FEED back
TS1 - H3++ and H3
Ts1
ticket 1: very hard, I almost failed everything because I couldn't ping from user1 to server 1 in the exam has different name but same concept. I check vlan everything it seemed too easy. Solution is Access-list on switch 2 permit the traffic toward 172.16.200.0/24, it was 172.16.200.0 only. My friend got me another feedback I realized, I remembered something access-group out on sw2. after about 10 mins.
ticket 2: ppp have to configure everything en ppp, so on, easy, also "clear ip route *"
ticket 4: eigrp no passive something r12, i think metric weight are there for all routes. So easy
ticket 7: dmvpn so easy, need to put shortcut on the hub all routers, and put redirect. R14 has extended ACL so just put "permit esp any any" so easy. Because BT3 is much more worst
ticket 3: ospf no surprised here. So easy again router-id is wrong on R21, I also checked next-hop-self too, check ipv6 on R22. I got the output matched
ticket 6: ipv6 have to creat EBGP between r21 <> r25 like this, because they want us to think that oh remove the ACL on the ipv6, no we need to hide the ipv4 inside of the ipv6. NOTE the route-map already configured.
R21
router bgp 12345
add ipv6
neighbor 123.1.2.18 remote-as 65101
neighbor 123.1.2.18 route-map NEXT-HOP out
R22
router bgp 65101
add ipv6
neighbor 123.1.2.17 remote-as 12345
neighbor 123.1.2.17 route-map NEXT-HOP out
ticket 5: BGP yes this one, i got stuck 10 mins.
- This one is tricy, we are doing BGP but they hide ip ospf network point-to-point in the link between R1<>R2. I almost failed. Finally I got my output. 10 mins gone
diag h3++
so easy 114, same as spoto. I got the first question wrong got confused about the answer, must answer "It is source IP Address is 0.0.0.0" some other answer is very confusing, has some similar wording like rely information etc.
passed
H3, got the real exam as expected
so easy but ok some pointer here
1 ppp wan switching did not come up, all configure is good. I had to reload the router. Everything came up. I thought that I was going to fail because I need to make l2vpn
2 DMVPN, most of the config on r14 is there but need to add this command "ip nhrp map multi dynamic” and then the tunnel protection.
- r60 so they have this command only
"crypto keyring HollyMaya vrf INTERNET "
missing this command "pre-shared-key address 0.0.0.0 0.0.0.0 key HollyMaya" in the real exam it is something HMfile something
3 Ipv6 sw111
- dhcp ipv6 easy, make sure ipv6 unicast-routing
- next-hop-self on r14 and 15, i recalled luckily
4 R14 and R15 natpool using loopback123 is not working i can not ping 8.8.8.8 so I changed the nat to ip nat inside source list NAT inter e0/0 overload. I wasted 45 mins. I mirrored from R25 still it is not working.
5 R20 in order to match the output, need to use set weight 100 route-map. Use spoto solution. It works. Do not forget to put route-map permit 20
Stay calm