Free CompTIA SY0-701 Exam Dumps

To configure the site-to-site VPN between the two branch offices according to the provided requirements, here are the detailed steps and settings that need to be applied to the VPN concentrators:

Requirements:

Most secure algorithms should be selected.

All traffic should be encrypted over the VPN.

A secret password will be used to authenticate the two VPN concentrators.

VPN Concentrator 1 Configuration:

Phase 1:

Peer IP address: 5.5.5.10 (The IP address of VPN Concentrator 2)

Auth method: PSK (Pre-Shared Key)

Negotiation mode: MAIN

Encryption algorithm: AES256

Hash algorithm: SHA256

DH key group: 14

Phase 2:

Mode: Tunnel

Protocol: ESP (Encapsulating Security Payload)

Encryption algorithm: AES256

Hash algorithm: SHA256

Local network/mask: 192.168.1.0/24

Remote network/mask: 192.168.2.0/24

VPN Concentrator 2 Configuration:

Phase 1:

Peer IP address: 5.5.5.5 (The IP address of VPN Concentrator 1)

Auth method: PSK (Pre-Shared Key)

Negotiation mode: MAIN

Encryption algorithm: AES256

Hash algorithm: SHA256

DH key group: 14

Phase 2:

Mode: Tunnel

Protocol: ESP (Encapsulating Security Payload)

Encryption algorithm: AES256

Hash algorithm: SHA256

Local network/mask: 192.168.2.0/24

Remote network/mask: 192.168.1.0/24

Summary:

Peer IP Address: Set to the IP address of the remote VPN concentrator.

Auth Method: PSK for using a pre-shared key.

Negotiation Mode: MAIN for the initial setup.

Encryption Algorithm: AES256, which is a strong and secure algorithm.

Hash Algorithm: SHA256, which provides strong hashing.

DH Key Group: 14 for strong Diffie-Hellman key exchange.

Phase 2 Protocol: ESP for encryption and integrity.

Local and Remote Networks: Properly configure the local and remote network addresses to match each branch office subnet.

By configuring these settings on both VPN concentrators, the site-to-site VPN will meet the requirements for strong security algorithms, encryption of all traffic, and authentication using a pre-shared key.

To configure the site-to-site VPN between the two branch offices according to the provided requirements, here are the detailed steps and settings that need to be applied to the VPN concentrators:

Requirements:

Most secure algorithms should be selected.

All traffic should be encrypted over the VPN.

A secret password will be used to authenticate the two VPN concentrators.

VPN Concentrator 1 Configuration:

Phase 1:

Peer IP address: 5.5.5.10 (The IP address of VPN Concentrator 2)

Auth method: PSK (Pre-Shared Key)

Negotiation mode: MAIN

Encryption algorithm: AES256

Hash algorithm: SHA256

DH key group: 14

Phase 2:

Mode: Tunnel

Protocol: ESP (Encapsulating Security Payload)

Encryption algorithm: AES256

Hash algorithm: SHA256

Local network/mask: 192.168.1.0/24

Remote network/mask: 192.168.2.0/24

VPN Concentrator 2 Configuration:

Phase 1:

Peer IP address: 5.5.5.5 (The IP address of VPN Concentrator 1)

Auth method: PSK (Pre-Shared Key)

Negotiation mode: MAIN

Encryption algorithm: AES256

Hash algorithm: SHA256

DH key group: 14

Phase 2:

Mode: Tunnel

Protocol: ESP (Encapsulating Security Payload)

Encryption algorithm: AES256

Hash algorithm: SHA256

Local network/mask: 192.168.2.0/24

Remote network/mask: 192.168.1.0/24

Summary:

Peer IP Address: Set to the IP address of the remote VPN concentrator.

Auth Method: PSK for using a pre-shared key.

Negotiation Mode: MAIN for the initial setup.

Encryption Algorithm: AES256, which is a strong and secure algorithm.

Hash Algorithm: SHA256, which provides strong hashing.

DH Key Group: 14 for strong Diffie-Hellman key exchange.

Phase 2 Protocol: ESP for encryption and integrity.

Local and Remote Networks: Properly configure the local and remote network addresses to match each branch office subnet.

By configuring these settings on both VPN concentrators, the site-to-site VPN will meet the requirements for strong security algorithms, encryption of all traffic, and authentication using a pre-shared key.