300-135 NOV 23 1000 PASS + New FLOW CHART

lwq0229

congratulations!  thanks for your reviews!

vesim1

Lapot16

justin215 发表于 2019-11-25 11:57
$ M$ v$ N, R" ]- wThanks!!
The next thing is to download a lab before Exam.
By the way:

5 y' e6 F0 _* V; J9 tIf not ping 209.65.200.225 it`s problem in ACL security
Pings in second column is debug info for me , if I stuck in any TT
: h, e0 W* Y9 h! j: o, |) V/ N1 i( sI recommended do the ping too for better understanding how labs work.
& W$ A/ H& D& a+ zIt`s help me  in TT portchannel .
I liitle confused, when in TT portchannel don`t work command show port-channel.
9 d0 B$ e: y! ?% f' v  S; tThen  ping from DSW2 => DSW1(10.2.1.1) not pass.
0 n/ Z- l2 G# E, h% ^Show interface trunk=> NONE.
8 b" F8 _* l. |( Q2 D# ?. `show run
I recommended do the ping too for better understanding how lab operates.

" t9 e+ v7 G; K2 n: N: _3 xI try explain tickets NAT
: u  m+ ~! I0 b) s% @ping 209.65.200.241 -no pass
ping 10.1.1.10 - pass
3 H( ?, ?: |) ~) Q( D+ wping 10.1.1.1 -pass
6 Z1 g( J" S+ b/ q( Z: v  SSo problem is  on  R1


- A4 s7 G) V- f; H$ D6 B# v3 D! xR1>show ip route
* D, g7 L) m& X* d5 h5 MGateway of last resort is 209.65.200.226 to network 0.0.0.0

$ O  i* b* A3 k2 ~: }( ]0 `, p
6 C7 U  z; J' R9 t/ a' t, j5 FB*    0.0.0.0/0 [20/0] via 209.65.200.226, 00:00:01
      1.0.0.0/32 is subnetted, 1 subnets
+ p# C, [3 E% n2 ~" iC        1.1.1.1 is directly connected, Loopback0
      2.0.0.0/32 is subnetted, 1 subnets
O IA     2.2.2.2 [110/65] via 10.1.1.2, 00:00:34, Serial1/0.12
  If BGP route consist in route table -problem not  BGP or ACL security
  
: F5 _# }8 d9 F( g/ n+ N$ k  problem probably NAT
# F) c0 w1 n! n* O5 b1 [% c8 l; y
R1>sh ip nat stat
2 v( D. y* m1 q7 Y3 M  U8 |+ mTotal active translations: 0 (0 static, 0 dynamic; 0 extended)
, k$ k2 q2 v$ x5 t, zPeak translations: 0
3 t. b) R) j5 h8 a4 {Outside interfaces:
$ R- _+ v; C6 b) P( J6 R, dInside interfaces:
  Serial1/0.12, Serial1/1
4 ~/ ^& M' M( k6 CHits: 0  Misses: 0
3 b1 [- L& v& |) h
If TT is NAT-ACL contunue our trip
, a- ~7 L# L' p  J" _# M2 j, gUnfortunately, commands show  access-list is absent.

* K9 I" R! N" J% F, z- o1 {6 Mgoing to config
ip access-list extended acl.nat
permit ip 10.1.0.0 0.0.255.255 any
permit ip 192.168.0.0 0.0.255.255 any
* n) Q# }: \5 @/ _* M

Lapot16

7 k% h% B. r) f+ v/ h
Troubleshoot R4
+ y/ M; d. z0 l& }! bPing 209.65.200.241 -no pass
9 K$ L% J& E! C  z3 S" YPing 10.1.1.10 - no pass
4 {) P. r9 J; |0 }- a3 }Ping 10.2.1.254 -pass
; ]2 E, \" F' {; P; u1 l. z3 J# I
R4>sh ip eigrp nei
EIGRP-IPv4 Neighbors for AS(10)
; }7 L8 _, Z  W9 y- _' NH Address Interface Hold Uptime SRTT RTO Q Seq
                                                   (sec) (ms) Cnt Num
1 10.1.4.10 Et0/2 11 00:00:17 4 100 0 8
0 10.1.4.6 Et0/1 11 00:00:17 2 100 0 8
If not have neighbors - problem with passive interface or old deprecated TT with wrong AS

# X! H1 N) ], }; u! A
Going to DSW1
DSW1>sh ip route
( L/ r* k! E! @+ }6 f
( l9 E/ O. _' q3 T2 K. |. s5 C
: K6 F! }. V8 R5 Q+ Z+ J4 uGateway of last resort is 10.1.4.5 to network 0.0.0.0
0 w' [# m& K- D) H7 E( C; |4 R
3 s: i* i0 L$ b8 [! d9 O
( @% x7 U" C4 k1 LD*EX 0.0.0.0/0 [170/53760] via 10.1.4.5, 00:00:48, Ethernet1/0
0 g1 o% C9 s5 t      4.0.0.0/32 is subnetted, 1 subnets
D EX 4.4.4.4 [170/53760] via 10.1.4.5, 00:01:03, Ethernet1/0
; c4 T6 {9 C7 ?, s8 Z' d' R      10.0.0.0/8 is variably subnetted, 11 subnets, 4 masks
D EX 10.1.1.8/30 [170/53760] via 10.1.4.5, 00:01:03, Ethernet1/0
C 10.1.4.4/30 is directly connected, Ethernet1/0

6 o0 T& B+ [5 i6 q8 B/ J3 ^
2 }$ i  i* v! p8 M. E) c$ `If not have D EX route- problem with redistribtion

Go config
& M& u7 V3 v% C- X  h  R0 l


6 x( x9 Y" w! W$ Y5 }" G

dandelion301

congratulations!

thanks for your reviews!

shadowswater

congratulations!

thanks for your reviews!

weiloveu5j0

lok7120

thank you for sharing

2363523913

棒棒棒棒棒棒棒棒棒棒棒棒棒棒棒棒棒

lwq0229

都好厉害啊，不知道我能不能行呢

youhow77

2 N9 {# {/ s  l1 q, O' Fcongratulations!  thanks for your reviews!

zqkhzczx

ok，谢谢分享

alvis1450

恭喜

buishithahaha

Congratulations!!