ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-710 All Questions

View all questions & answers for the 300-710 exam
Go to Exam

Exam 300-710 topic 1 question 357 discussion

Actual exam question from Cisco's 300-710
Question #: 357
Topic #: 1
[All 300-710 Questions]



Refer to the exhibit. An engineer is troubleshooting connectivity issues over a VPN tunnel. Users from the 192.168.68.0/24 network report that they cannot connect to a remote web server that has an IP address of 192.168.67.100. The engineer confirms that NAT and access control rules on the local Cisco Secure Firewall Threat Defense Virtual will allow the connection. Which two configuration changes must the engineer make to resolve the connectivity issues? (Choose two.)

  • A. Unblock the remote firewall connection
  • B. Set the VPN to support two-way traffic.
  • C. Bring the VPN tunnel up.
  • D. Match the crypto access control list.
  • E. Reconfigure the web server
Show Suggested Answer Hide Answer
Suggested Answer: CD 🗳️
by Silexis at Feb. 6, 2025, 3:56 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
whysohardwhy
4 days, 22 hours ago
Selected Answer: AE
A. Unblock the remote firewall connection B. Set the VPN to support two-way traffic. --- wrong , already there're inbound and outbound C. Bring the VPN tunnel up. --- wrong - already up D. Match the crypto access control list. -- wrong, VPN already up E. Reconfigure the web server
upvoted 1 times
...
Silexis
2 weeks, 2 days ago
Selected Answer: AE
From the output it looks like a VPN connection is established fine at Phase 2 (ipsec) - as both packets encrypt/decrypt counters show traffic. The SA Lifetime in sec is also in place - so, IMHO, the VPN config looks fine (also the ACL defining interesting traffic is fine with Source-Destination specifications). Looking at this phrase "The engineer confirms that NAT and access control rules on the local Cisco Secure Firewall Threat Defense Virtual will allow the connection" it tells me that the local head-end is correctly configured - making me think that the real issue is on the remote end BUT not on IPSEC VPN side as that one is UP. Using eliminating techniques and based on Remote End issues, where there is no output, I will go with a Remote Firewall situation and a Web Server reconfiguration
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago