In a production environment, your gateway is configured to apply a Hide NAT for all internal traffic destined to the Internet. However, you are setting up a VPN tunnel with a remote gateway, and you are concerned about the encryption domain that you need to define on the remote gateway. Does the remote gateway need to include your production gateway’s external IP in its encryption domain?
A. No – all packets destined through a VPN will leave with original source and destination packets without translation.
B. No – all packets destined to go through the VPN tunnel will have the payload encapsulated in an ESP packet and after decryption at the remote site, will have the same internal source and destination IP addresses.
C. Yes – all packets destined to go through the VPN tunnel will have the payload encapsulated in an ESP packet and after decryption at the remote site, the packet will contain the source IP of the Gateway because of Hide NAT.
D. Yes – The gateway will apply the Hide NAT for this VPN traffic.
|
Download Printable PDF. VALID exam to help you PASS. |
 |
B