Which command will prevent a group policy from inheriting a filter ACL in a clientless SSL VPN?
A. vpn-filter none
B. no vpn-filter
C. filter value none
D. filter value ACLname
Which command will prevent a group policy from inheriting a filter ACL in a clientless SSL VPN?
A. vpn-filter none
B. no vpn-filter
C. filter value none
D. filter value ACLname
A is correct
Correct Answer is: A: vpn-filter none Look example from my lab:
asa253(config)# group-policy sales-group attributes
asa253(config-group-policy)# vpn-filter ?
group-policy mode commands/options:
none Specify that no filter will be applied to users
value Specify the name of a filter that will be applied to users
And look keyword “vpn-filter none” in document
https://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/T-Z/cmdref4/v.html
ok but why this on the referenced document
Usage Guidelines
Clientless SSL VPN does not use the ACL defined in the vpn-filter command.
It’s not a because Clientless SSL VPN does not use the ACL defined in the vpn-filter command.
https://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/T-Z/cmdref4/v.html
Seems to be C.
Correct answer is C
To prevent inheriting filter values, use the filter value none command.
https://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/A-H/cmdref1/f2.html
The correct one is A
vpn-filter none
i test this on my lab and you only has two options, none or ACL value!
group-policy mode commands/options:
none Specify that no filter will be applied to users
value Specify the name of a filter that will be applied to users
(config-group-policy)# vpn-filter none
From the same document:
“The no option allows inheritance of a value from another group policy. To prevent inheriting filter values, use the filter value none command. “
Correct Answer C.
https://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/A-H/cmdref1/f2.html
Correct Answer is: A