Cisco Easy VPN Server Group Policy Information

AB.

The correct answers are B and E:

B. OU field in a certificate that is presented by a client E. IKE ID_IPV4_ADDR.

When a Cisco Easy VPN client connects to a Cisco Easy VPN server, the server uses certain identifiers to reference the correct group policy information for that client. Group policies contain the configuration information for the VPN session. Two identifiers that the server uses to reference the correct group policy information are:

B. OU field in a certificate that is presented by a client: The Cisco Easy VPN client can be configured to present a digital certificate when it connects to the server. The server can use the Organizational Unit (OU) field in the certificate to identify the correct group policy information for the client. The OU field is a field in the certificate that identifies the unit or department within the organization that issued the certificate.

E. IKE ID_IPV4_ADDR: The IKE ID_IPV4_ADDR is an identifier that is used in the Internet Key Exchange (IKE) protocol to identify a device by its IP address. When the Easy VPN client connects to the server, it sends its IP address as part of the IKE negotiation. The server can use this address to identify the correct group policy information for the client.

A. IKE ID_KEY_ID: The IKE ID_KEY_ID is an identifier used in the IKE protocol to identify a pre-shared key. It is not used to reference group policy information.

C. XAUTH username: XAUTH (Extended Authentication) is a feature that allows the VPN client to authenticate with a username and password. The XAUTH username is not used to reference group policy information.

D. hash of the OTP that is sent during XAUTH challenge/response: OTP (One-Time Password) is a feature that allows the VPN client to use a unique password for each login attempt. The hash of the OTP is not used to reference group policy information.