what can you determine about virtual-access interfaces from the output shown?

seenagapeMay 21, 2013

Refer to the exhibit.

When you are using dynamic IPsec VTI tunnels, what can you determine about virtual-access
interfaces from the output shown?

PrepAway - Latest Free Exam Questions & Answers

A.
The Virtual-Access1 interface currently does not have an IPsec peer connection established.

B.
The Virtual-Access2 interface does not yet have an IPsec peer defined.

C.
The Virtual-Access1 interface is in the down/down state, because the virtual tunnel source
physical interface is down.

D.
The Virtual-Access1 interface, which is used internally by the Cisco IOS software, is always
down.

Explanation:
A special Virtual-Access1 interface is used internally by Cisco IOS Software and is
always present in the output of this command. but not always DOWN !!!
as follows from:
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6635/
prod_white_paper0900aecd803645b5.pdf
“…When the Easy VPN negotiation is successful, the line protocol state of the virtual access
interface gets changed to up. When the Easy VPN tunnel goes down because the security
association expires or is deleted, the line protocol state of the virtual access interface changes to
down…”

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

Cisco Exam Questions

Free Cisco Study Guide

what can you determine about virtual-access interfaces from the output shown?

Leave a Reply Cancel reply