Refer to the exhibit. 
Which two changes must you make to the given IOS site-to-site VPN configuration to enable the
routers to form a connection? (Choose two.)
A.
Configure a valid route on Router A.
B.
Configure the access list on Router B to mirror Router A.
C.
Configure Router B’s ISAKMP policy to match the policy on Router A.
D.
Configure the tunnel modes on the two routers to match.
Explanation:
Hi, someone have an explanation for the answer B ? Both ACL looks identical.
0
0
Hi Vince! Answering to your question, yes you right that both ACLs are exactly identical (and here my friend is the only problem 😉 ).
Both ACLs are applied on different routers so both should be particular router specific on which they are applied and not same or identical.
ACL applied on Router A is permitting the traffic to go from 192.168.10.1 (IP address on fa0/0 of router A) to 192.168.20.1 (IP address on fa0/0 of router B).
So now, ACL applied on Router B should be mirror image of the above ACL permitting traffic from 192.168.20.1 to 192.168.10.1 so that traffic from Router B to Router A is also allowed to pass through the VPN tunnel.
I hope my explanation helps you understand the reason for option B. 🙂
0
0
That answers the question perfectly, by mirrored I kept assuming identical, not actually as a mirrored reflection. Poor wording on their part, thanks for the explanation.
0
0