A network administrator has been tasked with implementing an IKEv2 tunnel from a remote site to a headquarter site. For security reasons, all traffic from the remote site must be sent across the tunnel, including traffic destined to the internet. Both sites are using a Cisco ASA firewall and are capable of running IKEv2.
When a tunnel is initiated by the headquarter ASA, which one of the following Diffie-Hellman groups is selected by the headquarter ASA during CREATE_CHILD_SA exchange?
| A. |
1 | |
| B. |
2 | |
| C. |
5 | |
| D. |
14 | |
| E. |
19 |
Traffic initiated by the HQ ASA is assigned to the static outside crypto map, which shown below to use DH group 5.
