johnnyboy

I'm interested, please add me

Please add me

Please add me

I've been practicing with just leaving the wrong config. Once you move the interfaces to the vrf WAN it won't matter anyways.

Here are some rough steps that I put together from using my lab. A lot of it depends on what is already configured in the lab. From what I remember in the lab I know for sure that TACACS was not enabled on the ISE server in DNA. ISE _____ Administration-> Deployment -> PSN -> Enable Device Admin Service -> SAVE Administration-> Identity Management -> Settings -> User Authentication Settings -> Uncheck all password must contain at least: -> SAVE Administration-> Network Resources -> Network Devices -> Click Devices -> "Check TACACS Authentication Settings" -> "Enter Shared Secret" 'cisco' -> SAVE Administration-> Identities -> Users -> "Add" -> "Name: netadmin password: admin User Groups: ALL_ACCOUNTS" -> Submit Work Centers-> Device Administration -> "View Default Policy" -> Authentication Policy -> "Internal Users" -> Options If User not found "Continue" -> Authorization Policy "Create New Command Set" called All_Commands -> Check Box "Permit any command that is not listed below" -> Shell Profiles "Create New Shell Profile" named Priv15 -> Default Privilege to "15" -> Submit -> Select and Save both of these new policies DNA _____ System Settings -> Update ISE -> Click ISE server -> "Edit" -> "View Advanced Settings" -> Check TACACS -> Apply Design -> Network Settings -> Add Servers -> AAA -> Check "Network" -> Choose ISE then Protocol "TACACS" -> Choose PSN -> SAVEDo this at Global Level. Make sure it applies to both branches Provision -> Devices-> Select all 4 Switches -> Actions -> Provision Device After Provision is successful: Choose all four switches -> Actions -> Edit Device -> Change CLI to netadmin/admin Test with SSH and DNA resync @NTWMaster, let us know if you have any new design questions in that thread.

Sitting soon. add me as well

I'm not sure as I couldn't actually find where the config guides were. Didn't look for long though. Yes one of the things I remember being different on DOO was it asked you to encrypt the vtp password in a 32 bit format. You have to use the "vtp password cisco hidden" command

Thanks, I ran out of time so didn't have a chance to dive into it. Going to use this for next time!

Took the exam recently and it said the password needed a capital letter or something for the user password. I guess we have to go in and change the password policy or something? Anyone think they mastered this question yet?

Congrats and thanks for posting solutions!

I took the exam in the middle of January. In addition to the sims previously mentioned I got one that wanted me to use the archive command to log all commands used by a user. Don't know if that's been mentioned before or not.

Are you sure we're it doesn't mean we advertise the summarized subnet in the form of an aggregate address?

I'm scheduled for early April

Yeah I get what you're saying. I guess it just depends on how the automation tests the exam. Is the automated grading going to shut down the physical interfaces 0/0-1 and see if the track objects go down? If so then the vlan adjacencies will still carry that traffic and the grading may cause a fail on the task when those objects stay UP.

So we think a VL is required for this task?