300-415 Question #394: Real Exam Question with Answer & Explanation

Question

Options

• Avpn 0 interface ge0/0 description *** TO ISP CID 64:ff9b:1:4376:65ff:34ff:21ff:9c7f *** tunnel-interface encapsulation ipsec color biz-internet group 100
• Bvpn 0 interface ge0/0 description *** TO ISP CID 64:ff9b:1:4376:48f8:ff5f:4f77:f46f *** tunnel-interface encapsulation ipsec color mpls group 100
• Cvpn 0 interface ge0/0 description *** TO ISP CID 64:ff9b:1:4376:24ff:93ff:81ff:6f5f *** tunnel-interface encapsulation ipsec color custom1 group 101
• Dvpn 0 interface ge0/0 description *** TO ISP CID 64:ff9b:1:4376:89ff:34ff:76f5:2f1f *** tunnel-interface encapsulation ipsec color group1 group 101

Explanation

To configure data plane connections using private IP addresses and colors over an SP circuit, with public IPs for control, the tunnel interface must be defined in VPN 0 with IPSec encapsulation and a suitable transport color.

Common mistakes.

• B. color mpls is another standard public color; while functional, biz-internet is often chosen for dedicated internet-like circuits provided by an SP, even if the IPs are private.
• C. color custom1 is a private/custom color, which explicitly matches the 'private colors' requirement, but option A represents a more common and broadly applicable tunnel configuration for the described scenario.
• D. color group1 is a custom color; similar to option C, it meets the 'private colors' criteria but does not provide a technically superior configuration over option A in this context.

Concept tested. Cisco SD-WAN Transport Configuration - Underlay Colors and IPs

Reference. https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/system-interfaces/ios-xe-17/system-interfaces-book-xe/m-tunnel-interface-parameters.html

No community discussion yet for this question.