Which two statements are true when designing a SSL VPN solution using Cisco AnyConnect? (Choose two.)
A. The VPN server must have a self-signed certificate.
B. A SSL group pre-shared key must be configured on the server.
C. Server side certificate is optional if using AAA for client authentication.
D. The VPN IP address pool can overlap with the rest of the LAN networks.
E. DTLS can be enabled for better performance.
Why D is correct?
Overlaping VPN IP address pool with LAN networks will cause a routing problem.
A is partially correct because it “can have” and not “must have” a self-signed certificate.
All others are wrong.
except E for sure.