SIMULATION

SIMULATION

300-209-implementing-cisco-secure-mobility-solutions-simos_img_042

300-209-implementing-cisco-secure-mobility-solutions-simos_img_043

300-209-implementing-cisco-secure-mobility-solutions-simos_img_044

cisco-exams

4 thoughts on “SIMULATION

  1. There is no assumptions for ikev2 or ipsec. You are over thinking this simple “default” setting built in the IOS software.

    When you specify the word “default” at the end, you are telling the system to use the default built in proposal. This exam also has a question that ask “what’s the default proposal for ikev2?”. The answer is below.

    SiteA#show crypto ikev2 proposal default
    IKEv2 proposal: default
    Encryption : AES-CBC-256 AES-CBC-192 AES-CBC-128
    Integrity : SHA512 SHA384 SHA256 SHA96 MD596
    PRF : SHA512 SHA384 SHA256 SHA1 MD5
    DH Group : DH_GROUP_1536_MODP/Group 5 DH_GROUP_1024_MODP/Group 2

    SiteA#show crypto ikev2 policy default
    IKEv2 policy : default
    Match fvrf : any
    Match address local : any
    Proposal : default

    As for the keyring name, cisco is Telling you to use “mykeys” because “SiteB is preconfigured”. Just like in the other

  2. Other assumptions: crypto ikev2 profile = default
    crypto ipsec profile = default

    In all cases, always look at the configuration on Site B’s router, and verify what they are, so you can match on Site A.

  3. This is missing several aspects from the question, and is making assumptions about others.

    Missing: No IkeV2 proposal
    No ikev2 policy
    No IPsec transform-set

    Assumptions: keyring name = mykeys

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.