ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-209 All Questions

View all questions & answers for the 300-209 exam
Go to Exam

Exam 300-209 topic 1 question 133 discussion

Actual exam question from Cisco's 300-209
Question #: 133
Topic #: 1
[All 300-209 Questions]

SIMULATION -
Scenario:
You are the network security manager for your organization. Your manager has received a request to allow an external user to access to your HQ and DM2 servers. You are given the following connection parameters for this task.
Using ASDM on the ASA, configure the parameters below and test your configuration by accessing the Guest PC. Not all AS DM screens are active for this exercise. Also, for this exercise, all changes are automatically applied to the ASA and you will not have to click APPLY to apply the changes manually.
Enable Clientless SSL VPN on the outside interface
Using the Guest PC, open an Internet Explorer window and test and verify the basic connection to the SSL VPN portal using address: https://vpn-secure- x.public
a. You may notice a certificate error in the status bar, this can be ignored for this exercise
b. Username: vpnuser
c. Password: cisco123
d. Logout of the portal once you have verified connectivity
Configure two bookmarks with the following parameters:
a. Bookmark List Name: MY-BOOKMARKS
b. Use the: URL with GET or POST method
c. Bookmark Title: HQ-Server
i. http://10.10.3.20
d. Bookmark Title: DMZ-Server-FTP
i. ftp://172.16.1.50
e. Assign the configured Bookmarks to:
i. DfltGrpPolicy
ii. DfltAccessPolicy
iii. LOCAL User: vpnuser
From the Guest PC, reconnect to the SSL VPN Portal
Test both configured Bookmarks to ensure desired connectivity
You have completed this exercise when you have configured and successfully tested Clientless SSL VPN connectivity.
Topology:


Show Suggested Answer Hide Answer
Suggested Answer: Please find the solution in below explanation
First, enable clientless VPN access on the outside interface by checking the box found below:

Then, log in to the given URL using the vpnuser/cisco123 credentials:

Logging in will take you to this page, which means you have now verified basic connectivity:

Now log out by hitting the logout button.
Now, go back to the ASDM and navigate to the Bookmarks portion:

Make the name MY-BOOKMARKS and use the "Add" tab and add the bookmarks per the instructions:

Ensure the "URL with GET of POST method" button is selected and hit OK:

Add the two bookmarks as given in the instructions:


You should now see the two bookmarks listed:

Hit OK and you will see this:

Select the MY-BOOKMARKS Bookmarks and click on the "Assign" button. Then, click on the appropriate check boxes as specified in the instructions and hit OK.

After hitting OK, you will now see this:

Then, go back to the Guest-PC, log back in and you should be able to test out the two new bookmarks.
by Kilocron at Nov. 19, 2019, 2:10 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Kilocron
5 years, 5 months ago
The answer shows them putting in HTTP for the DMZ Bookmark, but if you look at the directions it needs to be FTP so be careful.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago