PCNSE · Question #818
PCNSE Question #818: Real Exam Question with Answer & Explanation
The correct answer is C: Enable SSL tunnel over TCP in a new agent configuration for the specific user.. To address the intermittent connectivity issues caused by UDP packet loss, enforcing an SSL tunnel over TCP ensures a reliable connection by using the more robust TCP protocol. In GlobalProtect, this can be achieved by creating a new agent configuration specific to the user, wher
Question
An administrator is troubleshooting intermittent connectivity problems with a user's GlobalProtect connection. Packet captures at the firewall reveal missing UDP packets, suggesting potential packet loss on the connection. The administrator aims to resolve the issue by enforcing an SSL tunnel over TCP specifically for this user. What configuration change is necessary to implement this troubleshooting solution for the user?
Options
- AEnable SSL tunnel within the GlobalProtect gateway remote user's settings.
- BModify the user's client to prioritize UDP traffic for GlobalProtect.
- CEnable SSL tunnel over TCP in a new agent configuration for the specific user.
- DIncrease the user's VPN bandwidth allocation in the GlobalProtect settings.
Explanation
To address the intermittent connectivity issues caused by UDP packet loss, enforcing an SSL tunnel over TCP ensures a reliable connection by using the more robust TCP protocol. In GlobalProtect, this can be achieved by creating a new agent configuration specific to the user, where SSL tunnelling over TCP is enabled. This allows the administrator to isolate the change for troubleshooting purposes without affecting other users.
Topics
Community Discussion
No community discussion yet for this question.