Cisco
300-730 · Question #55
300-730 Question #55: Real Exam Question with Answer & Explanation
The correct answer is C: Verify the hub configuration to check if the NHRP shortcut is enabled.. In FlexVPN, spoke-to-spoke tunnels rely on NHRP to redirect traffic; if the hub is not configured with NHRP shortcut, it cannot signal spokes to build direct tunnels.
Troubleshooting Using ASDM and CLI
Question
In a FlexVPN deployment, the spokes successfully connect to the hub, but spoke-to-spoke tunnels do not form. Which troubleshooting step solves the issue?
Options
- AVerify the spoke configuration to check if the NHRP redirect is enabled.
- BVerify that the spoke receives redirect messages and sends resolution requests.
- CVerify the hub configuration to check if the NHRP shortcut is enabled.
- DVerify that the tunnel interface is contained within a VRF.
Explanation
In FlexVPN, spoke-to-spoke tunnels rely on NHRP to redirect traffic; if the hub is not configured with NHRP shortcut, it cannot signal spokes to build direct tunnels.
Common mistakes.
- A. NHRP redirect is a hub-side function, not a spoke configuration; verifying the spoke for redirect settings targets the wrong device in the architecture.
- B. Verifying that spokes receive redirects and send resolution requests is a downstream diagnostic step that only becomes relevant after confirming the hub is correctly generating those messages.
- D. Placing the tunnel interface in a VRF is a routing isolation concern unrelated to the NHRP signaling mechanism required for spoke-to-spoke tunnel formation.
Concept tested. FlexVPN NHRP shortcut configuration for spoke-to-spoke
Reference. https://www.cisco.com/c/en/us/support/docs/security/flexvpn/116413-technote-flexvpn-00.html
Topics
#FlexVPN#NHRP shortcut#spoke-to-spoke#hub configuration
Community Discussion
No community discussion yet for this question.