1: | What are the first three steps to check if the user never receives an Authenticating User prompt during the initial dialer connection attempt in the VPN software client? |
A1: | Check if the Internet connection is okay, if the group name and group password are correct, and if the DNS service is resolving the name of the concentrator. |
2: | What is the CVPND event class and what is its purpose? |
A2: | CVPND is Cisco VPN Daemon (main daemon), which starts client service and controls messaging process and flow. |
3: | Name the main severity categories in the Cisco VPN concentrator? |
A3: | Fault, Warning, Information, Debug, and Packet decode. |
4: | In a 3002 HW VPN client, the user is authenticated but cannot pass any data. What are two possible reasons? |
A4: | The correct client mode was not selected, either Network Extension or Client mode. If Network Extension mode is used, another client might have an overlapping subnet. |
5: | Which severity level events are displayed by default on the VPN HW 3002 client? |
A5: | By default, the VPN 3002 displays all events of severity level 1 through 3 on the console. |
6: | How do you proceed if a NAT/PAT configuration already exists in the router and you are about to configure an Easy VPN client? |
A6: | Remove any manual NAT / PAT configuration on the router before configuring the easy VPN client. |
7: | What is the command for the Easy VPN client to reset the VPN connection? |
A7: | The command is Router-EzVPN# clear crypto ipsec client ezvpn |
8: | What is the command for Easy VPN to check the status of the Cisco Easy VPN client profile? |
A8: | The command is Router-EzVPN# show crypto ipsec profile |
9: | To verify the applied policy in Cisco Easy VPN, what command do you use? |
A9: | The command is Router-EzVPN# show crypto isakmp policy |
10: | In the PIX-based VPN client, how do you verify if the VPN client is active? |
A10: | Type PIX#show vpnclient and look for the line vpnclient enable. |
11: | In the PIX-based VPN client, how do you check that the VPN tunnel has been established? |
A11: | Type the command Router#show crypto isakmp sa, and look to see if the created entry has a non-zero value. |
12: | What are two debug commands to debug the PIX-based VPN establishment of IPSec and ISAKMP? |
A12: | The commands are Router# debug crypto ipsec sa Router# debug crypto isakmp sa |
13: | What parameters define the PPPoE session uniquely? |
A13: | The PPPoE session ID and the peer's Ethernet address. |
14: | Name the modulation techniques for the DOCSIS 2.0 standard. |
A14: | The modulation techniques for DOCSIS 2.0 include S-CDMA (synchronous code division multiple access) and A-TDMA (advanced frequency agile time division multiple access). |
15: | If the TCP protocol is notified for packet loss, how does it react ? |
A15: | The packet loss for TCP is an indication of congestion. It reduces transmission rates drastically until an optimal rate is found. |