Skip to content
  • Home
  • CCNA Labs
    • CCNA 1 LAB Activities (v6 & v7)
    • CCNA 2 LAB Activities (v6 & v7)
    • CCNA 3 LAB Activities (v6 & v7)
    • CCNA 4 Lab Activities
  • Linux
    • Linux Unhatched
    • Linux Essentials 2.0
    • Linux Essentials
    • Introduction to Linux I
    • Introduction to Linux II
  • Programming
    • PCAP – Programming Essentials in Python
    • CLA – Programming Essentials in C
    • CPA Programming Essentials in C++
  • About
    • Contact Us
    • Privacy Policy

CCNA 7 Exam Answers 2023

Go with our CCIE, Passed 100%

  • ITE
    • ITE - IT Essentials v7.0
    • ITE - IT Essentials v6.0
      • IT Essentials Lab 2019
    • ITE v5.0 Exam
    • Virtual Activity Laptop
    • Virtual Activity Desktop
  • NE
    • MF
  • CCNA
    • CCNA1
      • CCNA1 v7.0 – ITN
      • CCNA1 v6.0
    • CCNA2
      • CCNA2 v7.0 – SRWE
      • CCNA2 v6.0
    • CCNA3
      • CCNA3 v7.0 – ENSA
      • CCNA3 v6.0
    • CCNA4
      • CCNA4 v6.0
  • Cyber-Security
    • ITC – Introduction to Cybersecurity 2.1 (Level 1)
    • CE – Cybersecurity Essentials 1.1 (Level 2)
    • CCNA CyberOps 1.1 (Level 3)
  • Security
    • CCNA Security v2
  • DevNet
  • CCNA PT Lab 2023

4.4.2.10 Packet Tracer – Troubleshooting IPv6 ACLs

Posted on April 28, 2018May 3, 2018 By Admin

Last Updated on May 3, 2018 by Admin

4.4.2.10 Packet Tracer – Troubleshooting IPv6 ACLs

  • Recommend

From year to year, Cisco has updated many versions with difference questions. The latest version is version 6.0 in 2018. What is your version? It depends on your instructor creating your class. We recommend you to go thought all version if you are not clear. While you take online test with netacad.com, You may get random questions from all version. Each version have 1 to 10 different questions or more. After you review all questions, You should practice with our online test system by go to "Online Test" link below.

Version 5.02 Version 5.03 Version 6.0 Online Assessment
Chapter 4 Exam Chapter 4 Exam Chapter 4 Exam Online Test
Next Chapter
Chapter 5 Exam Chapter 5 Exam Chapter 5 Exam Online Test
CCNA 4 Lab Activities
 4.1.3.5 Packet Tracer – Configure Standard IPv4 ACLs
 4.2.2.10 Packet Tracer – Configuring Extended ACLs Scenario 1
 4.2.2.11 Packet Tracer – Configuring Extended ACLs Scenario 2
 4.2.2.12 Packet Tracer – Configuring Extended ACLs Scenario 3
 4.3.2.6 Packet Tracer – Configuring IPv6 ACLs
 4.4.2.9 Packet Tracer – Troubleshooting IPv4 ACLs
 4.4.2.10 Packet Tracer – Troubleshooting IPv6 ACLs
 4.5.1.1 Packet Tracer – Skills Integration Challenge
Version 5.02 Version 5.03 Version 6.0 Online Assessment
Chapter 4 Exam Chapter 4 Exam Chapter 4 Exam Online Test
Next Chapter
Chapter 5 Exam Chapter 5 Exam Chapter 5 Exam Online Test
CCNA 4 Lab Activities
 4.1.3.5 Packet Tracer – Configure Standard IPv4 ACLs
 4.2.2.10 Packet Tracer – Configuring Extended ACLs Scenario 1
 4.2.2.11 Packet Tracer – Configuring Extended ACLs Scenario 2
 4.2.2.12 Packet Tracer – Configuring Extended ACLs Scenario 3
 4.3.2.6 Packet Tracer – Configuring IPv6 ACLs
 4.4.2.9 Packet Tracer – Troubleshooting IPv4 ACLs
 4.4.2.10 Packet Tracer – Troubleshooting IPv6 ACLs
 4.5.1.1 Packet Tracer – Skills Integration Challenge

Packet Tracer – Troubleshooting IPv6 ACLs (Answer Version)

Answer Note: Red font color or gray highlights indicate text that appears in the Answer copy only.

Topology

4.4.2.10 Packet Tracer – Troubleshooting IPv6 ACLs
4.4.2.10 Packet Tracer – Troubleshooting IPv6 ACLs

Addressing Table

Device Interface IPv6 Address / Prefix Default Gateway
R1 G0/0 2001:DB8:CAFE::1/64 N/A
G0/1 2001:DB8:CAFE:1::1/64 N/A
G0/2 2001:DB8:CAFE:2::1/64 N/A
PC0 NIC 2001:DB8:CAFE::2/64 FE80::1
Server1 NIC 2001:DB8:CAFE:1::2/64 FE80::1
Server2 NIC 2001:DB8:CAFE:2::2/64 FE80::1
L0 NIC 2001:DB8:CAFE::3/64 FE80::1
L1 NIC 2001:DB8:CAFE:1::3/64 FE80::1
L2 NIC 2001:DB8:CAFE:2::3/64 FE80::1

Objectives

Part 1: Troubleshoot HTTP Access

Part 2: Troubleshoot FTP Access

Part 3: Troubleshoot SSH Access

Scenario

The following three polices have been implemented on the network:

  • Hosts from the 2001:DB8:CAFÉ::/64 network do not have HTTP access to the other networks.
  • Hosts from the 2001:DB8:CAFÉ:1::/64 network are prevented from access to the FTP service on Server2.
  • Hosts from the 2001:DB8:CAFE:1::/64 and 2001:DB8:CAFE:2::/64 networks are prevented from accessing R1 via SSH.

No other restrictions should be in place. Unfortunately, the rules that have been implemented are not working correctly. Your task is to find and fix the errors related to the access lists on R1.

Note: To access R1 and the FTP servers, use the username user01 and password user01pass.

Part 1: Troubleshoot HTTP Access

Hosts from the 2001:DB8:CAFE::/64 network are intentionally unable to access the HTTP service, but should not be otherwise restricted.

Step 1: Determine the ACL problem.

As you perform the following tasks, compare the results to what you would expect from the ACL.

  1. Using L0, L1, and L2, attempt to access HTTP services of Server1 and Server2.
  2. Using L0, ping Server1 and Server2.
  3. Using PC0, access the HTTPS services of Server1 and Server2.
  4. View the running configuration on R1. Examine access list G0-ACCESS and its placement on the interfaces. Is the access list placed on the correct interface and in the correct direction? Is there any statement in the list that permits or denies traffic to other networks? Are the statements in the correct order?
  5. Run other tests as necessary.

Step 2: Implement a solution.

Make adjustments to access lists to fix the problem.

R1(config)# ipv6 access-list G0-ACCESS
R1(config-ipv6-acl)# permit ipv6 any any

Step 3: Verify the problem is resolved and document the solution.

If the problem is resolved, document the solution; otherwise return to Step 1.

No traffic is getting through because of the implicit deny any. Added a permit ipv6 any any to the G0-ACCESS.

Part 2: Troubleshoot FTP Access

Hosts from the 2001:DB8:CAFE:1::/64 network are prevented from accessing the FTP service of Server2, but no other restriction should be in place.

Step 1: Determine the ACL problem.

As you perform the following tasks, compare the results to the expectations of the ACL.

  1. Using L0, L1, and L2, attempt to access FTP service of Server2.
  2. PC> ftp 2001:db8:cafe:2::2
  3. View the running configuration on R1. Examine access list G1-ACCESS and its placement on the interfaces. Is the access list placed on the correct port in the correct direction? Is there any statement in the list that permits or denies traffic to other networks? Are the statements in the correct order?
  4. Run other tests as necessary.

Step 2: Implement a solution.

Make adjustments to access lists to fix the problem.

R1(config)# interface GigabitEthernet0/1
R1(config-if)# no ipv6 traffic-filter G1-ACCESS out
R1(config-if)# ipv6 traffic-filter G1-ACCESS in

Step 3: Verify the problem is resolved and document the solution.

If the problem is resolved, document the solution; otherwise return to Step 1.

G1-ACCESS was applied outbound on G0/1. Removed as outbound and applied as inbound on G0/1.

Part 3: Troubleshoot SSH Access

Only the hosts from 2001:DB8:CAFE::/64 network are permitted remote access to R1 via SSH.

Step 1: Determine the ACL problem.

As you perform the following tasks, compare the results to what you would expect from the ACL.

  1. From L0 or PC0, verify SSH access to R1.
  2. Using L1 and L2, attempt to access R1 via SSH.
  3. View the running configuration on R1. Examine access lists and their placements on the interfaces. Is the access list placed on the correct interface and in the correct direction? Is there any statement in the list that permits or denies traffic to other networks? Are the statements in the correct order?
  4. Perform other tests, as necessary.

Step 2: Implement a solution.

Make adjustments to access lists to fix the problem.

R1(config)# no ipv6 access-list G2-ACCESS
R1(config)# ipv6 access-list G2-ACCESS
R1(config-ipv6-acl)# deny tcp 2001:DB8:CAFE:2::/64 any eq 22
R1(config-ipv6-acl)# permit ipv6 any any

Step 3: Verify that the problem is resolved and document the solution.

If the problem is resolved, document the solution: otherwise return to Step 1.

The access list G2-ACCESS allows all traffic because the order of the statements is wrong. Reorder the statements so that the permit ipv6 any any is the second statement

Suggested Scoring Rubric

Question Location Possible Points Earned Points
Documentation Score 10
Packet Tracer Score 90
Total Score 100

Script

R1 Configuration

ipv6 access-list G0-ACCESS

permit ipv6 any any

no ipv6 access-list G2-ACCESS

ipv6 access-list G2-ACCESS

deny tcp 2001:DB8:CAFE:2::/64 any eq 22

permit ipv6 any any

interface GigabitEthernet0/1

no ipv6 traffic-filter G1-ACCESS out

ipv6 traffic-filter G1-ACCESS in

  • Recommend

From year to year, Cisco has updated many versions with difference questions. The latest version is version 6.0 in 2018. What is your version? It depends on your instructor creating your class. We recommend you to go thought all version if you are not clear. While you take online test with netacad.com, You may get random questions from all version. Each version have 1 to 10 different questions or more. After you review all questions, You should practice with our online test system by go to "Online Test" link below.

Version 5.02 Version 5.03 Version 6.0 Online Assessment
Chapter 4 Exam Chapter 4 Exam Chapter 4 Exam Online Test
Next Chapter
Chapter 5 Exam Chapter 5 Exam Chapter 5 Exam Online Test
CCNA 4 Lab Activities
 4.1.3.5 Packet Tracer – Configure Standard IPv4 ACLs
 4.2.2.10 Packet Tracer – Configuring Extended ACLs Scenario 1
 4.2.2.11 Packet Tracer – Configuring Extended ACLs Scenario 2
 4.2.2.12 Packet Tracer – Configuring Extended ACLs Scenario 3
 4.3.2.6 Packet Tracer – Configuring IPv6 ACLs
 4.4.2.9 Packet Tracer – Troubleshooting IPv4 ACLs
 4.4.2.10 Packet Tracer – Troubleshooting IPv6 ACLs
 4.5.1.1 Packet Tracer – Skills Integration Challenge
Version 5.02 Version 5.03 Version 6.0 Online Assessment
Chapter 4 Exam Chapter 4 Exam Chapter 4 Exam Online Test
Next Chapter
Chapter 5 Exam Chapter 5 Exam Chapter 5 Exam Online Test
CCNA 4 Lab Activities
 4.1.3.5 Packet Tracer – Configure Standard IPv4 ACLs
 4.2.2.10 Packet Tracer – Configuring Extended ACLs Scenario 1
 4.2.2.11 Packet Tracer – Configuring Extended ACLs Scenario 2
 4.2.2.12 Packet Tracer – Configuring Extended ACLs Scenario 3
 4.3.2.6 Packet Tracer – Configuring IPv6 ACLs
 4.4.2.9 Packet Tracer – Troubleshooting IPv4 ACLs
 4.4.2.10 Packet Tracer – Troubleshooting IPv6 ACLs
 4.5.1.1 Packet Tracer – Skills Integration Challenge
Uncategorized

Post navigation

Previous Post: 4.4.2.9 Packet Tracer – Troubleshooting IPv4 ACLs
Next Post: 4.5.1.1 Packet Tracer – Skills Integration Challenge
  • CCNA1 v7
  • CCNA2 v7
  • CCNA3 v7
System Test Exam Answers
Modules 1 – 3 Exam Answers
Modules 4 – 7 Exam Answers
Modules 8 – 10 Exam Answers
Modules 11 – 13 Exam Answers
Modules 14 – 15 Exam Answers
Modules 16 – 17 Exam Answers
Practice Final – ITN Answers
Course Feedback
ITN Practice PT Skills Assessment (PTSA)
Final Exam Answers
Modules 1 – 4 Exam Answers
Modules 5 – 6 Exam Answers
Modules 7 – 9 Exam Answers
Modules 10 – 13 Exam Answers
Modules 14 – 16 Exam Answers
ITN Practice Skills Assessment – PT Answers
SRWE Practice Skills Assessment – PT Part 1 Answers
SRWE Practice Skills Assessment – PT Part 2 Answers
SRWE Hands On Skills Exam Answers
SRWE Practice Final Exam Answers
SRWE Final Exam Answers 
Modules 1 – 2 Exam Answers
Modules 3 – 5 Exam Answers
Modules 6 – 8 Exam Answers
Modules 9 – 12 Exam Answers
Modules 13 – 14 Exam Answers
ITN Practice PT Skills Assessment (PTSA) Answers
SRWE Practice PT Skills Assessment (PTSA) – Part 1 Answers
SRWE Practice PT Skills Assessment (PTSA) – Part 2 Answers
ENSA Practice PT Skills Assessment (PTSA) Answers
ENSA Hands On Skills Exam Answers
Practice Final – ENSA Answers
ENSA Final Exam Answers
CCNA Certification Practice Exam Answers

Copyright © 2023 PressExam.