nerdexam
Exams300-730Questions#11
Cisco

300-730 · Question #11

300-730 Question #11: Real Exam Question with Answer & Explanation

The correct answer is A: IKEv2 authorization policy. On a Cisco IOS router, IKEv2 remote access split tunneling is defined inside the IKEv2 authorization policy, which pushes route and traffic-selector attributes to connecting clients.

Remote Access VPN

Question

Where is split tunneling defined for IKEv2 remote access clients on a Cisco router?

Options

  • AIKEv2 authorization policy
  • BGroup Policy
  • Cvirtual template
  • Dwebvpn context

Explanation

On a Cisco IOS router, IKEv2 remote access split tunneling is defined inside the IKEv2 authorization policy, which pushes route and traffic-selector attributes to connecting clients.

Common mistakes.

  • B. Group Policy is a configuration object used on Cisco ASA and FTD platforms, not on IOS router IKEv2 remote access deployments.
  • C. Virtual templates define logical interface properties and cloning behavior for tunnel interfaces but do not carry client-pushed attributes such as split tunneling route lists.
  • D. The webvpn context is specific to SSL VPN and WebVPN configuration on Cisco devices and has no role in IKEv2 remote access client attribute delivery.

Concept tested. IKEv2 authorization policy split tunneling on IOS

Reference. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_ikevpn/configuration/xe-16/sec-conn-ikevpn-xe-16-book/sec-conn-ikev2-flex.html

Topics

#IKEv2#split tunneling#authorization policy#FlexVPN remote access

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-730 Practice