ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-209 All Questions

View all questions & answers for the 300-209 exam
Go to Exam

Exam 300-209 topic 1 question 74 discussion

Actual exam question from Cisco's 300-209
Question #: 74
Topic #: 1
[All 300-209 Questions]

SIMULATION -


Show Suggested Answer Hide Answer
Suggested Answer: Here are the steps as below
Step 1: configure key ring -
crypto ikev2 keyring mykeys
peer SiteB.cisco.com
address 209.161.201.1
pre-shared-key local $iteA
pre-shared key remote $iteB
Step 2: Configure IKEv2 profile

Crypto ikev2 profile default -
identity local fqdn SiteA.cisco.com
Match identity remote fqdn SiteB.cisco.com

Authentication local pre-share -

Authentication remote pre-share -

Keyring local mykeys -
Step 3: Create the GRE Tunnel and apply profile
crypto ipsec profile default
set ikev2-profile default

Interface tunnel 0 -
ip address 10.1.1.1 255.255.255.0

Tunnel source eth 0/0 -
Tunnel destination 209.165.201.1
tunnel protection ipsec profile default
end
by Mto at Jan. 6, 2020, 5:28 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Mto
5 years, 5 months ago
So in this config suggestion, there is no change to the default proposale. I might be using a different image, but wouldn´t we need to do enry aes-cbc128, int sha 1 and group 5 in the default proposale, if we wanted to make sure ? Or else they will negotiate the best possible solution, depending on the remote siteB
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel