Cisco
300-730 · Question #150
300-730 Question #150: Real Exam Question with Answer & Explanation
The correct answer is D: virtual template interface. A FlexVPN server that only terminates connections and must support both router peers and AnyConnect clients requires a virtual template interface, which dynamically spawns virtual access interfaces for each incoming IKEv2 session.
Question
An engineer is implementing the FlexVPN solution on a Cisco IOS router. The router must only terminate VPN requests and must not initiate them. Additionally, the interface must support VPNs from other routers and Cisco AnyConnect connections. Which interface type must be configured to meet these requirements?
Options
- Apoint-to-point GRE tunnel interface
- Bmultipoint GRE tunnel interface
- Cstatic virtual tunnel interface
- Dvirtual template interface
Explanation
A FlexVPN server that only terminates connections and must support both router peers and AnyConnect clients requires a virtual template interface, which dynamically spawns virtual access interfaces for each incoming IKEv2 session.
Common mistakes.
- A. A point-to-point GRE tunnel is statically configured for a single remote peer and cannot dynamically accept sessions from multiple different clients.
- B. A multipoint GRE interface is the hub interface construct for DMVPN and does not natively integrate with IKEv2 FlexVPN or support Cisco AnyConnect remote access clients.
- C. A static VTI is preconfigured for a specific peer and can initiate tunnels, violating the requirement that the router must not initiate VPN requests.
Concept tested. FlexVPN server virtual template interface configuration
Community Discussion
No community discussion yet for this question.