Home > Access List

Access List

August 6th, 2017 in ROUTE 300-101 Go to comments

Question 1


The first answer is not correct because the network range is not correct. It should be to

Question 2


Logging-enabled access control lists (ACLs) provide insight into traffic as it traverses the network or is dropped by network devices. Unfortunately, ACL logging can be CPU intensive and can negatively affect other functions of the network device. There are two primary factors that contribute to the CPU load increase from ACL logging: process switching of packets that match log-enabled access control entries (ACEs) and the generation and transmission of log messages.

Process switching is the slowest switching methods (compared to fast switching and Cisco Express Forwarding) because it must find a destination in the routing table. Process switching must also construct a new Layer 2 frame header for every packet. With process switching, when a packet comes in, the scheduler calls a process that examines the routing table, determines which interface the packet should be switched to and then switches the packet. The problem is, this happens for the every packet.

Reference: http://www.cisco.com/web/about/security/intelligence/acl-logging.html

Question 3


If you use the “debug ip packet” command on a production router, you can bring it down since it generates an output for every packet and the output can be extensive. The best way to limit the output of debug ip packet is to create an access-list that linked to the debug. Only packets that match the access-list criteria will be subject to debug ip packet. For example, this is how to monitor traffic from to

access-list 100 permit ip
debug ip packet 100

Note: The “debug ip packet” command is used to monitor packets that are processed by the routers routing engine and are not fast switched.

Question 4

Question 5

Question 6

Question 7

Question 8


Question about restricting IPv6 access to SSH. Had to pick 2 answers. One that is applied to the fa0/0 and one that is applied to vty lines. Its basically IN or OUT.

Question 9


The established keyword is only applicable to TCP access list entries to match TCP segments that have the ACK and/or RST control bit set (regardless of the source and destination ports), which assumes that a TCP connection has already been established in one direction only. Let’s see an example below:

access-list_established.jpgSuppose you only want to allow the hosts inside your company to telnet to an outside server but not vice versa, you can simply use an “established” access-list like this:

access-list 100 permit tcp any any established
access-list 101 permit tcp any any eq telnet
interface S0/0
ip access-group 100 in
ip access-group 101 out


Suppose host A wants to start communicating with host B using TCP. Before they can send real data, a three-way handshake must be established first. Let’s see how this process takes place:


1. First host A will send a SYN message (a TCP segment with SYN flag set to 1, SYN is short for SYNchronize) to indicate it wants to setup a connection with host B. This message includes a sequence (SEQ) number for tracking purpose. This sequence number can be any 32-bit number (range from 0 to 232) so we use “x” to represent it.

2. After receiving SYN message from host A, host B replies with SYN-ACK message (some books may call it “SYN/ACK” or “SYN, ACK” message. ACK is short for ACKnowledge). This message includes a SYN sequence number and an ACK number:
+ SYN sequence number (let’s called it “y”) is a random number and does not have any relationship with Host A’s SYN SEQ number.
+ ACK number is the next number of Host A’s SYN sequence number it received, so we represent it with “x+1”. It means “I received your part. Now send me the next part (x + 1)”.

The SYN-ACK message indicates host B accepts to talk to host A (via ACK part). And ask if host A still wants to talk to it as well (via SYN part).

3. After Host A received the SYN-ACK message from host B, it sends an ACK message with ACK number “y+1” to host B. This confirms host A still wants to talk to host B.

Question 10

Question 11


Reflexive access lists provide filtering on upper-layer IP protocol sessions. They contain temporary entries that are automatically created when a new IP session begins. They are nested within extended, named IP access lists that are applied to an interface. Reflexive access lists are typically configured on border routers, which pass traffic between an internal and external network. These are often firewall routers. Reflexive access lists do not end with an implicit deny statement because they are nested within an access list and the subsequent statements need to be examined.

Reference: http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_acl/configuration/15-1s/sec-access-list-ov.html

Question 12


The command “ipv6 traffic-filter access-list-name { in | out }” applies the access list to incoming or outgoing traffic on the interface.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750/software/release/12-2_55_se/configuration/guide/scg3750/swv6acl.html

Question 13

Question 14

Comment pages
1 2 1058
  1. bmw
    April 28th, 2016

    There is no point doing the CCNP Route EXAM failed 3 times. My belief is Cisco is doing intentionally. They are abusing us basically taking our money! I strongly believe. May most of you be not agree with me.

    Wish you all Good Luck

  2. Anonymous
    April 29th, 2016


    I just want to ask if you have the latest dump for CCNP Route 300 101. I took the exam today but unfortunately didn’t make it. Passing score is 790. I’ve got only 700. Can you help me? Thank you!

    butchi_18@ yahoo dot com dot ph

  3. fahad
    April 29th, 2016

    hy friends
    any body have dumps of ccnp route plz send me on my email {email not allowed}

  4. fahad
    April 29th, 2016

    hy friends
    i want ccnp route dump have any body plz send my on my mail fahadyousaf.fahad@gmail dot com

  5. Zakk
    April 30th, 2016

    Hey Admin,

    Are the dumps on this still valid??

    They are quite old by the way.

  6. Irfan
    April 30th, 2016

    Please share 149q file. My exam is scheduled tomorrow..Thanx! m_irfan81(Hotmail).(com)

  7. Anonymous
    May 6th, 2016

    hello, can someone help me with the latest dumps…im taking the exam 2nd week of may. send to my email add :{email not allowed}. God bless u all.

  8. Anonymous
    May 6th, 2016

    pls share 149q file with me. durosomomoses12 (yahoo). com. doing the exam next week.

  9. Anonymous
    May 6th, 2016

    exam is route 300-101 and switching 300-115.thanks

  10. A person
    May 8th, 2016

    How vaild is the ccnp route ???
    How big is the dump ?

  11. Anonymous
    May 16th, 2016

    hi guys
    i can’t see the questions i just can see the Explanation
    can anyone tell why??

  12. Anonymous
    May 25th, 2016

    Latest and updated Pass4sure Real Exam Question Answers available. Answers Verified by Experts. 

  13. 4runner
    May 25th, 2016

    can anyone email me the latest dumps 300-101 btspacer.i gmail com

  14. Anonymous
    June 14th, 2016

    Can anyone please email me the latest dump to {email not allowed} . Really thanks for it:)

  15. Anonymous
    June 14th, 2016

    Can anyone please email the latest dump for switch,route, troubleshoot.

    peterchoo119 gmail.com


  16. hey
    June 19th, 2016

    @ 4runner and Anonymous, check dumps here

  17. Anonymous
    July 1st, 2016

    hello guys i ll take the exam, somebody knows if this questions are still valid, i l sue like a reference because is a lot of study

    patty :) : )

  18. Anonymous
    July 1st, 2016

    by the way 9tut rules thanks

    Patty :)

  19. fahad
    July 5th, 2016

    Hy any one have VCE player plz give me i want this for ruing dupm my email is fahadyousaf.fahad gamil.com

  20. Anonymous
    July 7th, 2016

    req latest ccnp route dumps

    {email not allowed}

  21. shalev
    July 13th, 2016

    please someone can give me the route exam here?

  22. pope
    July 18th, 2016

    Just took the test and passed .If you need any assistance email me at {email not allowed} I will help you

  23. pope
    July 18th, 2016

    not sure why they are not allowing to type my email ({email not allowed})

  24. Anonymous
    July 19th, 2016

    so the test is like the dump study guide.
    They don’t allow email because people send the study material that can be copyrighted

  25. the_scorpion
    July 22nd, 2016

    access-list 100 permit ip host host

  26. Anonymous
    July 22nd, 2016

    passed today all dumps is 100% matched

    Thanks a lot

  27. Rateboooo
    July 23rd, 2016

    which dumps did you use, the 149 Qs.?

  28. dolats
    August 4th, 2016

    Does anybody here knows the password to be able to extract the patch files for vce simulator 2.2.3. Please share thank you

  29. 300-101
    August 11th, 2016

    Q3 came today

  30. Anonymous
    August 18th, 2016

    Hi All,

    Please send me any CCNP dumps thank you very much. Please send at {email not allowed}

  31. Anonymous
    August 18th, 2016

    Hi All,
    Please send me any CCNP dumps thank you very much. Please send at shogoyshogi@y.c

  32. test
    August 18th, 2016

    Is this page still being updated??

  33. SWITCH Beast
    August 19th, 2016

    I drank the Koop-aid and now I’m hooked.
    I just Passed my CCNP Test on the third attempt. I used Chris Bryants videos, cut Nuggets through my company, INE, approved study guides and also the GNS3 vault study materials to study. I built a labwitH 4 3750 switches and another with 3850 switches.
    When I took the test my heart raced the whole time and I Failed twice.
    Certprepare helped me focus.
    I will now start my ROUTE Journey with digitaltut.com at the beginning.
    When it’s all over I plan to change my name to ROUTE-SWITCH Beast

  34. Anonymous
    August 20th, 2016

    Hi all,

    Are the “2016-04-16 premium 149q” still valid ?


  35. Nick
    August 21st, 2016

    Hi guys, can someone share with me the latest dumps? sevilladuarte1@ Gmail.com

    I will appreciate.

  36. Mawakina
    August 23rd, 2016

    Hi men,can someone share with me the latest dumps???{email not allowed}

  37. fahad
    September 6th, 2016

    any one have crack vce player free plz send me on my mail adress

  38. NetwerkSecure
    September 17th, 2016

    can someone please send questions/dump to bhuggins.rb30@gmaildotcom

    sitting for route at end of october

  39. Anonymous
    September 17th, 2016

    Hi ,
    am taking exam on 24 /9/2016,can some one help me sharing the Updated CCNP- Routing Dumps to mcanson4@gmaildotcom

    thanks in advance

  40. Anonymous
    September 17th, 2016

    can you send me the dump pdf at dark_archangels_knight@yahoodotcom

  41. 300-101
    September 18th, 2016

    Please Indicate how many questions your PDF have, s that we can advice

  42. Rajesh K
    September 21st, 2016

    dumps are valid i passed today

  43. Anonymous
    September 27th, 2016

    I passed 300-101 routing 942/1000!!! great info router_feb_2016 still valid
    C. Core(config-router)# passive-interface default
    Core(config-router)# no passive-interface Gi0/0
    Core(config-router)# no passive-interface Gi3/1
    Core(config-router)# no passive-interface Gi3/2

    The OSPF database of a router shows LSA types 1, 2, 3, and 7 only. Which type of area is
    this router connected to?

    Tnot-so-stubby area

  44. Anonymous
    September 29th, 2016

    please i need the latest dumps , my exam is too close !!
    Email : mohammed.naseer89(at)yahoo(dot)com

  45. kalam
    September 29th, 2016

    please i need last dumps. can anyone send me.
    email: {email not allowed}

  46. kalam
    September 29th, 2016

    please i need last dumps. can anyone send me.
    email: azad722004(at)yahoo(dot)com

  47. Anonymous
    October 1st, 2016

    hello, can i have questions , please ? My mail’s {email not allowed}.
    If it’s possible.. :-)

  48. davamaster
    October 1st, 2016

    hello, can i have questions , please ? My mail’s princedavstyle(at)gmail(dot)com.
    If it’s possible.. :-)

  49. Slothar
    October 2nd, 2016

    The OSPF database of a router shows LSA types 1, 2, 3, and 7 only. Which type of area is
    this router connected to?
    Tnot-so-stubby area

    For clarification, the answer is NSSA. I’m assuming that the “T” in Tnot was a typo, but it could get confusing.

  50. Anonymous
    October 2nd, 2016


    i need valid dump that still valid.could someone send me please .

  51. Anonymous
    October 2nd, 2016


    i need valid dump that still valid.could someone send me please .

    erkandursun1225 at gmail dot com

  52. Devastated
    October 4th, 2016

    I took the ‘300-101: Implementing Cisco IP Routing’ exam today and failed with a 640. Not even 10 of the 49 total questions were from this site. What happened???

  53. Anonymous
    October 4th, 2016

    Barely passed today with 806/1000. Lab SIM questions still valid but many new questions appeared. I can confirm that about 10 questions were from the 149q dump.
    Old dumps NO LONGER VALID.

  54. Anonymous
    October 4th, 2016

    Guys, please forward dumps on the following email address;

    aadil (dot) marwat (at) gmail (dot) com

    Note: there is no space in above stated mailing address.
    I’ll really be obliged, and looking forward for your kind help.

  55. starmina
    October 5th, 2016

    please could anyone send me the new question? starmin85 @ hotmail . com

  56. Mo
    October 5th, 2016

    Hi Guys can some1 please share the recent dumps with i wanna book mine for the 28th of the month please …. my email is {email not allowed}

  57. Anasttom
    October 7th, 2016

    How long does it takes to the new dump release usually?

  58. GHOST-
    October 8th, 2016

    If the total bandwidth is 64 kbps and the RTT is 3 seconds, what is the bandwidth delay product?

    A. 8,000 bytes
    B. 16,000 bytes
    C. 24,000 bytes
    D. 32,000 bytes
    E. 62,000 bytes

    Answer: C

    What are the default timers for RIPng?

    A. Update: 30 seconds Expire: 180 seconds Flush: 240 seconds
    B. Update: 20 seconds Expire: 120 seconds Flush: 160 seconds
    C. Update: 10 seconds Expire: 60 seconds Flush: 80 seconds
    D. Update: 5 seconds Expire: 30 seconds Flush: 40 seconds

    Answer: A

    What is the purpose of the route-target command?

    A. It extends the IP address to identify which VRF instance it belongs to.
    B. It enables multicast distribution for VRF-Lite setups to enhance IGP routing protocol capabilities.
    C. It manages the import and export of routes between two or more VRF instances.
    D. It enables multicast distribution for VRF-Lite setups to enhance EGP routing protocol capabilities.

    Answer: C

    A network engineer has configured a tracking object to monitor the reachability of IP SLA 1. In order to update the next hop for the interesting traffic, which feature must be used in conjunction with the newly created tracking object to manipulate the traffic flow as required?

    A. SNMP
    B. PBR
    C. IP SLA
    D. SAA
    E. ACLs
    F. IGP

    Answer: B

    A route map uses an ACL, if the required matching is based on which criteria?

    A. addressing information
    B. route types
    C. AS paths
    D. metrics

    Answer: A

    Various employees in the same department report to the network engineer about slowness in the network connectivity to the Internet. They are also having latency issues communicating to the network drives of various departments. Upon monitoring, the engineer finds traffic flood in the network. Which option is the problem?

    A. network outage
    B. network switching loop
    C. router configuration issue
    D. wrong proxy configured

    Answer: B

    Which type of handshake does CHAP authentication use to establish a PPP link?

    A. one-way
    B. two-way
    C. three-way
    D. four-way

    Answer: C

    Which two authentication protocols does PPP support? (Choose two.)

    A. WAP
    B. PAP
    C. CHAP
    D. EAP

    Answer: BC

    Which statement is a restriction for PPPoE configuration?

    A. Multiple PPPoE clients can use the same dialer interface.
    B. Multiple PPPoE clients can use the same dialer pool.
    C. A PPPoE session can be initiated only by the client.
    D. A PPPoE session can be initiated only by the access concentrator.

    Answer: C

    Refer to the exhibit. Which statement about the configuration is true?

    interface Ethernet 0
    pppoe-client dial-pool-number 5
    pppoe-client ppp-max-payload 1500

    interface Dialer 1
    ip address negotiated
    dialer pool 5
    mtu 1492

    A. This configuration is incorrect because the MTU must match the ppp-max-payload that is defined.
    B. This configuration is incorrect because the dialer interface number must be the same as the dialer pool number.
    C. This configuration is missing an IP address on the dialer interface.
    D. This configuration represents a complete PPPoE client configuration on an Ethernet connection.

    Answer: D

    A company has their headquarters located in a large city with a T3 frame relay link that connects 30 remote locations that each have T1 frame relay connections. Which technology must be configured to prevent remote sites from getting overwhelmed with traffic and prevent packet drops from the headquarters?

    A. traffic shaping
    B. IPsec VPN
    C. GRE VPN
    D. MPLS

    Answer: A


  59. Thinkbig4all
    October 9th, 2016

    All these questions are already in 149q…. R u saying these are new added questions?

  60. tagwa ali
    October 9th, 2016

    i have 183q
    any one want
    send to me in my email
    tagwatagelsir 88 @ gmail . com

  61. Harry
    October 10th, 2016

    Hello, I see in comments that 149q is not valid. Please send me the new dump harry1900123 at hmamail dot com , thanks

  62. Anonymous
    October 13th, 2016

    Kindly provide new dumps exam is nearing for me

  63. Dobrowski
    October 14th, 2016

    If you have the latest dump, can you please send to dobrowski007 @ gmail.com.

  64. Anonymous
    October 15th, 2016

    How about we all start doing Switch or Tshoot before those two get updated?

  65. Anonymous
    October 17th, 2016

    Can anyone please send me new dump to globalalk @ gmail . com ?

  66. Marty
    October 18th, 2016

    Hello Fellow Digital Tuters,

    I’m looking for the most recent dump, and unfortunately after scouring the interwebs for days I can’t find any…If anyone can help, please, send the dump to: Regs1960 @ fleckens . hu

  67. JennYC
    October 18th, 2016

    Hi everyone. Can you send me the latest dump to my email? Im going to take the exam next month.
    {email not allowed}

    Thank you so much guys!

  68. Anonymous
    October 19th, 2016

    Request a help please.

    Who can send me the current dump in October 2016.
    dowdp31 @ hotmail

    A hug !

    thank you

  69. Anonymous
    October 24th, 2016

    Hi everyone.

    Can you please send me the latest dump to my email? Im going to take the exam next month.

    lmas1111 (at) gmail (dot) com

    Thank you guys

  70. Anonymous
    October 24th, 2016

    Please someone could send me updates.
    300-101 route.
    Despite having studied very still I have difficulties with the English language and that of the dump help because some questions are difficult to understand.
    dowdp31 @ hotmail.com

    I appreciate the attention!

  71. Anata
    October 26th, 2016

    {email not allowed}
    THANK YOU !!!!

  72. Anata
    October 26th, 2016

    THANK YOU !!!!

  73. Doc_81
    October 28th, 2016

    Could someone please send me the last questions and answers?
    docky1981 @ hotmail . com

    Thank you :)

  74. Anonymous
    October 29th, 2016

    rebaz.rizgar @ outlook . com
    please send me new questions

    October 31st, 2016



  76. richy
    November 2nd, 2016

    to -tagwa tagelsir ….. are you sure sir these are the latest dumps and have u given the ccnp exam sir …? i m very confused because everybody is saying something different

  77. Jane
    November 4th, 2016

    Please Please Please, could somebody email me the latest dumps pdf + Labs (Packet Tracer) for CCNP route exam on jane_woken52 @ yahoo.com . I will be very thankful of you guys. I don’t know how and where to find. Pleaseeeeeee .

  78. vainilk78
    November 4th, 2016

    Thank you TAGWA TAGELSIR these are the correct questions I just took the 300-101 and I remember all the questions.

  79. mahesh
    November 5th, 2016

    can someone send me latest dumps for ccnp route 300-101
    {email not allowed}

  80. mahesh
    November 5th, 2016

    maheshgundev at gmail.com

  81. Muhammad Afzal
    November 7th, 2016

    Dear please tell me , did you pass the exam ?
    and what are the latest dumps. ?

  82. Mo
    November 9th, 2016

    vainilk78 can you please share the dumps dude, wanna take my exam again i failed the last time

  83. pichsoft0509
    November 11th, 2016

    thk for TAGWA i pass 300-101 with 934 / 1000

  84. vainilk78
    November 11th, 2016

    To Muhammad Afzal, I took the test before know the question change but after going over the dump test that TAGWA TAGELSIR posted I remember the questions and they are the same questions. I’m going to retake next week. I’m sure I’m going to pass this time.

  85. Anonymous
    November 12th, 2016

    Thank you for TAGWA I pass 300-101 with 908 / 1000

  86. vainilk78
    November 12th, 2016

    Thank you for TAGWA I pass 300-101 with 908 / 1000

  87. Anonymous
    November 13th, 2016


    Questi0n number 2 , from n3w questions must be “B”


    Example: Redirecting TCP Traffic to Another TCP Port or Address
    Having a web server on the internal network is another example of when it may be necessary for devices on the internet to initiate communication with internal devices. In some cases the internal web server may be configured to listen for web traffic on a TCP port other than port 80. For example, the internal web server may be configured to listen to TCP port 8080. In this case, you can use NAT to redirect traffic destined to TCP port 80 to TCP port 8080.
    After you define the interfaces as shown in the previous network diagram, you may decide that you want NAT to redirect packets from the outside destined for to You can use a static nat command in order to translate the TCP port number to achieve this. A sample configuration is shown here.

  88. Aniqa
    November 14th, 2016

    Everything you require to get ready and quickly pass the tough CCDP Cisco Certified Design Professional 300-101exam with 100% pass guarantee in first attempt. http://www.grades4sure.com/300-101-exam-questions.html

  89. Anonymous
    November 15th, 2016

    I took the CCNP 300-101 today and failed 770.. i only recognized 15 questions and i’ve studied the dumps and had no problems. Where did all the new questions come from ? Can anyone provide?

  90. John Doe
    November 16th, 2016

    Hi Did anyone try using vceplus?

  91. John Doe
    November 16th, 2016

    Anonymous you failed with 770 which dumps did you use?

  92. Router87
    November 16th, 2016

    Anonymous who failed with 770, please confirm is you use the dumps came from TAGWA TAGELSIR. Thank you.

  93. Sha
    November 16th, 2016

    I wrote exam last week. i failed in the exam but question is same as @TAGWA TAGELSIR

  94. Malinga
    November 17th, 2016

    Hey guys, I just wrote now in USA. I Passed 300-101 with 94%. This dumps http://www.testmayor.com/300-101-test.html is valid but a few answers are wrong. Although I don’t expect to pass with a full score, right? If your aim is just to pass the exam, only by memorizing the dumps is enough. But if you want to master skills, you really need to practice more.

  95. DB
    November 17th, 2016

    I pass 300-101 with 934 / 1000 Thank you TAGWA

  96. Mady
    November 17th, 2016

    I also passed using the ebay link provided above by “IT_Savy”. I want to thank this community for all the help passing my exam! Wish luck to others.

  97. Anonymous
    November 17th, 2016

    Hi DB……can you plz share ur dumps with…….on {email not allowed}

  98. Nancy jones
    November 18th, 2016

    I had experience to use resources like https://www.mrcerts.com/70-414-test.html and must confess that going through simulation questions can really help at the certification exam.

  99. Kaithlin
    November 22nd, 2016

    Congrats and thanks for sharing your learn and exam experience!
    Thanks for this link. https://www.mrcerts.com/300-101-test.html While I have not started to study for any Cisco certs, I have several students who are doing self-study. This site provides a wealth of information for them.

  100. Romio
    November 22nd, 2016

    Passed Exam.
    Used same 41 Qs and 149Qs file only. No need any other file. Get files at below page. Guaranteed Valid.
    remove spaces

    ccnplatestdumps.blogs p o t . c o m

Comment pages
1 2 1058
  1. No trackbacks yet.