PrepAway - Latest Free Exam Questions & Answers

What two (2) options should you check first?

Your VPN tunnel does not pass traffic. You run the "Get ike cookie" command and discover that there is no cookie. What two (2) options should you check first?

PrepAway - Latest Free Exam Questions & Answers

A.
Routes

B.
Policy configuration

C.
Phase 1 configuration options

D.
Phase 2 configuration options

Explanation:
Cookies are exchanged to prevent forms of IP spoofing, and to create a Security Association (SA) proposal list. Cookies are pseudo-random numbers 8 bytes in length that are generated by the sending machine, (I=Initiator) and receiving machine (R=Receptor). Every cookie is unique to the machine and to each particular exchange. This guarantees uniqueness and replay protection by hashing the sender’s IP address, port, protocol and timestamp, which results in a unique identifier known only to the originator
get ike cookie
Verifies the successful completion of Phase 1 cookie creation. If an IKE cookie has not been created, then Phase 1 has failed and further troubleshooting must be performed. Therefore the best way to start is by checking routes.


Leave a Reply