PrepAway - Latest Free Exam Questions & Answers

Which two statements about the new deployment are true?

You are asked to deploy a group VPN between various sites associated with your company.
The gateway devices at the remote locations are SRX240 devices. Which two statements
about the new deployment are true? (Choose two.)

PrepAway - Latest Free Exam Questions & Answers

A.
The networks at the various sites must use NAT.

B.
The participating endpoints in the group VPN can belong to a chassis cluster.

C.
The networks at the various sites cannot use NAT.

D.
The participating endpoints in the group VPN cannot be part of a chassis cluster.

6 Comments on “Which two statements about the new deployment are true?

  3. jncip says:

    From AJSEC:

    Group VPN Limitations

    As with any new feature set, there are some limitations and features that are not yet supported as of
    the Junos OS 12.1R1.9 version. The slide outlines the features and functionality that is not currently
    supported when using a group VPN.
    • A group VPN must be configured in main instance. It is not supported in a non-default
    routing instances.
    • A group VPN is not supported in a chassis cluster environment. <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
    • There is no support for co-operative key servers where two key servers maintain a group
    membership state between them and members can simultaneously register to both key
    servers.
    • Route-based group VPN is not available.
    • A group VPN requires globally routable addresses even for hosts behind a VPN Gateway.
    Hence, the group VPN solution will not work over the Internet or in NAT environments. <<<<<<<<<<<<<<<<<<<<<<<<<<<
    • Simple Network Management Protocol (SNMP) in not currently available with group
    VPNs.
    • Group VPN configuration and monitoring is not available through the J-Web interface.




    0



    0

Leave a Reply