1. | Why is manual-ipsec not recommended by Cisco? |
2. | What is the difference between an access VPN and an intranet VPN? |
3. | Which hash algorithm is configured by default for phase 1? |
4. | What are the two methods of identifying SA peers? |
5. | What happens if you have different ISAKMP policies configured on your potential SA peers, and none of them match? |
6. | Where do you define your authentication method? |
7. | What is the default lifetime if not defined in isakmp policy? |
8. | Do your transform sets have to match exactly on each peer? |
9. | What is the difference between the isakmp lifetime and the crypto map lifetime? |
10. | What command do you use to delete any active SAs? |
11. | What is the command for defining a preshared key? |
12. | What is the first thing you should check if you are unable to establish a VPN? |
13. | What is the command to apply an access list to a crypto map? |
14. | What is the difference between ESP and AH? |