nerdexam
Exams300-415Questions#209
Cisco

300-415 · Question #209

300-415 Question #209: Real Exam Question with Answer & Explanation

The correct answer is C: hub WAN Edge. For intersite service chaining through a firewall, the hub WAN Edge router is configured with the service chain IP address to direct traffic to the firewall.

WAN Edge Router Deployment

Question

Which device should be configured with the service chain IP address to route intersite traffic through a firewall?

Options

  • AvSmart
  • Bspoke WAN Edge
  • Chub WAN Edge
  • DFirewall

Explanation

For intersite service chaining through a firewall, the hub WAN Edge router is configured with the service chain IP address to direct traffic to the firewall.

Common mistakes.

  • A. vSmart controllers define and distribute policies but do not directly handle data plane traffic forwarding or service chain IP addresses for data plane steering.
  • B. Spoke WAN Edge routers typically forward traffic to the hub for intersite communication and do not usually host the central service chain IP for a shared firewall.
  • D. The firewall itself would have its own IP address, but the SD-WAN device that is configured to send traffic to the firewall using a service chain IP is the hub WAN Edge.

Concept tested. Service chaining with hub WAN Edge

Reference. https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/sdwan-xe-gs-book/sdwan-security-configuration.html

Topics

#SD-WAN#Service Chaining#Hub-and-Spoke#WAN Edge

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-415 Practice