Chapter 21


1:

What are the first three steps to check if the user never receives an Authenticating User prompt during the initial dialer connection attempt in the VPN software client?

A1:

Check if the Internet connection is okay, if the group name and group password are correct, and if the DNS service is resolving the name of the concentrator.

2:

What is the CVPND event class and what is its purpose?

A2:

CVPND is Cisco VPN Daemon (main daemon), which starts client service and controls messaging process and flow.

3:

Name the main severity categories in the Cisco VPN concentrator?

A3:

Fault, Warning, Information, Debug, and Packet decode.

4:

In a 3002 HW VPN client, the user is authenticated but cannot pass any data. What are two possible reasons?

A4:

The correct client mode was not selected, either Network Extension or Client mode. If Network Extension mode is used, another client might have an overlapping subnet.

5:

Which severity level events are displayed by default on the VPN HW 3002 client?

A5:

By default, the VPN 3002 displays all events of severity level 1 through 3 on the console.

6:

How do you proceed if a NAT/PAT configuration already exists in the router and you are about to configure an Easy VPN client?

A6:

Remove any manual NAT / PAT configuration on the router before configuring the easy VPN client.

7:

What is the command for the Easy VPN client to reset the VPN connection?

A7:

The command is

 Router-EzVPN#  clear crypto ipsec client ezvpn  

8:

What is the command for Easy VPN to check the status of the Cisco Easy VPN client profile?

A8:

The command is

 Router-EzVPN#  show crypto ipsec profile  

9:

To verify the applied policy in Cisco Easy VPN, what command do you use?

A9:

The command is

 Router-EzVPN#  show crypto isakmp policy  

10:

In the PIX-based VPN client, how do you verify if the VPN client is active?

A10:

Type PIX#show vpnclient and look for the line vpnclient enable.

11:

In the PIX-based VPN client, how do you check that the VPN tunnel has been established?

A11:

Type the command Router#show crypto isakmp sa, and look to see if the created entry has a non-zero value.

12:

What are two debug commands to debug the PIX-based VPN establishment of IPSec and ISAKMP?

A12:

The commands are

 Router#  debug crypto ipsec sa  Router#  debug crypto isakmp sa  

13:

What parameters define the PPPoE session uniquely?

A13:

The PPPoE session ID and the peer's Ethernet address.

14:

Name the modulation techniques for the DOCSIS 2.0 standard.

A14:

The modulation techniques for DOCSIS 2.0 include S-CDMA (synchronous code division multiple access) and A-TDMA (advanced frequency agile time division multiple access).

15:

If the TCP protocol is notified for packet loss, how does it react ?

A15:

The packet loss for TCP is an indication of congestion. It reduces transmission rates drastically until an optimal rate is found.




Troubleshooting Remote Access Networks CCIE Professional Development
Troubleshooting Remote Access Networks (CCIE Professional Development)
ISBN: 1587050765
EAN: 2147483647
Year: 2002
Pages: 235

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net