Which statement is true regarding the dynamic VPN feature for Junos devices?
A. It is supported on all SRX devices.
B. Preshared keys for Phase 1 must be used.
C. Aggressive mode is not supported.
D. Only route-based VPNs are supported.
One Comment on “Which statement is true regarding the dynamic VPN feature for Junos devices?”
Fesays:
For dynamic VPN tunnels, aggressive mode must be configured and only preshared keys are supported for Phase 1 authentication. A group IKE ID is used and the maximum number of connections is set to 10. Because dynamic VPNs must be policy-based VPNs, a security policy must be configured to forward traffic to the tunnel.
For dynamic VPN tunnels, aggressive mode must be configured and only preshared keys are supported for Phase 1 authentication. A group IKE ID is used and the maximum number of connections is set to 10. Because dynamic VPNs must be policy-based VPNs, a security policy must be configured to forward traffic to the tunnel.
http://www.juniper.net/documentation/en_US/junos12.3×48/topics/example/vpn-security-dynamic-example-configuring.html
The dynamic VPN feature is not supported on high-end SRX Series devices or on branch SRX Series devices in a chassis cluster.
http://www.juniper.net/techpubs/en_US/junos12.1×47/topics/concept/vpn-security-dynamic-overview.html
0
0