Which two features and functions are supported when using an MX appliance in Passthrough mode? (Choose two.)
Which two features and functions are supported when using an MX appliance in Passthrough mode? (Choose two.)
Using an MX appliance in Passthrough mode supports intrusion prevention and site-to-site VPN. Intrusion prevention provides security by monitoring network traffic for suspicious activity and potential threats, while site-to-site VPN allows secure connections between different geographic locations. Features like secondary uplinks, DHCP, and high availability are not supported in Passthrough mode.
When in passthrough mode, the MX is best used for in-line: - Layer 3/7 firewall rules, traffic shaping, and analysis - Network asset discovery and reporting - Intrusion detection - Security and content filtering - Client and site-to-site VPN
The question was, which features ARE supported (not which are NOT), so: B and E https://documentation.meraki.com/MX/Networks_and_Routing/Passthrough_Mode_on_the_MX_Security_Appliance_and_Z-series_Teleworker_Gateway
champ according to the link you shared,the answer is A and B Configuration Differences There are a number of differences in configuration between Routed and passthrough modes on the MX: Secondary uplinks cannot be used for Internet connectivity. Thus Security & SD-WAN > Configure > SD-WAN & traffic shaping > Uplink configuration only has the option for limiting bandwidth on WAN 1. Site-to-site VPN can only operate in split-tunnel mode when configured as a hub. Traffic bound to VPN subnets must be directed to the MX. DHCP is no longer available. DHCP requests will simply pass through the MX. Cellular uplink is no longer available. VLANs cannot be configured. The MX/Z1 will act as a bridge between the Internet and LAN ports.
BE are correct
Intrusion prevention Yes Site-to-site VPN Yes Secondary uplinks No DHCP No High availability No
i have configured it for production and know that both B and E are possible. two VMX in HA and both in concentrator mode. Answers BE
https://documentation.meraki.com/MX/Networks_and_Routing/Passthrough_Mode_on_the_MX_Security_Appliance_and_Z-series_Teleworker_Gateway This should be Intrusion DETECTION not Prevention
A and E. intrusion PREVENTION is not support HA in passthrough mode is support MX Warm Spare - High-Availability Pair - Cisco Meraki https://documentation.meraki.com/MX/Deployment_Guides/MX_Warm_Spare_-_High_Availability_Pair
intrustion detection, it cannot do prevention so A and E
A and B
https://originalcerts.org/ Pass CCNA,CCNP,ITIL,Prince2,CITRIX,JUNIPER,AZURE,IBM,HP exams Pay After Results
Correct: A and B
When in passthrough mode, the MX is best used for in-line: Layer 3/7 firewall rules, traffic shaping, and analysis Network asset discovery and reporting Intrusion detection Security and content filtering Client and site-to-site VPN
A,B https://documentation.meraki.com/MX/Networks_and_Routing/Passthrough_Mode_on_the_MX_Security_Appliance_and_Z-series_Teleworker_Gateway
Guys, I have this exact scenario in production right now and the answer is AE. We have two MX250s in passthrough mode for Intrusion PREVENTION and they are setup in HA. While they can technically do site-to-site VPN, but if they did, they would be considered CONCENTRATORS and not as pass-thru devices as per all Meraki official documentation as well as the description in the dashboard itself - thus AE is the most correct answer.