Which cipher is not supported by the NSX Edge Service Gateway for an IPSec VPN?
A. 3DES
B. AES-GCM
C. AES-256
D. DES
6 Comments on “Which cipher is not supported by the NSX Edge Service G…”
Marcelsays:
D is correct.
The following IPSec VPN algorithms are supported:
■AES (AES128-CBC)
■AES256 (AES256-CBC)
■Triple DES (3DES192-CBC)
■AES-GCM (AES128-GCM)
■DH-2 (Diffie–Hellman group 2)
■DH-5 (Diffie–Hellman group 5)
NEW QUESTION 1 — B,D are correct.
• There are no physical NICs on some of the hosts assigned to active or standby uplinks in the teaming and failover order of the distributed port group.
• The physical NICs on the hosts that are assigned to the active or standby uplinks reside in different VLANs on the physical switch. The physical NICs in different VLANs cannot see each other and thus cannot communicate with each other.
Both the NSX DLR and the NSX ESG support OSPF and BGP. The primary difference between these routing protocols is the level of control on routes propagation and attribute manipulations they allow, “”””with BGP being the more flexible of the two””””. The concept of an Autonomous System (AS), defined as a group of routers under the same administrative domain, comes also into play. Routing inside an AS is usually done via an IGP (e.g., OSPF) while routing between Autonomous Systems is done via an EGP (e.g., BGP).
D is correct.
The following IPSec VPN algorithms are supported:
■AES (AES128-CBC)
■AES256 (AES256-CBC)
■Triple DES (3DES192-CBC)
■AES-GCM (AES128-GCM)
■DH-2 (Diffie–Hellman group 2)
■DH-5 (Diffie–Hellman group 5)
https://pubs.vmware.com/NSX-62/index.jsp?topic=%2Fcom.vmware.nsx.admin.doc%2FGUID-6152B56B-2119-48E7-B2F2-BDDCF58B3F14.html
0
0
Besides, part of the new 285Q 2V0-642 dumps are available here:
https://drive.google.com/open?id=0B-ob6L_QjGLpbVl3X1hXbUdteHc
Best Regards!
0
0
NEW QUESTION 1 — B,D are correct.
• There are no physical NICs on some of the hosts assigned to active or standby uplinks in the teaming and failover order of the distributed port group.
• The physical NICs on the hosts that are assigned to the active or standby uplinks reside in different VLANs on the physical switch. The physical NICs in different VLANs cannot see each other and thus cannot communicate with each other.
From
0
0
https://docs.vmware.com/en/VMware-vSphere/6.5/com.vmware.vsphere.troubleshooting.doc/GUID-5324A0E4-AA7B-40CC-A975-D45328B5C434.html
0
0
NEW QUESTION 5 — D is correct.
The physical infrastructure does not have to deal with MAC/FIB table limits since the logical switch contains the broadcast domain in software.
“””logical switch contains the broadcast domain in software”””
https://docs.vmware.com/en/VMware-vSphere/6.5/com.vmware.vsphere.troubleshooting.doc/GUID-5324A0E4-AA7B-40CC-A975-D45328B5C434.html
0
0
NEW QUESTION 12 — A is correct.
“”””with BGP being the more flexible of the two””””
NSX Design Guide : Page 57 https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/nsx/vmw-nsx-network-virtualization-design-guide.pdf
Both the NSX DLR and the NSX ESG support OSPF and BGP. The primary difference between these routing protocols is the level of control on routes propagation and attribute manipulations they allow, “”””with BGP being the more flexible of the two””””. The concept of an Autonomous System (AS), defined as a group of routers under the same administrative domain, comes also into play. Routing inside an AS is usually done via an IGP (e.g., OSPF) while routing between Autonomous Systems is done via an EGP (e.g., BGP).
0
0