300-415 Question #422: Real Exam Question with Answer & Explanation

The correct answer is B: data-policy TRAFFIC-FROM-PROXY-SVR from-service. In Cisco SD-WAN centralized data policy for proxy-based internet access, two policies are typically required: one to redirect branch traffic to the proxy server (to-service direction), and one to allow the proxy server's traffic to reach the internet (from-service direction). The

Policies

Question

Refer to the exhibit. An engineer is configuring internet access at branches using centralized data policies and permitting only one proxy server internet access. Which command completes the configuration?

Options

Adata-policy DATA-POLICY_TO-vEdges from-service
Bdata-policy TRAFFIC-FROM-PROXY-SVR from-service
Capp-route-policy DATA-POLICY_TO-vEdges
Dapp-route-policy TRAFFIC-FROM-PROXY-SVR

Explanation

In Cisco SD-WAN centralized data policy for proxy-based internet access, two policies are typically required: one to redirect branch traffic to the proxy server (to-service direction), and one to allow the proxy server's traffic to reach the internet (from-service direction). The missing command completes the application of the policy named TRAFFIC-FROM-PROXY-SVR in the from-service direction (B). The 'from-service' keyword means the policy applies to traffic originating on the service-side VPN (LAN side) - specifically, traffic from the proxy server heading toward the transport/internet side. Option A uses the wrong policy name, and options C and D reference app-route-policy, which is used for application-aware routing decisions, not for access control or traffic steering in this context.

Topics

#SD-WAN Policies#Data Policy#Traffic Steering#Proxy Server Configuration

Community Discussion

No community discussion yet for this question.

Full 300-415 Practice