100+ Real-World

Scenario-Based
Questions Every
Network Engineer
Must Prepare!

PM Networking
This is a comprehensive list of 100+ scenario-based interview questions
specifically curated for Network Engineers. These questions are designed to
test practical understanding, real-world troubleshooting, configuration, and
decision-making skills from L1 to L3 level across domains like routing, switching,
firewalls, wireless, and network design.

Most network engineers spend hours solving real-world issues, not just
memorizing definitions or commands. Interviewers know this. That’s why
scenario-based questions are becoming the backbone of technical interviews,
L2/L3 assessments, and on-the-job performance reviews.

✅ Routing & Switching

1.​ You configured OSPF but the routers are not forming neighbor adjacency.
How will you troubleshoot?​

2.​ Two VLANs on the same switch cannot communicate. What could be the
issue?​

3.​ How would you connect two buildings on a campus using switches?​

4.​ A user cannot access the internet but can ping the default gateway. What
will you check next?​

5.​ What would you do if you see flapping routes in the routing table?​

6.​ How do you troubleshoot an asymmetric routing issue?​

7.​ You implemented HSRP but both routers are in active state. Why?​

8.​ Explain what happens if two routers in the same OSPF area have the
same router ID.​

9.​ How would you troubleshoot a scenario where STP is causing frequent
topology changes?​
 10.​ A newly added switch is not learning MAC addresses. What do you
check?​

⚙️ IP Addressing & Subnetting

11.​A user complains of IP conflict. How do you investigate?​

12.​ How do you assign IPs to 500 users efficiently?​

13.​ What would you do if you find overlapping subnets between branches?​

14.​ How would you summarize a group of networks to reduce route entries?​

15.​ How would you allocate a subnet for DMZ hosting public servers?​

🧱 Firewall & Security

16.​ Users can access internal servers but not internet. What could be
wrong on the firewall?​

17.​ Your site-to-site VPN tunnel is up but traffic is not passing. Steps?​

18.​ What would you do if firewall denies internal DNS resolution?​

19.​ You notice huge outbound traffic to a suspicious IP. Steps to analyze?​

20.​ How do you restrict access to a specific website from a corporate

network?​
📶 Wireless Networking
21.​ Users on Wi-Fi complain of frequent disconnections. What will you
check?​

22.​ How do you prevent rogue APs in an enterprise network?​

23.​ How will you implement secure guest Wi-Fi in a hotel?​

24.​ Wi-Fi works on one floor but not on another. How do you begin
troubleshooting?​

25.​ How to deal with channel overlapping in 2.4 GHz?​

🛠 Troubleshooting & Monitoring

26.​ Network is slow intermittently. How will you investigate?​

27.​ A switch CPU is constantly 90%+. What’s your approach?​

28.​ How do you identify and resolve a broadcast storm?​

29.​ User is unable to SSH into a server. What are your first 5 checks?​

30.​ What if a traceroute is failing after the 2nd hop?​

🧭 Network Design & Planning

31.​ How would you design a redundant network for a data center?​
 32.​ What factors do you consider when choosing between static and
dynamic routing?​

33.​ How would you scale a network from 10 to 1000 users?​

34.​ How do you design a high-availability solution for a branch office?​

35.​ What is your strategy to segment networks for different departments?​

🌐 Internet, NAT, and DNS

36.​ Explain how you’d configure NAT for multiple internal servers with one
public IP.​

37.​ How would you diagnose DNS resolution failure?​

38.​ What if ping by IP works but not by domain name?​

39.​ How do you implement port forwarding for a web server?​

40.​ Your NAT table is full — what happens and how to resolve?​

🔐 Authentication & Access Control

41.​ How will you implement 802.1X authentication on a switch port?​

42.​ How do you give temporary internet access to a guest device?​

43.​ What is your response to repeated failed login attempts on a network

device?​
 44.​ A terminated employee still has access to VPN — what’s your
immediate step?​

45.​ How would you segment traffic using ACLs for Sales and HR
departments?​

📡 Cloud & SD-WAN

46.​ How do you configure site-to-site VPN between HQ and AWS?​

47.​ What happens when one SD-WAN link fails — how is failover handled?​

48.​ How do you troubleshoot packet loss in a cloud-hosted VPN?​

49.​ How do you prioritize VoIP traffic over MPLS and broadband in
SD-WAN?​

50.​ Your cloud-hosted server is inaccessible — how to isolate if it’s a

routing or firewall issue?​

📁 Logs, Tools & Documentation

51.​ What are the key logs you check in a switch/router during failure?​

52.​ Which tools do you use for packet capture and traffic analysis?​

53.​ How do you maintain device inventory and configuration backups?​

54.​ How often should you review firewall rules?​

55.​ What’s your standard procedure for documenting a new network setup?​
🧩 Redundancy & Failover
56.​ How do you verify HSRP failover is working?​

57.​ Your primary ISP link is down — traffic is not failing over. Why?​

58.​ Explain how LACP or EtherChannel helps in redundancy.​

59.​ What’s your strategy for WAN load balancing?​

60.​ How do you monitor active/passive firewall pairs?​

🧮 QoS, VoIP & Performance

61.​ How would you prioritize VoIP traffic over general traffic?​

62.​ What are your steps to troubleshoot choppy voice calls?​

63.​ How do you classify and mark packets for QoS?​

64.​ Your QoS policy is not taking effect — how do you troubleshoot?​

65.​ VoIP packets are getting dropped during peak hours. Next steps?​

🧠 Behavioral & Scenario-Based

66.​ A critical link fails during your shift — what's your escalation process?​

67.​ How do you handle a planned maintenance with minimal disruption?​

 68.​ Describe a situation where your quick action prevented major
downtime.​

69.​ A team member made a config error — how would you resolve and
prevent recurrence?​

70.​ You receive conflicting instructions from two managers — how do you
handle it?​

🛡️ Network Access & Zero Trust

71.​ How would you limit access to management ports (SSH/Telnet) of
devices?​

72.​ How do you set up a jump server for managing all routers/switches?​

73.​ What steps do you take to implement role-based access on switches?​

74.​ How would you implement a zero-trust policy in a campus LAN?​

75.​ How do you ensure third-party vendors can only access designated
servers?​

🧮 Load Balancing & HA

76.​ How would you deploy HA for an internal web application?​

77.​ How do you ensure stateful failover between firewall pairs?​

78.​ What’s your approach for designing a load-balanced DNS

infrastructure?​
 79.​ How to design application-level redundancy for critical services?​

80.​ Load balancer health checks are failing — what do you check?​

🚨 Disaster Recovery & Backup

81.​ What are your DR strategies for critical routers and switches?​

82.​ How do you backup and restore device configs using TFTP?​

83.​ What’s your network restoration plan in case of major power failure?​

84.​ How do you simulate a failover test in a controlled environment?​

85.​ What’s your RTO/RPO strategy for networking?​

📦 Tools & Automation

86.​ Which network automation tools have you worked with (e.g., Ansible,
Netmiko)?​

87.​ How do you push mass config updates securely?​

88.​ What kind of alerts do you set up in your NMS (e.g., PRTG,
SolarWinds)?​

89.​ Explain how you use SNMP to monitor link status.​

90.​ What’s your response if automation pushes a wrong config?​

🧪 Protocols & Layer-wise Issues
91.​ How do you troubleshoot issues at Layer 2 vs Layer 3?​

92.​ ARP table is incomplete — what’s the impact and solution?​

93.​ BGP route is present but traffic is not flowing — why?​

94.​ How would you troubleshoot MTU mismatch in a link?​

95.​ Explain how you’d troubleshoot a DHCP issue in a VLAN-based setup.​

📝 Configuration & Upgrade

96.​ How do you safely upgrade the firmware of a core switch?​

97.​ What’s your checklist before migrating to a new router?​

98.​ How would you roll back a failed network configuration?​

99.​ What’s your approach to configuring a multi-VRF environment?​

100.​ How do you migrate static routes to dynamic routing in a live network?​

🧭 Bonus: Common Interview Traps

101.​ What’s the difference between port security and 802.1X — when would
you use which?​

102.​ You’re given a task to configure EIGRP over DMVPN — what things will
you consider?​
103.​ Static NAT works, but dynamic NAT doesn’t — how do you proceed?​

104.​ What happens if all interfaces in a switch are in the same VLAN?​

105.​ What’s the risk of using VLAN 1 across the enterprise?

PM Networking​