What action can you take to correct the problem?

seenagapeMay 14, 2017

Refer to the exhibit.

You have configured R1 and R2 as shown, but the routers are unable to establish a site-to-site VPN tunnel.
What action can you take to correct the problem?

PrepAway - Latest Free Exam Questions & Answers

A.
Edit the crypto keys on R1 and R2 to match.

B.
Edit the ISAKMP policy sequence numbers on R1 and R2 to match.

C.
Set a valid value for the crypto key lifetime on each router.

D.
Edit the crypto isakmp key command on each router with the address value of its own interface.

Explanation:
BD
Five basic items need to be agreed upon between the two VPN devices/gateways (in this case, the two routers)
for the IKE Phase 1 tunnel to succeed, as follows:
+ Hash algorithm
+ Encryption algorithm
+ Diffie-Hellman (DH) group
+ Authentication method: sed for verifying the identity of the VPN peer on the other side of the tunnel. Options
include a pre-shared key (PSK) used only for the authentication or RSA signatures (which leverage the public
keys contained in digital certificates).
+ Lifetime
The PSK used on the routers are different: test67890 and test12345
Source: Cisco Official Certification Guide, The Play by Play for IPsec, p.124

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

Cisco Exam Questions

Free Cisco Study Guide

What action can you take to correct the problem?

Leave a Reply Cancel reply