Examice

Exam CAS-004 All QuestionsBrowse all questions from this exam

Question 487

A security technician is trying to connect a remote site to the central office over a site-to-site VPN. The technician has verified the source and destination IP addresses are correct, but the technician is unable to get the remote site to connect. The following error message keeps repeating:

An error has occurred during Phase 1 handshake. Deleting keys and retrying...

Which of the following is most likely the reason the connection is failing?

The IKE hashing algorithm uses different key lengths on each VPN device.

The IPSec settings allow more than one cipher suite on both devices.

The Diffie-Hellman group on both sides matches but is a legacy group.

The remote VPN is attempting to connect with a protocol other than SSL/TLS.

Correct Answer: A

The error message indicates there is a problem during the Phase 1 handshake, which is part of the Internet Key Exchange (IKE) process. This suggests that there might be a mismatch or incompatibility in the algorithms or keys being used. One common cause of such issues is when the IKE hashing algorithms use different key lengths on each VPN device, leading to a failure in establishing the secure connection.

Discussion

23169fdOption: C

The error message “An error has occurred during Phase 1 handshake. Deleting keys and retrying…” suggests that there is an issue with the initial negotiation or key exchange process. Legacy Diffie-Hellman groups are a common cause of such issues because modern VPN devices might reject or fail to negotiate with older, less secure groups.