Which feature must be used on an SRX Series device?

You are asked to establish an IPsec VPN to a neighboring device that receives its external IP address from a
DHCP server.
Which feature must be used on an SRX Series device?

You are asked to establish an IPsec VPN to a neighboring device that receives its external IP address from a
DHCP server.
Which feature must be used on an SRX Series device?

A.
Aggressive mode

B.
Transport mode

C.
Diffie-Hellman group 5

D.
Proxy ID

Show Hint

Leave a Reply 3

Your email address will not be published. Required fields are marked *

geloq

geloq

It´s D because the remote neightbor is the one with dinamic ip

Reply

Dilip Kumar

Dilip Kumar

Should be A

One of the peers in the VPN setup is using a dynamic IP address (in this case, a remote firewall), so Aggressive mode is used.
Main mode is used in the VPN when both sites have a static IP address.
The remote-end firewall has a dynamic IP address instead of a static IP address, so an FQDN (fully qualified domain name) is used as IKE-IDENTITY in the IKE gateway configuration.

https://kb.juniper.net/InfoCenter/index?page=content&id=KB28077&actp=search

Reply