Which command on the ASA is missing?

300-730 V2 0 Comments

Refer to the exhibit.

Client 1 cannot communicate with client 2. Both clients are using Cisco AnyConnect and have established a successful SSL VPN connection to the hub ASA.

Which command on the ASA is missing?

A. dns-server value 10.1.1.2

B. same-security-traffic permit intra-interface

C. same-security-traffic permit inter-interface

D. dns-server value 10.1.1.3

Answer: B

Explanation:

The same-security-traffic intra-interface command lets traffic enter and exit the same interface, which is normally not allowed. This feature might be useful for VPN traffic that enters an interface, but is then routed out the same interface. The VPN traffic might be unencrypted in this case, or it might be reencrypted for another VPN connection. For example, if you have a hub and spoke VPN network, where the security appliance is the hub, and remote VPN networks are spokes, for one spoke to communicate with another spoke, traffic must go into the security appliance and then out again to the other spoke.

Latest 300-730 Dumps Valid Version with 98 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 300-730 PDF     300-730 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments