1. Question: When the USB flash drive is upgraded, the USB flash drive cannot be recognized.
Answer: U disk format FAT32
2. Question: How do I check which users are currently logged in to the switch?
Answer: Use the command show User can see.
3. Question: How do I close the IP address pool?
Answer: IPv6 address pool configuration, IPv6 under the interface. The enable command has no effect on the IP address. If the IPv6 route advertisement is disabled, the IPv6 address cannot be obtained. If the IPv6 route forwarding function is disabled, the IPv6 address cannot be obtained.
4. Problem: Summary of web authentication configuration class faults
Answer: 1. Do not play the window, url can jump normally
------URL configuration error
2. Do not play the window, the url can not jump normally
------eporttal address configuration error
------DHCP server sends DNS Ip configuration error
------Configure a static ip user with web authentication anti-private
------The user who migrated the authentication without the authentication migration configured on the web authentication (the authentication entry is not aged)
3. The key configuration of the portal is incorrect and will not be authenticated.
5. Question: Can the switch allow some network segments to log in only ssh and some can only log in to telnet?
Answer: Yes, then make acl call under line-vty and match the port number.
6. Question: The authentication is enabled on the interface. You can see the mac address learned on the interface through the show mac before the authentication. If the device on the interface is authenticated, the show mac cannot see the device.
Answer: Need to pass show mac . The trust view can be seen.
7. Problem: When no switchport appears in the interface, the system resource pops up. Excess?
Answer: If you encounter this scenario, you need to check if there are many vlans created on the switch, for example, from vlan 1 to vlan. 4094 has been created to solve this problem after deleting some useless vlan.
8. Question: What is the OSPF neighbor establishment process?
Answer: OSPF has 7 states in the whole interaction process.
(1) Down: The interface has not received or sent a hello report , such as the interface shutdown.
(2) Init: Initializes the interface that is added to the ospf interface to start sending hello packets. If a unidirectional link problem occurs or the acl is filtered by the peer interface, it will always be in the init state.
(3) 2-wa : The RID information of the peer is found in the hello packet sent. (Re-broadcast multi-path DR/BDR election) If the NBMA environment is in the NBMA environment, the 2-way state is normal. When the 2-way is broadcast again, the priority is set to 0 when it is 2-way. After you get in DR re-election, you can skip the 2-way state.
(4) Exstart: Pre-restart state, start to send DBD packets (the DBD message at this time is an empty message, mainly for the election of the master-slave relationship). If the MTU value is inconsistent, the MTU value is inconsistent. There is also a negotiated MTU value. Second, the router-id consistency is also one of the reasons for this state.
(5) Exchange: The sent DBD message contains the LSA header information.
(6) Loading: exchange LSR, LSU and other information to fill the LSDB database. If it is always in the loading state, the device may not have enough memory to process the packets sent by the neighbors.
(7) Full state: The interaction is completed.
9. Question: What are the security policy priorities for FW boards?
Answer: 1. Security and the same time: Security Policy > Global Inter-Domain Inter-Agency = Global Inter-Domain Inter-Area > Inter-domain intra-domain access in the security domain.
2. When the security domain is different: Security Policy > Security Domain Level Rule
10. Question: SAM Direction When will the user initiate a user inquiry mechanism?
Answer: Two ways will be queried
(1) Query once when the online authentication user is synchronized to the switch at a fixed time each day.
(2) When the second terminal of the same user goes online, it will be queried once.
PASSHOT will often update some network engineers in the work of the difficult problems. If you feel good, please collect our website! Here can help you CCIE Written exam and CCIE Lab exam.
コメント