nerdexam
ExamsNSE4_FGT-7.0Questions#35
Fortinet

NSE4_FGT-7.0 · Question #35

NSE4_FGT-7.0 Question #35: Real Exam Question with Answer & Explanation

The correct answer is A: Enable Dead Peer Detection.. See the full explanation below for the reasoning.

Question

A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes. - All traffic must be routed through the primary tunnel when both tunnels are up - The secondary tunnel must be used only if the primary tunnel goes down - In addition, FortiGate should be able to detect a dead tunnel to speed up tunnelfailover Which two key configuration changes are needed on FortiGate to meet the design requirements? (Choose two,)

Options

  • AEnable Dead Peer Detection.
  • BConfigure a lower distance on the static route for the primary tunnel, and a higher distance on the
  • CEnable Auto-negotiate and Autokey Keep Alive on the phase 2 configuration of both tunnels.
  • DConfigure a higher distance on the static route for the primary tunnel, and a lower distance on the

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full NSE4_FGT-7.0 Practice
A network administrator wants to set up redundant IPsec VPN... | NSE4_FGT-7.0 Q#35 Answer | NerdExam