ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSE All Questions

View all questions & answers for the PCNSE exam
Go to Exam

Exam PCNSE topic 1 question 23 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 23
Topic #: 1
[All PCNSE Questions]

An administrator needs to implement an NGFW between their DMZ and Core network. EIGRP Routing between the two environments is required.
Which interface type would support this business requirement?

  • A. Virtual Wire interfaces to permit EIGRP routing to remain between the Core and DMZ
  • B. Layer 3 or Aggregate Ethernet interfaces, but configuring EIGRP on subinterfaces only
  • C. Tunnel interfaces to terminate EIGRP routing on an IPsec tunnel (with the GlobalProtect License to support LSVPN and EIGRP protocols)
  • D. Layer 3 interfaces, but configuring EIGRP on the attached virtual router
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Edu147 at July 24, 2019, 8:45 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Edu147
Highly Voted 6 years ago
Correct answer is A Because PAN doesn't support EIGRP, therefore we need to set virtual wires
upvoted 21 times
...
GeoGR2022
Highly Voted 3 years, 2 months ago
Selected Answer: A
EIGRP is not a supported Dynamic routing protocol and Virtual Wire interfaces do no need a virtual router...
upvoted 8 times
...
Nico1973
Most Recent 1 month, 1 week ago
Selected Answer: A
To implement a Palo Alto Networks Next-Generation Firewall (NGFW) between your DMZ and Core network while ensuring EIGRP routing continues to function, you need an interface type that allows the routing protocol to pass through without requiring the firewall to support EIGRP directly. Given that PAN-OS does not natively support EIGRP, the best option is likely Virtual Wire interfaces, which operate transparently and let EIGRP traffic flow as if the firewall isn’t there.
upvoted 1 times
...
Nico1973
1 month, 1 week ago
Selected Answer: D
The correct answer is: **D. Layer 3 interfaces, but configuring EIGRP on the attached virtual router** ### Key Configuration Steps: 1. Assign **Layer 3 interfaces** to zones (e.g., DMZ and Core). 2. Enable **EIGRP** in the Virtual Router and advertise networks.
upvoted 1 times
...
Nico1973
2 months, 4 weeks ago
Selected Answer: D
The correct answer is: **D. Layer 3 interfaces, but configuring EIGRP on the attached virtual router** ### Explanation: To support **EIGRP routing** between the DMZ and Core networks on a Palo Alto NGFW: 1. **Layer 3 interfaces** must be used (EIGRP is a Layer 3 routing protocol). 2. EIGRP is configured in the **Virtual Router**, not on individual interfaces.
upvoted 1 times
cumzle_com
2 months, 3 weeks ago
no bro PAN doesn't support EIGRP so as workaround vWIRE is the solution.
upvoted 2 times
...
...
ALCOSTA35
9 months ago
Selected Answer: A
The correct answer is A because EIGRP is not supported routing protocol, but the questions is not well formulated.
upvoted 1 times
...
Marshpillowz
1 year, 6 months ago
Selected Answer: A
Correct answer is A
upvoted 1 times
...
vj77
4 years, 3 months ago
EIGRP is a Cisco proprietary protocol. The dynamic routing protocols supported on the PAN are RIPv2, OSPF and BGP. Answer A.
upvoted 2 times
...
UmaShankar
4 years, 9 months ago
Answer is A
upvoted 1 times
...
alpha520
5 years, 2 months ago
A is correct
upvoted 1 times
...
Ahmad_Zahran
5 years, 3 months ago
Correct answer is A Because PAN doesn't support EIGRP,
upvoted 4 times
...
asmaam
5 years, 4 months ago
correct answer is A
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel