CCNA Access List Sim 2

Why is it that i could still ping the 172.22.242.30 after i enter the access-list 100 deny ip host 192.168.33.2 172.22.242.16 0.0.0.15 command. but ip’s from 17 to 29 are unreachable which is correct. It this a bug in a packet tracer? please anyone answer my question.

@CiscoER

thanks. i started on the long commands but after sometime i got already used to using short cut commands even on lab exercises at school. thanks.

2morrow my exam wish me luck…
the second time im submitting
i will score it this time
study from 9TUT only.

still on the battle zone……………….. with my amor next week its going down i will be a grade higher Lord gimme strength ….. :-)

Guys in all of these scenarios described above, only the “int fa0/1″ gets to configured with “ip access-group 100 out” ?????

I´ll take my exam on Monday :D Wish me luck guys! :D

Hi Ciscoer
like i said it was easy, its all my fault i failed
i got the vtp lab it was exactly as 9tut says it would be, but you gotta work fast!!! i gave special attention to all the labs because im bang on with most of the theory and configuration commands, and i can subnet in my head so i flew through the questions, (thanks also to 9tut)
i also got the eigrp lab (again exactly as on 9tut) and a piece of cake,
(btw i checked for the passive interface and its on the R1 to ISP serial link so leave it)

it was all good id invest a bit of time in hexadecimal addressing though,
find out what a the 3 basic hexadecimal ip addresses look like (there on 9tut)
and gratuitous arp?? whatever that is?

and you will be fine

Hello all friends who did the exam!!

Please explain why!!

In all of these scenarios described above, only the “int fa0/1″ gets to configured with “ip access-group 100 out” ???????????????

is it the correct interface and direction to apply the ACL ????????

Hope anyone would reply!
Thanks
Jay

btw i scored 801, thats with only half the ACL lab completed and 90% of the Qs answered, and both the other 2 labs completed so study the theory (and 9tut) and its very doable

hi jay
the reason why you apply the list to interface f0/1 in the out direction is because
A: it is the only address hosts on the lan and host from the internet share on the way to the server
B: you use the “out” direction because the “in” direction would be traffic from the server entering the router, whereas “out” is filtering traffic which has already entered the router using one of the other interfaces and is destined for the server lan

sorry
A: it is the only interface hosts on the lan and hosts from the internet share on the way to the server

@ ismr thank you. Someone on another SIMs blog said exam actually 120 minutes. This does not include the time for the tutorial. 120 so much better than the 90 minutes I thought it was going to be. He took 1 hr 45 mins Gotta love that extra 30 minutes.

Just passed this with a 933/1000. All questions from Cisco.Acme.640-802.v2013-08-06.by.Acme.649q.vce dump. I think I mixed up some of the command or I would have done better. Used only this dump after reading Todd Lamle’s guide. The real surprise was no changes in choice order. I had 3 Simulations – EIGRP, ACL, VLAN Simlet. Thank you acme for your amazing work this made the test easy as pie. Thank you 9tut.

Has anyone failed and retaken the exam? I failed on my first attempt and I ma curious to know if you got the same sims or different sims.

All glory be to God. I passed the ccna exam. Big thank you to 9tut. I assuredly owed 9tut my support financially to help the site. I will say anyone preparing for ccna 0r ccnt and comes across 9tut is lucky. I study and practice all the sims and all the questions in the link at the right side of the site page. I also used a pass4sure dump. I scored 920/1000.
Thank you 9tut.

Hi,

I want to know when applying the following command

” Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80 ”

Is it must to give the host IPs in this order? or can we give finance web server IP 1st and then host C’s IP address next ?

If we change the IP order is it a mistake?

Thanks,

Cheers :-)

Gi guys, I’m gonna take the exam on the 18th of September..just a question..it’s possible to use tab and question mark? Thanks a lot!!

I failed and retake the test in a week interval. Igot the same sims except that access list sim was re-framed.
At my first attempt, acl question:
Host C should have web access to the finance web server
Every other host from the LAN should be denied web access to the finance web server
Every other ip communication should be allowed from the LAN to the remote site.

Second attempt sim question:
Host C should have webs access to the finance web server
Host C should not have any other ip communication with the finance web server.
All other host should also not have any access to the finance web server.
Since there are other resources on the remote LAN every other ip communication should be allowed.

;

Hi Abs619
It has to be in that order. eg. permit tcp host (source address) host (destination address) eq port #

Hi Danny,
Tab works for some commands and not all commands. I dont think I use the ? sign. So I am not sure of that. Hope this help a bit.

HI Anonymous, thanks :) I have a friend who has done already CCNA, CCNA wireless and CCNP and he told me that wa able to use tab and ? without problem..but here I’m reading that not always is possible..than I will see!!!!!! Thanks again!

How was the exam to day I want to be tested I’m afraid guys……………!!!!

hi guys
will the value of ip address change in real exam?

Hi, get the exam with 907, thanks to 9tut, that really help me to prepare the exam.
Labs were eigrp, acl, vlan simlet. Just be carefull with acl lab.
I couldn’t enter “ip access-group 100 out” command, i spend much time to find which syntax was correct… the only way was “ip access-group 100″ then press enter and then write “out” access-group subcommand. May be that bug was just in my exam center.
Tabs could be used…

Please can someone help me on this question, I took the exam on Wednesday and scored 762 and am planning to retake it again next week Friday, will the sim be ACL,EIGRP,VTP or any other thing ?

Thank you 9tut and everyone who share their thoughts.

@ Anonymous

i want to know, there’s passive-interface there ???
if yes, what would be showing on the screen ?

how to disable ?
please step by step

help me, im don’t get it how to dsable

@ hawel- It’s explained in the eigrp blog. R1#show running-config should be able to show you if there is a passive-interface. Use the “no” before the command to remove it. R1(config)#no passive-interface s0/0 etc

@ CiscoER

like this ?

From R1
#router eigrp 212
#no passive-interface f0/0
#no passive-interface s0/0
#no passive-interface s0/1

@ hawel – Yup I and a few people have said that. Hopefully we are all right. Good luck.

@ CiscoER

well, last question sir!

should i have do for R1 Only or all ? R2 R3 R4 ?

@ hawel 1) check for P-I, (R1#show running-config )if none, do nothing. If applied between R1 and ISP, do nothing – leave it. See 9tut discussion. If on any other (R2 R3 or R4), using R1 remove those. Look at diagram, you don’t need to config from R2 R3 or R4. If there is none on R3 and you do R1(config)#no passive-interface fa0/0 you will lose point. If I am wrong, someone please correct me. Be careful. Thanks.

@ CiscoER

thx for respons my Dear, btw what is ( P – I ) what does mean ?

@Keffer
thank you and congratulations for your passing the exam

Thanks a lot 9tut, passed with 828! Barelly but passed indeed! Had ACL2 2nd lab, EIGRP, and VTP, and about 80% of questions from this site!! Without 9tut I would not have passed for sure! Already ordered CCNA Voice book from Amazon to go into that next since I am still fresh..

@Wang

Yeah, like what CiscoER said, I think it’s safer to use the whole command. Just keep on praticing be it on your packet tracer or writing down the entire commands on a paper. That way you’ll be able to remember it.

Goodluck to those who’ll be taking the exam this week!

Hello Guys,

I’ved just passed CCNA last Saturday Sept 14 – 973…ACL2, VTP and EIGRP.. thank you 9TUT and Spike…

@ Dennis congrats!! Did you use any other dumps? Karven, Acme?
Best of luck to all those taking the exam this week.

4 days to go, exam time it is! thanks for this reviewer guys!

hello,
In exams, whether we should type the commands only once ? Or we can try many times, if it becomes mistake first time ?

can you suggest me pls.

guys i have an question for access-list 100 permit ip host 192.168.33.2 host 172.22.242.23 ? why that command shown IP ? why didn’t shown tcp ? for example : access-list 100 permit TCP host 192.168.33.2 host 172.22.242.23. is it ok ?

PEASE tell me if am of base. The first three commands access-list 100 permit(deny) are executed on the Routers CL and then finally the ip access-group 100 out command puts the access list in effect, basiclly. So you execute the access list on the router and ip access group out on the fa0/1.

1. Is that correct
2.on the sim above if you run on PacketTrace it has two fa0/1 below the Router. Is this ok and if so on which Fa0/1 do you run the ip access out out command…
I want to be sure. THANKS……

Passed 802 now what?

I was pondering plan of next course action and was wondering what ppl ideas, and views are. I would appreciate a discussion on the next course people are planning to take and the reasoning behind it.

The obvious things are strengths, weaknesses, likes, dislikes, pay$cale, workload,passion etc but I would like to learn from others and who knows I may adjust my thinking if need be.

So PLEASE say something :Professional Certifications, CCNP Data Center ,CCNP, CCNP Security, CCNP Wireless, CCNP Voice, CCNP Service Provider.

I was thinking of CCNP Security which has a Prerequisites of CCNA Security(one exam)640-554 IINS, on the other hand CCNP Routing and Switching pereq is you obviously the 802. So PLEASE I want to hear from you……

@ Melissa because you are not blocking or permitting tcp traffic just ip traffic. Had it shown tcp it would have to end with “eq 80″ or “eq 443″ or “eq 53″ whichever uses the tcp

make sure you use eq 80 instead of eq www as the test will not accept eq www as a valid response

I’ve seen two comments so far..one being on 9tut and the other one Exam Collection saying that the ACL2 Sim in the exact asked for FOUR ACL statements instead of THREE. Has anyone recently done this seen this in the CCNA 640-802? If so, what could the fourth statement be? I can’t seem to think of one that would match this ACL2 scenario. Thanks!

permit host B from accessing finance server access-list 100 permit ip host 192.168.33.2 host 172.22.242.23
deny host B from accessing other servers (not the whole network) access-list 100 deny ip host 192.168.33.2 172.22.242.16 0.0.0.15
permit everything else permit ip any any

I believe that there is a mistake in the acl statements above, the second statement is wrong

I passed the ccnd exam today, 947 score.
On this sim I got the :
-The user on host A should be able to use a web browser to access financial information from the Finance Web Server.
- Other types of access from host A to the Finance Web Server should be blocked
– All access from hosts in the Core or local LAN to the Finance Web Server should be blocked
No other hosts from the LAN nor the Core should be able to use a web browser to access this server.
- All hosts in the Core and local LAN should be able to access the Public Web Server.

And they only required 3 ACL statements.

PPL passed CCNA(640-802) with 920/1000 today…. DUMPS still valid…. go full throttle…..