A FortOS devices is used for termination of VPNs for number of remote spoke VPN units (designated group A spokes) using a phase 1 main mode dial-up tunnel using pre-shared. Your company recently acquired another organization. You are asked establish VPN correctively for the newly acquired organization’s sites which new devices will be provisioned (designated Group B spokes). Both exiting (Group A) and new (Group B) spoke units are dynamically addressed. You are asked to ensure that spokes from the acquired organization (Group B) have different access permission than your existing VPN spokes (Group A).
Which two solutions meet the represents for the new spoke group? (Choose two.)
A . implements a new phase 1 dial-up mode tunnel with preshared keys and XAuth. Use identity to filter traffic.
B . Implement a new phase 1 dial-up main mode tunnel with a different pre-shared key than the Group A spokes. Use standard policies to filter for the new dial-up tunnel
C . Implement a new phase 1 dial-up main mode tunnel with certificate authentication. Use standard policies to filter for the dial-up tunnel.
D . Implement separate phase 1 dial-up aggressive mode tunnels with a distinct peer I
E . Use standard policies to filter traffic for the new dial-up tunnel.
Answer: AB
Leave a Reply