Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 450

An administrator configures a site-to-site IPsec VPN tunnel between a PA-850 and an external customer on their policy-based VPN devices.

What should an administrator configure to route interesting traffic through the VPN tunnel?

Answer options

• A. Proxy IDs
• B. ToS Header
• C. GRE Encapsulation
• D. Tunnel Monitor

Correct answer: A

Explanation

The correct answer is A, Proxy IDs, as they define the interesting traffic that should be routed through the VPN tunnel. The other options are not relevant for routing traffic; ToS Headers are for traffic prioritization, GRE Encapsulation is a tunneling protocol that is not needed in this context, and Tunnel Monitor is used for monitoring the tunnel rather than defining traffic.