NSE4 · Question #100
NSE4 Question #100: Real Exam Question with Answer & Explanation
The correct answer is B: There is a NAT device between the FortiGate and the FortiGuard Distribution Network.. The question asks for two reasons why a FortiGate configured for FortiGuard push updates might not receive them.
Question
A FortiGate is configured to receive push updates from the FortiGuard Distribution Network, however, updates are not being received. Which are two reasons for this problem? (Choose two.)
Options
- AThe FortiGate is connected to multiple ISPs.
- BThere is a NAT device between the FortiGate and the FortiGuard Distribution Network.
- CThe FortiGate is in Transparent mode.
- DThe external facing interface of the FortiGate is configured to get the IP address from a DHCP
Explanation
The question asks for two reasons why a FortiGate configured for FortiGuard push updates might not receive them.
Common mistakes.
- A. Being connected to multiple ISPs (e.g., in a redundant setup) does not inherently prevent FortiGuard push updates, provided the routing is configured correctly to reach the FDN and the IPsec tunnel can establish over an active path.
- C. A FortiGate operating in Transparent mode can still receive FortiGuard updates, as its management functions, including FortiGuard communication, are handled by its management IP address and relevant routing.
Concept tested. FortiGuard push update troubleshooting
Reference. https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/360061/push-updates
Topics
Community Discussion
No community discussion yet for this question.