SDM Testing

clikcspeedclikcspeed Posts: 29Member ■□□□□□□□□□
Hi guys I'm preparing for the CCNA Sec, I've gone through most of the stuff and I am feeling 'okay.' My biggest concern however is the SDM, I know its all point and click (next next finish) but I haven't spent a long time on it.

I need to know how the SDM questions are structured, are there testlets and simlets and or what?
-clikc-

Comments

  • SteveO86SteveO86 Posts: 1,423Member
    I had quite a bit of the SDM on my CCNA: Security exam.. I would say load it up and give it a whirl.. It's not overly complex to understand since everything is spelt out for you and you just need to look around but if you never seen it before it can throw you off.

    If you have access to the CCP the interface is similar to the SDM. (But it is the SDM you will in the exam.. and of course their probably is a high chance your exam will differ from mine, so it's also luck of the draw)
    My Networking blog
    Latest blog post: Let's review EIGRP Named Mode
    Currently Studying: CCNP: Wireless - IUWMS
  • QHaloQHalo Posts: 1,488Member
    I took the exam last year, got a 753 so frustrating but didn't pass mostly because I didn't focus on the conceptual areas of the exam, but from experience and to avoid stepping on the NDA I will tell you this. Know how and where to find anything in SDM. Be able to do it in your sleep, blindfolded, or tell someone how to do it without looking at the screen yourself. Did I mention know SDM inside and out? icon_lol.gif

    I'm going to retake it soon and kill it, I owe that exam one. My CCNA expires in December of this year. Good luck, it's not a hard test but don't underestimate it or end up retaking it like me.
  • powerfoolpowerfool Senior Member Posts: 1,623Member ■■■■■■■■□□
    QHalo wrote: »
    I took the exam last year, got a 753 so frustrating but didn't pass mostly because I didn't focus on the conceptual areas of the exam, but from experience and to avoid stepping on the NDA I will tell you this. Know how and where to find anything in SDM. Be able to do it in your sleep, blindfolded, or tell someone how to do it without looking at the screen yourself. Did I mention know SDM inside and out? icon_lol.gif

    I'm going to retake it soon and kill it, I owe that exam one. My CCNA expires in December of this year. Good luck, it's not a hard test but don't underestimate it or end up retaking it like me.

    I felt the same way after my CCNA, which is going to expire this year, as well. I didn't explicitly study for the exam because of my experience (although I had studied extensively a few years before). Cisco exams are not exactly experienced based... which is sad, because Microsoft exams are becoming more so.
    70-346 [ ] 70-347 [ ] 70-533 [ ] 70-743 [ ] CCSP [ ]
    2018 Goals: MCSA Office 365 and MCSE Cloud Platform and MCSA 2016, (ISC)2 CCSP
  • AkiiiAkiii Posts: 80Member ■■□□□□□□□□
    You must have a good knowledge about SDM, where to find the buttons for example setting up vpn, zone based firewalls, acls, etc.

    Grab some 800 series router and go for it!
  • BroadcastStormBroadcastStorm Posts: 496Member
    Hi guys I am currently configuring a Cisco 850 any idea where the SDM software is? people lost it at work, and I cannot find the software on Cisco's website.


    Thanks!
  • clikcspeedclikcspeed Posts: 29Member ■□□□□□□□□□
    Thanks a lot guys! Exam is scheduled for Wednesday, feeling comfortable with almost everything now - including SDM. I hope to do well...
    -clikc-
  • alan2308alan2308 CISSP, MCSA 2008, MCSA 2012, CCNA R&S, CCNA Security Ann Arbor, MIPosts: 1,854Member ■■■■■■■■□□
    Hi guys I am currently configuring a Cisco 850 any idea where the SDM software is? people lost it at work, and I cannot find the software on Cisco's website.


    Thanks!

    Nobody has been able to find it on Cisco's site since they moved it around. The best that anyone has come up with is a few questionable sites that have a copy.
  • phoeneousphoeneous Go ping yourself... Posts: 2,333Member ■■■■■■■□□□
    Hi guys I am currently configuring a Cisco 850 any idea where the SDM software is? people lost it at work, and I cannot find the software on Cisco's website.


    Thanks!


    Cisco Router and Security Device Manager - Products & Services - Cisco Systems
  • alan2308alan2308 CISSP, MCSA 2008, MCSA 2012, CCNA R&S, CCNA Security Ann Arbor, MIPosts: 1,854Member ■■■■■■■■□□
    phoeneous wrote: »

    Click the download links and see what you get (hint, one is a dead end, one is for CCP). icon_cool.gif
  • tierstentiersten Posts: 4,505Member
    I would say as its for production then just use CCP but CCP requires a fairly high version of 12.4T which isn't a great idea...
  • BroadcastStormBroadcastStorm Posts: 496Member
    Thanks I'm installing CCP.

    The C850 used to be connected to a VPN 3002, I'm still new to security, I'm trying to do a persistent VPN connection from the 850 to our ASA Firewall...

    And I was thinking s2s ipsec tunnel would be the easiest way.
  • phoeneousphoeneous Go ping yourself... Posts: 2,333Member ■■■■■■■□□□
  • clikcspeedclikcspeed Posts: 29Member ■□□□□□□□□□
    Thanks for all the info! I passed my exam earlier today.
    -clikc-
  • phoeneousphoeneous Go ping yourself... Posts: 2,333Member ■■■■■■■□□□
    clikcspeed wrote: »
    Thanks for all the info! I passed my exam earlier today.

    Congrats icon_thumright.gif
  • gregorio323gregorio323 Posts: 200Member ■■■□□□□□□□
    congratz
  • powerfoolpowerfool Senior Member Posts: 1,623Member ■■■■■■■■□□
    Congrats! What's your next move?
    70-346 [ ] 70-347 [ ] 70-533 [ ] 70-743 [ ] CCSP [ ]
    2018 Goals: MCSA Office 365 and MCSE Cloud Platform and MCSA 2016, (ISC)2 CCSP
  • BroadcastStormBroadcastStorm Posts: 496Member
    Hi Guys everything is good to go between the 850 router and ASA 5520 except for authentication, debug shows the message

    *Mar 1 05:57:17.131: %CRYPTO-6-EZVPN_CONNECTION_DOWN: (Client) User=EzVPN Group=EzVPN Server_public_addr=deleted by me :P

    Any lead is appreciated thanks :)
  • SteveO86SteveO86 Posts: 1,423Member
    I'm not familiar with EzVPN.. So far I've only done GRE/IPSec, S2S, Cisco Client VPN Conns, never EzVPN.

    Are SA's being negotiated successfully? (maybe debugging isakmp or ipsec) Perhaps it's a mis-configured transform set or shared key?
    My Networking blog
    Latest blog post: Let's review EIGRP Named Mode
    Currently Studying: CCNP: Wireless - IUWMS
  • BroadcastStormBroadcastStorm Posts: 496Member
    SteveO86 wrote: »
    I'm not familiar with EzVPN.. So far I've only done GRE/IPSec, S2S, Cisco Client VPN Conns, never EzVPN.

    Are SA's being negotiated successfully? (maybe debugging isakmp or ipsec) Perhaps it's a mis-configured transform set or shared key?

    I get an IKMP_MODE_FAILURE: Prosessing of Aggressive more then the last log I posted shows too.
  • SteveO86SteveO86 Posts: 1,423Member
    That error message is mentioned here not sure if it helps at all.

    Configuring and Troubleshooting Cisco Network-Layer Encryption: IPSec and ISAKMP - Part 2 - Cisco Systems

    Search the page for IKMP_MODE_FAILURE: Pro
    My Networking blog
    Latest blog post: Let's review EIGRP Named Mode
    Currently Studying: CCNP: Wireless - IUWMS
  • BroadcastStormBroadcastStorm Posts: 496Member
    I got it working, by letting it grab it's ip address to the ASA DHCP pool, now the other issue is I am unable to browse the internet when I am connected to the remote easyvpn router, I might need to also configure split-tunnel...

    FastEthernet4 192.168.1.4 YES DHCP up up
    Vlan1 10.10.10.1 YES NVRAM up down
    Virtual-Access1 unassigned YES unset down down
    Virtual-Access2 192.168.90.24 YES TFTP up up
    Virtual-Template4 unassigned YES unset down down
    Loopback0 192.168.90.24 YES manual up up
    NVI0 unassigned YES unset up up

    Where do I begin with split-tunnel?
  • phoeneousphoeneous Go ping yourself... Posts: 2,333Member ■■■■■■■□□□
Sign In or Register to comment.