ExamTopics Logo
Mail Us[email protected]
Menu
Vmware Discussions
exam questions

Exam 2V0-61.20 All Questions

View all questions & answers for the 2V0-61.20 exam
Go to Exam

Exam 2V0-61.20 topic 1 question 29 discussion

Actual exam question from VMware's 2V0-61.20
Question #: 29
Topic #: 1
[All 2V0-61.20 Questions]

When using a third party load balancer to provide the tunnel service on the Unified Access Gateway (UAG), what should the SSL setting be on the load balancer?

  • A. SSL Re-encryption
  • B. SSL Encryption
  • C. SSL Offloading
  • D. SSL Passthrough
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by exampanic at Nov. 11, 2020, 11:45 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
A_Marzouk
Highly Voted 4 years, 2 months ago
i believe it should be: D https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2005/Tunnel_Linux/GUID-AWT-SSLOFFLOADING.html "SSL Offloading and SSL re-encryption is not supported for the Per-App Tunnel"
upvoted 6 times
...
UEM_Kenobi
Most Recent 2 years, 11 months ago
The Answer is: C Load Balancer Checklist for Tunnel Service Before diving into the load balancer requirements, the following checklist contains the recommended load balancer settings to properly handle the Tunnel traffic on Unified Access Gateway. SSL Requirement Passthrough https://techzone.vmware.com/understand-and-troubleshoot-tunnel-connections#ssl-offloading-and-ssl-re-encryption "SSL Offloading and SSL re-encryption are not supported and must be turned off."
upvoted 1 times
...
dsyed
3 years, 9 months ago
B is correct. The SEG on UAG does not support a non-SSL configuration. If the SSL traffic from a device is offloaded on a Load Balancer or F5 network, the SEG must be configured with any SSL certificate to ensure that the traffic reaching the SEG from these network components is encrypted. In such a scenario, the SSL certificate rotation for SEG is applicable as explained in the Upload the SSL Certificate Locally For SEG Edge Service on the UAG Admin UI section. https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2011/WS1-Secure-Email-Gateway/GUID-D71CBEF1-3754-4362-95EE-15B269E68B61.html
upvoted 1 times
...
mnaveedishtiaq
4 years, 1 month ago
based on my experience, it should be D.... had faced this issue in production, moving to SSL pass through resolved my issue
upvoted 2 times
...
kunyo99
4 years, 4 months ago
The Answer should be B. "Unified Access Gateway appliances work with standard third-party load balancing solutions that are configured for HTTPS." https://docs.vmware.com/en/Unified-Access-Gateway/3.3/com.vmware.uag-33-deploy-config.doc/GUID-9B1FB477-A1E0-4617-BCBF-726867210AD8.html
upvoted 2 times
...
jsj1
4 years, 5 months ago
I believe answer is C - SSL Offloading. https://docs.vmware.com/en/Unified-Access-Gateway/2009/uag-deploy-config/GUID-9B1FB477-A1E0-4617-BCBF-726867210AD8.html Configure the load balancers to Send Original HTTP Headers to avoid device connectivity problems. Content Gateway and Tunnel Proxy use information in the request's HTTP header to authenticate devices.
upvoted 4 times
Chevell
4 years, 2 months ago
I think you're on the right track here, but the answer should be passthrough. Offloading SSL would change the headers. I believe best practice here is Passthrough - D.
upvoted 4 times
...
...
exampanic
4 years, 5 months ago
Correct answer should be A
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago