CCNA Access List Sim 2

pls i’m taking the exam next week n i need vce manager..can some1 share d download link pls..thnks

Passed the exsm last min aug 12. . Eigrp. Vtp and acl same topology wity some modifications. . Thanks so much 9tut. . keep rocking!!!!

deny host B from accessing other servers (not the whole network) access-list 100 deny ip host 192.168.33.2 172.22.242.16 0.0.0.15 -> just want to ask about this 172.22.242.16. is this a summary route? just dont understand the question, i guess… please help thanks.

nvm. guess i figured it out. lolz

i think on acl lab we shuld apply ex acl in bound like (ip access-list 100 in ) can someone correct me if i m wrong. thanx

CCNA VTP SIM Question BY Mr.Mast

http://www.youtube.com/watch?v=1oGnkqr5-iE

Thank.

Keep up the good work Mr Mast.

Safdar .. you need to apply the ACL in the OUBOUND interface

safdar you are wrong if you are going to apply it inbound, at least in this example, read carefully

“No other hosts from the LAN NOR THE CORE should be able to use a web browser……”

if you want to block traffic from both, core and sw-2 lan, by using one access list you need to apply it outwards to the interface connecting to the server lan

CCNA VTP SIM Question
http://www.youtube.com/watch?v=1oGnkqr5-iE

It was in the exam, changed as per table 3, where it looks like u need to write 4 lines to make it, as you guys said I used permit ip any any to allow traffic to web public server, i got 100% for acl

Thanks 9 tut

now use VTP EIGRP ACL2
http://thietbivienthongbachkhoa.com/Default.asp?mod=News&action=list&NewsID=144&temp=Vertuvn_vn&Object=1&ItemID=83&Language=vn

Thanks 9tut passed wit 986 the site is real

@ Cuong

The site is not in English

I passed my exam 986/1000

Almost everything is the same but they change AS number in Eigrp and port numbers in VTP
and aslo ACL:

* Host C should be able to use a web browser(HTTP)to access the Finance Web Server
* Other types of access from host C to the Finance Web Server should be blocked
* All access from hosts in the Core or local LAN to the Finance Web Server should be blocked
* All hosts in the Core and local LAN should be able to access the Public Web Server

SO Config should look like this:

access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80
access-list 100 deny ip any host 172.22.242.23
access-list 100 permit ip any any

int fa0/1
ip access-group 100 out

Hi its me again This time i got 973 / 1000 though its my 2nd attempt…

Thanks to Spike and 9tut valid reviewer , got same SIM question there’s just a bit modification

which part of the exam does the lab occur? is it in the last part, first or in the middle of the exam. thanks..

passed the exam on my 3rd try..

ACL, VTP and EIGRP labs..

Doing the labs on 9tut is not ENOUGH.. I recommend you get packet tracer and download the sims from this site and do them over and over again.. Break stuff, change stuff apply the ACLs inbound and outbound learn to trouble shoot.. I have variations of the ACL, EIGRP and VTP labs on each test.

You need to master subnetting (I use the magic number method)..

Good luck..

will be taking my exam on sept 27 but just incase modifications will appear on the exam, i just wanna understand this part:

permit host B from accessing finance server access-list 100 permit ip host 192.168.33.2 host 172.22.242.23
deny host B from accessing other servers (not the whole network) access-list 100 deny ip host 192.168.33.2 172.22.242.16 0.0.0.15
permit everything else permit ip any any

shouldn’t it be 0.0.0.7 the reverse subnet mask if we include 0 on 00010 on calculating the summary route for 172.22.242.16 and 172.22.242.23?

pls help thanks.

Please can someone sent me a crack for vice file please i don`t have much time elishamanka@rocketmail.com

in the exam does the percentage indicate as in packet tracer please and i learn that you have an added advantage of time if you can speed English and want to write in English What if i tell them that i can`t speak this language of which i can ?

which part of the exam does the lab occur? is it in the last part, first or in the middle of the exam. thanks..

I passed my CCNA on the 6th of August scoring 907/1000. the simulation questions were Access Lists, EIGRP and VTP. In VTP commands, they disabled mac-address-table so you can use mac address-table incase the first one didn’t work. all the best guys. you can call me for more clarification on +2348030957364.

i passed my CCNA examination on the 12th of August, with a score of 933/ 1000 thanks 9tut.
the simukation questions were acl2 vtp eigrp

why isnt wildcard written in above given access lists?

can we write access list without wildcard???
and secondly simulations occur when in exam?start ,middle or end?

can we use TAB or question mark “?” in the exam ? ? ?

passed today with 854/1000. labs were acl2,eigrp and vtp exactly as from this site. the show mac-address-table command on the sw on vtp lab was rejected and i failed to examine the mac address table of the switch 3.i dont know if there is any other command which will give us the mac address table. if so then study it. there were 47q and three labs only.9tut,spike662q and shekah are the sources.

many thanks to 9tut,spike662q and shekah697q

study the materials guys,you will pass also

Passed today. 973.
Eigrp, access-list 2, vtp sims.
Tanx 9tut, examcollection(spike dump)

any one have new ccna 200-120 exam guide or material

To DJCracky, on the test when you had router 1 that did not have a route for router 3, how did you resolve? I took the test and failed, but studying again.. Maybe I’m wrong but seemed like they blocked the ip route command to make a static route and also advertising the route via EIGRP?

cisco exam is very easy ,,come to bangalore pearson centre ,,,admin of pearson centre will help for some rupees..

Dear 9tut and users

What will happen if you forget to copy run start in the simulations?

Just passed the CCNA exam. Got 933. Got this SIM, but little bit different. Thanks 9tut

Passed yesterday with a perfect score of 1000/1000.

50 questions all in all with VTP, EIGRP, and ACL2 from it.

Thanks 9tut, sekhar, spike, and brar.

great site …….
i have uploaded acl 2 lab

link

http://rapidshare.com/files/1799807722/acl2.rar

Why im getting server connection reset when trying access server from PC web browser? Please help.

please help me ., satur day i have a exam ., could please tell me what and all technical question will come …@ which vce? spike 670 or 662 or sekar or 9tut?

thanks pat

Any tech in Japan here? I have a job in Japan, Duration 6 months, tokyo or nagowa. CCNA, CCDA, CCNP, CCNP with voice. Really urgent!!! Thank you. Ralphinci@yahoo.com

Can anybody help me about this?

http://www.9tut.com/78-ccna-access-list-sim-2/

Corp1(config)#interface fa0/1
Corp1(config-if)#ip access-group 100 out
it says that i should apply it on interface fa0/1 and out

why is that?

i thought it was on f0/0 and in
or is it because it’s extended access list and should be put nearest to source (the LAN side)
and why is it out?, not inbound, is it because that this ACL applied to the interface that face out (facing the out of the destination)?

Can someone kindly enough tell me the rule about where to apply and the in/out ?
I’ve read some articles and books and watch some videos (CBT Nuggets, Lammle) and tried to browse some explanation but still very confuse

Please please help me i’ll have the exam very soon :)

thank you

Please specify on which interface does we have to put access-group command. Is it [ IN] OR [OUT] interface.

@Anonymous August 29th, 2013

Extended ACLs:

An extended ACL gives you much more power than just a standard ACL. Extended IP ACLs check both the source and destination packet addresses. They can also check for specific protocols, port numbers, and other parameters, which allow administrators more flexibility and control. But Standard ACL Only check both the source and destination packet addresses not Protocols (in our case TCP to deny www). For more you can read from:- http://computernetworkingnotes.com/network-security-access-lists-standards-and-extended/access-control-list.html

And if you notice the instruction “All other traffic is permitted” that is from the Core and from Hosts LAN. if it is fa0/0 and in, you allow only Hosts LAN not the Core traffic so to support both traffic it should be fa0/1 and out.

CCNA Access List Sim 2 BY Mr.Mast
http://www.youtube.com/watch?v=TLlflHHDimY

CCNA VTP SIM Question BY Mr.Mast
http://www.youtube.com/watch?v=1oGnkqr5-iE

CCNA EIGRP LAB Question BY Mr.Mast
http://www.youtube.com/watch?v=-NmNOedFchA

Explanation to the *. Why use the command “access-list 100 permit ip any any” and not “access-list 100 permit ip any host (IP of Public Web Server)”. Simple, if you read the scenario in the line 3 and 4 says: “Since there are multiple resources for the corporation at this location including other resources on the Finance Web Server, all other traffic should be allowed”. The Finance Web Server has resources for the Corporation others than WEB (WWW, eq 80). If you apply the second command you will no be able to ping the Finance Web Server from host A, B or D because you are applaying the acces list to the specific IP of the Public Web Server.

Applaying the first command you are allowing all other resources to be reach not just to the Public Web Server but also to the Finance Web Server too.

The line number 6 of the scenario confirm my point:”No other hosts will have web access to the Finance Web Server. All other traffic is permitted”.

hi all

i can’t apply ” access-list 100 permit ip host (ip) host (ip) eq 80 ” command in packet tracer. Does it something wrong with command or something else?

Thank you

note :

i use packet tracer v 5.3.3.0019

Hi All/9tut,

can someone help understand re this scenario

“deny host B from accessing other servers (not the whole network)
access-list 100 deny ip host 192.168.33.2 172.22.242.16 0.0.0.15″

where did this ip 172.22.242.16 come from?

thanks in advance!

@Boy to find the network number. use #show running- config to view interface fa0/1 and subnet mask. from the interface ip add we can calculate network no. and use subnt mask to get wild-card. mask

@EIVAN:
“i can’t apply ” access-list 100 permit ip host (ip) host (ip) eq 80 ” command in packet tracer. Does it something wrong with command or something else?”

When permitting “IP” there is no need to add “EQ 80″. This applies to TCP.