Home > Ticket 6 – VLAN filter

Ticket 6 – VLAN filter

March 25th, 2015 in TSHOOT v2 Go to comments

Client 1 is not able to ping the server. Unable to ping DSW1 or the FTP Server(Use L2 Diagram).

Vlan Access map is applied on DSW1 blocking the ip address of client

Configuration on DSW1
vlan access-map test1 10
action drop
match ip address 10
vlan access-map test1 20
action drop
match ip address 20
vlan access-map test1 30
action forward
match ip address 30
vlan access-map test1 40
action forward
vlan filter test1 vlan-list 10
access-list 10 permit
access-list 20 permit
access-list 30 permit
interface VLAN10
ip address

Ans1) DSW1
Ans3) Under the global configuration mode enter no vlan filter test1 vlan-list 10 command.

Note: After choosing DSW1 for Ans1, next page (for Ans2) you have to scroll down to find the VLAN ACL/Port ACL option. The scroll bar only appears in this ticket and is very difficult to be seen.

Comments (14) Comments
Comment pages
1 11 12 13 24
  1. Just missed
    September 17th, 2017

    Failed by 6 marks. (840/1000) today…
    All tickets are valid… But, this question does have correct answer. When we selecy DSW1, VLAN ACL is not avalilable under second option. I answered all others Q s correctly , but failed… Don’t know how Cisco evaluate the answers…
    @networktut any idea ???

  2. Anonymous
    September 18th, 2017

    @just missed :( sorry to hear that bro
    PORT ACL option is available instead of VLAN ACL ?

  3. Brozzo
    September 18th, 2017

    Can someone explain the problem with “vlan filter test1 vlan-list 10” statement

  4. 786DE
    September 19th, 2017

    its actually ” NO VLAN FILTER TEST1 VLAN-LIST 10″ where you are removing the whole ACL “TEST1” on VLAn 10, which blocking the both clints ( &
    The ACL which is here mentioned is not complete, in runing-config you will find:

    ip access-list standard Test1
    deny host
    deny host

    where you can clearly notice that both IP address are denied.

  5. InABadMoodToday
    September 19th, 2017

    I have taken this exam twice in two weeks and failed both times. When was the last time this was updated? I have searched all over and keep finding the same information which seems to have been updated at least a month ago.

  6. Just missed
    September 23rd, 2017

    @badmood Did you got tge same Qs both the time you failed or do they change questions if you failed once?

  7. Just missed
    September 23rd, 2017

    @ano No VLAN ACL or PORT ACL was not available with the answers !

  8. Dave
    September 28th, 2017

    They say you have to scroll down to find the VLAN ACL/PORT ACL option. Did you do that?

  9. Adam
    October 9th, 2017

    When you fail the first exam, the questions change….
    Prepare for the exam by using a test LAB.
    If you gain the CCNP certificate, you should be smart enough to troubleshoot any routing or switching issue.
    Don’t base only on Networktut…
    Good luck everyone.

  10. Nigel
    October 17th, 2017

    instead of deleting” vlan filter test1 vlan-list 10 ” would it no be the same effect if we just delete “vlan access-map test1 10”? This question was also on last weeks test which I failed.

  11. Jay
    October 17th, 2017

    I agree with Nigel’s comment. Both statements are there in “sh run” and looks like both can be used but not sure which one to choose from exam perspective. Networktut Please suggest the best solution on this ASAP.

  12. gangwar
    October 19th, 2017

    if u see scroll bar, u will select vlan acl / port acl , u get easy 1 question lol

  13. PJ
    October 20th, 2017

    @Networktut, is the ACL for this ticket correct in the run configuration. I check the run configuration and both client IP’s are being allowed

  14. Anonymous
    October 21st, 2017

    hi, how to verify there is a vlan filter without looking on the running configuration?
    show vlan filter is not working

Comment pages
1 11 12 13 24