Share your TSHOOT Experience August 30th, 2010 in TSHOOT Go to comments The TSHOOT 642-832 exam has been used to replace the old ISCW & ONT exams so this article is devoted for candidates who took this exam sharing their experience. Please tell with us what are your materials, the way you learned, your feeling and experience after taking the TSHOOT exam… Your posts are warmly welcome! Some information I have gathered so far: The exam is very different with other Cisco exams. You have 3 hours for this exam. Exam‘s Structure: + About 3 Multichoice questions + 2 Drag and Drop Questions + 13 lab-sim Questions with the same network topology (13 troubleshooting tickets or you can call it one ―big‖ question). Each lab-sim is called a ticket and you can solve them in any order you like. Topics of the lab-sims: 1- IPv6 2- OSPF 3- OSPFv3 4- Frame Relay 5- GRE 6- EtherChannel 7- RIPng 8- EIGRP 9- Redistribution 10- NTP 11- NAT 12- BGP 13- HSRP 14- STP 15- DHCP The problems are rather simple. For example wrong IP assignment, disable or enable a command, authentication… In each tickets you will have to answers three types of questions:
+ Which device causes problem + Which technology is used + How to fix it When you press Done to finish each case, you can‘t go back. A demo of the TSHOOT Exam can be found at: http://www.cisco.com/web/learning/le3/le2/le37/le10/tshoot_demo.html Note: We have gathered many questions about TSHOOT exam and posted them at TSHOOT FAQs & Tips, surely you will find useful information about the TSHOOT exam there! In short, unlike other Cisco exams, we can go backward in this exam. That means we can choose a Troubleshooting Ticket, browse all the configurations and hit ―Abort‖ to ignore that Ticket. We can come back to that Ticket any time. Below are the topologies of the real TSHOOT exam, you are allowed to study these topologies before taking the exam. It surely saves you some invaluable time when sitting in the exam room (Thanks rrg for sharing this).
IPv4 Layer 3 Topology
IPv6 Layer 3 Topology
Layer 2-3 Topology
Luckily we have a link to download this lab (open it with Packet Tracer v.5.3+) (Thanks Ali and many people for sharing this) http://www.networktut.com/download/TSHOOT_LAB.zip Below is the screenshot of this file
A newer version of the TSHOOT exam has been added on Nov-20-2011 (Thanks zero point zero for sharing this) http://www.networktut.com/download/TSHOOT_Exam.zip Or you can download the GNS3 version of the TSHOOT exam here: http://dl.dropbox.com/u/2749921/GNS_Tshoot.tar.gz (thanks for someone who created them) If you have any new information about this exam, please share with us! Below is the strategy that has been used by many candidates to pass TSHOOT. Thanks to ENA for posting this. I just come from MY exam and i passed T-shoot 1000/1000 i want share some experience there i had Only one BUG IN exam For question access map U need to choice Aswn1 to get correct Answer
because if u make Dwsn1 U will see not there Option to get correct answer.. Well all those TT are the same all The TT‘s that I got are mentioned below: 1. ASW1 – Allowed Vlan 2. ASW1 – Port Security 3. ASW1 – Access Vlan 4. DSW1 – Access Map 5. DSW1 – HSRP 6. R4 – IP DHCP – first delete ip dhcp excluded-address 10.2.1.1 10.2.1.253 and then enter ip dhcp excluded-address 10.2.1.1 – 10.2.1.2 9. R2 – IPv6 10. R1 – NAT ACL 11. R1 – L3 Security – ACL 12. R1 – BGP – Wrong BGP Neighbor Address 13. R1 – OSPF Authentication I didn‘t get there any IP Helper there also i checked all TT and IP helper was not configured there.. Well now I want to Describe how to find more easy the TT first with 3 TT which be ON R1.. IN 3 TT U can Ping 10.1.1.1 which tickets are Nat , BGP , Access list , remember IN 3 TT U can ping 10.1.1.1 which is R1 totally are 4 TT on R1 which IN one Ticket u cannot ping 10.1.1.1 but u can ping 10.1.1.2 which Ticket is Ospf authentication…. Dont lose ur time use abort abort abort and abort First I found those 3 TT where I can ping 10.1.1.1 and one ticket when u cannot ping 10.1.1.1 but u can ping 10.1.1.2 which is ospf authenteticaton… 4 TT Gone of R4 now Find 2 TT HSRP and IPV6 which are so clearly as question….. Now totally 6 TT GOneeeee Next steeep FIND 4 TT which Client 1 Get IP address 169.x.x which are Access vlan 10 , port security issused on f0/1/0 , Trunking Interface Those 3 TT u Must must must Check ON ASW1 Remember… One TT is ON R4 Layer 3 Topology which Client get IP 169.x.x.x which Is DHCP ON R4 router R4 – IP DHCP – first delete ip dhcp excluded-address 10.2.1.1 10.2.1.253 and then enter ip dhcp excluded-address 10.2.1.1 – 10.2.1.2 Now 10 TT Goneeeeeeeeeee now Find TT which Client get IP address 10.x.x.x but cannot ping the Gateway Using abort that Is Access Map but in this TT is one BUG and U need to choice ASW1 to get Correct answer because doesn‘t see any option Vlan acl / Port ACL * IF u select AWS1 U will see this One Vlan Acl POrt now 11 TT GONeeee now 2 TT Of R4 which Client get IP address 10..x.x.x Route Redistribute , and Passive Interfaceee ,,
I played with those 2 TT for more 20 MIN just to play and to spend the time because i did exaaamm so fast 30 MIN and i stayed for 1 Hour well now are ONLY 2 TT When select One TT of them IN one U will see wrong redistribute I mean name of spelling of Route map… if U use abort and JUMP another TT U will see then Correctly Route map spelling name and u will see another one new with Passive Interface Under EIGRP Well the First I end this one with wrong spelling route map.. and for this one the last with passive interface i did in the end and u must select R4 EIGRP no passive interface under eigrp process in Interface f0/1 and f0/0 now 13 TT GOneeeee 100% Well also i want tell YOU something is better to Useeee 46Q there are all all all all all the answers the same when U select just there in that DUMP are 2 questions WRONG Interface Trunking allow vlan 10 , correct answer is 10.200 now as that dump 10.20.200 keep this In Mind.. and another one Port security In this dump 46Q are Wrong for this one port security need to choice with shutdown and no shutdown there on dump write somthing different right I hope this have been Information for all OF you Here is the strategy which I Useddddddd Problem Device Problem Description A – > ASW1 –> Access VLAN 10 ( Layer 2 )host 1- 169.x.x.x P – > ASW1 –> Port-Channel not allowing VLAN 10 ( layer 2 )host 1- 169.x.x.x S – > ASW1 –> Port Security needs to be disabled ( layer 2 )host 1- 169.x.x.x H – > DSW1 –> HSRP Track 10 ( layer 3 ) host 10.x.x.x V – > DSW1 –> VLAN Filter ( layer 2 ) host 1 -10.x.x.x E – > R4 –> DHCP wrong exclude address host 1- 169.x.x.x P – > R4 -> Passive Interface Under eigrp 10 host 1 – 10.x.x.x R – > R4 –> Route Redistribution ( layer 3 )host 1- 10.x.x.x 6 – > R2 –> IPv6 OSPF ( Ipv6 topology ) ipv6 ip add B – > R1 –> BGP wrong Neighbor IP ( layer 3 )host 1 – 10.x.x.x N – > R1 –> NAT ACL miss configured ( layer 3 ) host 1- 10.x.x.x A – > R1 –> ACL blocking traffic on int ( layer 3 )host 1- 10.x.x.x O – > R1 –> OSPF Authentication issue ( layer 3 ) host 1 – 10.x.x.x Try the following strategy.. if you have got time… This i have found from one of the post…. your strategy is good, but how will you find out which ticket is having that particular issues… this may help you…
If you can ping 10.1.1.1 Then faulty device is definitely R1. Check this website. This is 100% correct. From client ping 10.1.1.1. If successful then R1 is the faulty device. It is simple concept. Any device before that does not have faulty configuration. Because you can reach R1 it means DSW1, R4, R3, R2 is allowing you to reach R1. If any of them had wrong configuration then you would not be able to ping 10.1.1.1. From client I pinged 10.1.1.1 more frequently then others. Once you can ping 10.1.1.1 then you definitely know the fault is with R1. No doubt about about that. 1. Can be faulty BGP neighbour. Wrong ip address of neighbour. Use show run. You know where to look. Under router bgp 65001.–> sh ip bgp sum 2. Check NAT access list. Look for permit statement. If permit 10.2.0.0 0.0.255.255 is not present then it is NAT Access list. 3. Check edge_security access list. If the permit statement is missing for — permit 209.65.200.224 0.0.0.3 then it is IPV4 layer 3 security. So, you can see that if you can ping 10.1.1.1 but can not ping 209.65.200.241 then 3 TT for R1. Now if you can ping to 10.1.1.2 but can not ping 10.1.1.1 then it is definitely R1. ip ospf authentication message-digest on serial0/0/0/0.12 interface. Check configuration on R1. You will see that — ip ospf authentication message-digest is missing. So it R1, OSPF, ip ospf authentication message digest. In total R1 has 4 TT. 3 TT — You can ping R1 but can not ping 209.65.200.241 1 TT – You can ping 10.1.1.2 but can not ping 10.1.1.1. As soon as I opened a TT –> I used ipconfig to see the ip address. If it is 169.XXX then 3 TT for ASW1. If it has valid ip address such as 10.2.1.3 then i immediately pined 10.1.1.1 to see if the fault is with R1. 3 TT gone. Total 6 TT gone in the blink of an eye. ASW1 – 3 TT – if ip address is 169.xxxx (1.switch port security: Symptoms for this ticket:1- Client 1 is getting 169.x.x.x ip address 2- Client 1 is unable to ping Client 2 as well as DSW1. 3- ‗sh interfaces fa1/0/1′ will show following message in the first line ‗enFastEthernet1/0/1 is down, line protocol is down (err-disabled)‘ 4- ‗sh running-config‘, you will see ‗switchport port-security mac-address ‘0000.0000.0001′ configured under fa1/0/1. if u did not have the port in err-disable mode but in the config there was a port security mac 0.0.0.0….. command assigned so if u do show int fa 1/0/1 it will show it as UP so do not get confused) (2.vlan1–> vlan10) (3.trunk allowed: int range portchannel13,portchannel23 switchport trunk allowed vlan none switchport trunl allowed vlan 10,200) R1 – 3TT – if you can ping R1 10.1.1.1 R1 – 1TT if you can ping 10.1.1.2 but can not ping 10.1.1.1 If HSRP mentioned then you know it is DSW1
If ipv6 or ospfV3 mentioned then you know it is R2. 9 TT very simple. Now if you can not ping 10.1.1.1 or 10.1.1.2 then you come back near client. Like DSW1, R4. DSW1 – 1 more TT — Vlan ACL – Look for VLAN Access Map R4 – 3 TT: EIGRP Passive interface , DHCP on R4 which get IP add 169.x.x , OSPF-to-EIGRP (OSPF->EIGRP). also now we have 2 TT new to idendify them if client now get ip add 169.x.x also check ON R4 for DHCP this new One again ON R4 for passive Interface now totally we have 3 TT ON R4 4 TT on R1 Dws1 2 TT R2 1 TT Asw1 3 TT * Note: The bug has been fixed recently so you can select DSW1 device, next page you have to scroll down and you will find the VLAN Access List/PACL option.