In the process of troubleshooting traffic issues across a VPN tunnel, you notice on the output of fw monitor -e host(172.21.1.10), accept; that packets are going through the inbound chain (i > I) and then disappearing after the outbound chain (o > __), while you were expecting to see the packet leave on O. What could be causing this issue?
A. When packets are destined to leave through a VPN tunnel, it is encrypted and encapsulated in an ESP packet, and thus will not show up on a fw monitor.
B. It’s not showing up on the fw monitor because it is exiting the wrong interface
C. The packet is getting silently dropped because there is no route for the packet.
D. The gateway never completed the IKE and IPSec key exchange, and the tunnel does not exist yet.
|
Download Printable PDF. VALID exam to help you PASS. |
 |
A