It has been reported that VPN tunnel is not coming up with remote site, what could be the issues?

Posted by: Pdfprep Category: 400-251 Tags: , ,

Refer to the exhibit.

R15

crypto pki trustpoint ccier15

enrollment url http://172.16.100.17:8080

serial-number

ip-address 172.16.100.15

subject-name CN=r15 O=cisco.com

revocation-check none

source interface Loopback0

rsakeypair ccier15

!

crypto isakmp policy 1516

encr aes

hash md5

group 2

!

crypto ipsec transform-set ts1516 esp-aes esp-sha-hmac

mode tunnel

!

crypto map r15r16 1516 ipsec-isakmp

set peer 10.1.7.16

set transform-set ts1516

match address 110

!

interface Loopback0

ip address 172.16.100.15 255.255.255.255

!

interface Loopback1

ip address 192.168.15.15 255.255.255.0

!

interface GigabiEthernet1

ip address 20.1.6.15 255.255.255.0

netgotiation auto

crypto map r15r16

!

router bgp 6

bgp log-neighbor-changes

network 172.16.100.15 mask 255.255.255.255

neighbor 20.1.6.18 remote-as 678

neighbor 20.1.6.18 password cisco

!

ip route 192.168.16.0 255.255.255.0 20.1.7.16

access-list 110 permit ip 192.168.15.0 0.0.0.255 192.168.16.0 0.0.0.255

!

ntp authentication-key 11 md5 ccie

ntp authenticate

ntp trusted-key 12

ntp server 150.1.7.131 key 12

!

ip domain name cisco.com

R15 is building a Site-to-Site IPsec certificate-based VPN tunnel with the peer at 20.1.7.16. The CA is running at port 80 on address 172.16.100.18. R15 has a BGP peer at 20.6.1.18 doing an authenticated session to establish reachability with the VPN remote site.

The VPN tunnel secures traffic between 192.168.15.0/24 and 192.168.16.0/24 networks.

It has been reported that VPN tunnel is not coming up with remote site, what could be the issues? (Choose two)
A . Incorrect ACL defined for the traffic encryption
B . Incorrect static route
C . Incorrect crypto map configuration
D . Incorrect ISAKMP policy configuration
E . The crypto map is not applied on the correct interface
F . Incorrect truspoint configuration
G . Incorrect BGP peer Configuration
H . Incorrect transform set configuration

Answer: FG



Leave a Reply

Your email address will not be published.