Cisco
300-730 · Question #20
300-730 Question #20: Real Exam Question with Answer & Explanation
The correct answer is D: interface virtual-template. FlexVPN hubs use a virtual-template interface as a blueprint from which dynamic virtual-access interfaces are cloned for each incoming spoke connection.
Question
On a FlexVPN hub-and-spoke topology where spoke-to-spoke tunnels are not allowed, which command is needed for the hub to be able to terminate FlexVPN tunnels?
Options
- Ainterface virtual-access
- Bip nhrp redirect
- Cinterface tunnel
- Dinterface virtual-template
Explanation
FlexVPN hubs use a virtual-template interface as a blueprint from which dynamic virtual-access interfaces are cloned for each incoming spoke connection.
Common mistakes.
- A. Virtual-access interfaces are created automatically by the system from the virtual-template at connection time and are not manually configured by an administrator to enable spoke termination.
- B. 'ip nhrp redirect' enables spoke-to-spoke shortcut routing in DMVPN and FlexVPN topologies, which is explicitly not required and not desired in this hub-and-spoke-only design.
- C. A static 'interface tunnel' is used for fixed point-to-point or multipoint GRE tunnels and does not support the dynamic, per-spoke interface instantiation that FlexVPN hub termination requires.
Concept tested. FlexVPN hub virtual-template interface for dynamic spoke termination
Community Discussion
No community discussion yet for this question.