You are asked to establish an IPsec VPN to a neighboring device that receives its external IP address from a
DHCP server.
Which feature must be used on an SRX Series device?
A.
Aggressive mode
B.
Transport mode
C.
Diffie-Hellman group 5
D.
Proxy ID
A
0
0
It´s D because the remote neightbor is the one with dinamic ip
0
0
Should be A
One of the peers in the VPN setup is using a dynamic IP address (in this case, a remote firewall), so Aggressive mode is used.
Main mode is used in the VPN when both sites have a static IP address.
The remote-end firewall has a dynamic IP address instead of a static IP address, so an FQDN (fully qualified domain name) is used as IKE-IDENTITY in the IKE gateway configuration.
https://kb.juniper.net/InfoCenter/index?page=content&id=KB28077&actp=search
0
0