CIT 642-831 - debug crypto isakmp help
Hello,
Im hoping someone here will be able to help me out. I took and failed the CIT with a score of 752. What really threw me were the 6 or 7 questions that involved reading the output from various debugs: specifically the debug crypto isakmp and debug ssh commands.
I have searched through cisco.com and while i can find the commands and their output easily enough i am not finding a key to read and understand the output anywhere. At my current job we have no PIX or VPN concentrators that are not in production and teh head network engineer wont let me practice on production equipment for very understandable reasons and he really doesnt know how to read the output of these debugs any better than me frankly. I have asked..
I have both the sybex and cisco press CIT books and these commands are not covered in depth in either of them nor are they covered in the cisco press CCNP flash cards book nor the exam cram 642-831 book. Basically what i am saying is have definitely worked to try and find this info and i havent had any luck and here i am.
Any and all assistance in reading/understanding the output of these debugs is appreciated.
Thanks,
Charles
Im hoping someone here will be able to help me out. I took and failed the CIT with a score of 752. What really threw me were the 6 or 7 questions that involved reading the output from various debugs: specifically the debug crypto isakmp and debug ssh commands.
I have searched through cisco.com and while i can find the commands and their output easily enough i am not finding a key to read and understand the output anywhere. At my current job we have no PIX or VPN concentrators that are not in production and teh head network engineer wont let me practice on production equipment for very understandable reasons and he really doesnt know how to read the output of these debugs any better than me frankly. I have asked..
I have both the sybex and cisco press CIT books and these commands are not covered in depth in either of them nor are they covered in the cisco press CCNP flash cards book nor the exam cram 642-831 book. Basically what i am saying is have definitely worked to try and find this info and i havent had any luck and here i am.
Any and all assistance in reading/understanding the output of these debugs is appreciated.
Thanks,
Charles
Comments
-
Yankee
Member Posts: 157
Assuming you have some lab equipment, build an ipsec tunnel between two routers and debug isakmp to your heart's content. Finding the info you want on Cisco's website can be difficult. I haven't looked but I bet it is there somewhere.
Yankee -
Cbuscemi
Member Posts: 2 ■□□□□□□□□□
As i mentioned in my initial post my company has no equipment that i could use that is not in production. Hence, i cant lab this and that is why i am here looking for some further info.
If i had lab equipment i wouldnt be looking for answers... -
Yankee
Member Posts: 157
what you said was you had no vpn concentrators or firewalls, so I suggested routers. Thanks for the rude reply and good luck to you.
Yankee -
forbesl
Member Posts: 454
Once again, cisco.com has the answers provided you're willing to look:
http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_command_reference_chapter09186a008017cfa9.html#wp1065954
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a00800949c5.shtml#dbg_ci
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094525.shtml#comm
There are more, just type in "debug crypto isakmp examples" in the little box with the word "Search" above it.