configure another interface with the ip nat outside command.

Answer: B

Explanation:
The NAT translation will only translate 192.168.1.0 /24 because of the access-list 1 statement permit matches only 192.168.1.0 network . Therefore other networks were ignored by NAT.
To correct this problem change the access-list statement with correct wild card mask
access-list 1 permit 192.168.1.0 0.0.255.255


Question 12:
Refer to the network diagram and configuration shown in the graphic. The network at the SOS Company has just been configured for NAT as shown. Initial tests indicate that everything is functioning as intended. However, it is found that a number of hosts cannot access the Internet. What is the problem?
A. The access list is not correct.
B. There are not enough IP addresses available in the NAT address pool.
C. The wrong interface has been configured with the ip nat inside command.
D. The IP address of the Fa0/0 interface is not usable.
E. The S0/1 interface of the ISP router is in the wrong subnet.

Answer: B

Explanation:
The NAT POOL defined above only permits 5 hosts at a time. Because only 5 public IP’s are available for NAT translation i.e only 5 hosts are translated because of one-to-one translation (private to public IP) and therefore remaining hosts are unable to access internet.
To overcome this problem use the NAT OVERLOAD or Port address translation.

Question 13:
Refer to the topology and partial switch command output shown in the graphic. The internetwork shown in the diagram is experiencing connectivity problems. Host A is unable to ping Host B. What needs to be done to enable these hosts to ping each another?
A. The gateway on Host A needs to be changed.
B. The IP address on Host B needs to be reconfigured.
C. VLAN 2 must be named.
D. The Fa0/1 interface on the ET-1 switch must be configured as a trunk port.
E. Switch port Fa0/1 must be moved to a different VLAN.

Answer: D

Explanation:
A trunk port is configured on switch to carry different VLAN information across to layer 3 device for inter-VLAN routing.

Question 14:
Refer to the graphic. Computer 1 is consoled into switch A. Telnet connections and pings run from the command prompt on switch A fail. Which of the following could cause this problem?

A. Switch A is not directly connected to router JAX.
B. Switch A does not have a default gateway assigned.
C. Switch A does not have a CDP entry for switch B or router JAX.
D. Switch A does not have an IP address.
E. Port 1 on switch A should be an access port rather than a trunk port.

Answer: D

Explanation:
IP address needs to be configured for ping test and to manage remotely via telnet on the switch.

Question 15:
Refer to the topology and command output within the exhibit. When hosts on the 172.16.5.0 network attempt to ping the remote server at 192.168.145.27, the message "Reply from 192.168.145.27:TTL expired in transit" is returned. What is the cause of this problem?



A. No static route is configured on the SOHO router to the 192.168.145.0 network.
B. No static route is configured on the ISP router to the 192.168.145.0 network.
C. A routing protocol must be configured to send packets between SOHO and ISP.
D. A routing loop has occurred.

Answer: D

Explanation:
Routing loop occurred because of wrong configuration of default route on both routers .
Each router pointing default routes between each other.

Question 16:
Refer to the exhibit. A network technician is troubleshooting a connectivity problem on R2. The technician enters the show cdp neighbors command at the R2 console. If the network is composed only of Cisco devices, for which devices should entries be displayed?

A. R1
B. SW-B and R1
C. SW-B, R1, and SW-C
D. R3, SW-B, R1, and SW-C
E. SW-A, R3, SW-B, R1, and SW-C
F. Host A, SW-A, R3, SW-B, R1, and SW-C

Answer: B

Explanation:
CDP only gathers information about directly connected neighbor’s information.
Troubleshooting Questions are continued on next blog post @ Troubleshoot 2

CCNA Router Simulator Question - VTP SIM

VTP SIM TESTLET IS ANOTHER SIM EXAM QUESTION

VTP SIM

Question:
This task requires you to use the CLI of Sw-AC3 to answer five multiple-choice questions. This does not require any configuration.
To answer the multiple-choice questions, click on the numbered boxes in the right panel.
There are five multiple-choice questions with this task. Be sure to answer all five questions before leaving this item.



Important: The VTP simlet has a pool of 10 question . Test may have only 5 Questions for VTP SIM

some very usefull commands to answer this simlet:

show cdp neighbor , show cdp neighbor detail , show interface trunk or switchport , show mac-address-table, show spanning-tree, show vlan , show vtp status , show run .

The pool of 10 questions are discussed here starting with the 4 questions in the above picture.

Question 1 :

What interface did Sw-AC3 associate with source MAC address 0010.5a0c.ffba ?

Answer:

Fa 0/8 (As per the picture above)

To find out the associate interface number for a given mac address on the switch use the show mac-address-table command and search for the mac address 0010.5a0c.ffba and its associated interface number.
Question 2 :

what ports on Sw-AC3 are operating has trunks (choose two)?

Answer:

Fa 0/9 and Fa 0/12 (As per the picture above)

To find out the ports operating has trunks on a switch

Use the show interface trunk command this will display all the trunk ports configured on switch.

(or)

Use the show interface switchport command and check the output of the command for operational mode : type trunk for each and every interface.

Question 3:

What kind of router is VLAN-R1 ?

Answer:

2611 ( as per picture above)

To know details of directly connected Neighbor, use the following command on the switch show cdp neighbors command, this output gives the following details about its neighbors

Device ID, Local Interface ,Holdtme, Capability, Platform, Port ID

To know what kind of router is VLAN-R1 we need to identify its platform details from above command output.

Question 4:

Which switch is the root bridge for VLAN 1 ?

Answer:

Sw-AC3 (As per the question above in picture)

Step1: Use the Show spanning-tree vlan 1 command this output provide the mac address of the root bridge.

Step2: now use the show mac-address-table command this output associates the mac address to a interface number.

Step3: use the command show cdp neighbors this output will give us the local interface associated with the hostname(Device ID).

Question 5 :

Out of which port on switch Sw-Ac3 would a frame containing an IP packet with destination address that is not on a local LAN be forwarded?

Answer:

To forward any packet with destination address other then the subnet network of the switch, the switch usually forwards this IP packets to the layer 3 device example router connected to it.

Step1: Find the default-gateway(Router or layer 3 device) configured on the switch.

use the Show run command to view the IP address used to configure default-gateway on the switch.

Step2: Look for the router VLAN-R1 after using the show cdp neighbor detail command

Sample output of show cdp neighbor detail command for better understanding the output details

Device ID: C2950-1
Entry address(es):
Platform: Cisco WS-C2950T-24, Capabilities: Switch IGMP
Interface: FastEthernet0/0, Port ID (outgoing port): FastEthernet0/15
Holdtime : 139 sec

Two things to notice from above output

Interface: FastEthernet0/0 this statement provides that the neighbor(c2950-1) is connected to fa 0/0 on the c3660-2 local switch.

Port ID (outgoing port): FastEthernet0/15 this explains that neighbor (c2950-1) uses fa 0/15 port to reach c3660-2 switch.

FOR OUR QUESTION WE SHOULD LOOK FOR THE ROUTER VLAN-R1 corresponding details and to which port it is connected on local switch Sw-Ac3.

Step3: The port number to which the routerVLAN-R1 is connected on switch Sw-Ac3 is used to forward the packets with destination address that is not on a local LAN.

Question 6:

What address should be configured as the default-gateway for the host connected to interface fa 0/4 of SW-Ac3 ?

Answer:

Step1: Find the details of the VLAN assigned to interface fa 0/4 by using the show vlan command on Sw-Ac3.

The above exhibit question has fa 0/4 configured has VLAN1 based on the output from show vlan command.

Step2: From the exhibit question we know that VLAN1 is configured on router using sub-interface fa 0/0.1 with IP address 192.168.1.254 /24.

Step3: 192.168.1.254 should be configure as default-gateway address for the host connected to fa 0/4 on switch.

Because VLAN1 corresponds to fa 0/4 on Sw-Ac3 and host connected to fa 0/4 will be member of vlan1.

Question 7:

Out of which ports will frame with source mac-address 0015.5A0Cc.A086 and destination mac-address 000A.8A47.0612 be forwarded ?

Answer:

Step1: Use Show mac-address-table command on the switch.

The output of a show mac-address-table provides the mapping of mac address with port numbers. Search the output for the two mac-addresses provided in the question and select the destination mac address corresponding port number for correct answers.

Step2: If you do not find the above destination mac-address in SHOW MAC-ADDRESS-TABLE output , then the frame will be broadcast or flooded to all ports ( all ports may be ports of particular vlan on switch ,Selection of VLAN will be depending on the source mac-address port vlan membership) except the port it recieved from.

Question 8:

From which switch did Sw-Ac3 receive VLAN information ?

Answer:

Step1: Use Sw-Ac3#show vtp status command .

Sample output of show vtp status command

switch# show vtp status
VTP Version : 2
Configuration Revision : 255
Maximum VLANs supported locally : 1005
Number of existing VLANs : 35
VTP Operating Mode : Server
VTP Domain Name : Lab_Network
VTP Pruning Mode : Enabled
VTP V2 Mode : Enabled
VTP Traps Generation : Disabled
MD5 digest : 0x08 0x7E 0x54 0xE2 0x5A 0x79 0xA9 0x2D
Configuration last modified by 127.0.0.12 at 8-7-02 11:21:43
Local updater ID is 127.0.0.12 on interface EO0/0 (first interface found)

The local updater ID in the above output identifies the ip address of the device which is providing the VLAN information. The address could also be of the switch itself.

Step 2: Show cdp neighbor detail provides the hostname for corresponding to that IP address.

Question 9:

Refer to the exhibit. SwX was taken out of the production network for maintenance. It will be reconnected to the Fa 0/16 port of Sw-Ac3. What happens to the network when it is reconnected and a trunk exists between the two switches?

Answer:

Step1: On switch Sw-Ac3 use show vtp status command. Notice the output for domain name, Both switches must have same domain name configured to exchange vtp messages (exhibit domain name: home-office ).

Step2: If domain name matches, Then note Configuration Revision number of the Sw-Ac3 and compare it with the SwX , Whichever switch has highest configuration revision number will become the vtp updater. The switch which becomes vtp updater will replace other switch vlan information with its own vlan information.

Example if SwX revision number is highest , Then VLAN information that is configured in Sw-Ac3 will be replaced by the VLAN information in the SwX.

CCNA Router Simulator Question - ACL SIM

CCNA EXAM HAVE TWO SIMULATORS.
ACL SIM

CCNA CISA CCNP CISP
Answer:

Select the console on Corp1 router

Configuring ACL

Corp1>enable
Corp1#configure terminal

comment: To permit only Host C (192.168.33.3){source addr} to access finance server address (172.22.242.23) {destination addr} on port number 80 (web)
Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80

comment: To deny any source to access finance server address (172.22.242.23) {destination addr} on port number 80 (web)
Corp1(config)#access-list 100 deny tcp any host 172.22.242.23 eq 80

comment: To permit ip protocol from any source to access any destination because of the implicit deny any any statement at the end of ACL.
Corp1(config)#access-list 100 permit ip any any

Applying the ACL on the Interface

comment: Check show ip interface brief command to identify the interface type and number by checking the IP address configured.
Corp1(config)#interface fa 0/1
If the ip address configured already is incorrect as well as the subnet mask. this should be corrected in order ACL to work
type this commands at interface mode :
no ip address 192.x.x.x 255.x.x.x (removes incorrect configured ip address and subnet mask)
Configure Correct IP Address and subnet mask :
ip address 172.22.242.30 255.255.255.240 ( range of address specified going to server is given as 172.22.242.17 - 172.22.242.30 )

comment: Place the ACL to check for packets going outside the interface towards the finance web server.
Corp1(config-if)#ip access-group 100 out

Corp1(config-if)#end

Important: To save your running config to startup before exit.
Corp1#copy running-config startup-config


Verifying the Configuration :


Step1: show ip interface brief command identifies the interface on which to apply access list .


Step2: Click on each host A,B,C & D . Host opens a web browser page , Select address box of the web browser and type the ip address of finance web server(172.22.242.23) to test whether it permits /deny access to the finance web Server .


Step 3: Only Host C (192.168.33.3) has access to the server . If the other host can also access then maybe something went wrong in your configuration . check whether you configured correctly and in order.


Step 4: If only Host C (192.168.33.3) can access the Finance Web Server you can click on NEXT button to successfully submit the ACL SIM.