Which option shows the correct traffic selectors for the child SA on the remote ASA, when the headquarter ASA initiates the tunnel?
A. Local selector 192.168.33.0/0-192.168.33.255/65535 Remote selector 192.168.20.0/0-192.168.20.255/65535
B. Local selector 192.168.33.0/0-192.168.33.255/65535 Remote selector 192.168.22.0/0-192.168.22.255/65535
C. Local selector 192.168.22.0/0-192.168.22.255/65535 Remote selector 192.168.33.0/0-192.168.33.255/65535
D. Local selector 192.168.33.0/0-192.168.33.255/65535 Remote selector 0.0.0.0/0 – 0.0.0.0/65535
E. Local selector 0.0.0.0/0 – 0.0.0.0/65535 Remote selector 192.168.22.0/0 -192.168.22.255/65535
But the correct one not the configured one. so i think B is correct
B clearly, … guys, the question is only 1 sentence, not so difficult to read it, is it ?
Correct answer is D. internet traffic across the tunnel must be 0.0.0.0.
Well, remote network is set to any on the remote AS. So the correct answer is D. Also it states in the question that all traffic including internet traffic needs to be sent to HQ. If B is the correct answer then only traffic coming from 33 subnet going to 22 subnet would hit the tunnel.
you are right answer id D