What needs to be configured during phase 2 of a route-based VPN, that does not have to be configured during a policy-based VPN?

What needs to be configured during phase 2 of a route-based VPN, that does not have to be configured during a policy-based VPN? (assume both devices are NetScreens using route-based VPNs)

What needs to be configured during phase 2 of a route-based VPN, that does not have to be configured during a policy-based VPN? (assume both devices are NetScreens using route-based VPNs)

A.
Proxy-id

B.
Tunnel-binding

C.
Transport mode

D.
Replay protection

E.
Custom proposals

Explanation:
Route-based VPNs, like policy-based VPNs, can also use either manual key or autokey IKE, but are configured and function somewhat differently. Route-based VPNs do not make reference to a tunnel object, but rather the destination address of the traffic. When the NetScreen appliance performs a route lookup to see which interface it should use to send the traffic, it sees there is a route through a tunnel interface that is bound to a VPN tunnel and uses that interface to deliver the traffic.



Leave a Reply 0

Your email address will not be published. Required fields are marked *