Scribd Logo
Carica

Benvenuto in Scribd!

  • CCIE SECv5 LAB1 Diagnostic Question Set

    Caricato da

    wjjjxs
    128 visualizzazioni2 pagine
    CCIE

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    CCIE

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    128 visualizzazioni2 pagine

    CCIE SECv5 LAB1 Diagnostic Question Set

    Caricato da

    wjjjxs
    CCIE

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 2

    CCIE SECv5 LAB1 Diagnostic Question Set

    Task-1 : Authentication Issue

    David from Acme Inc. has opened a service request with Cisco TAC. He
    describes the problem as “I am trying to authenticate Windows 7 laptop
    using 802.1x against a Cisco ISE server. The laptop is connected to a
    Cisco 3560-X. The user resides in Active Directory. All authentication
    attempts are failing with a “RADIUS request dropped” error. We
    verified that the password is being correctly typed.

    Network diagram and email exchanged between the TAC engineer and
    customer are provided for the analysis.

    With all the information available to you, what is the cause of the
    authentication failure?

    SELECT AN ANSWER :

    o RADIUS shared key is incorrect


    o Incompatible Switch code
    o Crypto-Map not applied for site-1 GM3
    o Wrong EAP type is being used
    o Encryption error between ISE and Active Directory
    o Shared secret between windows and switch is incorrect
    o UDP port 1812 is blocked between the switch and ISE

    live:rahulk_ashyap
    Task-2 : Redirection Issue

    David from Acme Inc. has opened a service request with Cisco TAC. He
    describes the problem a as “WE are trying to implement Guest access on
    our switches using ISE and Central Web Authentication. We have
    configured ISE and the Switches according to Cisco’s guides but when
    he end user opens a browser, they do not get redirected to the ISE
    guest portal. We need help in troubleshooting this”.

    Network diagram, screenshots and email exchanged between the TAC


    engineer and customer are provided for the analysis.

    With all the information available to you, what is the cause of this
    problem?

    Select an answer:

    o ISE configured on the wrong port fot the portal


    o Incompatible switch code
    o The downloadable ACL does not allow traffic to UDP port 53
    o URL redirect only works when the original request is to
    internet site.
    o The URL redirect ACL does not allow access to cisco.com
    o The machine is authorized in the wrong domain

    I hope the above is useful to you. Please feel free to


    contact me if you need any further information or if you
    find any mistake let me know rahulk_ashyap@hotmail.com

    live:rahulk_ashyap

    Potrebbero piacerti anche