nerdexam
Exams300-415Questions#185
Cisco

300-415 · Question #185

300-415 Question #185: Real Exam Question with Answer & Explanation

The correct answer is A: vpn 0 interface eth1 ip address 199.1.1.1/28 tunnel-interface allow-service sshd allow-service netconf no shutdown. Certificate installation on vBond and vSmart controllers requires configuring the tunnel-interface within VPN 0, which is dedicated to the transport network.

Controller Deployment

Question

An engineer must apply the configuration for certificate installation to vBond Orchestrator and vSmart Controller. Which configuration accomplishes this task?

Options

  • Avpn 0 interface eth1 ip address 199.1.1.1/28 tunnel-interface allow-service sshd allow-service netconf no shutdown
  • Bvpn 512 interface eth1 ip address 199.1.1.1/28 tunnel-interface allow-service sshd allow-service netconf

Explanation

Certificate installation on vBond and vSmart controllers requires configuring the tunnel-interface within VPN 0, which is dedicated to the transport network.

Common mistakes.

  • B. VPN 512 is designated as the management VPN, primarily used by vManage for out-of-band management of devices, and is not where vBond and vSmart certificates are used to secure control plane tunnels for data plane functions.

Concept tested. Cisco SD-WAN controller certificate configuration

Reference. https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/sdwan-xe-gs-book/m-sdwan-config.html#C_ID_0F191590_00

Topics

#SD-WAN Control Plane#VPN 0#Controller Interface#Certificate Deployment

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-415 Practice