CCNA Access List Sim

The answer to Q3 is not clear. Only one access list per direction (in or out) can be applied to any interface at any time, Fao/o already has one access list (105) applied inbound. So adding a second access list (116) will make no difference to the original configuration with the first access list, unless the new access list will over write the first one, or the commands typed on the console will take precedence over the running configuration!
Any take on this?

Sorry, I meant Q2. And the second ACL was 114 not 116

@Agya: Applying the “ip access-group 114 in” to the fa0/0 interface will overwrite the 106 access-list.

Thanks 9tut

But if the second ACL would overwrite the first, why did the answer to question 1 require removing access-group 106 before applying access-group 104?

Hi 9tut,

im not able to telnet from switchc

I Passed 24.03.2015, with 917/1000
thanks u SO much 9tut…
THIS LAB WAS IN YESTERDAY PAPER.

thank you soo much 9tut

for Q3 the correct answer is A for sure!
ACL use wild card insted of subnetmask. N.A 0.0.0.0 + W.C 255.255.255.0 will permit (or deny) only address 0.0.0.X what we all know that is Invalid network address…

I passed 3-25-15, with 968/1000.
-ACL, ACL2 mod2 and EIGRP.
Thanks 9tut!

Hi 9tut,

let me know for retake exam again we have to pay fees or not .

yes!! every time you have to pay :(

are watson + 9tut enough to pass the ccna 200/120 exam ???
another point about labs would i make the confiuration then answer or they just show me run-config then i will answer ?? i thing it is main point i have to know it so can somebody tells me !!!

Question 1:
Which will fix the issue and allow ONLY ping to work while keeping telnet disabled?
B – Change the ip access-group command on fa0/0 from “in” to “out”

why isn’t this answer good ? can someone explain ?

If we change current ACL 106 to out instead of in then echo-reply is allowed so ping will work from the switch.
Telnet will not be allowed because it denied on the outbound from the router.

i don’t get it why this answer is wrong.

@Alex

Change ACL 106 from in to out will not permit ping from the SW to the route.
you dont have any rule in ACL 106 that permit icmp (icmp protocol) but only echo-reply that only allow reply for echo-request.

remember that ACL by default are blacklist – you have a cleanup rule in the and of every ACL that deny any any…

still valid in London?

@liorK

you right that there is no ICMP allowed but we don’t need it.
when we change the ACL to be on OUT instead of IN that mean that echo can get inside the router (because there is no ACL on the IN).
The router sees that the echo message is for him then he sends echo-reply (which is allowed in the ACL OUT) and then the switch receive positive answer.

I simulated this in the lab and it works great, still have no idea why it isn’t the right answer.

Passed CCNA Today with SCORE = 1000/1000
Thanks to 9tut
Labs ACL 1 ACL 2 mod 3 EIGRP Sim AS 221

All Questions from Watson 325Q Dump which is enough to pass the exam.

I passed today with 31/03 986/1000 in London – still valid. The questions 90% from 9tut and some you can find in the other VCE file on the internet. ACL, ACL2 and EIGRP but with different names and IPs for the hosts and others. You can easily pass if you study a few times this questions from 9tut plus a little from books(very important to know about ospf, eigrp, vlans and others). I can help with any tips if somebody wants.

michael.pat86@ymail.com

Thanks 9tut and thanks God!!!

i cleared my ccna on 1st april…..it was dead easy….labs ACL1 ND ACL2 mod3 nd eigrp.. nd all questions from dumps itself.

Passed the CCNA today April 11, 2015 with a score of 917. The EIGRP labs and the Access List labs are both on the exam.

Hey everyone…I just Passed my CCNA composite exam two days ago. I was scared as hell but once I sat for the exam, everything started to become smooth as water. I was really amazed to see that the question were exactly the same as 9tut. Even the options are same. Not only I PASSED, i GOT 1000/1000. Credit goes to 9tut. Without you guys, it would have been impossible. So those of you who wants to sit for the exam just do this 3 things to prepare.
1) Finish all the questions available in 9tut.( Dont just do them, understand them and do them
2) Finish some latest dumps such as Watson
3) Try to practice all types of lab but certainly practice and learn ACL1, ACL2 and EIGRP.
If this 3 things are done properly, be sure that you will get 1000/1000. (email me only if you really need more help) Thank you.

I will be taking the exam tomorrow and at question 3
i discovered in @Abdel-Hameed ‘s lab examples
if you use show ip interface brief
you will see that s0/0/1 is shutdown

passed 1000/1000
11/4/2015
watson 314 & 9tut
labs acl1 + acl2 + EIGRP 23

Question 3, Answer A is correct.
Just add another router to SIM using serial interface and configure it in same network as Router C.
Enable s0/0/1 interface on Router C. Ping Router C from newly added Router (D) before changing 102 ACL. Ping should be successful. Now apply ACL 115 in on s0/0/1 interface on Router C as directed by question. Ping from new Router (D) to Router C should fail with unreachable (UUUU). that proves Answer A is correct as no host will be able to reach Router C after ACL 115 is applied.

passed 917/1000
17/4/2015
9tut & pass4sure
labs acl1 + acl2 + EIGRP 23

Question 3 Answer

Hello everybody,

I racked my brain and I could understand the question. Based on the current scenario of the question that the interface is down wisely the correct answer is the letter A. But considering the scenario proposed by “train2brpro april 13th, 2015,” where it connects to another router serial 0/0/1 really ping becomes valid only when the connected new Router IP has final “0″. The mask says that any IP address ended with IP 0 because it is a wild card in the truth and the mask is “0.0.0.255″ the same forces that the first three octets of the IP may vary and the last must have to be “0 “. Taking this into consideration the answer “A” would be partially correct, assuming only accept connections IPs addresses ending in “0″ thus rejecting any connection “Host”. I hope it was clear in the explanation.

Question 3 Answer

Hello everybody,

I racked my brain and I could understand the question. Based on the current scenario of the question that the interface is down wisely the correct answer is the letter A. But considering the scenario proposed by “train2brpro april 13th, 2015,” where it connects to another router serial 0/0/1 really ping becomes valid only when the connected new Router IP has final “0″. The mask says that any IP address ended with IP 0 because it is a wild card in the truth and the mask is “0.0.0.255″ the same forces that the first three octets of the IP may vary and the last must have to be “0 “. Taking this into consideration the answer “A” would be partially correct, assuming only accept connections IPs addresses ending in “0″ thus rejecting any connection “Host”. I hope it was clear in the explanation.

hell 9tut , I really love this site I will soon enroll for the CCNA class I need more dump site to do configuration and more explanation ACL, EIGRP, NAT, AND OSPF

Hi All / 9tut,
Thank you so the for 9tut given clear information and also helped clear my CCAN exam.
This I have got this qn in the exam , for this qn no need enter in the router and also no need change the configuration .
If you go though9tut sight clearly, CCNA exam will become very very easy just like dinking of water.
All the best ….

hey guys. i want to book my CCNA. I signed up on their site today …person VUE.

when I wanted to book the test I saw many options…

is this the right one?

Exam:
200-120PT: CCNA Test Bundle + MeasureUp Practice Test (includes 200-120 exam and practice test)
View Testing Policies
Price*:
USD 370.00
Language:
English

Please confirm.. My email is torontoman66@gmail.com. Just tell me f it is the the right one or not.

Thank you.

Hello there

I have the latest dumps to share them with anyone share with me access to the exam simulator software. I paid for the dumps and all i need is someone to share with me the access to the software.

email me onegoodlife3@gmail.com

THANKSS HEAPS 9TUT !!! I passed with 950 marks… many questions came from here n some new ones, but there were changes in the simulations though, so having a good understanding of these stuff is important.
Thanks again.

i have a question in this sim in the exam does it mean to answer a choices only or there is some modifications i will configure on router

i am wondering is in the exam this lab question is such choices ?????

Hi guys

one question please.. regarding the ACL AND EIGRP packet tracer..
in the exam do we have to do everything from scratch? or we will have the project ready and all we need to do is to apply ACL AND EIGRP?

please confirm

hello everyone.. I have one question I noticed that this lab is multiple choice.. so in the exam will be like this too? same thing for troubleshooting EIGRP

Please guys clear this as my exam in on May6th…

Hello everybody,
Elhamdulillah (All praise is due to Allah), Allah’a şükürler olsun (Thanks to Allah ) I passed the CCNA exam on the 22/April/2015. I want to provide some advice for the exam. First of all, WATSON, EXAMTUT, 9tut questions are correct. This dumps are valid.

1- There was total 51 questions. {2 simulations(EIGRP, ACL2 Modification1), 1 simlet (CCNA Access List Sim- ACL1), There was no drog and drop}

2- There are some small changes in questions. For example, place of answers are different. IP address can be different in simulation questions. AS numbers can be different. Pay attention to them.

3- There was a new question about Etherchannel.

Please forgive me for my bad English. I wish you success.

and
Thank you very much 9tut.

Q3: I think there is no correct answer. However, if someone see something different than me, please advise.

As We can see, the 115 acces-list has a wildcard format error of: “255.255.255.0″. It should be 0.0.0.255.
Wildcard mask “255.255.255.0″ will permit any ip address with the last octet with “0″: 192.168.1.0 (or) 1.1.1.0 (or) 172.16.33.0, and so on…

Just remember that ip addresses ending with “0″ are a network addresses (in a /24 network), not a valid ip address ideal for a host.
In that way, no other ip address will be accepted by the ACL 115 with that wildcard.
So, the “most” correct answer is “A”: No host could connect to Router through s0/0/1

The statement “115 in” issued on s0/0/1 will block any host from accessing the router (except the valid ip address ending in “0″, for instance, network mask /20 could have a valid ip address like 192.168.1.0/20 and that ip could be accepted by the ACL 115) –> The diagram does not show what device is connected through s0/0/1. However, if We assume there is a router in the other end of the link, that router would probably have a lot of routes behind him and one of that routes could be a /20 (or anything else with a valid ip address ending in “0″), so, that observation could be valid to say that no answer is correct or “A” is most correct.

Hello guys who spent the CCNA 200-120 recently and can tell me what the laboratory has found in the exam?

Thanks

@poyraz

Where are : 2 simulations(EIGRP, ACL2 Modification1), 1 simlet (CCNA Access List Sim- ACL1)
on 9tut because i had already passed the ccna 5 year ago and i had failed due to SIM LAB !

??

Can someone send me watson.pdf please? felipewarms@gmail.com

Hello Guys,

I didn’t understand overwrite means in ACL.For question 3 answers said that (Recall that each interface only accepts one access-list, so when using the command “ip access-group 115 in” on the s0/0/1 interface it will overwrite the initial access-list 102. Therefore any telnet connection will be accepted (so we can eliminate answer C).Instead of telnet connection will be accepted, “access-list 102 deny tcp any any eq telnet” Should’t it be deny telnet

Thanks for your answer

Hi all,

I have passed the CCNA exam last week (30/04/2015) with a score of 1000/1000. All the questions were from WATSON dump plus 9tut “New Questions”.

Labs were ACL, ACL 2 and EIGRP.

Best Regards.

I passed the Ccna exam on 6/MAY/2015 972/1000 , thaaaaaaaaaaaanks 9tut
EXAM :
EIGRP 212 – ACL modification 3 .
Q1 – Q2 -Q3

@Aiman Mustafa

Modification 3:
Any or Host x.x.x.x in the real exam ?

access-list 100 permit ip any host
(If the question asks this, surely it has to give you the IP of Public Web Server) but in the exam you should use “access-list 100 permit ip any any”

Hi 9tut

I’ve download practice file however ping is already go through R1 to SW.
It seems like answer file isn’t it?

Praise the almighty OVERLORD!!!!
Passed May 9th
LABS: ACL Simlet, ACL(MOD 1, Host D instead of B), EIGRP AS 112
3 Drag n Drops

Can somebody please send me the Watson 325Q Dump at fernando.nj@gmail.com ? Im going to be taking the CCNA exam on may 29 for the first time and i really want to pass on the first try!

Hi All,

Can someone explain Q3? The answer should be “Telnet and ping would work but routing updates would fail” OR “No host could connect to Router through s0/0/1”. I would like to know which one is correct? Please…..