What can the administrator configure to establish the VPN connection?
A network administrator configured a site-to-site VPN tunnel where the peer device will act as initiator None of the peer addresses are known
What can the administrator configure to establish the VPN connection?
A . Set up certificate authentication.
B. Use the Dynamic IP address type.
C. Enable Passive Mode
D. Configure the peer address as an FQDN.
Answer: B
Explanation:
According to the documentation, if the peer device has a dynamic IP address, the administrator can configure the peer address as an FQDN and use tunnel monitoring to establish the VPN connection. Tunnel monitoring is a feature that sends periodic ICMP pings to a specified destination IP address across the VPN tunnel and brings down the tunnel interface if the pings fail. This way, the firewall can detect when the peer device changes its IP address and re-establish the VPN connection.
References: 1 IPSec VPN Tunnel with Peer Having Dynamic IP Address – Palo Alto Networks 2 Dual ISP VPN site to site Tunnel Failover with Tunnel Monitoring – Palo Alto Networks https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClIGCA0
Latest PCNSE Dumps Valid Version with 280 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund