PrepAway - Latest Free Exam Questions & Answers

which of the domains will the gateways belong?

If there are two gateways and two encryption domains which are fully overlapped, in which of the
domains will the gateways belong?

PrepAway - Latest Free Exam Questions & Answers

A.
The gateways will be outside the domains.

B.
There will be one gateway in each domain.

C.
They will both be in both domains.

D.
There can only be one gateway for full overlap encryption domains.

Explanation:

: Since the domains are fully overlapped, the gateways will belong to both of them, remember that
a VPN encryption domain is a group of networks or hosts behind a firewalled gateway that
participate in a VPN. Any traffic coming from one VPN domain and going to another will be
encrypting outbound, and then decrypted inbound at the other end. Also, This kind of VPN
domains is very handy when dealing with critical connections. When a SecuRemote client tries to
communicate with a server residing in this overlapping domain, it will try to connect to all of the
gateways and will complete the connection with the first gateway to respond. There are some
problems with this, to resolve them you can use IP Pools to assign a previously configured IP
address to the SecuRemote client. You can also use NAT to hide the connection passing through
the gateway behind the gateway. See page 498 of Syngress Book “Checkpoint NG – Next
Generation Security Administration”. You can check this at the online NG documentation.


Leave a Reply