Examice

Exam Essentials All QuestionsBrowse all questions from this exam

Go to Exam

Question 54

While troubleshooting a branch office VPN tunnel, you see this log message:

2014-07-23 12:29:15 iked (203.0.113.10<->203.0.113.20) Peer proposes phase one encryption 3DES, expecting AES

What settings could you modify in the local device configuration to resolve this issue? (Select one.)

BOVPN Gateway settings

BOVPN-Allow policies

BOVPN Tunnel settings

BOVPN Tunnel Route settings

Correct Answer: A

The log message indicates an issue with phase one encryption not matching expectations (3DES instead of AES). Phase one settings, which pertain to device-to-device authentication during the initial VPN setup, are configured in the BOVPN Gateway settings. To resolve this issue, you would adjust the phase one encryption settings in the BOVPN Gateway settings to match the expected AES encryption.

Discussion

SatornjkkOption: C

Watch IPSEC policy base they separated to 2 part. - Gateway : Control phase 1 device to device authentication - Tunnel : Control phase 2 package transfer encryption

WatryOption: A

A is correct