Home > Ticket 9 – Switchport trunk

Ticket 9 – Switchport trunk

April 28th, 2018 in TSHOOT v2 Go to comments

Configuration of ASW1
interface PortChannel13
switchport mode trunk
switchport trunk allowed vlan 20,200
interface PortChannel23
switchport mode trunk
switchport trunk allowed vlan 20,200
interface FastEthernet1/0/1
switchport mode access
switchport access vlan 10
interface FastEthernet1/0/2
switchport mode access
switchport access vlan 10


Ans2)Switch to switch connectivity
Ans3)Under interface Port-Channel 13, 23, add vlan 10,200 and then no shutdown interface fa1/0/1

Comments (30) Comments
Comment pages
1 4 5 6 7 8 11 18
  1. Johnny
    November 3rd, 2014

    Nope, ONLY vlan 10,200 are wanted on the the two trunks – Due to security reasons, remaining vlans are NOT wanted on the two trunks, and should therefore be removed on the trunks, as shown in solution on top of this page.

  2. David
    December 6th, 2014

    we don’t need to put the vlan 1 in answer? like
    switchport trunk allowed none
    switchport trunk allowed vlan 1,10,200


  3. Buddy
    December 7th, 2014

    Yes, not necessarily, although it’s (normally) good “common practice” to also allow our native vlan on the trunk – That’s why vlan 1 is also included within the PT based TSHOOT labs, but you don’t need to think about it @ exam :)
    Good luck @ exam.

  4. Buddy
    December 7th, 2014

    (included on the TRUNK within the PT labs) – off course! – sorry….

  5. David
    December 7th, 2014

    Thanx for the answer but if in my exam have two answer like
    switchport trunk allowed none
    switchport trunk allowed vlan 1,10,200 and

    switchport trunk allowed none
    switchport trunk allowed vlan 10,200
    which are the best? maybe i have both of them, which i have to choose? thanx for reply me.
    Every answer i have read tell that the best answer is the second.

  6. Buddy
    December 7th, 2014

    Yes David, I agree with you, that the FIRST answer seems best also to me (IRL) – (as mentioned I like to include also the “native” vlan on the Trunk – due to our CCNA Learning) – Right!?)

    However you (and others) are right about, that the answer:

    switchport trunk allowed none
    switchport trunk allowed vlan 10,200

    is most likely considered to be the answer, the student need to select @ exam, in order to get his/her points for the question –

    But I dont’t think You’ll get option # 1 (the one including the native vlan 1 @ the trunk) – due to what I remember from my exam – but it’s a loong time ago -soo :) )

    Good luck @ exam!

  7. David
    December 8th, 2014

    Thank you very much for the quick answer. I agree with you about in ccna exam (if i remember correct) and the same was in ccnp switch like switchport trunk allowed vlan 1,21-23 if i remember correct. Anyway thanx again for the answer and thanx for the good luck.

  8. Buddy
    December 8th, 2014

    Yheaa David – I can see that you also do remember the CCNP Switch Lab regarding the LACP Trunks between the two DSW Switches where you – among others – needed to configure the Trunks with vlans (including the Native one) etc. etc.
    Yes it was a funny Little Lab, that I also developed in Packet Tracer (5.3) – Ho ho…
    Good luck on your exam!

  9. Mike
    December 16th, 2014

    portchannel13,23 had vlans allowed 20,200 in my exam, not 1-9. other than this, the same.

  10. Uzzi
    December 30th, 2014

    @Buddy I have a very small question, in exam the question should be like this

    (Client 1 is getting 169.x.x.x ip address. Client 1 & 2 can ping each other but they are unable to ping DSW1 or FTP Server (Use L2/3 Diagram)

    I believe this (Use L2/3 Diagram) will not be written there but rest will be same, correct me if I am wrong and I also believe that every question will be like this,

    suppose another question should be (clinet 1 cannot ping web server (IP) but can ping till this ip/device (you can check where the IP is assigned by yourself which is okay being network engineer).

    Kindly confirm.

    much appreciated in advance.


  11. Buddy
    December 30th, 2014


    Here’s some answers and comments 4 you regarding Your Post above:

    Well – In General you don’t get any help (like e.g. “169” Ticket Type info and/or use of L2/L3 diagrams etc. etc.) build in within each question @ the CURRENT (642-832) TSHOOT exam – (I don’t know anything about the new 300-xxx TSHOOT exam – in terms of e.g.: how it is arranged + what excactly it covers etc. etc.?)

    But within the CURRENT 642-832 exam, you’ve to find all this YOURSELF, since almost every Ticket Question – (apart from just the two TT questions: HSRP and OSPF/IPv6) – will be just something like this:

    “Client 1 & 2 are unable to reach the external WEB Server, and you’re therefore requested to identify the faulty: Device, Technology and currative Action to solve the Problem”

    Furthermore the actual TSHOOT Ticket questions all builds upon indeed the TSHOOT.com “Main Scenario Decription”, which you can find and carefully study on e.g. the PopUp Menu Window within the Packet Tracer “Full Working TSHOOT Topology” presented here @ Network Tut –

    Hope this helps!?

    Wish you well @ exam and a happy N Y!

  12. Saif-E-Ali
    January 1st, 2015

    Alhumdulillah, Folks I cleared exam with 1000/1000 score

    2 MCQ (Question 5 & Question 8 on this website)
    1 DD Wordings changed like (SDM,CNA : GUI , TFTP : Backups , EEM,xxx : CLI)
    13 TT’s (No IP Helper and Wrong AS)

    Just go through all TT’s, identify the issue using Khattak strategy & write down the issue clearly on note pad first.
    Then verify and submit each ticket later.

    Vlan filter ticket – select DSW1 device, next page you have to scroll down to find the VLAN ACL/Port ACL option. Very easy

    Switch to Switch connectivity ticket – You will notice ” switchport trunk allowed vlan 20,200 ” under interface Portchannel13 & portchannel23, don’t get confused.

    I used Khattak strategy only for identifying the issue. To select 3 Answers for each ticket, I used this website & below user link


  13. Uzzi
    January 1st, 2015

    @buddy indeed it really helped thanks a lot, I have scheduled for 6th Jan (Tuesday) :) last but not the least,
    (1) when we complete 1 ticket and it becomes RED do we need to exit out from every device like if I open R4 for “show running”?

    (2) I checked in DEMO when we put exit it shows like “return to cli” something like that, actually I am little worry that if I I cannot ping but and I perform show runn on R1, is there any possibility that on single TT we can see 2 missing statement in real exam like

    missing “permit”
    missing “permit ip any”

    in Packet tracer only 1 missing in each ticket.

  14. Buddy
    January 2nd, 2015


    Here’s some answers to your questions above:

    No – (Due to my best knowledge) – it shouldn’t be necessary to exit out from every device when finishing (or aborting) a Ticket, whenever you want to run a new one @ exam.

    Thus, when opening a new Ticket @ exam, all Device configurations within the TSHOOT Topology are reset to those, that matches this new Ticket –
    (This means a TSHOOT “Standardconfiguration” will be loaded on every Device running within the TSHOOT Topology, except from the “new” faulty Configuration running on the NEW “faulty Device” within the Topology for our NEW Ticket!)

    Yes, (Again due to my best knowledge) – just like within the Packet Tracer Tickets provided, You’ll only be facing one single problem within each Ticket – (being an ACL- or any other type of Netw config Problem)
    (I can’t imagine, this principle has (recently) been changed within the current (but very soon obsolete 642-832) exam!?)

    Hope this helps!?

    Good luck on yor exam by the 6th of January.

  15. Uzzi
    January 2nd, 2015

    this really really helped brother and it is much much appreciated as this was really confusing to me, I will share the result once I will come back after paper :).

  16. samer
    January 3rd, 2015

    guys , the allowed vlan should be vlan 20 , 200 is that right ?

  17. samer
    January 3rd, 2015

    on the packet tracer the allowed vlans are 1,20,200 not vlan 1-9 !! im confused

  18. Buddy
    January 3rd, 2015

    You don’t have to –
    The correct allowed vlan’s on the two Trunks are 20,200 and NOT vlan 1-9 on Po 13 & 23 for this Ticket as mentioned at top of this page – It’s a bug here –
    The native vlan 1 has just been included on the two trunks within the PT based Ticket 9 due to good common practise when allowing vlan’s on Trunks…
    Hope this helps –

  19. Uzzi
    January 4th, 2015

    @Buddy: isn’t it suppose to be vlan 10,20 and 200, technically question related to client 1 which is on vlan 10 and allowed vlan should be vlan 10 however management vlan is okay as well but why vlan 20 :) ? well if I will get the third answer in question with 10,20,200 then I will surely go for it but if there will be choice like 10,200 and 10,20,200 so I will surely go for 10,200. Correct me if I am wrong sire.

  20. Buddy
    January 4th, 2015

    Yep, Uzz Uzz – @ exam You should surely go for 10,200 like this:

    Answer: on port channel 13, 23 disable ALL vlans, and then issue the

    switchport trunk allowed vlan 10,200 command

  21. Uzzi
    January 6th, 2015

    @Buddy: bro I am going for exam after 2 hours and whatever the result will be I will post it here no matter what :) but I hope it will be good INSHALLAH :) Thanks for clearing all my confusions.


  22. Uzzi
    January 6th, 2015

    @Buddy thanks to Allah I passed and first exam of my life out of 5 where I took 1000/1000 :)

  23. Nuno
    January 6th, 2015

    hi guys!
    networktut is really great!
    just one detail, is this the only configs we see on the exam for each lab or there we see the full configs of all the devices?

    really appreciate your answers :)


  24. JBs
    January 9th, 2015

    what if we just allow under both port channels
    switchport trunk allow vlan 10, instead of deleting the rest, i guess it works too
    any comment?

  25. JayJay
    January 16th, 2015

    @ JBs

    Doing that will overwrite the vlan config for the trunk. If you need to ADD a vlan, you can do:

    switchport trunk allowed vlan add

    You can do the same for remove, replacing ‘add’ with ‘remove’

  26. Amber
    January 18th, 2015

    hey guys

    are answers Ans1, 2 and 3 on each TT page on this site same wording as choices given in exam?

  27. NJDEVIL03
    January 23rd, 2015

    OK…here we go again!!! This certainly appears to be another disconnect between real world best practices and the “Blue Cisco World of Networking”!! JayJay is absolutely 100% correct…you can simply use the switchport trunk allowed vlan add command to add any additional vlans to a trunk link without going through the extra step of removing already configured vlans on the trunks!! Unless of course it is necessary to prune them off for some reason!! It just makes me shake my head in wonder sometimes!!!

  28. yemi
    February 12th, 2015


    i used (switchport trunk allowed vlan add 10) on both int port-channel 13 $ 23

    i viewed the config (show run) on ASW1.

    can see the allowed vlan 1,10,20,200 for both ( int port-channel 13 $ 23)


    client 1 cant still ping the web server……WHY?????????????

  29. yemi
    February 12th, 2015


    After some minutes a ping was successful from client 1 to web server….

    But just for curiosity, will i have to wait for that long in the exam before the ping can be successful……i dint copy run start after i added the vlan 10 to ASW1…..i just exited the console…is this the course for the delay?

    or what???

  30. Steve
    February 15th, 2015


    No, at exam you’ll NOT have to SOLVE or wait for, any IP DHCP Address allocation on the Clients.

    However – within both GNS3 and Packet Tracer, it takes a little while b4 IP DHCP address allocation is fully implemented after solving the Switchport Trunk Problem within this Ticket

    In Packet Tracer, You can speed up this DHCP process, by entering the “Config” Tab at the Client and Switch back and forth between the “Global Settings” and “Fast Ethernet0” Buttons a number of times –

    Then suddenly / rather quick, the Client gets his IP DHCP address info from DHCP Server R4!

Comment pages
1 4 5 6 7 8 11 18