nerdexam
Exams300-415Questions#172
Cisco

300-415 · Question #172

300-415 Question #172: Real Exam Question with Answer & Explanation

The correct answer is D: Reconfigure the system-ip parameter on vSmart to 11.1.1.2.. The primary issue preventing vManage and vSmart from connecting to vBond is the duplicate 'system-ip' address shared between vManage and vSmart.

Controller Deployment

Question

Refer to the exhibit. vManage and vSmart have an issue establishing a connection to vBond. Which configuration resolves the issue? vManage system system-ip 10.11.11.1 host-name vManage site-id 1 clock timezone Europe/London vbond 11.1.1.3 organization-name Cisco.com Vpn 0 interface eth1 Ip address 11.1.1.24 No shut Tunnel-interface Allow-service all Ip route 0.0.0.0/0 11.1.1.254 vSmart system system-ip 10.11.11.1 host-name vSmart site-id 1 clock timezone Europe/Rome vbond 11.1.1.3 organization-name Cisco.com Vpn 0 interface eth1 Ip address 11.1.1.2/24 No shut Tunnel-interface Allow-service all Ip route 0.0.0.0/0 11.1.1.254 vBond system system-ip 10.11.11.3 host-name vManage site-id 1 clock timezone Europe/London vbond 11.1.1.1 local organization-name Cisco.com Vpn 0 interface ge0/0 Ip address 11.1.1.3/28 No shut Tunnel-interface Encapsulation ipsec Allow-service all Ip route 0.0.0.0/0 11.1.1.254

Options

  • AConfigure the tunnel interface on all three controllers with a color of transport.
  • BChange the timezone on the vSmart to Europe/London.
  • CConfigure the (11.1.1.X/24) IP addresses on the eth1 interfaces on vManage and vSmart.
  • DReconfigure the system-ip parameter on vSmart to 11.1.1.2.

Explanation

The primary issue preventing vManage and vSmart from connecting to vBond is the duplicate 'system-ip' address shared between vManage and vSmart.

Common mistakes.

  • A. Controllers' VPN 0 interfaces establish connectivity but do not typically have 'tunnel interface' configurations with a 'color of transport' in the same way WAN Edge routers do.
  • B. While timezone mismatches can sometimes cause issues with certificate validation, the most direct and severe problem here is the duplicate system-ip address, which fundamentally breaks controller identification and communication.
  • C. The IP addresses on the eth1 interfaces are already configured and appear to be valid within their respective subnets, so configuring them again would not resolve the duplicate system-ip issue.

Concept tested. SD-WAN controller unique system-IP requirement

Reference. https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/sdwan-xe-gs-book/sdwan-overlay-network-components-and-functions.html

Topics

#SD-WAN Control Plane#Controller Configuration#System IP#vBond Connectivity

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-415 Practice