Implementing Cisco IP Routing (CCNP ROUTE, legacy) — Question 72

What two features are benefits of using GRE tunnels with IPsec over using an IPsec tunnel alone in building-to-building site-to-site VPNs? (Choose two.)

Answer options

• A. Allows dynamic routing securely over the tunnel
• B. IKE keepalives are unidirectional and sent every ten seconds
• C. Reduces IPsec headers overhead since tunnel mode is used
• D. Supports non-IP traffic over the tunnel
• E. uses Virtual Tunnel Interface (VTI) to simplify the IPsec VPN configuration AD

Correct answer:

Explanation

The correct answers are A and D. GRE tunnels facilitate dynamic routing protocols to operate securely over the tunnel (A), and they can transport non-IP protocols (D), which standard IPsec tunnels cannot do. Options B and C are incorrect because they do not represent advantages provided by GRE tunnels; IKE keepalives being unidirectional is not a benefit, and while IPsec tunnel mode reduces overhead, it is not exclusive to GRE tunnels.