Documente Academic
Documente Profesional
Documente Cultură
Universidad Galileo
Ivan Estuardo Echeverria Catalán
INDICE
CARATULA ........................................................................................................................................... 0
Ticket 1 – OSPF Authentication ........................................................................................................... 2
Ticket 2 – HSRP Track .......................................................................................................................... 3
Ticket 3 – BGP Neighbor...................................................................................................................... 4
Ticket 4 – NAT ACL .............................................................................................................................. 5
Ticket 5 – ACL ...................................................................................................................................... 6
Ticket 6 – VLAN filter ........................................................................................................................... 7
Ticket 7 – Port Security ....................................................................................................................... 8
Ticket 8 – Switchport VLAN 10 ............................................................................................................ 9
Ticket 9 – Switchport trunk ............................................................................................................... 10
Ticket 10 – OSPF to EIGRP ................................................................................................................. 11
Ticket 12 – DHCP Range .................................................................................................................... 12
Ticket 13 – EIGRP Passive Interface .................................................................................................. 13
Ticket 14 – EIGRP Passive Interface .................................................................................................. 13
Ticket 15 – IPv6 GRE Tunnel .............................................................................................................. 14
Ticket 1 – OSPF Authentication
1.Client is unable to ping R1’s serial interface from the client.
Configuración R1:
interface Serial0/0/0/0
description Link to R2
ip address 10.1.1.1 255.255.255.252
ip nat inside
encapsulation frame-relay
ip ospf message-digest-key 1 md5 TSHOOT
ip ospf network point-to-point
!
router ospf 1
log-adjacency-changes
area 12 authentication message-digest
default-information originate always
!
Configuración de of R2:
interface Serial0/0/0/0.12 point-to-point
ip address 10.1.1.2 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 TSHOOT
!
Respuesta 1) R1
Respuesta 2) IPv4 OSPF Routing
Respuesta 3) Enable OSPF authentication on the s0/0/0 interface using the “ip ospf
authentication message-digest” command.
Ticket 2 – HSRP Track
HSRP was configured on DSW1 & DSW2. DSW1 is configured to be active but it does not
become active.
Configuración de of DSW1:
interface Vlan10
ip address 10.2.1.1 255.255.255.0
standby 10 ip 10.2.1.254
standby 10 priority 200
standby 10 preempt
standby 10 track 1 decrement 60
Respuesta 1) DSW1
Respuesta 2) HSRP
Respuesta 3) borrar el commando con track 1 e ingresar el commando con track 10
(standby 10 track 10 decrement 60).
Ticket 3 – BGP Neighbor
client 1 have ip address 10.x.x.x
Problem: Client 1 is able to ping 209.65.200.226 but can’t ping the Web Server
209.65.200.241.
Configuración de of R1:
router bgp 65001
no synchronization
bgp log-neighbor-changes
network 209.65.200.224 mask 255.255.255.252
neighbor 209.56.200.226 remote-as 65002
no auto-summary
The neighbor’s address in the neighbor command is wrong under router BGP. (use ipv4
Layer 3)
Respuesta 1) R1
Respuesta 2) BGP
Respuesta 3) corregir la direccion del vecino en R1. (change “neighbor 209.56.200.226
remote-as 65002″ to “neighbor 209.65.200.226 remote-as 65002″)
Ticket 4 – NAT ACL
client 1 have ip address 10.x.x.x
Client 1 & 2 are not able to ping the web server 209.65.200.241, but all the routers &
DSW1,2 can ping the server.
Configuración de of R1
ip nat inside source list nat_pool interface s0/0/0/1 overload
Respuesta 1) R1
Respuesta 2) ip NAT
Respuesta 3) agregar el comanto permit 10.2.0.0 al nat_pool access-list
Ticket 5 – ACL
client 1 have ip address 10.x.x.x
Client is not able to ping the server. Except for R1, no one else can ping the server. (use
ipv4 Layer 3)
interface Serial0/0/0/1
description Link to ISP
ip address 209.65.200.224 255.255.255.252
ip nat outside
ip access-group edge_security in
!
Respuesta 1) R1
Respuesta 2) IP Access list
Respuesta 3) En la lista de acceso de IP, configuración de seguridad de borde extendida
agregue el permiso ip 209.65.200.224 0.0.0.3
Ticket 6 – VLAN filter
client 1 have ip address 10.x.x.x
Client 1 is getting the correct IP address from DHCP but Client 1 is not able to ping the
server. Unable to ping DSW1 or the FTP Server(Use L2 Diagram).
Vlan Access map is applied on DSW1 blocking the ip address of client 10.2.1.3
Configuración de DSW1
vlan access-map test1 10
action drop
match ip address 10
vlan access-map test1 20
action drop
match ip address 20
vlan access-map test1 30
action forward
match ip address 30
vlan access-map test1 40
action forward
!
vlan filter test1 vlan-list 10
!
access-list 10 permit 10.2.1.3
access-list 20 permit 10.2.1.4
access-list 30 permit 10.2.1.0 0.0.0.255
!
interface VLAN10
ip address 10.2.1.1 255.255.255.0
Respuesta 1) DSW1
Respuesta 2) VLAN ACL/Port ACL
Respuesta 3) en el modo de Configuración global agregar el comando no vlan filter test1
vlan-list 10.
Ticket 7 – Port Security
client 1 have ip address 169.x.x.x
Client 1 is getting a 169.x.x.x IP address & is unable to ping Client 2 as well as DSW1. The
command ‘sh interfaces fa1/0/1′ will show following message in the first line
‘FastEthernet1/0/1 is down, line protocol is down (err-disabled)’
Configuración de of ASW1
interface fa1/0/1
switchport access vlan 10
switchport mode access
switchport port-security
switchport port-security mac-address 0000.0000.0001
Respuesta 1) ASW1
Respuesta 2) Port security
Respuesta 3) en el modo de Configuración global utilizar el rango Fa1/0/1 – 2, deshabilitar
port security y realizar un shutdown no shutdown en las interfaces.
Ticket 8 – Switchport VLAN 10
client 1 have ip address 169.x.x.x
Client 1 & 2 are getting 169.x.x.x ip addresses and can’t ping DSW1 or FTP Server but
they are able to ping each other.
Respuesta 1) ASW1
Respuesta 2) Vlan
Respuesta 3) Ingresar el siguiente commando: interface range fa1/0/1-/2 luego switchport
access vlan 10.
Ticket 9 – Switchport trunk
Client 1 is getting 169.x.x.x ip address.
Client 1 & 2 can ping each other but they are unable to ping DSW1 or FTP Server (Use
L2/3 Diagram)
Configuración de of ASW1
interface PortChannel13
switchport mode trunk
switchport trunk allowed vlan 1-9
!
interface PortChannel23
switchport mode trunk
switchport trunk allowed vlan 1-9
!
interface FastEthernet1/0/1
switchport mode access
switchport access vlan 10
!
interface FastEthernet1/0/2
switchport mode access
switchport access vlan 10
Respuesta: deshabilitar todas las vlans y configurara como truncal permitiendo las vlan 10
y 200 en los port channel 13, 23
Respuesta 1) ASW1
Respuesta 2) Conectividad de Switch a switch
Respuesta 3)
DSW1 can ping fa0/1 of R4. However clients and DSW1 can’t ping R4′s S0/0/0/0.34
interface (10.1.1.10)
On R4 in router eigrp:
router eigrp 10
network 10.1.4.5 0.0.0.0
no auto-summary
redistribute ospf 1 metric 100 10 255 1 1500 route-map OSPF_to_EIGRP
!
router ospf 1
network 10.1.1.8 0.0.0.0 area 34
redistribute eigrp 10 subnets
!
route-map OSPF->EIGRP
match ip address 1
Respuesta 1) R4
Respuesta 2) IPv4 Route Redistribution
Respuesta 3) En el proceso EIGRP, elimine el comando redistribuir ospf 1 route-map
OSPF_to_EIGRP e ingrese el comando redistribuir ospf 1 route-map OSPF-> EIGRP.
DSW1 & R4 can’t ping R2′s loopback interface or s0/0/0/0.12 IPv6 address.
R2 is not an OSPFv3 neighbor on R3
Situation: ipv6 ospf was not enabled on R2’s serial interface connecting to R3. (use ipv6
Layer 3)
Configuración de of R2
ipv6 router ospf 6
router-id 2.2.2.2
!
interface s0/0/0/0.23
ipv6 address 2026::1:1/122
Configuración de of R3
ipv6 router ospf 6
router-id 3.3.3.3
!
interface s0/0/0/0.23
ipv6 address 2026::1:2/122
ipv6 ospf 6 area 0
Respuesta:
Respuesta 1) R2
Respuesta 2) IPv6 OSPF Routing
Respuesta 3) en la interfaz serial de R2, ingresar el comando ipv6 ospf 6 area 0
In this ticket, check the IP on Client1, if it gets 169.x.x.x then use the “show run” command
on R4. If you see the “ip dhcp exclude 10.2.1.1-1.10.2.1.253″ then the DHCP range has
been misconfigured.
Configuración de R4:
!
ip dhcp excluded-address 10.2.1.1 10.2.1.253
!
Respuesta 1) R4
Respuesta 2) IP DHCP Server
Respuesta 3) en R4 eliminar ip dhcp excluded-address 10.2.1.1 10.2.1.253 y aplicar ip dhcp
excluded-address 10.2.1.1 10.2.1.2
Ticket 13 – EIGRP Passive Interface
R4 using - show runing-config
the neighborship between R4 and DSW1 wasn’t establised. Client 1 can’t ping R4
Configuración de R4:
router eigrp 10
passive-interface default
redistribute ospf 1 route-map OSPF->EIGRP
network 10.1.4.4 0.0.0.3
network 10.1.4.8 0.0.0.3
default-metric 10000 100 255 1 10000
no auto-summary
Respuesta 1) R4
Respuesta 2) IPv4 EIGRP Routing
Respuesta 3) ingresar el comando no passive interface para las interfaces conectadas a D
Configuración de R4:
router eigrp 10
passive-interface default
redistribute ospf 1 route-map OSPF->EIGRP
network 10.1.4.4 0.0.0.3
network 10.1.4.8 0.0.0.3
network 10.1.21.128 0.0.0.3
default-metric 10000 100 255 1 10000
no auto-summary
Respuesta 1) R4
Respuesta 2) IPv4 EIGRP Routing
Respuesta 3) ingresar el comando no passive interface a las interfaces conectadas a DSW1
por EIGRP incluir el comando “network 10.1.21.128 0.0.0.3” para la inyección de la red.
Ticket 15 – IPv6 GRE Tunnel
Problem: Loopback address on R1 (2026::111:1) is not able to ping the loopback address
on DSW2 (2026::102:1).
Configuración de R3:
!
interface Tunnel34
no ip address
ipv6 address 2026::34:1/122
ipv6 enable
ipv6 ospf 6 area 34
tunnel source Serial0/0/0.34
tunnel destination 10.1.1.10
tunnel mode ipv6
!
Configuración de R4:
interface Tunnel34
no ip address
ipv6 address 2026::34:2/122
ipv6 enable
ipv6 ospf 6 area 34
tunnel source Serial0/0/0
tunnel destination 10.1.1.9
!
Respuesta 1) R3
Respuesta 2) interoperabilidad Ipv4 entre Ipv6
Respuesta 3) Debajo de la interfaz Tunnel34, quite el comando 'tunnel mode ipv6'