NSE4 Question #30: Real Exam Question with Answer & Explanation

Question

A FortiGate unit is configured with three Virtual Domains (VDOMs) as illustrated in the exhibit. Which of the following statements are true if the network administrator wants to route traffic between all the VDOMs? (Choose three.)

Options

• AThe administrator can configure inter-VDOM links to avoid using external interfaces and routers.
• BAs with all FortiGate unit interfaces, firewall policies must be in place for traffic to be allowed to
• CThis configuration requires a router to be positioned between the FortiGate unit and the Internet
• DInter-VDOM routing is automatically provided if all the subnets that need to be routed are locally
• EAs each VDOM has an independent routing table, routing rules need to be set (for example, static

Explanation

Inter-VDOM routing on a FortiGate utilizes virtual links for connectivity, requires explicit firewall policies for traffic flow, and necessitates proper routing table configurations within each VDOM due to their independent routing domains.

Common mistakes.

• C. Inter-VDOM routing is designed to route traffic between VDOMs on the same FortiGate unit, which specifically avoids the necessity of an external router for this purpose.
• D. Inter-VDOM routing is not automatically provided; even if subnets are locally known, explicit configuration of inter-VDOM links and corresponding routing entries is required to enable communication between VDOMs.

Concept tested. FortiGate Inter-VDOM routing configuration

Reference. https://docs.fortinet.com/document/fortigate/7.4.0/admin-guides/894760/inter-vdom-links

No community discussion yet for this question.