You are asked to deploy a group VPN between various sites associated with your company.
The gateway devices at the remote locations are SRX240 devices. Which two statements
about the new deployment are true? (Choose two.)
A.
The networks at the various sites must use NAT.
B.
The participating endpoints in the group VPN can belong to a chassis cluster.
C.
The networks at the various sites cannot use NAT.
D.
The participating endpoints in the group VPN cannot be part of a chassis cluster.
D is no longer good answer if we take: Junos OS 15.1X49-D40
http://www.juniper.net/documentation/en_US/junos15.1×49-d40/topics/concept/vpn-security-group-limitations-understanding.html
So B and C are correct.
0
0
HI Pawel,
as per your provided link it indicate in the first line that “The following are not supported in this release for Group VPNv2:” and one of them is “Group members configured as chassis clusters.”. So, we still have the same limitation in this new release. C and D are the correct answers.
0
0
C and D are correct
0
0
Understanding Group VPN Limitations
The following are not supported in this release for group VPNs:
Non-default routing instances
Chassis cluster >>>>>>>>>>>>>>>>>>>>>>>>>>
Server clusters
Route-based group VPN
Public Internet-based deployment
SNMP
Deny policy from Cisco GET VPN server
J-Web interface for configuration and monitoring
http://www.juniper.net/documentation/en_US/junos12.1×47/topics/concept/vpn-security-group-limitations-understanding.html
The following are not supported in this release for Group VPNv2:
SNMP.
Deny policy from Cisco GET VPN server.
PKI support for Phase 1 IKE authentication.
Colocation of group server and member, where server and member functions coexist in the same physical device.
Group members configured as chassis clusters. <<<<<<<<<<<<<<<<<<<<<<<<<<<
J-Web interface for configuration and monitoring.
Multicast data traffic.
Group VPNv2 is not supported in deployments where IP addresses cannot be preserved—for example, across the Internet where NAT is used.
http://www.juniper.net/techpubs/en_US/junos15.1×49-d40/topics/concept/vpn-security-group-limitations-understanding.html
0
0
Passed JN0-633 exam recently!
65 multiple choice questions, a little difficult to pass.
Pay close attention to questions on AppQoS, Routing (OSPF, BGP) in VPN (group, auto and hub-and-spoke), AppSecure, troubleshoot of IPSec, etc.
I learned valid JN0-633 dumps here:
http://www.passleader.com/jn0-633.html (209Q VCE and PDF)
Recommend to you!
0
0
P.S.
You can download that 209Q dumps for free, here:
https://doc.co/Tek7cT
Good Luck!
0
0