PrepAway - Latest Free Exam Questions & Answers

You are using ASDM to verify a clientless SSL VPN confi…

PrepAway - Latest Free Exam Questions & Answers

You are using ASDM to verify a clientless SSL VPN configuration made by a junior administrator on an ASA.
Please click exhibit to answer the following questions.
Exhibit:

Which of the following statements is true regarding VPN connections made by a user who is using the john
user account? (Select the best answer.)

A.
The user will be unable to establish a VPN connection by using the boson tunnel group.

B.
The user will be able to establish a connection by using any tunnel group.

C.
The DfltGrpPolicy group policy will be applied to any VPN connection that the user established.

D.
The user will be able to establish only clientless SSL VPN connections.

Explanation:
The user will be able to establish only clientless Secure Sockets Layer (SSL) virtual private network (VPN)
connections. The tunneling protocols that a user can use to establish a VPN connection can be configured in
the user profile or in a group policy. To configure the tunneling protocols in a user profile, you should access the
VPN Policy pane of the Add or Edit User Account dialog box. To access this pane, you should click
Configuration, click the Remote Access VPN button, expand AAA/Local Users, click Local Users, doubleclick
john, and then click VPN Policy. The VPN Policy pane of the john user account is shown in the following exhibit:

The Tunneling Protocols entry indicates that the john user account is inheriting the tunneling protocol settings
from a group policy. The Group Policy entry indicates that the group policy associated with the john user
account is boson_grp. Therefore, you must view the details of the boson_grp group policy to determine the
tunneling protocols that the john user account can use.
To view the details of the boson_grp group policy, you should click Configuration, expand Clientless SSL VPN
Access, click Group Policies, and doubleclick boson_grp, which will open the Edit Internal Group Policy dialog
box, as shown in the following exhibit:

The Tunneling Protocols entry indicates that the group policy allows only clientless SSL VPN connections.
Because the john user account inherits this setting, the john user account will be able to establish a VPN
connection by using only a clientless SSL VPN connection.

Cisco: General VPN Setup: Adding or Editing a Remote Access Internal Group Policy, General Attributes


Leave a Reply