Cisco
300-415 · Question #65
300-415 Question #65: Real Exam Question with Answer & Explanation
The correct answer is C: DTLS or TLS tunnel with vSmart controller and IPsec tunnel with other Edge routers.. When a WAN Edge router connects to the Cisco SD-WAN fabric, it establishes DTLS or TLS tunnels with vSmart controllers for control plane communication and IPsec tunnels with other WAN Edge routers for data plane traffic.
WAN Edge Router Deployment
Question
A network administrator is bringing up one WAN Edge router for branch connectivity. Which types of tunnels form when the WAN edge router connects to the Cisco SD-WAN fabric?
Options
- ADTLS or TLS tunnel with vBond controller and IPsec tunnel with vManage controller.
- BDTLS or TLS tunnel with vBond controller and IPsec tunnel with other WAN Edge routers.
- CDTLS or TLS tunnel with vSmart controller and IPsec tunnel with other Edge routers.
- DDTLS or TLS tunnel with vSmart controller and IPsec tunnel with vBond controller.
Explanation
When a WAN Edge router connects to the Cisco SD-WAN fabric, it establishes DTLS or TLS tunnels with vSmart controllers for control plane communication and IPsec tunnels with other WAN Edge routers for data plane traffic.
Common mistakes.
- A. WAN Edge routers do not form IPsec tunnels directly with the vManage controller, as vManage functions as the network management system and not a forwarding plane device.
- B. While a DTLS or TLS tunnel is initially formed with the vBond controller for orchestration, the primary persistent control plane tunnel is established with the vSmart controller, which this option omits.
- D. WAN Edge routers establish DTLS or TLS tunnels with vSmart for control, but they do not form IPsec tunnels with the vBond controller, which serves an orchestration role.
Concept tested. WAN Edge tunnel establishment process
Topics
#SD-WAN tunnels#WAN Edge connectivity#vSmart controller#IPsec DTLS TLS
Community Discussion
No community discussion yet for this question.