NGFW-ENGINEER · Question #120
NGFW-ENGINEER Question #120: Real Exam Question with Answer & Explanation
Sign in or unlock NGFW-ENGINEER to reveal the answer and full explanation for question #120. The question stem and answer options stay visible for context.
Question
An administrator is troubleshooting a newly configured site-to-site VPN between a PAN-OS firewall and a third-party policy-based VPN gateway. The tunnel allows traffic between the first pair of configured subnets, but traffic to a newly added remote subnet is failing. The administrator has confirmed that routing and Security policies are correct. What is the most likely cause of this issue?
Options
- AA static route for the new subnet pointing to the tunnel interface is missing.
- BThe Security policy for the new subnet must be placed above the existing VPN policy.
- CThe new local and remote subnets are missing from the Proxy ID configuration.
- DThe tunnel's maximum transmission unit (MTU) size must be increased to accommodate the new
Unlock NGFW-ENGINEER to see the answer
You've previewed enough free NGFW-ENGINEER questions. Unlock NGFW-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.