which statement is true?

Referring to partial IOS router configuration shown in the exhibit, which statement is true?

Referring to partial IOS router configuration shown in the exhibit, which statement is true?

A.
Traffic from subnet 172.16.4. 0/24 to the 172.16.3.0/24 subnet will be protected by IPSec and will go through NAT

B.
All traffic from subnet 172.16.4.0/24 to the 172.16.3.0/24 subnet will go through NAT

C.
ACL 104 is the crypto ACL defining traffic that should be protected by IPSec

D.
Traffic from subnet 172.16.4.0/24 to any destinations will be protected by IPSec and will bypass NAT

E.
All IPSec protected traffic will bypass NAT

Explanation:
Traffic between the 2 networks will go encrypted as per ACL crypto 103 and will not fall in the NAT as per the deny in ACL 104 unless if not going to that subnet..

Show Hint

Leave a Reply 2

Your email address will not be published. Required fields are marked *

Waqas Younas

Waqas Younas

Ans is E

because the interesting traffic of IPSEC has been denied in ACL 104 and then called it to the Route-map for Nat, Route-map is in permit state so the interested traffic of IPSEC will now not face the NAT.

so ANS A is wrong.

Reply

Riley

Riley

Yes, E is the correct answer even though the permitted traffic will fail in an actual implementation.

Reply