TSHOOT v2 Category

BGP Sim

February 4th, 2017 networktut 72 comments

Question

Loopback0 is used for IBGP peering while physical interface address is used for EBGP. Identify the IBGP issues on R1 to R2, R3 and EBGP issues to RA and fix them so that the “show ip bgp” command on R1 will display all loopback interfaces of other routers.

BGP_Topology.jpg

Read more…

TSHOOT FAQs & Tips

April 3rd, 2015 networktut 1,204 comments

TSHOOT is one of the three exams in the CCNP certification. The TSHOOT exam is a chance for you to review your knowledge about ROUTE & SWITCH exams and test your troubleshooting skill. From the comments here and other places, this article tries to summarize all the TSHOOT frequently asked questions to save you some time. Please feel free to ask anything that you are unclear about TSHOOT so that all of us can help you. I will update this article frequently to bring you the newest information about this exam.

1. How much does the TSHOOT Exam 300-135 cost? And the passing score of TSHOOT?

It now costs $300.

The passing score of TSHOOTv2 is 846/1000

2. Please tell me how many questions in the real TSHOOT exam, and how much time to answer them?

Unlike other Cisco exams, the TSHOOT exam tests your ability to troubleshoot the problem so in this exam you have to solve 3 multiple choice questions (or 2 multiple choice questions and 1 drag and drop question) and troubleshooting 13 “tickets”. Each ticket is a problem about a specific technology used in Cisco routers or switches.

You will have 135 minutes to answer them. If your native language is not English, Cisco allows you a 30-minute exam time extension (165 minutes in total).

3. Am I allowed to study the topology used in the real exam and where can I find it ?

Yes, you are! Because the purpose of this exam is testing a candidate’s ability to troubleshoot issues, not to understand a complex topology so Cisco publicizes the topology used in the real TSHOOT exam. You can find the topologies at http://www.networktut.com/share-your-tshoot-v2-0-experience.

To save time on the exam, and to better understand the topology used in all of the trouble tickets, you should spend time familiarizing yourself with the topology used in the exam.

4. Where can I find the demo of this exam?

There is a very good demo of TSHOOT exam published by Cisco and you can find it at http://www.cisco.com/web/learning/le3/le2/le37/le10/tshoot_demo.html. But notice that the topology in this link is not the topology used in the real exam. This demo is also a good practical topology and we also explained about the configuration of this demo in four articles: Frame Relay Point-to-Point SubInterface GNS3 Lab, EIGRP over Frame Relay and EIGRP Redistribute Lab, VLAN Routing and HSRP IP Route Tracking.

5. During the exam, we must only identify the problem or we must also make the correct configuration?

We are only allowed to choose the solution for the problem. We are not allowed to make any changes on the routers and switches. You cannot enter global configuration mode (config)# either. You have to answer three types of questions:

+ Which device causes problem
+ Which technology is used
+ How to fix it

6. Can someone please tell me in the real exam it gives the ticket names just like in this site (for example “Ticket 1 – OSPF Authentication “) or is it going to say ticket 1 , ticket 2 only?

It only says ticket 1, ticket 2 only. In most cases you have to use the “show running-config” command to find out the wrong configuration.

7. Please give me some guideline when using the TSHOOT simulator.

Below is some guideline when using the TSHOOT simulator in the exam

demo_TSHOOT_1.jpg

demo_TSHOOT_2.jpg

7. Can I go back in the TSHOOT exam?

As shown in the above question, you can press “Previous Question” to go back to previous questions in the same ticket only. If you press “Done” button then you can’t come back to this ticket anymore.

Note: In TSHOOT 300-135 (TSHOOTv2), the “Abort” button no longer exists. That means you cannot cancel a ticket after choosing it. You have to complete that ticket before moving to another one.

8. Can we take TSHOOT exam before the ROUTE or SWITCH exam?

Yes, you can. There is no order to take these exams. But the TSHOOT exam tests your skills to troubleshoot router & switch errors so I highly recommend you take the ROUTE and SWITCH exams first. The TSHOOT exam is very good to review your knowledge of what you learned in ROUTE & SWITCH.

9. Can I solve the tickets in any order I want, for example, I solve Ticket 8 first, then Ticket 3, Ticket 1…?

Yes, you can solve them in any order until you click Done button. After clicking Done you cannot go back to this ticket again. Also notice that when you entering a Ticket, you have to solve it (answer all 3 questions) before moving to another ticket.

10. As I see there are 3 topologies in the exam. My question is to how to find which topology to use when doing a troubleshooting ticket. Does it clearly state in exam which topology to use (layer 2 or layer 3, for example)?

In the exam, it doesn’t say clearly which topology you need to use. But a reader on networktut.com has shared this tip:

“There is no really best way to choose which topology to use.
This is my style:
Most of the time I was using the IPv4 topology as it contains most of the nodes with ip addresses and in the cause of your troubleshooting and you discovered that you need more details on the ASW1 & 2 switches that is when I used the Layer 2 topology except for the IPv6 topology.
Any node on IPv4 topology that is in Layer 2 topology have same configuration irrespective of where you click on the nodes.
Study all tickets here and use the following elimination style below:
List out all the trouble ticket on the white little board you will be giving and tick each ticket as you answer them because this will let you know which tickets are remaining to look out for.”

11. In the exam can I use “traceroute” or “tracert” command?

According to some reports, “tracert” commands cannot be used on Clients but “traceroute” command can be used on DSW1. But of course you can use “ping” command. According to some candidates’ reports on the exam, maybe you should not believe too much on the output of the traceroute command in the exam.

12. Please let me know in the exam can we issue “pipe” commands such as: sh run | section eigrp; sh run | begin router?

No, you cannot use “pipe” commands in the TSHOOT exam.

13. Does each ticket state it is an IPv4 or IPv6 issue?

Yes, it does! But it does not clearly state that. Please read each ticket carefully, if it states like this “loopback address on R1 (2026::111:1) is not able to ping the loopback address on DSW2 (2026::102:1)” then surely it is an IPv6 ticket. Otherwise it is an IPv4 ticket.

14. Why in each ticket I only see the same description, same wording, either ticket 1, 2 or 3. How can I see the difference or the problem of each ticket?

The descriptions of each ticket are very identical to each other. In general the very long description can be summarized “Client 1 cannot ping the 209.65.200.241” (for IPv4 ticket), that’s all! So you have to use your troubleshooting skill to find out where the issue (it is also the meaning of this exam – TSHOOT). The only obvious difference among the tickets is the statement “loopback address on R1 (2026::111:1) is not able to ping the loopback address on DSW2 (2026::102:1)”, which indicates an IPv6 ticket.

15. Why don’t I see any questions and answers on networktut.com? I only see the explanation…

Because of copyrighted issues, we had to remove all the questions and answers. You can download a PDF file to see the questions at this link: http://www.networktut.com/questions-and-answers

16. How can I join the Premium Membership on networktut.com?

You can join the Premium Membership on networktut.com at this link. After the registration you can login via this link.

If you have any questions about the TSHOOT exam, please don’t hesitate to ask. All of us will help you!

Multiple Choice Questions

April 2nd, 2015 networktut 429 comments

Question 1

Question 2

Question 3

Explanation

This command send ICMP packets with DF bit set. If the ping fails then there is problem with the path MTU. Another way to test the MTU of the interface is using the “sweep” keyword in extended “ping” command.

Question 4


Question 5

Explanation

R2 shows “FULL/-” which means that its neighbor is configured in non-broadcast network. This is usually the result of the “ip ospf point-to-…” command on interface E0/0 of R2.

R1 shows “FULL/DR” which means it is configured in broadcast network. So the network types of R1 and R2 are mismatched which makes the advertising router unreachable and no routes update can be sent to other router.

There is another better explanation in the comment section so we also post it here for your reference. Special thanks to Tamelir for this explanation:

“You have to understand the output of “show ip ospf neighbor” command.
Most important part of it “State” doesn’t shows the state of neighbor, as you would think. It shows the state of adjancency on side of the router where command is given.

So, when R2 shows that state of neighborhood with R1 “FULL/- ” this means 2 things:

1.) Adjacency is in state FULL, databases are synced, we are neighbors. Both routers have passed through all states from INIT to FULL.
2.) The “/-” marks the network type of interface of router ON WHICH THE COMMAND IS GIVEN, not its neighbor.

So, state “FULL/-” on R2 means that R1 and R2 are neighbors, and the network type of interface Ethernet0/0 on R2 is point-to-point, point-to-multipoint or point-to-multipoint nonbroadcast
State “FULL/DR ” on R1 means that the network type of its E0/0 is either broadcast (default) or NBMA. It thinks that R2 is DR, only because broadcast network is multi-access and R1 selected itself as BDR. But R2 doesn’t care, there was no DR/BDR selection on its side.”

Question 6

Question 7

Ticket 1 – OSPF Authentication

March 30th, 2015 networktut 1,260 comments

1.Client is unable to ping R1’s serial interface from the client.

Problem was disable authentication on R1, check where authentication is not given under router ospf of R1. (use ipv4 Layer 3)

Configuration of R1:

interface Serial0/0/0
 description Link to R2
 ip address 10.1.1.1 255.255.255.252
 ip nat inside
 encapsulation frame-relay
 ip ospf message-digest-key 1 md5 TSHOOT
 ip ospf network point-to-point
!
router ospf 1
 router-id 1.1.1.1
 log-adjacency-changes
 network 10.1.2.0 0.0.0.255 area 12
 network 10.1.10.0 0.0.0.255 area 12
 default-information originate always
!

Configuration of R2:
interface Serial0/0/0.12 point-to-point
 ip address 10.1.1.2 255.255.255.252
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 TSHOOT
!

Answer: on R1 need command ip ospf authentication message-digest”

Ans1) R1
Ans2) IPv4 OSPF Routing
Ans3) Enable OSPF authentication on the s0/0/0 interface using the “ip ospf authentication message-digest” command.

Note:

There are two ways of configuring OSPF authentication:

interface Serial0/0/0
  ip ospf message-digest-key 1 md5 TSH00T
!
router ospf 1
  area 12 authentication message-digest

OR

interface Serial0/0/0
  ip ospf authentication message-digest
  ip ospf message-digest-key 1 md5 TSH00T

So you have to check carefully in both interface mode and “router ospf 1”. If none of them has authentication then it is a fault.

Ticket 2 – HSRP Track (removed)

March 29th, 2015 networktut 502 comments

HSRP was configured on DSW1 & DSW2. DSW1 is configured to be active but it does not become active.

Configuration of DSW1:

track 1 ip route 10.2.21.128 255.255.255.224 metric threshold
threshold metric up 1 down 2
!
track 10 ip route 10.1.21.128 255.255.255.224 metric threshold
threshold metric up 63 down 64
!

interface Vlan10
ip address 10.2.1.1 255.255.255.0
standby 10 ip 10.2.1.254
standby 10 priority 200
standby 10 preempt
standby 10 track 1 decrement 60

 

Answer: (use IPv4 Layer 3 Topology)

On DSW1 interface vlan 10 mode, type these commands:
no standby 10 track 1 decrement 60
standby 10 track 10 decrement 60
(ip for track command not exact for real exam)

Note: 10.1.21.129 is the IP address of a loopback interface on R4. This IP belongs to subnet 10.1.21.128/27.

Ans1) DSW1
Ans2) HSRP
Ans3) delete the command with track 1 and enter the command with track 10 (standby 10 track 10 decrement 60).

Note: For more information about IP route tracking and why the command “threshold metric up 63 down 64” is used here please read this tutorial: http://www.networktut.com/hsrp-ip-route-tracking.

Ticket 3 – BGP Neighbor (removed)

March 28th, 2015 networktut 286 comments

Problem: Client 1 is able to ping 209.65.200.226 but can’t ping the Web Server 209.65.200.241.

Configuration of R1:
router bgp 65001
no synchronization
bgp log-neighbor-changes
network 209.65.200.224 mask 255.255.255.252
neighbor 209.56.200.226 remote-as 65002
no auto-summary

check bgp neighborship. **** show ip bgp sum****
The neighbor’s address in the neighbor command is wrong under router BGP. (use ipv4 Layer 3)

Answer: need change on router mode on R1 neighbor 209.65.200.226

Ans1) R1
Ans2) BGP
Ans3) delete the wrong neighbor statement and enter the correct neighbor address in the neighbor command (change “neighbor 209.56.200.226 remote-as 65002″ to “neighbor 209.65.200.226 remote-as 65002″)

Ticket 4 – NAT Inside

March 27th, 2015 networktut 249 comments

Client 1 & 2 are not able to ping the web server 209.65.200.241, but all the routers & DSW1,2 can ping the server.

NAT problem on R1’s ACL. (use IPv4 Layer 3)

Configuration of R1
ip nat inside source list nat_pool interface s0/0/1 overload

ip access-list standard nat_pool
  permit 10.1.0.0
  permit 10.2.0.0
!
interface Serial0/0/1
ip address 209.65.200.225 255.255.255.252
ip nat outside
!
interface Serial0/0/0.12
ip address 10.1.1.1 255.255.255.252
ip nat outside
ip ospf message-digest-key 1 md5 TSHOOT
ip ospf authentication message-digest

 

Ans1) R1
Ans2) NAT
Ans3) Under interface Serial0/0/0.12 delete the “ip nat outside” command and add the “ip nat inside” command.

Ticket 5 – R1 ACL

March 26th, 2015 networktut 307 comments

Configuration on R1

interface Serial0/0/1
 description Link to ISP
 ip address 209.65.200.225 255.255.255.252
 ip nat outside
 ip access-group edge_security in
!

ip access-list extended edge_security
 deny ip 10.0.0.0 0.255.255.255 any
 deny ip 172.16.0.0 0.15.255.255 any
 deny ip 192.168.0.0 0.0.255.255 any
 deny 127.0.0.0 0.255.255.255 any
 permit ip host 209.65.200.241 any
!

Answer: add permit ip 209.65.200.224 0.0.0.3 any command to R1’s ACL

Ans1) R1
Ans2) IPv4 Layer 3 Security
Ans3) Under the ip access-list extended edge-security configuration add the permit ip 209.65.200.224 0.0.0.3 any command

Note:
+ This is the only ticket the extended access-list edge_security exists. In other tickets, the access-list 30 is applied to the inbound direction of S0/0/1 of R1.
+ Although host 209.65.200.241 is permitted to go through the access-list (permit ip host 209.65.200.241 any) but clients cannot ping the web server because R1 cannot establish BGP session with neighbor 209.65.200.226.

Ticket 6 – VLAN filter

March 25th, 2015 networktut 596 comments

Client 1 is not able to ping the server. Unable to ping DSW1 or the FTP Server(Use L2 Diagram).

Vlan Access map is applied on DSW1 blocking the ip address of client 10.2.1.3

Configuration on DSW1
vlan access-map test1 10
action drop
match ip address 10
vlan access-map test1 20
action drop
match ip address 20
vlan access-map test1 30
action forward
match ip address 30
vlan access-map test1 40
action forward
!
vlan filter test1 vlan-list 10
!
access-list 10 permit 10.2.1.3
access-list 20 permit 10.2.1.4
access-list 30 permit 10.2.1.0 0.0.0.255
!
interface VLAN10
ip address 10.2.1.1 255.255.255.0

Ans1) DSW1
Ans2) VLAN ACL/Port ACL
Ans3) Under the global configuration mode enter no vlan filter test1 vlan-list 10 command.

Note: After choosing DSW1 for Ans1, next page (for Ans2) you have to scroll down to find the VLAN ACL/Port ACL option. The scroll bar only appears in this ticket and is very difficult to be seen.

Nirmala

Ticket 7 – Port Security (removed)

March 24th, 2015 networktut 280 comments

Client 1 is unable to ping Client 2 as well as DSW1. The command ‘sh interfaces fa1/0/1′ will show following message in the first line
‘FastEthernet1/0/1 is down, line protocol is down (err-disabled)’

On ASW1 port-security mac 0000.0000.0001, interface in err-disable state

Configuration of ASW1
interface fa1/0/1
 switchport access vlan 10
 switchport mode access
 switchport port-security
 switchport port-security mac-address 0000.0000.0001

 

Answer: on ASW1 delele port-security & do on interfaces shutdown, no shutdown

Ans1) ASW1
Ans2) Port security
Ans3) In Configuration mode, using the interface range Fa1/0/1 – 2, then no switchport port-security, followed by shutdown, no shutdown interface configuration commands.

Ticket 8 – Switchport VLAN 10

March 23rd, 2015 networktut 168 comments

Client 1 & 2 can’t ping DSW1 or FTP Server but they are able to ping each other.
Configuration of ASW1
interface FastEthernet1/0/1
switchport mode access
!
interface FastEthernet1/0/2
switchport mode access
!

Interfaces Fa1/0/1 & Fa1/0/2 are in Vlan 1 (by default) but they should be in Vlan 10.

Answer:

Ans1)ASW1
Ans2)Vlan
Ans3)give command: interface range fa1/0/1-/2 & switchport access vlan 10

Ticket 9 – Switchport trunk

March 22nd, 2015 networktut 236 comments

Client 1 & 2 can ping each other but they are unable to ping DSW1 or FTP Server  (Use L2/3 Diagram)
Configuration of ASW1
interface PortChannel13
switchport mode trunk
switchport trunk allowed vlan 1-9 //Note: In fact you will see vlan 20,200 here but the concept is still the same
!
interface PortChannel23
switchport mode trunk
switchport trunk allowed vlan 1-9 //Note: In fact you will see vlan 20,200 here but the concept is still the same
!
interface FastEthernet1/0/1
switchport mode access
switchport access vlan 10
!
interface FastEthernet1/0/2
switchport mode access
switchport access vlan 10

Answer: on port channel 13, 23 disables all vlans and give switchport trunk allowed vlan 10,200

Ans1)ASW1
Ans2)Switch to switch connectivity
Ans3)int range portchannel13,portchannel23
switchport trunk allowed vlan none
switchport trunk allowed vlan 10,200

Ticket 10 – EIGRP AS (removed)

March 21st, 2015 networktut 212 comments

Client 1 is not able to ping the Webserver
DSW1 can ping fa0/1 of R4 but can’t ping s0/0/0.34

Check ip eigrp neighbors from DSW1 you will not see R4 as neighbor.(use ipv4 Layer 3)
‘Show ip route’ on DSW1 you will not see any 10.x.x.x network route.

On DSW1 & DWS2 the EIGRP AS number is 10 (router eigrp 10) but on R4 it is 1 (router eigrp 1)

Answer: change router AS on R4 from 1 to 10

Ans1) R4
Ans2) EIGRP
Ans3) Change EIGRP AS number from 1 to 10

Ticket 11 – OSPF to EIGRP

March 20th, 2015 networktut 223 comments

On R4:
router eigrp 10
  redistribute ospf 1 route-map OSPF->EIGRP
  network 10.1.4.0 0.0.0.255
  network 10.1.10.0 0.0.0.255
  network 10.1.21.128 0.0.0.3
 default-metric 100000 100 100 1 1500
  no auto-summary
!
router ospf 1
  network 10.1.1.8 0.0.0.0 area 34
  redistribute eigrp 10 subnets
!

route-map OSPF_to_EIGRP
  match ip address 1

Ans1) R4
Ans2) IPv4 Route Redistribution
Ans3) Under the EIGRP process, delete the redistribute ospf 1 route-map OSPF->EIGRP command and enter the redistribute ospf 1 route-map OSPF_to_EIGRP command.

Explanation for this ticket:

In this topology, we are doing mutual redistribution at multiple points (between OSPF and EIGRP on R4, DSW1 & DSW2), which is a very common cause of network problems, especially routing loops so you should use route-map to prevent redistributed routes from redistributing again into the original domain.

In this ticket, route-map is also used for this purpose. For example, the route-map “EIGRP_to_OSPF” is used to prevent any routes that have been redistributed into OSPF from redistributed again into EIGRP domain by tagging these routes with tag 90. These routes are prevented from redistributed again by route-map OSPF_to_EIGRP by denying any routes with tag 90 set.

Therefore in this ticket, typing a wrong route-map (which does not exist) may cause problem.

Ticket 12 – IPv6 OSPF

March 19th, 2015 networktut 219 comments

DSW1 & R4 can’t ping R2’s loopback interface or s0/0/0.12 IPv6 address.
R2 is not an OSPFv3 neighbor on R3
Situation: ipv6 ospf was not enabled on R2’s serial interface connecting to R3. (use ipv6 Layer 3)

Configuration of R2
ipv6 router ospf 6
 router-id 2.2.2.2
!
interface s0/0/0.23
 ipv6 address 2026::1:1/122

Configuration of R3
 ipv6 router ospf 6
 router-id 3.3.3.3
!
interface s0/0/0.23
 ipv6 address 2026::1:2/122
 ipv6 ospf 6 area 0

Answer:

In interface configuration mode of s0/0/0.23 on R2:
ipv6 ospf 6 area 12

Ans1) R2
Ans2) IPv6 OSPF Routing
Ans3) Under the interface Serial 0/0/0.23 configuration enter the ‘ipv6 ospf 6 area 0’ command. (notice that it is “area 0”, not “area 12”)

Ticket 13 – DHCP Helper-address

March 18th, 2015 networktut 228 comments

Configuration on DSW1:

!
interface Vlan 10
 ip address 10.2.1.1 255.255.255.0
 ip helper-address 10.2.21.129
!

Note: In this ticket you will find port-security configured on ASW1 but it is not the problem.

Ans1) DSW1
Ans2) IP DHCP Server (or DHCP)
Ans3) on DSW1 delete “ip helper-address 10.2.21.129” and apply “ip helper-address 10.1.21.129” command

Ticket 14 – EIGRP Passive Interface

March 17th, 2015 networktut 272 comments

the neighborship between R4 and DSW1 wasn’t establised. Client 1 can’t ping R4
Configuration on R4:
router eigrp 10
  passive-interface default
  redistribute ospf 1 route-map OSPF->EIGRP
  network 10.1.4.4 0.0.0.3
  network 10.1.4.8 0.0.0.3
  network 10.1.21.128 0.0.0.3
  default-metric 10000 100 255 1 10000
  no auto-summary

Answer 1) R4
Answer 2) IPv4 EIGRP Routing
Answer 3)  enter no passive interface for interfaces connected to DSW1 under EIGRP process (or in Interface f0/1 and f0/0, something like this)

Note: There is a loopback interface on this device which has an IP address of 10.1.21.129 so we have to include the “network 10.1.21.128 0.0.0.3” command.

 

* Just for your information, in fact Clients 1 & 2 in this ticket CANNOT receive IP addresses from DHCP Server because DSW1 cannot reach 10.1.21.129 (an loopback interface on R4) because of the “passive-interface default” command. But in the exam you will see that Clients 1 & 2 can still get their IP addresses! It is a bug in the exam.

Ticket 15 – IPv6 GRE Tunnel

March 16th, 2015 networktut 137 comments

Problem: Loopback address on R1 (2026::111:1) is not able to ping the loopback address on DSW2 (2026::102:1).

Configuration of R3:
!
interface Tunnel34
 no ip address
 ipv6 address 2026::34:1/122
 ipv6 enable
 ipv6 ospf 6 area 34
 tunnel source Serial0/0/0.34
 tunnel destination 10.1.1.10
 tunnel mode ipv6
!

Configuration of R4:
interface Tunnel34
 no ip address
 ipv6 address 2026::34:2/122
 ipv6 enable
 ipv6 ospf 6 area 34
 tunnel source Serial0/0/0
 tunnel destination 10.1.1.9
!

Answer:
Ans1) R3
Ans2) Ipv4 and Ipv6 Interoperability
Ans3) Under the interface Tunnel34, remove ‘tunnel mode ipv6’ command

Ticket 16 – IPv6 RIPng OSPFv3 Redistribution

March 16th, 2015 networktut 163 comments

Problem: Loopback address on R1 (2026::111:1) is not able to ping the loopback address on DSW2 (2026::102:1).

Configuration of R4:
ipv6 router ospf 6
 log-adjacency-changes
!
ipv6 router rip RIP_ZONE
 redistribute ospf 6 metric 2 include-connected
!

Answer:
Ans1) R4
Ans2) Ipv6 OSPF Routing
Ans3) Under ipv6 ospf process add the ‘redistribute rip RIP_Zone include-connected’ command

Share your TSHOOT v2.0 Experience

January 22nd, 2015 networktut 10,133 comments

The TSHOOT 300-135 (TSHOOT v2.0) exam has been used to replace the old TSHOOT 642-832 exam so this article is devoted for candidates who took this exam sharing their experience. Please tell with us what are your materials, the way you learned, your feeling and experience after taking the TSHOOT v2.0 exam… But please DO NOT share any information about the detail of the exam or your personal information, your score, exam date and location, your email…

Your posts are warmly welcome!

Exam’s Structure:

+ Some Multiple choice questions
+ Some Simlets
+ 13 lab-sim Questions with the same network topology (13 troubleshooting tickets or you can call it one “big” question). Each lab-sim is called a ticket and you can solve them in any order you like.

Topics of the lab-sims:

1- IPv6
2- OSPF
3- OSPFv3
4- Frame Relay
5- GRE
6- EtherChannel
7- RIPng
8- EIGRP
9- Redistribution
10- NTP
11- NAT
12- BGP
13- HSRP
14- STP
15- DHCP

The problems are rather simple. For example wrong IP assignment, disable or enable a command, authentication…

In each tickets you will have to answers three types of questions:

+ Which device causes problem
+ Which technology is used
+ How to fix it

When you press Done to finish each case, you can’t go back.

A demo of the TSHOOT Exam can be found at: http://www.cisco.com/web/learning/le3/le2/le37/le10/tshoot_demo.html

Note:

+ In the new TSHOOTv2, you cannnot use the “Abort” button anymore. Therefore you cannot check the configuration of another ticket before completing the current ticket.

+ We have gathered many questions about TSHOOT exam and posted them at TSHOOT FAQs & Tips, surely you will find useful information about the TSHOOT exam there!

Below are the topologies of the real TSHOOT exam, you are allowed to study these topologies before taking the exam. It surely saves you some invaluable time when sitting in the exam room (Thanks rrg for sharing this).

IPv4 Layer 3 Topology

IPv4Layer3Topology_networktut.com.jpg

IPv6 Layer 3 Topology

IPv6Layer3Topology_networktut.com.jpg

Layer 2-3 Topology

Layer2_3_Topology.jpg

You can download the SAM strategy here (specially thanks to SAM who created this strategy):

http://www.networktut.com/download/TSHOOT_PING-plan-SAM.pdf