ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-730 All Questions

View all questions & answers for the 300-730 exam
Go to Exam

Exam 300-730 topic 1 question 113 discussion

Actual exam question from Cisco's 300-730
Question #: 113
Topic #: 1
[All 300-730 Questions]

A user at a company HQ is having trouble accessing a network share at a branch site that is connected with a L2L IPsec VPN. While troubleshooting, a network security engineer runs a packet tracer on the Cisco ASA to simulate the user traffic and discovers that the encryption counter is increasing but the decryption counter is not. What must be configured to correct this issue?

  • A. Adjust the routing on the remote peer device to direct traffic back over the tunnel.
  • B. Adjust the preshared key on the remote peer to allow traffic to flow over the tunnel.
  • C. Adjust the transform set to allow bidirectional traffic.
  • D. Adjust the peer IP address on the remote peer to direct traffic back to the ASA.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by gondohwe at Nov. 13, 2023, 4:19 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kylesam2017
11 months ago
To correct the issue of encryption counter increasing but the decryption counter not increasing in a L2L IPsec VPN scenario, it is likely that the routing on the remote peer device needs to be adjusted to direct traffic back over the tunnel. When traffic is sent over a L2L IPsec VPN, it is encrypted at the source and decrypted at the destination. If the encryption counter is increasing but the decryption counter is not, it suggests that the encrypted traffic is not reaching the destination properly for decryption. In this case, it is recommended to review the routing configuration on the remote peer device. Ensure that the routes are properly configured to direct the traffic destined for the HQ network (where the network share is located) over the IPsec VPN tunnel. By adjusting the routing on the remote peer device to correctly route traffic back over the tunnel, the encrypted traffic will reach the destination (HQ network) and get decrypted, resolving the issue of the decryption counter not increasing.
upvoted 1 times
...
gondohwe
1 year ago
answer should be A since the tunnel is working 1 way...peer needs to know the way back definately with routing
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel