Which two statements are true for IPSec VPN? (Choose two.)
Which two statements are true for IPSec VPN? (Choose two.)
IPSec VPNs use the DPDK (Data Plane Development Kit) accelerated performance library to improve performance. Additionally, IPSec VPN services can be configured on both Tier-0 and Tier-1 gateways, providing flexibility in network architecture design.
Saw in the ICM 4.0 : When you deploy IPSec VPN, you should consider several factors: •IPSec VPN services are available on both Tier-1 and Tier-0 gateways. • Protected networks must be segments created through the NSX UI or policy APIs. • Segments can be connected to either Tier-0 or Tier-1 gateways to use VPN services. • Tenants with overlapping networks require NAT on Tier-0 gateways. • VPN-based dynamic routing for VTI is supported on Tier-0 gateways only. • NSX supports site-to-site IPSec VPNs in tunnel mode. • IPSec tunnels use the DPDK-accelerated performance.
B: https://docs.vmware.com/en/VMware-NSX/4.1/administration/GUID-7D9F7199-E51B-478B-A8BC-58AD5BBAA0F6.html D: https://docs.vmware.com/en/VMware-NSX/4.1/administration/GUID-7D9F7199-E51B-478B-A8BC-58AD5BBAA0F6.html
When using dynamic routing protocols, route-based IPSec mode must be used. Therefore, not all IPSec modes. https://docs.vmware.com/en/VMware-NSX/4.0/administration/GUID-7D9F7199-E51B-478B-A8BC-58AD5BBAA0F6.html
C. IPSec VPNs use the DPDK accelerated performance library. D. IPSec VPN services can be configured at Tier-0 and Tier-1 gateways.
CD is correct
It's not correct B. Policy-based IPSec mode not be supported dynamic routing protocols. > B. Dynamic routing is supported for any IPSec mode in NSX.