Home > Ticket 5 – R1 ACL

Ticket 5 – R1 ACL

May 2nd, 2018 in TSHOOT v2 Go to comments

Configuration on R1

ip access-list standard nat_traffic


Ans1) R1
Ans2) IP NAT
Ans3) Under the ip access-list standard nat_trafic configuration enter the ‘permit’ command.

+ This is the only ticket the extended access-list edge_security exists. In other tickets, the access-list 30 is applied to the inbound direction of S0/0/1 of R1.

Comments (47) Comments
Comment pages
1 5 6 7 26
  1. CCNP-Renew
    May 5th, 2017

    Testing Tshoot in 2 days. Just became a premium member but I am disappointed with the new format. I used Network Tut a couple of years ago when they used the low tech “Read More” link to display full answers was way more user friendly.
    This new simulations are a great idea but not really good for a quick study reference.
    If anyone has updated dumps please send to matt.ryder22 at outlook dot com
    Thank you and good luck.

  2. david
    May 23rd, 2017

    I just passed today. Got 1000/1000. Stick only to networktut.com. All the questions in feb. 2017.pdf from tut came out. Pls practice nothing but tut. All still valid

  3. maha
    June 8th, 2017

    @ david
    Pleease send to my feb.2017.pdf in my email ( {email not allowed})

  4. Andrea
    June 9th, 2017

    Are there updated ccnp Tshoot?? I will the examen next Friday

  5. Slillz
    June 29th, 2017

    I’m confused here. How will this work when OSPF is not redistributing BGP into OSFP?

  6. Kelle
    July 12th, 2017

    Estou muito feliz com meus resultados ate’ momento! http://www.mgbargen.ch/yellabook/guestbook.php

  7. Saleh
    July 12th, 2017

    @ david

    Please send feb.2017 pdf on salehalkaseri@yahoo dot com

  8. mkzozo
    August 2nd, 2017

    i have cleared tshoot exam today with 925 everything is from this site. thanks 9TUT. no need to buy some funny dumps

  9. Peter
    August 2nd, 2017

    Passed today with 1000. Ticket valid.

  10. Brozzo
    September 13th, 2017

    Hello, I have noted that in some of the tickets the device and error is supposed to be “abc” and “123”, however, you will observe the same erroneous config as identified in some other ticket.
    My assumption is that any particular ticket should have only one erroneous config and everything else correct, is this the correct position?

  11. Kyi Lwin
    September 19th, 2017

    Plz send me lastest dump file into my email kyilwin @ ayabank.com

  12. FureC
    October 19th, 2017

    Hi, i dont see any questions in this tickets (5,11,13) thats the way the problems shows up at the exam ???

  13. Life
    October 19th, 2017


    Same puting under the ip access-list extended edge_security’ configuration add the permit ip any’ command the client 1 cannot ping the because other ACLS. So this answer aren’t correct.

  14. Life
    October 19th, 2017

    I’m so sorry. Checked again, this answer is correct.

  15. Missing network command?
    November 3rd, 2017

    On this TT5 noticed another missing network command under router bgp 65001 on R1. Could you pls fix this or advise? Thxs

  16. Anonymous
    November 19th, 2017

    This question was still in the exam today.

  17. Fern
    November 20th, 2017

    Please sent me the latest dump PFD file fjsuarez1981 @ yahoo dot com

  18. Anonymous
    November 21st, 2017

    Hi Anonymous,

    Do you remember the 5 drag n drops questions? Please share.

  19. garga
    December 4th, 2017

    New tshoot dumps available {email not allowed}

  20. garga
    December 4th, 2017

    garga @ inbox dot lv

  21. Lemon
    December 5th, 2017

    what is the question in this ticket?

  22. G-unit
    December 12th, 2017

    Most tickets have the same “question” Client 1 cannot reach server at
    Just check the config for edge security ACL

  23. AAA
    December 16th, 2017

    If anyone has dumps/drag and drop please forward me. Much appreciated ivanmedena (at) gmail thank you..I plan on giving test next week. Will keep you guys informed.

  24. Anonymous
    December 18th, 2017

    Can anyone help with valid dumps? dumanski (at) gmail Thanks!

  25. Laxmikanth
    December 31st, 2017

    GO for premium membership, it would be sufficient to clear the exam.

  26. jgsodia
    January 2nd, 2018

    i took the exam last 20th Dec and i failed, i retook the exam 28th Dec and i passed. all you need is here, the exam is the same in both ocasions

  27. Clap-Back
    January 3rd, 2018

    What @Laxmikanth said.

  28. plop
    January 3rd, 2018

    Where’s the actual question?

  29. Fattah RazzaqghanimughnI
    January 4th, 2018

    I applied this answers which also working:
    Ans1) R1
    Ans2) Access list
    Ans3) enter to “ip access-list extended Edge_Security”, and then execute command “permit ip host”

    However, there will be multiple choice for this question.

  30. Frankie96
    January 4th, 2018

    Hello Networktut.. I don’t understand why R1 is not able to ping it’s own .225 address. Is this an error in the simulation?

  31. networktut
    January 4th, 2018

    @Frankie96: Yes, it is an error. Thanks for your detection, we have just fixed it!

  32. Anonymous
    January 13th, 2018

    Hi. I am new to Networktut. this simulation does not allow validation of answer before submission. is that correct?

  33. Spirit
    January 13th, 2018

    Hello, I am only able to perform traces from DSW1 and to only one IP which is the web server when tracing to from DSW1, I get the following error message “We are very sorry but traceroute to is only allow on DSW1” where it is being sourced. get the same message from all routers. is this by design? not able to perform traces from routers is rather strange. PLease advise.

  34. Anonymous
    January 15th, 2018

    @Spirit, traceroute to and is the same thing, basically it will take the same path so traceroute to the web server should be good enough for your purpose.

  35. @JR
    January 17th, 2018

    Please send feb.2017 pdf on jamesracevedo@gmail dot com

  36. Anonymous
    January 20th, 2018

    How upto date are the labs

  37. Arczi
    January 26th, 2018


    No new questions, everything is here. But be careful, tasks are very tricky and all mentioned bugs are there.

  38. asdf
    February 7th, 2018

    > How will this work when OSPF is not redistributing BGP into OSFP?
    R1 has s static route It redistribute to OSPF

  39. Hunter
    February 9th, 2018


    Just remember the answers as given. Dont waste time thinking too much in the exam as you cannot correct the config in the exam. These answers are all correct.

  40. Sm-New
    February 17th, 2018

    i need to take in a weeks time this exam, can (network tut) or anyone please answer how do we know which question and what answer we need to remember when there is only one question for 13 sim lets that client cannot reach web server etc?

  41. Anonymous
    February 18th, 2018

    @Sm-New, lol

  42. The_Boss
    February 19th, 2018

    guys,please advise in the exam

    what are the bugs on this questtion:
    A)are we able to do a sho run
    B)are we able to do a trace from client 1
    C)is testing from DSW1 fine,if so
    i)will ping work (we should sourse it fro which interface)
    ii)will trace route work(we shld source from which interface)
    D)pings from R1/R2 will they work

    which specific commands should we use to check

  43. 46598dasd
    May 14th, 2018

    2018 Latest Update CCNP Dumps 300-135 100% Valid

    May 17th, 2018

    @Tshoot 18, I know in ticket 5 there are 2 answers, how do you know which one is correct. This is the one with Edge Security?

    R1:Missing command under
    the outside ACL NAT_Traffic
    Add network


    R1:(T05)WAN ACL
    Missing command under the
    outside edge security ACL
    Add network

  45. Yammer
    May 28th, 2018

    Is this in the exam?

  46. X
    June 6th, 2018


    I think you are right. There might be two variants of this ticket.

    1. The entry ‘permit’ might be missing in the ACL called ‘nat_traffic’


    2. The entry ‘’ it is missing under the ACL configuration called ‘edge_security’. (This ACL may be applied under the interface s 0/0/1 in ‘inbound’ direction and the bgp state is ‘active’. Verify this last with the command “show ip bgp summary”)


    If the output of the command ‘show ip bgp summary’ on R1, the state is ‘Active’ then
    the solution is in the variant 2.

    If the output of the command ‘show ip bgp summary’ on R1, the state is ‘Established’ then
    the solution is in the variant 1.

    You may correct me if I am wrong.

    Thank you.

  47. TicketSolver
    June 6th, 2018

    There can be even 3rd modification: both s0/0/0 and s0/0/1 are configured as ip ant inside, so s0/0/1 (or any interface pointing to ISP) has to be set to ip nat outside

Comment pages
1 5 6 7 26