nerdexam
Exams300-415Questions#305
Cisco

300-415 · Question #305

300-415 Question #305: Real Exam Question with Answer & Explanation

The correct answer is C: IPsec turtle. When configuring Cloud OnRamp for IaaS in an Azure environment, an IPsec tunnel is established between the host VNet and a transit VNet to facilitate secure and encrypted connectivity to the SD-WAN fabric.

Architecture

Question

Which type of connection is created between a host VNet and a transit VNet when configuring Cloud OnRamp for Iease?

Options

  • AGRE tunnel
  • BAzure peer link
  • CIPsec turtle
  • DAzure private endpoint

Explanation

When configuring Cloud OnRamp for IaaS in an Azure environment, an IPsec tunnel is established between the host VNet and a transit VNet to facilitate secure and encrypted connectivity to the SD-WAN fabric.

Common mistakes.

  • A. GRE tunnels are used for specific routing needs but are not the primary secure connection type established by Cloud OnRamp for IaaS between VNets for data plane security.
  • B. Azure peer links (VNet peering) connect VNets within Azure but do not provide the secure overlay connectivity orchestrated by Cloud OnRamp for IaaS with the SD-WAN fabric.
  • D. Azure private endpoints offer private access to Azure services, but they are not used for creating network-to-network secure connections for SD-WAN integration between VNets.

Concept tested. Cloud OnRamp for IaaS connection type

Reference. https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/SD-WAN/cloud-onramp-azure-sd-wan/cloud-onramp-azure-sd-wan-guide.html

Topics

#Cloud OnRamp for IaaS#IPsec tunnel#SD-WAN Cloud Integration#VNet connectivity

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-415 Practice