When is a security association (SA) created if an IPsec VPN tunnel is used to connect between two sites?

IT Questions BankCategory: CCNA SecurityWhen is a security association (SA) created if an IPsec VPN tunnel is used to connect between two sites?

When is a security association (SA) created if an IPsec VPN tunnel is used to connect between two sites?

  • after the tunnel is created, but before traffic is sent
  • only during Phase 2
  • only during Phase 1
  • during both Phase 1 and 2

Explanation: As seen in the 8.4.1.1 Figure, an IPsec VPN connection creates two SAs: (1) at the completion of the IKE Phase 1 once the peers negotiate the IKE SA policy, and (2) at the end of IKE Phase 2 after the transform sets are negotiated.

Exam with this question: CCNA Security Chapter 8 Exam Answers
Exam with this question: CCNA Security Certification Practice Exam Answers

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments