Check Point Certified Cloud Specialist (CCCS) R82 — Question 46

You are trying to establish a VPN tunnel between two Security Gateways but fail. What initial steps will you make to troubleshoot the issue?

Answer options

• A. capture traffic on both tunnel members and collect debug of IKE and VPND daemon
• B. capture traffic on both tunnel members and collect kernel debug for fw module with vm, crypt, conn and drop flags, then collect debug of IKE and VPND daemon
• C. collect debug of IKE and VPND daemon and collect kernel debug for fw module with vm, crypt, conn and drop flags
• D. capture traffic on both tunnel members and collect kernel debug for fw module with vm, crypt, conn and drop flags

Correct answer: A

Explanation

The correct choice, A, emphasizes capturing traffic on both members and gathering IKE and VPND daemon debug information, which is crucial for troubleshooting VPN issues. Option B is more complex than necessary at the initial troubleshooting stage, while options C and D do not include capturing traffic, which is essential for diagnosing the issue effectively.