Which command will allow a referenced ASA interface to become accessible across a site-to-site VPN?
Which command will allow a referenced ASA interface to become accessible across a site-to-site VPN?A . access-list 101 extended permit ICMP any anyB . crypto map vpn 10 match address 101C . crypto map vpn interface insideD . management-access <interface name>View AnswerAnswer: B
Which type of failover has been implemented?
A customer has two ASAs configured in high availability and is experiencing connection drops that require re-establishment each time failover occurs. Which type of failover has been implemented?A . StatelessB . routedC . transparentD . statefulView AnswerAnswer: D
Which option is one of the difference between FlexVPN and DMVPN?
Which option is one of the difference between FlexVPN and DMVPN?A . flexvpn uses ikev2 and dmvpn can use ikev1 or ikev2B . dmvpn can use ikev1 and ikev2 where flexvpn only uses ikev1C . flexvpn can use ikev1 and ikev2 where dmvpn uses only ikev2D . dmvp uses ikev1...
Which protocol must be used?
An engineer is configuring high availability for crypto-map-based site-to-site VPNs on Cisco devices. Which protocol must be used?A . VRRPB . BFDC . ESPD . HSRPView AnswerAnswer: D
From the CLI of a Cisco ASA 5520, which command shows specific information about current clientless and Cisco Anyconnect SSL VPN users only?
From the CLI of a Cisco ASA 5520, which command shows specific information about current clientless and Cisco Anyconnect SSL VPN users only?A . show crypto ikve1 sa detailB . show vpn-sessiondb remoteC . show vpn-sessiondbD . show von-sessiondb detailView AnswerAnswer: C
You are implementing an IKEv2 IPsec tunnel between two Internet routers by using PSKs. After the configuration is complete, the IPsec VPN tunnel fails to negotiate. You enable debugging to troubleshoot the issue.Which action do you take to resolve the issue?
Refer to the exhibit. You are implementing an IKEv2 IPsec tunnel between two Internet routers by using PSKs. After the configuration is complete, the IPsec VPN tunnel fails to negotiate. You enable debugging to troubleshoot the issue.Which action do you take to resolve the issue?A . Verify the IKEv2 keyring...
Which two options are key advantages to choosing GET VPN EssaVPN?
An engineer must configure HET VPN transverse over the network between corporate offices. Which two options are key advantages to choosing GET VPN EssaVPN? (Choose two.)A . GET VPN has unique session keys for improved security.B . GET VPN supports multicast.C . GET VPN supports a hub and-spoke topology.D ....
A network engineer is troubleshooting a VPN configured on an ASA and has found Phase 1 is not completing.
A network engineer is troubleshooting a VPN configured on an ASA and has found Phase 1 is not completing. Which configured parameter must match for the IKE Phase 1 tunnel to get successfully negotiated/A . SA lifetimeB . idle timeoutC . transform-setD . DH groupView AnswerAnswer: D
Which command must be run on the ASA to verify this information?
While attempting to establish a site-to-site VPN, the engineer notices that phase 1 of the VPN tunnel fails. The engineer wants to run a capture to confirm that the outside interface is receiving phase 1information from the thirdparty peer address. Which command must be run on the ASA to verify...
What must be configured to resolve the issue?
Refer to the exhibit. You are implementing an IKEv1 IPsec tunnel between two Internet routers by using PSKs. After the configuration is complete, the IPsec VPN tunnel fails to negotiate. What must be configured to resolve the issue?A . matching PSKs on both routersB . matching ISAKMP policies on both...