Cisco Secure VPN Exam Certification Guide - Cisco press
.pdf
348 Chapter 7: Monitoring and Administering the VPN 3000 Series Concentrator
Monitoring the Cisco VPN 3000 Series Concentrator
Figure 7-49 shows the Monitoring screen.
Figure 7-49 Monitoring Screen
Table 7-5 describes the Monitoring screen menu options.
Table 7-5 |
Monitoring Menu System |
|
|
|
|
|
|
|
Menu Option |
Level |
Usage |
|
|
|
|
|
Monitoring |
1 |
Main screen for monitoring the VPN 3000 Concentrator. Enables all of |
|
|
|
the Monitoring submenus. |
|
|
|
|
|
Routing Table |
2 |
Shows the currently configured routes. |
|
|
|
|
|
Filterable Event Log |
2 |
Allows you to show events as defined by the debugging options set |
|
|
|
within the configuration. These events may be filtered. This screen is |
|
|
|
updated periodically based on the setting in the Administration | |
|
|
|
Monitoring Refresh screen. |
|
|
|
|
|
Live Event Log |
3 |
Shows all events for which logging is enabled. These events are not |
|
|
|
filterable and show up in real time. |
|
|
|
|
|
System Status |
2 |
Shows the status and the serial number of the concentrator. |
|
|
|
|
|
Sessions |
2 |
Allows you to see the statistics for all of the current sessions on the |
|
|
|
concentrator. This screen also enables the submenus for monitoring the |
|
|
|
sessions by protocol or encryption, as well as the “top ten” list. |
|
|
|
|
|
Statistics |
3 |
Is similar to the Monitoring | Protocols screen but allows you to choose |
|
|
|
the protocol on which to filter the statistics. |
|
|
|
|
Statistics 351
Figure 7-53 Top Ten Lists | Data
Statistics
Following is a list of the Monitoring | Statistics submenu options:
•Accounting
•Address Pools
•Administrative AAA
•Authentication
•Bandwidth Management
•Compression
•DHCP
•DNS
•Events
•Filtering
•HTTP
•IPSec
•L2TP
•Load Balancing
•NAT
Q&A 353
Q&A
As mentioned in Chapter 1, “All About the Cisco Certified Security Professional,” these questions are more difficult than what you should experience on the CCSP exam. The questions do not attempt to cover more breadth or depth than the exam; however, the questions are designed to make sure you know the answer. Rather than allowing you to derive the answer from clues hidden inside the question itself, your understanding and recall of the subject are challenged. Questions from the “Do I Know This Already?” quiz from the beginning of the chapter are repeated here to ensure that you have mastered the chapter’s topic areas. Hopefully, these questions will help limit the number of exam questions on which you narrow your choices to two options and guess!
1What screen is used to set the password for the administrator?
2You wish to limit HTTP access to the concentrator to hosts on the same subnet as the inside interface of the concentrator. What is the format of the access control list?
3What types of AAA servers can the VPN 3000 Series Concentrator use for authenticating management sessions?
4What is the upper limit for a management session timeout?
5What form of encryption may be used on a configuration file?
354 Chapter 7: Monitoring and Administering the VPN 3000 Series Concentrator
6On what screen can routes be cleared?
7Where can you see the CPU utilization on a Cisco 3000 Series Concentrator?
8Where can you troubleshoot an IPSec connection?
9Where can you troubleshoot TCP/IP connections?
10Where can you see the number of collisions on an Ethernet interface?
11What is the major difference between the Monitoring | Statistics and the Monitoring | Statistics | MIB II sections?
12You wish to limit the number of concurrent management connections. Where is this done?
Q&A 355
13You wish to use a AAA server to authenticate management access to the concentrator. What must you use?
14What are the differences between the Filterable Event Log screen and the Live Event Log screen?
15On what screen can you see if a certificate has been requested but has not yet been received?
16What section should you look in if you want to see the number of pings sent and received? From where on the concentrator do you send a ping?
17Name two places that you can see the current software version on a concentrator.
18What are the access control lists as defined in the Administration | Access Rights | Access Control Lists screen used for?
356 Chapter 7: Monitoring and Administering the VPN 3000 Series Concentrator
19You find out that your assistant has changed the configuration and saved that new configuration. However, something was configured incorrectly. None of remote sites or remote users can connect to the concentrator. What is the quickest way to resolve the issue?
20A remote client with a VPN 3002 Hardware Client calls you on the phone saying that he is unable to connect to your network. He says that he may have incorrectly configured the preshared key on his end. You have access through HTTP to your concentrator. Where is the first place you look to see if this is a preshared key issue?
