With the policies configured as shown in this image, HTTP traffic can be sent and received through branch office VPN tunnel.1 and tunnel.2.
With the policies configured as shown in this image, HTTP traffic can be sent and received through branch office VPN tunnel.1 and tunnel.2.
Based on the policies configured in the image, HTTP traffic is allowed through both tunnel.1 and tunnel.2. Although policies 1 and 2 specifically mention tunnel.1, any unchecked HTTP traffic would continue down the policy list. Policies 7 and 8 are configured to allow any traffic through both tunnel.1 and tunnel.2. Therefore, HTTP traffic can be sent and received through both branch office VPN tunnels.
This is kinda a 'gotcha question'. You'll likely look at policies 7 & 8 and decide that the traffic would be permitted, however the question specifically asks about HTTP traffic; which is governed by policies 1 & 2. Only 'tunnel 1' is defined in those policies. 'Tunnel 2' is missing.
HTTP traffic destined to Tunnel 1will be caught caught by rule 1 and processed there. HTTP traffic to Tunnel 2 Does not meet the "To" Criteria of rule 1 so it will proceed down the list Rule 7 say any traffic to tunnel 2 and tunnel 1 so that is where it will be picked up.
It would still be allowed in policy 7 and 8. Even though it isnt listed in policy 1 and 2 it would continue down the list until it is matched or blocked.
The Answer should be True
I think it's true. Tunnel2 is not intercepted by rule n 2 and goes down to rule 7 and 8. Sorry for the bad english.
I don't think you're correct... Let me explain. WatchGuard uses auto-order which places the most specific policies in the top of the order where as most generel policies are placed at the bottom. In this case, since there's already a specific policy that doesn't allow traffic inbound/outbound for Tunnel.2, I'd say the answer is B, false.
In Policies 1&2, there is no disposition that would deny the HTTP traffic for Tunnel2, so if it not match it will go down till policies 7&8 which will allow the traffic......The correct answer is "True"
yes, exact
If you have a http package/traffic it will be processed by rule 1 or 2 because its a http package. The rule does not have tunnel 2 in it so it you can Not send it over tunnel 2. rule 7 & 8 are not for http traffic.
Rule 7 & 8 are for Any Traffic, therefore HTTP included.
Should be true, even though rule 1 and 2 won't allow it, 7 and 8 will.
Tunnel2 will sent all traffic matched Rul No.7,8
I read that incorrectly, rules 7 and 8 are set to allow, 1 and 2 do not matter since they are not referring to the BOVPN, so the answer is true.
TRUE !
I just tested it. The result is TRUE.
A. True Top-down first match Tunnel1 match 1&2 Tunnel2 match 7&8
A. True
Answer is false. This is only referring to the BOVPN, so 1 and 2 are irrelevant in this case. Rules 7 and 8 are blocking traffic to BOVPN in both directions.
True. A is corect.