nerdexam
Exams300-730Questions#51
Cisco

300-730 · Question #51

300-730 Question #51: Real Exam Question with Answer & Explanation

The correct answer is B: *$AnyConnectClient$*. AnyConnect clients using default IPsec/IKEv2 settings send $AnyConnectClient$ as their IKE identity to the IOS/IOS-XE headend.

Remote Access VPN

Question

Which IKE identity does an IOS/IOS-XE headend expect to receive if an IPsec Cisco AnyConnect client uses default settings?

Options

  • A$SecureMobilityClient$
  • B$AnyConnectClient$
  • C$RemoteAccessVpnClient$
  • D$DfltIkeIdentityS

Explanation

AnyConnect clients using default IPsec/IKEv2 settings send $AnyConnectClient$ as their IKE identity to the IOS/IOS-XE headend.

Common mistakes.

  • A. $SecureMobilityClient$ is not the default IKE identity string sent by AnyConnect clients and would not match the headend's expected identity for default configurations.
  • C. $RemoteAccessVpnClient$ is not a valid AnyConnect default IKE identity string and would cause IKEv2 peer identification to fail.
  • D. $DfltIkeIdentityS does not correspond to any standard AnyConnect client default and is not a recognized identity string for AnyConnect IKEv2 sessions.

Concept tested. Default IKE identity string for AnyConnect IPsec IKEv2 clients

Reference. https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/configuration/vpn/asa-96-vpn-config/vpn-anyconnect.html

Topics

#IKE identity#AnyConnect#FlexVPN#IOS-XE headend

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-730 Practice