AAAdot1x Lab Sim

Tried not to use shortcuts on commands as Ive been advised the CCNA certification doesnt allow you to..Example configure terminal good. ..ROUTER configure terminal.ROUTER config hostname Dude.Dude config enable password cisco.Dude config enable secret class.Dude config line vty 0 4 to allow telneting.Dude config-line password cisco .Dude config-line login.Dude config-line exit… ..For below examples ..ISP Router..network 200.2.2.16 30..serial 200.2.2.17 30 Loopback 0 172.16.1.1 32..Dude Router..networks 199.99.9.32 27 private 10.10.10.0 24..serial 200.3.3.18 30 Fast Ethernet 10.10.1.0 24..Create a default route from the ISP to the Dude router using ip route command..ISP config ip route 199.99.9.32 255.255.255.224 200.2.2.18….Default route to forward any unknown destination traffic from the Dude router to ISP..Dude config ip route 0.0.0.0 0.0.0.0 200.2.2.17….Define pool of public addresses using the ip nat pool command.

To malak,
No, you can choose the name you want.

The interface level command “dot1x system-auth-control” is not available on any of my 2960, 2960G, or 4500 switches. I found the command “authentication port-control auto” is available. Is this the same command with new syntax?

dot1x system-auth-control is to enable dot1x on the switch while authentication pot-control auto is configured on the port.

I haven’t been able to lab up this lab quiz on my own, I used GNS3 with interfaces set to nm-16ESW, this allows the router to accept the first to three command and left the rest out. Kindly advice on how to implement this lab. My exams come in few days time. Thank you guys, you are the best!

I haven’t been able to lab up this lab quiz on my own, I used GNS3 3600 router with interfaces set to nm-16ESW, this allows the router to accept the aaa commands left the rest out. Kindly advice on how to implement this lab. My exams come in few days time. Thank you guys, you are the best!

hi, im sitting for the exam 2morow and i have a question !!

is this the right config for this lab :

ASW1:

ASW1(config)#aaa new-model
ASW1(config)#radius-server host 172.120.39.46 key rad123
ASW1(config)#aaa authentication dot1x default group radius
ASW1(config)#dot1x system-auth-control

ASW1(config)#interface fastEthernet 0/1
ASW1(config-if)#switchport mode access
ASW1(onfig-ig)#switchport access vlan 20
ASW1(config-if)#dot1x port-control auto
ASW1(config-if)#no shutdown
ASW1(config-if)#end

DSW1:

DSW1(config)#ip access-list standard 11
DSW1(config-ext-nacl)#permit 172.120.40.0 0.0.0.255
DSW1(config-ext-nacl)#exit
DSW1(config)#vlan access-map MAP 10
DSW1(config-access-map)#match ip address 11
DSW1(config-access-map)#action forward
DSW1(config-access-map)#exit
DSW1(config)#vlan filter MAP vlan-list 20

do we need to another access-map for the drop ???

hey guys,i passed my switch exam today with 965. thanky guys very much.
i had this lab

can someone please enlight me. how can hosts in vlan 20 reach radius server host 172.120.39.46 (or vice versa) with current applied vlan filter (which only permit 172.120.40.0/24) ? (going to take this exam next week, please help)

Does anyone have a Packet Tracer lab file for AAA 801.X ? Please share.

Please can u tell me the following details,

AAAdot1x Lab Sim – Do we need to add switchport access vlan 20 ?? And how can we check if our lab is correct ?
LACP with STP – Which are the correct commands u used for this lab ? and how can we check in the end that the lab is correct…

Please let me know as soon as possilble.

Thanks for your kind Co-operation

Regards,
Haseeb Sheikh

Just now passed the exam.
Regarding the exam;
1.same three labs ( AAAdot1x, MLS and EIGRP and LACP with STP)
2. HSRP hot spot
3. most of the MCQs from pass4sure
4. no wireless questions at all. Very few from Voice section
5. most of the questions were from HSRP/VRRP and GLBP.

For me some questions felt like new, since I couldn’t go through all 497 questions in pass4sure. Actually I totally skipped the mixed questions part and Implementing High-availability part. So at the exam after going though the halfway, I felt like totally screwed. :-) But somehow I luckily got passed. Only 9 day preparation. :-)

Thank you all the guys for sharing your ideas/feedback. :-)

hai shan….thankxxx 4 ur usefull information….am havg ma xam 2mrw at 12 noon….

vlan access-map they have implicit deny feature at the end of the ACL, so do we really need to have another access-map to drop ?

is this correct
DSW1(config)#vlan filter MYACCMAP vlan-list 20 ??

shouldnt it be 10 as in the access list number!

I passed my switch exam with 912/1000 yterday, i had this lab,AAAdot1x,MLS and EIGRP,LACP with STP and HRSP hotspot (4 labs in all).5 drags and drop mostly focused on VLANs. I wanna say thankz to u guyz cos this site really helped me. Am on to CCNP Route,meeting u at the jordan side of ROUTE.

Hello, passed today with 923 :) this sim was there. i did not configure another vlan access-map for the action drop. and it dropped my percentage to 50% :( therefore a secondary access-map entry for the action drop is essential. no copy run start. verify by show run and click next without worrying :) good luck.

I think because they clearly mentioned other traffic should be dropped, so you have to do the drop access-map. but i’m sure implicit deny will work perfectly fine. please someone corrects me if i’m wrong…

I think that you will find, according to Cisco themselves, that there is a default drop if initially you state forward in an earlier sequence. Unless its changed recently…..Look at the config examples:

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/configuration/guide/vacl.html#wp1054144

I’m starting to get parra about a comment made by another person on this site about how Cisco might be looking at this site and posting in garbage info to side track people. I suggest doing the research and using this site for additonal help should be enough. I hope i pass soon!

Good luck!

I agree. I suspected that because they clearly mentioned in the exam that any other traffic should be dropped, that they wanted to test your knowledge with the action forward and drop commands. in my case i only made the match ip address , action forward. and putting the implicit deny in mind, I did not put th another vlan access map entry for the drop.

don’t worry RandomGeeza, you will pass :) and good luck.

VLAN Access Map Configuration and Verification Examples

Assume IP-named ACL net_10 and any_host are defined as follows:

Router# show ip access-lists net_10

Extended IP access list net_10

permit ip 10.0.0.0 0.255.255.255 any

Router# show ip access-lists any_host

Standard IP access list any_host

permit any

This example shows how to define and apply a VLAN access map to forward IP packets. In this example, IP traffic matching net_10 is forwarded and all other IP packets are dropped due to the default drop action. The map is applied to VLAN 12 to 16.

Router(config)# vlan access-map thor 10

Router(config-access-map)# match ip address net_10

Router(config-access-map)# action forward

Router(config-access-map)# exit

Router(config)# vlan filter thor vlan-list 12-16

This example clearly states “other IP packets are dropped due to the default drop action”.so there is no need of another access map for action drop.

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/configuration/guide/vacl.html#wp1054144

:thumbsup:

Hi, Passed today with 968/1000
got the 3 labs…MLS WITH EIGRP, LACP WITH STP AND ACCESS LIST….
For the drag and drops, please refer p4s 6.8….rest all the questions are same…
And for LACP with STP, i used DEXTOR commands…they are still VALID !!
Best of luck guys…..exam was a huge CHALENGE !!!

Hi all.
i need latest valid CCNP Switch dumps. Can anyone email me

mainhoonna83@hotmail.com

.VACLs are much like route-maps in that they use match and set statements to define what actions are taken. In this case the set statements are action directives which include forward drop and redirect. Also like route-maps VACL statements are ordered.. .Below is an example configuration .Switch config access-list 10 permit ip 10.1.1.0 0.0.0.255 any.Switch config mac access-list extended SERVER.Switch config-ext-mac permit any host ooo0.1111.2222.Switch config vlan access-map TEST 1.Switch config-map match ip address 10.Switch config-map action drop.Switch config-map vlan access-map TEST 2.Switch config-map match mac address SERVER.Switch config-map action drop.Switch config-map vlan access-map TEST 3.Switch config-map action forward.Switch config vlan filter TEST vlan-list 14 17………………………..

Just wrote my exam 2day. this simulation was there. exam is kinda tricky though. undastand d question. some mcq’s from p4s. most were new

Why defining standard access list you go into (config-ext-nacl)# mode ? Shouldn’t ir be (config-std-nacl)#

Can someone please forward the valid dumps of switch on my mail?
Mail id: govind.aquarious@gmail.com
Thanx a ton in advance..

I passed today 813 with help of this Website.
Total 4 Sims , I took in exam.
Herr SIMs are valid and accurate.

Thanks a lot

@ Sunnny

4 Sims???? which 4? Everyone knows about MLS WITH EIGRP, LACP WITH STP AND AAAdot1x, so which is the 4th you got??

Hello Dudes, I have a request to u all. Can anyone please make me understand this AAAdot1x lab in a very simple way? I am waiting for the reply. Please I will be great full to him/her if anyone does so for me. Take care all of u. Thanks.

@ Cisco Hunger, there is no simple way in which u can understand the dot1x lab .The only thing that u should know is the concept behind dot1x ,the rest configuration u just have to memorize it.

4th one was mls with EIGRP…….

DER R MANY QUESTIONS WCH HVE BEEN MODIFIED IN DIFFERENT MANNER BT ANSWER REMAINS DE SAME…..MANY QUESTIONS FORMATT HVE BEEN CHANGED + NEW QUESTIONS ARE BEING ADDED …..I GOT 3/8 TO SELECT…dont worry about to save the configs. go ahead…the command copy run start will nt accept and also wr mem will not accept…be carefull while implementing de simulations……verify all the running config on all the switches and den go for simlation…found some changes….neways i got clear ……wer i utilized de entire 2 hrs of exam…… all de Best……………

Can someone please send me the configuration of this lab (AAAdot 1x) because i,m writing exam by ending of this month.here is my e-mail address adeyinkaolasupo@yahoo.com. thanks in advance

2day gave the exam …same lab was their….thanx to all for ur feedback….

Anybody can tell me the correct sequence of system priority(highest to lowest) should be
1, emergency(0)-alert-critical-error-warning-notification-informational-debug(7)
or
2, debug(7)-informational-notification-warning-error-critical-alert-emergency(0)
It’s from D&D. I got two different answers. I just a little confused.
Thanks in advance.

emergency(0)-alert-critical-error-warning-notification-informational-debug(7)
that’s right

Hi,
could anyone tell me: do I need config only one port to be in vlan 20, or I need take a range of interfaces like this:
# interface range fa0/1 – xxx
# switchport access vlan 20
# dot1x port-control auto
?
thanks

hello guys,
can someone please e-mail me the best Switch test dumps for the exam, please! really need it!!
thanks in advance

bill_rj@live.com

Exit any simulator where we can do this lab?
Gns3 it doesn’t work nor Packet traecrt isn’t?

anyone could help … im going to set in exam on 9th july….
what i need to know if something have been changed in exam patteren….???

hi, guys

can someone send me valid testking for switching?

thanks a lot!!

sorry, my mail is maki_loz@yahoo.com

I got this question in exam today! 100% same like what is showing here. Thanks!!

I passed the CCNP SWITCH Exam seond time round yesterday, i got 835,
I got MLS and EIGRP Sim, LACP with STP Sim, AAAdot1x Lab Sim

I got the same 3labs in both of the SWITCH exam

Everything is the same, as this lab… still working, i got 100% for this lab!!!!

Shouldn’t we create a trunk link, add vlan 20 and port’s should be added to vlan 20 before doing this ?

hi guys i am going have a switch exam on august month. please guide me for the exam with some tips.

how to prepare for simulations?

how its differ from ccna exam?

thanks in advance.

for complete ccnp track:
http://www.4shared.com/account/dir/Qd7lHpk4/_online.html?rnd=91

Thanks to guys at Certprepare for your considerable efforts in my success.

I wrote CCNP Switch on 15th July and passed with a score of 967.

Materials used:
1. Cisco Press – CCNP SWITCH 642-813 Official Certification Guide(2010)
2. CBT.Nuggets.Cisco.642-813.CCNP.SWITCH.DVD-iNKiSO
3. SWITCH 642-813 Pass4sure v6.8 497Q
4. http://www.certprepare.com

Please read all the P4S and focus on multiple sections (228 Qs). 90% of the questions are from there.

I have now renewed my CCNP. I hope to have a look at ROUTE and TSHOOT for the new syllabus.

I wish you guys best of luck.

Hallo all. What simulator did you use for this lab. Packet tracer 5.3 is not working for me. Give me the link too. Thank you.

im online
plz i need pass4sure SWITCH 642-813 july,2011
if enyone have it send me email
daame00@yahoo.com

kindly

Passed today with 901. Thanks to all for sharing useful information on this site. Information related to overall exam is posted under “Share your SWITCH Experience”.

This simulation appeared in my exam. A minor change with above topology was only the IP address of radius server. Else was same.

ASW1
*****
ASW1(config)#aaa new-model

ASW1(config)#radius-server host 172.120.40.46 key rad123
ASW1(config)#aaa authentication dot1x default group radius

ASW1(config)#dot1x system-auth-control

ASW1(config)#interface fastEthernet 0/1
ASW1(config-if)#switchport mode access
ASW1(config-if)#switchport access vlan 20
ASW1(config-if)#dot1x port-control auto
ASW1(config-if)#no shut
ASW1(config-if)#exit

ASW1#copy run start

DSW1
*****
DSW1(config)#ip access-list standard 10
DSW1(config-ext-nacl)#permit 172.120.40.0 0.0.0.255
DSW1(config-ext-nacl)#exit

DSW1(config)#vlan access-map MYMAP 10
DSW1(config-access-map)#match ip address 10
DSW1(config-access-map)#action forward
DSW1(config-access-map)#exit
DSW1(config)#vlan access-map MYMAP 20
DSW1(config-access-map)#action drop
DSW1(config-access-map)#exit

DSW1(config)#vlan filter MYMAP vlan-list 20
DSW1#copy run start

Hi guys,

I got this sim in my exam today got 923…

The above config is proper & i got 100% in my lab…

Thanks alot every1 here….

@ Anony and Khattak
Was there anyway for you to practice this lab in packet tracer or gns3 prior to your exam?

Thank you

we cannot practice this lab in packet tracer or gns…we just have to understand the concept of vlan access maps & radius authentication….like the command “dot1x system-auth-control” globally enables dot1x authentication on the switch….also the command “dot1x port-control auto” forces the port to authenticate via dot1x….if you study the dumps properly you will understand this lab properly & you can easily enable aaa authentication without practice…this is what i did…its better to understand the concepts rather than cramming…hope this helps…

took my exam today and the labs were exactly what are mentioned over here.
I would reckon that is the best website for the preparation guys. I read the pass4sure dumps(476) and for lab I prepared form this website. All the aspiring candidates , just go through the dumps and lab , exam is easy don’t worry.

best of Luck guys….:-)

@Anony – from Aug 2nd

Thank you for your response!!!

Yesterday I sat for the switch exam and passed it, this sim lab is there nothing change, thank for this forum

Hi Guys,i have a questions,the Mixed Questions are important?
thanks for response

im online
plz i need pass4sure SWITCH 642-813 july,2011
if enyone have it send me email
@yahoo.co.in

kindly

kandan

I took the switch exam today and scored 988…………
Thank You Certprepare !!!!!!!!!!!!!!!
I got the -
1.LACP with STP Sim
2.AAAdot1x Lab Sim
3.EIGRP MLs sim
I used the same configs as provided by certprepare….
For the remailning questions each and every question were asked from Pass4sure v.68.

Can anyone tell me What are the latest sim lab for Switch exam?
I have done 3 .
LACP with STP sim
MLS and Eigrp sim
AAA dot1x lab sim
Is there any mor lab should i need to do?
Thank you..

yes Pooja prepare it but check others too, and also check the HRSP hotspot and the same one i found in my exam and use the P4s dumps 497.

i hope so u will make is

can anyone tell me from where i can get pass4sure v.68. kindly send me a link . may mail id is mathew.joe @rediffmail.com

thanks in advance

follow the below :

1 hot spot :
it can be either 1 of the below 2 links, mostly hsrp only (6 questions-90 per chance of coming)
1) http://www.certprepare.com/hsrp-hotspot
2)http://www.certprepare.com/stp-hotspot

drag and drops are 16 out of this 5-6 will come look everything, but few told major will be this below link, still be perfect on all the 16 drag and drops :

http://www.certprepare.com/drag-and-drop-questions

plus check the 3rd comment u can see 2 more drag and drops also…

all the drag and drops are here :
http://wenku.baidu.com/view/dac1ee53f01dc281e53af01e.html

labs:
1)http://www.certprepare.com/lacp-with-stp-sim#more-52
2)http://www.certprepare.com/aaadot1x-lab-sim#more-41
3)http://www.certprepare.com/mls-and-eigrp-sim#more-50

Good News !!!
I have a updated dump contact me for it
kellysmith114@gmail.com

Did anyone notice the missing command for applying vlan 20 to the int fa0/1 in the lab above.???

ASW1(config)#interface fastEthernet 0/1
ASW1(config-if)#switchport mode access
it should be placed right here
ASW1(config-if)#dot1x port-control auto
Notice that the word “auto” will force connected PC to authenticate through the 802.1x exchange.

ASW1(config-if)#exit
ASW1#copy running-config startup-config

switchport access vlan 20 This is the missing command from the top of the page lab sim…

how to verify tht we have done right for the AAAdot1x Lab Sim ????
can anyone pls let me know

I was just searching for this info for some time. After 6 hours of continuous Googleing, at last I got it in your website. I wonder what’s the Google’s problem that does not rank this type of informative websites closer to the top. Generally the top sites are full of garbage.

how to verify tht we have done right for the AAAdot1x Lab Sim ????
can anyone pls let me know…………..

Hi Guys!

Just follow the instructions here, I was not able to perform any configuration saves on my labs at the exam but still got all the three simulations and HSRP hotspot passed all 100%. Thank you very much yeah!

Does anyone have the SWITCH 642-813 Pass4sure v6.8 497Q ? I need this if anyone would be so kind to send it to me. Thanks.

journeyrocks13@yahoo.com

to all whom may be interested, the p4s doc is aprox 138mb in size and can be found here:
http://www.4shared.com/get/R_Hbxp3T/SWITCH_642-813_Pass4sure_v68_4.html

……..
i would also like to ask for help on the AAA Dot1x sim….. when i did the exam i failed with 0 in security and i followed the above solution…. what may have i done wrong or what is the correct final solution from someone who passed?

I think I configured access list, vlan-map and filter on ASW1 instead of DSW1 should have read the question better…….Doh

Also I didn’t configure the “Action Drop” because I assumed an implicit deny, probably best to put it in I think.

Also I assume the dot1x traffic gets to the RADIUS Server because it is in VLAN 1 and not in VLAN 20 so will not be filtered at the DSW1 switch.

Can anyone please mail me link or file of latest dumps of 642-813 .i have version6.8 but on pss4sure.com it has been changed at 26th august.

please help me

Email id is baig_0236@yahoo.com

Hello every1, I really need a software to support my CCNP practice simulations as my Packet Tracer has so much limitations.
confirmleonard@gmail.com
thanks in anticipation..

Hello I need your help and your advice I entered the exam and got the 781 class of 1000 do not know where the problem
But what happened with me is a matter of copy running-config startup-config
Not pleased to work save
In questions lacp, aaadot1x
Possible, help me please reply quickly because I would like to enter the exam next Saturday
Thank you

got this lab, unfortunately i’ve switched the configs, i placed the configs on asw1 instead of dsw1, then the configs on dsw1 instead of asw1, tsk tsk tsk.. luckily i passed the exam..

I passed My Exam – 945.

The Lab in here is still valid

Hi Guys,

i am going to write the exam next week, can any one please share me the latest dumps link, or please send it to my mail id: ethick88@gmail.com

Just passed my exam.Had 923.the labs here are still valid.

please read the question
the question is the same in pass4sure topic 6 q 8 and topic 6 q46
in this link
http://www.4shared.com/file/VuM_7Bc3/SWITCH_642-813_Pass4sure_v68_4.html
please replay me quickely
this two question not except to save in real exam
and i havent the cbt on this sim
please help me
thank you

Passed exam today. had same 3 labs as others.

how do we check if our configuration on this LAB is working or not? unline MLSE_IGRP that you can ping the server

@all

hi everyone do you cbtnuggests video tutorial for switch

thanks

Passed on 2nd attempt with a score 875. Got the same 3 LABs (LACP with STP Sim, .AAAdot1x Lab Sim and .EIGRP MLs sim. All other questions was from P4S. Thankyou certprepare.com!!

Do we need to put that interface to vlan 20 or not? Can anyone finally answer this question?

yes you do.

there is a problem with Tshoot website,,,, i wish the administrator of 9tut can tell us when this problem will be fixed because i have my tshoot exams after few days……thx alot

HELPPPPPPPPPPPPPPPPPPPPPPPPPPPPPP me plZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ Hw u guys have practiesed this config ration i mean i have trien this configration in lab once it worked. i dont have access to any anty switches now i tried packet tracer its not supporting plzzzzzzzzzzzzzzzz help me i got xam in few days.

Is the question mark available in this sim?

why do need command:
DSW1(config)#vlan access-map MYACCMAP 20
DSW1(config-access-map)#action drop (drop other networks)
DSW1(config-access-map)#exit
?
in VACL it has implisit deny at the end of the map, i think we don’t need those command.

I have passed exam yesterday and prepared from
http://www.examcollection.com/cisco/Cisco.Pass4sure.642-813.v2011-09-20.by.Good.459q.vce.file.html.

I would like to say thanks to Certprepare team.

Tab key is working?????

AWS1
aaa new-model
radius-server host 172.120.39.46 key rad123
aaa authentication dot1x default group radius
dot1x system-auth-control

int fa 0/1
switchport mode access
switchport access vlan 20

dot1x port-control auto
no shut

exit
copy run start

DSW1

ip access-list standard 11
permit 172.120.40.0 0.0.0.255
exit

vlan access-map MAP 5
match ip address 11
action forward
exit

vlan access-map MAP 10
action drop
exit

vlan filter MAP vlan-list 20
copy run start

What’s up, I get a 504 Gateway Timeout HTTP status code when I view your page. This sometimes means the host did not get a response. I figured yuo may like to know. Regards Mike

Hi, like several others out there, i’m looking for a PKT file that contains the above lab, does anyone have copy or know of a link, i’ve searched and read the comments on this pages but no-one ever posts a link.

Cheers

Passed the exam today 897 .100% valid with minor ip change.Thanks to certpre.Now going to tshoot…

All

I have not been able to find a packet trace setup which support radius commands, authentication dot1x or the access map command on a switch, even on the multilayer switch.

You can get a aaa lab from http://www.packettracernetwork.com/packettracer53labs.html but this does not support all the requirements as for the question. I would learn this by heart or setup some actual hardware if you can.