nerdexam
Fortinet

NSE4_FGT-7.0 · Question #35

A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes. - All traffic must be routed through the primary tunnel when both tun

Sign in or unlock NSE4_FGT-7.0 to reveal the answer and full explanation for question #35. The question stem and answer options stay visible for context.

VPN

Question

A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes.

  • All traffic must be routed through the primary tunnel when both tunnels are up
  • The secondary tunnel must be used only if the primary tunnel goes down
  • In addition, FortiGate should be able to detect a dead tunnel to speed up tunnelfailover

Which two key configuration changes are needed on FortiGate to meet the design requirements? (Choose two,)

Options

  • AEnable Dead Peer Detection.
  • BConfigure a lower distance on the static route for the primary tunnel, and a higher distance on the
  • CEnable Auto-negotiate and Autokey Keep Alive on the phase 2 configuration of both tunnels.
  • DConfigure a higher distance on the static route for the primary tunnel, and a lower distance on the

Unlock NSE4_FGT-7.0 to see the answer

You've previewed enough free NSE4_FGT-7.0 questions. Unlock NSE4_FGT-7.0 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Topics

#Redundant VPN#IPsec#DPD#Tunnel failover
Full NSE4_FGT-7.0 Practice