| 1: | What are the first three steps to check if the user never receives an Authenticating User prompt during the initial dialer connection attempt in the VPN software client? |
| A1: | Check if the Internet connection is okay, if the group name and group password are correct, and if the DNS service is resolving the name of the concentrator. |
| 2: | What is the CVPND event class and what is its purpose? |
| A2: | CVPND is Cisco VPN Daemon (main daemon), which starts client service and controls messaging process and flow. |
| 3: | Name the main severity categories in the Cisco VPN concentrator? |
| A3: | Fault, Warning, Information, Debug, and Packet decode. |
| 4: | In a 3002 HW VPN client, the user is authenticated but cannot pass any data. What are two possible reasons? |
| A4: | The correct client mode was not selected, either Network Extension or Client mode. If Network Extension mode is used, another client might have an overlapping subnet. |
| 5: | Which severity level events are displayed by default on the VPN HW 3002 client? |
| A5: | By default, the VPN 3002 displays all events of severity level 1 through 3 on the console. |
| 6: | How do you proceed if a NAT/PAT configuration already exists in the router and you are about to configure an Easy VPN client? |
| A6: | Remove any manual NAT / PAT configuration on the router before configuring the easy VPN client. |
| 7: | What is the command for the Easy VPN client to reset the VPN connection? |
| A7: | The command is Router-EzVPN# clear crypto ipsec client ezvpn |
| 8: | What is the command for Easy VPN to check the status of the Cisco Easy VPN client profile? |
| A8: | The command is Router-EzVPN# show crypto ipsec profile |
| 9: | To verify the applied policy in Cisco Easy VPN, what command do you use? |
| A9: | The command is Router-EzVPN# show crypto isakmp policy |
| 10: | In the PIX-based VPN client, how do you verify if the VPN client is active? |
| A10: | Type PIX#show vpnclient and look for the line vpnclient enable. |
| 11: | In the PIX-based VPN client, how do you check that the VPN tunnel has been established? |
| A11: | Type the command Router#show crypto isakmp sa, and look to see if the created entry has a non-zero value. |
| 12: | What are two debug commands to debug the PIX-based VPN establishment of IPSec and ISAKMP? |
| A12: | The commands are Router# debug crypto ipsec sa Router# debug crypto isakmp sa |
| 13: | What parameters define the PPPoE session uniquely? |
| A13: | The PPPoE session ID and the peer's Ethernet address. |
| 14: | Name the modulation techniques for the DOCSIS 2.0 standard. |
| A14: | The modulation techniques for DOCSIS 2.0 include S-CDMA (synchronous code division multiple access) and A-TDMA (advanced frequency agile time division multiple access). |
| 15: | If the TCP protocol is notified for packet loss, how does it react ? |
| A15: | The packet loss for TCP is an indication of congestion. It reduces transmission rates drastically until an optimal rate is found. |