How is the RouterLink port created between a Tier-1 Gateway and Tler-0 Gateway?
Correct Answer:
D
According to the VMware NSX 4.x Professional documents and tutorials, a RouterLink port is a logical port that connects a Tier-1 gateway to a Tier-0 gateway. This port is automatically created when a Tier-1 gateway is associated with a Tier-0 gateway from the NSX UI or API. The RouterLink port enables routing between the two gateways and carries all the routing protocols and traffic. There is no need to manually create a logical switch or segment for this purpose1.
Which two statements are true for IPSec VPN? (Choose two.)
Correct Answer:
BC
According to the VMware NSX 4.x Professional documents and tutorials, IPSec VPN secures traffic flowing between two networks connected over a public network through IPSec gateways called endpoints. NSX Edge supports a policy-based or a route-based IPSec VPN. Beginning with NSX-T Data Center 2.5, IPSec VPN services are supported on both Tier-0 and Tier-1 gateways1. NSX Edge also leverages the DPDK accelerated performance library to optimize the performance of IPSec VPN2.
An NSX administrator has deployed a single NSX Manager node and will be adding two additional nodes to form a 3-node NSX Management Cluster for a production environment. The administrator will deploy these two additional nodes and Cluster VIP using the NSX UI.
What two are the prerequisites for this configuration? (Choose two.)
Correct Answer:
DE
According to the VMware NSX Documentation, these are the prerequisites for adding nodes to an NSX Management Cluster using the NSX UI:
All nodes must be in the same subnet and have IP connectivity with each other.
A compute manager must be configured and associated with the NSX Manager node.
The NSX Manager node must have a valid license.
The NSX Manager node must have a valid certificate.
Refer to the exhibit.
An administrator configured NSX Advanced Load Balancer to load balance the production web server traffic, but the end users are unable to access the production website by using the VIP address.
Which of the following Tier-1 gateway route advertisement settings needs to be enabled to resolve the problem? Mark the correct answer by clicking on the image.
Solution:
The correct answer is to enable the option All LB VIP Routes on the Tier-1 gateway route advertisement settings. This option allows the Tier-1 gateway to advertise the NSX Advanced Load Balancer LB VIP routes to the Tier-0 gateway and other peer routers, so that the end users can reach the production website by using the VIP address1. The other options are not relevant for this scenario.
To mark the correct answer by clicking on the image, you can click on the toggle switch next to All LB VIP Routes to turn it on. The switch should change from gray to blue, indicating that the option is enabled. See the image below for reference:
Does this meet the goal?
Correct Answer:
A
Which two are supported by L2 VPN clients? (Choose two.)
Correct Answer:
AD
L2 VPN clients are supported by NSX for vSphere Edge and NSX Edge. NSX for vSphere Edge is a virtual
appliance that provides network services such as routing, firewalling, load balancing, VPN, and NAT for NSX Data Center for vSphere environments. NSX Edge is a virtual appliance that provides network services such as routing, firewalling, load balancing, VPN, and NAT for NSX-T Data Center environments. Both NSX for vSphere Edge and NSX Edge can act as L2 VPN clients to extend layer 2 networks across multiple sites using L2 VPN service over SSL or IPSec tunnels