ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-730 All Questions

View all questions & answers for the 300-730 exam
Go to Exam

Exam 300-730 topic 1 question 77 discussion

Actual exam question from Cisco's 300-730
Question #: 77
Topic #: 1
[All 300-730 Questions]


Refer to the exhibit. Upon setting up a tunnel between two sites, users are complaining that connections to applications over the VPN are not working consistently.
The output of show crypto ipsec sa was collected on one of the VPN devices. Based on this output, what should be done to fix this issue?

  • A. Lower the tunnel MTU.
  • B. Enable perfect forward secrecy.
  • C. Specify the application networks in the remote identity.
  • D. Make an adjustment to IPSec replay window.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by abd123 at Sept. 12, 2021, 6:51 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Rosh8787
11 months ago
D is the correct answer
upvoted 1 times
...
mihaid
1 year, 2 months ago
Selected Answer: D
I would say D , but again fked up question that could also be A
upvoted 1 times
...
albee3_20
2 years, 3 months ago
Selected Answer: D
https://community.cisco.com/t5/vpn/ipsec-anti-replay-errors-on-1-gig-vpn-tunnel/td-p/4524103
upvoted 1 times
...
mazinhoo
2 years, 3 months ago
Selected Answer: D
i think the correct answer here is D: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dplane/configuration/xe-16-8/sec-ipsec-data-plane-xe-16-8-book/sec-ipsec-antireplay.html#GUID-1FF00FBB-0746-48B2-A02A-2BB066BEDEF8
upvoted 1 times
...
AF_Nick
2 years, 4 months ago
Selected Answer: D
Replay window is racking up failures.
upvoted 1 times
...
[Removed]
2 years, 6 months ago
I'd say this question is a bit confusing. There are packets that are falling out of anti-replay window - which might by caused by the MTU - as we can see path MTU is 1500. So I'd go with A however it is also possible to play with anti-replay window: https://www.cisco.com/c/en/us/support/docs/ip/internet-key-exchange-ike/116858-problem-replay-00.html However in general that is not recommended. Especially when fragmentation makes the packets fall out of anti-replay window.
upvoted 2 times
...
abd123
3 years, 2 months ago
explain please
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel