Juniper Exam JN0-637 Topic 1 Question 5 Discussion

Actual exam question for Juniper's JN0-637 exam

Question #: 5
Topic #: 1

Click the Exhibit button.

Referring to the exhibit. SRX-1 and SRX-3 have to be connected using EBGP. The BGP configuration on SRX-1 and SRX-3 is verified and correct.

Which configuration on SRX-2 would establish an EBGP connection successfully between SRX-1 and SRX-3?

AThe host-inbound-traffic statements do not allow EBGP traffic to traverse SRX-2.

BThe security policy to allow SRX-1 and SRX-3 to communicate on TCP port 79 should be configured.

CThe security policy to allow SRX-1 and SRX-3 to communicate on TCP port 169 should be configured.

DThe security policy to allow SRX-1 and SRX-3 to communicate on TCP port 179 should be configured.

Show Suggested Answer

Suggested Answer: D

Comprehensive Detailed Step-by-Step Explanation with All Juniper Security Reference

Understanding the Scenario:

SRX-1 and SRX-3:

Need to establish an EBGP session through SRX-2.

Issue:

BGP session is not coming up despite correct configurations on SRX-1 and SRX-3.

Option D: The security policy to allow SRX-1 and SRX-3 to communicate on TCP port 179 should be configured.

BGP uses TCP port 179 for establishing sessions.

SRX-2 must have a security policy allowing traffic between SRX-1 and SRX-3 on TCP port 179.

'Security policies must permit BGP traffic (TCP port 179) to allow BGP sessions through the SRX device.'

Source: Juniper TechLibrary - Configuring Security Policies for Transit Traffic

Why Other Options Are Incorrect:

Option A: Host-inbound-traffic affects traffic destined to SRX-2, not transit traffic.

Option B and C: TCP ports 79 and 169 are unrelated to BGP.

Conclusion:

The correct option is D, configuring a security policy to allow TCP port 179.

by Eulah at Nov 18, 2024, 01:45 PM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!