I sat lab exam recently and failed because of I didn't work properly in exam. Below is my feedback which could help for someone who preparing for upcoming exam attempt.
Ticket 1 (One Fault)
"switchport mac-address security" was configured with wrong mac-address on SW410 facing to User4.
Passive-interface was configure for VLAN2000 and VLAN2001 on both SW400 and SW401. I think no need to remove passive-interface vlan.
DHCP lease time was set "0 2".
Ticket 2 (One Fault)
OSPF is not configured for VLAN2001 on SW111.
Ticket 3 (Two Faults)
Local-Preference value was configured on R10 to prefer all routes to go via R10.
R22 e0/2 interface was configured with wrong ospf process ID and area.
Ticket 4 (One Fault)
Question asked "do not touch bgp attributes" to fix the issue.
Route-map for local preference value were configured on both R20 and R21.
R21 local-preference is higher than R20.
Trouble is on R20 and it is route-map with "set extcommunity ..... " configuration for bgp neighbors.
Ticket 5 (One Fault)
"crypto ipsec transform-set ...." configuration was mis-matched on R51 with R14 and R60.
Ticket 6 (One Fault)
"ipv6 dhcp server <dhcp pool name>" configuration was missing under int vlan 2001 on SW111.
Ticket 7 (Two Faults)
The question mentioned that this ticket has "two faults".
Question said that there is two Traffic Path between DC1 to Medium Office.
Primary Path is via MPLS and backup path is via DMVPN which is from R51>>ISP>>R14.
Trace output from SW500 to DC1 and Server 1 to Medium Office were given for Primary Path.
On R3, "mpls ldp neighbor <R1's loopback> password <password>" is mis-matched with R1 as first fault.
(I wasn't able to find second fault. There is no vrf configured on R60 and R51 for this ticket.)
Ticket 8 (Two Faults)
"ip dhcp relay info trusted" command was missing on SW300 int vlan 2000.
"passive-interface int vlan 2000" was configured on SW300.
Ticket 9 (One Fault)
"ip nhrp map multicast <WAN IP address of R14>" was missing on R60.
Ticket 10 (One Fault)
"ip nat outside source static <R70 WAN IP Address> <Location IP Address>" was missing on R25.
(Same as spoto)
Same as spoto.
VTP and VLANs are pre-configured.
Just need to check the vlan assigned ports to correct and unshut.
Same as spoto. But need to configure ospf for all devices in DC1 AS65001 and there is no requirement for SW1,SW2 and R1 to be DR and R2 to be BDR.
IPv6 OSPFv3 session was asked for Interface VLAN100 to be passive-interface.
VPN (vrf) to be full mesh for each Jamesons and Jacobs. Jacobs to Jamesons and Jamesons to Jacobs traffic must go through via DC1 AS65001.
The question asked that R55 and R56 may not be aggregate and summary for all BGP prefixes.
The rest are same as spoto.
There is requirement that request not to use "deny statement in Access-List" on R17 for Control Plane Protection Policy.
Same as spoto.
Thanks and good luck.
Edited by cocksparrow, 14 July 2018 - 04:14 AM.