AAAdot1x Lab Sim

Not Sure, But “The Radius server and application servers will be installed at a future date. You have been tasked with implementing the above access control as a pre-condition to installing the servers. You must use the available IOS switch features. ”

Means that we need only to apply the VACL ,no authentication to be applied at this point , also i think it shall be extended ACL from Vlan20 IP range to the Radius server host .

Any body can comment .. My exam will be tomorrow !!!!

@ahmed: what were your results regarding this?

Passed 890

i did as mentined before m but i applied the 2 configurations in ASW1

ahh i see.. well grats that u passed anyways..

Should you not also include a:

ASW1(config-int)#no shutdown

command under the interface or is the line protocol already up?

These are switch ports, they should already be up.. Will see in 8 hours anyway

When running through this lab on real equipment the following command is not working. Can anyone verify that this does indeed work in the actual exam?

ASW1(config-if)#dot1x port-control auto

Make sure you enter switch mode access. It should work after that. Did you complete the exam. If so how did it go?

Ante how did the exam go. Feedback man… Feedback

2-day i passed switch exam got 912 marks….this lab is present in my exam…

i have solved all 3 lab correctly…..but mess up in simple Multiple choice Question…anyway….

if u wann any information regarding this switch exam then contact me on tokle.sumit@gmail.com..i will give your all problem answer…as i remember every thing

DSW1(config)# vlan access-map MYACCMAP 10
Why this command is not working in Packet tracer or in GNS.?
did we need latest ios or 6500 series switch or it happen to me only.??
and is it worked in lab same as written here.??

Passed with 923

this lab still valid!!! all the best

why wildcard mask? 0.0.0.255?

Baraka,

Because its a class C network. /24, So we only want to look at the host bits…

SALAM

don’t miss these 2 command lignes :
config)int fa0/1
switchport mode access
switchport access vlan 20

salam

Hi all…

Are the commands

1. switchport access vlan 20

and

2. no shutdown

necessary ???????

i think there is no harm in giving the command ‘ no shutdown ‘ although it is not required for switches (In switches by default it is no shutdown unlike routers…)

I’m giving my exam 2moro so please reply ASAP……

I would put switchport access vlan 20 as i don’t see any restrictions for the contrary anyway.

@canon
those commands don’t work in packet tracer or simulators (IOU/GNS3). they only work on real cisco switches.
just type those commands down into notepad and cheat your brain into thinking it’s a real switch until you’ve memorized them

btw. I don’t think this part is needed

DSW1(config)#vlan access-map MYACCMAP 20
DSW1(config-access-map)#action drop (drop other networks)
DSW1(config-access-map)#exit

the deny is implied at the end of the ACL used in the previous map

Taking the test friday. I’ll report back later

hi many of my friend coulnt pass this exam because of this sim…
while entering “aaa authentication dot1x default group radius” this command we got some error..

help me out….

Cleared yesterday. Lab is the same. All works

What about the condition?
“– Devices on VLAN 20 are restricted to in the address range of 172.120.40.0/24.”

Don’t we create a new VACL for that? (but vlan 20′s subnet is missing)

HI,
does anyone know how to get a proper network simulation for CCNP switch as most of the commands are not compatible with the packet tracer even 5.3 ??

Can u post the latest switching dumps url please(642-813)..or any pointers to that

Hi Guys,

Couple of hours before I passed my Switching exam, this site was very helpful and thanks a lot for all your contributions. I got 3 simulators (LACP, DOT1X, EIGRP with MLS), 2 drag & drop (syslog order, Sys, N/W, Mgmnt Levels), 1 hot spot (HSRP).

All optional questions came from the below Dumps, (examcollection)

Cisco ActualTest 642-813 v2011-11-11 by nonentity 407q.vce

For Simulators and Drag & Drop use the below dump (Drag & Drop Section)

Cisco Pass4sure 642-813 v2011-09-20 by WhiteNetworks 459q.vce

Thanks once again.

@spy
Did you first entered this command
Asw1(config)AAA new-model
cause the same happened to me but after that command it was ok.

Hi,,first of all i thanks for digitaltut.com ,and certprepare.com for there wonderful site…for the preparation for Cisco track exam…i passed route and switch with help this 2 sites and dumps by nonenty ….now i am preparing for TSHOOT and hopfully ill write exam 20 jan 2012….can any one send me latest dumps and required study material …….here is my email address..

mustafeezmj@gmail.com thanks for help

Hi all
Today, i pass switch with score 989, thank certprepare very much.
My exam has 40 questions, Lab aaa dot1x, Lacp, mls, 1hotspot, 1 D&D.
dump nonentity is enough
In aaa dot1x, when show run u will see fa0/1 assignmented access port for vllan 20 thus no need ‘switchport mode access’ and no need ‘vlan access-map MYACCMAP 20′ too because default is drop.
Good luck

hi everyone,

I am able to do MCQ,DD, lacp+stp and mls+eigrp sim lab….this lab ‘aaadot1x’ is killing me…couldnt find any interactive versions…got exam after 3 days…is it ok to practise/mug all commands from here (asw1 and dsw1) on note pad and do exam !!

I heard many people fails because of aaadot1x

pls advice…eager waiting for reply,

cheers,
abhi

@abhishek

I’ve just configured the dot1x lab on a real switch. I have to assure you that this one is a piece of cake.
If you count the sequences needed to implement this LAB, there are only 9 of them (meaning that you’ve had your hands on a switch before).

Dot1x Part: i didn’t configure authentication and authorization before on a real setup, but this lab it’s quite simple. You have to memorize only the first (and second) command word, and from there you can solve the LAB.

For the VACL, it’s more simpler if you just passed the ROUTE, which teaches you about route-maps. If you aren’t familiar with ROUTE, note that only 3 steps are required to complete the section:
1. Configure standard access-list
2. configure VLAN access-map
3. Apply the VLAN access-map onto vlan

My exam it’s on this Thursday, and hope at the same 3 LABS.

@ hey Rhebu,

i talked with so many people….all suggested to just mug the command and sit on the exam…. as thr is no interactive version on pkt tracer and gns3 !!

well, my issue is …if i execute all this command displayed up (in a same sequence without skipping any commands and steps)…will the sim work …i mean can i solve it on exam…i have to pass mate howevr

pls reply me and tell me ur exam experience…how was it?

good luck ,
abhi

Just pass the exam.
@abhishek:
I’ve scored 100% at dot1x lab, and you only need to memorize the commands.

Thanks for share this labs!!

I’ve passed it today, 3 labs, aaa dot1x, Lacp, eigrp, 2 drag and drop, hop spot (hsrp)

teskings user Bharath

hey Rhebu …

congrats!! i m hpy for u

by the way, was thr any question frm WIRELESS and VOICE
I am mugging the commands of AAA dot1x sim…funny stuffs

pls reply,
abhi

@Abhishek
please send me the exact configuration of aaa dot1x lab and lacp eigrp labs please i have exam on 19th of this january

Kindly share the Configuration of all labs…
i have exam on 19th january

also mail me
faisal.safdar@live.com

@ Faisal

dude,even i have got exam on 19th…
and i am looking for the configuration of the same lab….
whereas, the other two ….u can get it frm this cert…
however,i have send u the ccnp_switch_exam dumps…along with the lab simulations
please chk ur mail

good luck,
abhi

Why are ppl asking for the configs for this sim? Aren’t they clearly posted above? Are they not correct or something??

Passed last week with 923!! Hooray! Now studying for Route test …had 4 labs – AAA SIM 1st, then MLS/EIGRP, LACP with STP and Spanning-tree SIM. A couple drap and drops…one I remember is that “packet cos priority one” which I could find a legit answer too…anyways 923 aint bad.

pls. i will be writing Switch very soon and i need someone that just did his/hers to send me the dums and any relevant configuration…my email is obadunahmed@gmail.com…Thanks

There is difference in the answers of vc file and p4s dumps… i m so tens,,, my concepts are so weak…

please tell me on which ones should me prepare????

please reply fast i have exam after 12 hour

my exam is tomorrow !!
could anyone help about last command vlan filter MYACCMAP vlan-list 20 or 40 and why?

thanx for any help

Anonymous, i am amazed that you dont even know the concepts are paying 200$ . GOD Bless you my dear.

@ Spider
The “vlan-list 20″ is referring to VLAN 20
All The Best for tommorrow.

@ James
i know the VACL is applied on vlan 20 but i wanna why vlan 20 , i think it should be applied on VLAN 40

thanx for help

In the above simulation, it says:
“Users connecting to ASW1’s port must be authenticate before they are given access to the network” and in the figure it shows three switch port rather than only fa0/1. So the question is that when configuring the authentication, shouldn’t it apply to all three fast ethernet ports rather than only fa0/1.
So I was thinking may be it should be more like:

int range fa0/1 – 3
switchport mode access
dot1x port-control auto

Any comments??? Will take switch next week…

@Sprider and James

If you read the question it says:
” Packets from devices in the address range of 172.120.40.0/24 should be passed on VLAN 20.
– Packets from devices in any other address range should be dropped on VLAN 20.”

That suggests that vlan 20 is the only vlan where you need to set access-map on.
The command syntax is “vlan filter {map-name} vlan-list {vlan-list}

@Nitai, according to the diagram VLAN 20 is only valid for the port fa0/1. If a user connects to another access port they wouldn’t be in VLAN 20 anyway and would therefore not need to authenticate.

This command is not working at real switch i check at both 2950 and 2960 , please help

DSW1(config)#vlan access-map MYACCMAP 10

Thanks in advanced
http://20best.blogspot.com

Can any one help me to get IOS for GNS3 to test.

tanh123@hotmail.com

Dear Aledn i think it need L3 switch, this comman is not working at L2 switch. Please clear if i am wrong.