Does the remote gateway need to include your production gateway’s external IP in its encryption domain?

seenagapeNovember 15, 2015

In a production environment, your gateway is configured to apply a Hide NAT for all internal
traffic destined to the Internet. However, you are setting up a VPN tunnel with a remote
gateway, and you are concerned about the encryption domain that you need to define on
the remote gateway. Does the remote gateway need to include your production gateway’s
external IP in its encryption domain?

PrepAway - Latest Free Exam Questions & Answers

A.
Yes – The gateway will apply the Hide NAT for this VPN traffic.

B.
Yes – all packets destined to go through the VPN tunnel will have the payload
encapsulated in an ESP packet and after decryption at the remote site, the packet will
contain the source IP of the Gateway because of Hide NAT.

C.
No – all packets destined to go through the VPN tunnel will have the payload
encapsulated in an ESP packet and after decryption at the remote site, will have the same
internal source and destination IP addresses.

D.
No – all packets destined through a VPN will leave with original source and destination
packets without translation.

Explanation:

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

CheckPoint Exam Questions

Free CheckPoint Study Guide

Does the remote gateway need to include your production gateway’s external IP in its encryption domain?

Leave a Reply Cancel reply