Free Preparation Discussions
MENU
Fortinet Exam FCP_FGT_AD-7.4 Topic 1 Question 8 Discussion
Topic #: 1
Refer to the exhibit.
The exhibit shows a diagram of a FortiGate device connected to the network, the firewall policy and VIP configuration on the FortiGate device, and the routing table on the ISP router.
When the administrator tries to access the web server public address (203.0.113.2) from the internet, the connection times out. At the same time the administrator runs a sniffer on FortiGate to capture incoming web traffic to the server and does not see any output.
Based on the information shown in the exhibit, what configuration change must the administrator make to fix the connectivity issue?
In this scenario, the FortiGate device is using a Virtual IP (VIP) to map the public IP address (203.0.113.2) to the internal IP address of the web server (172.16.1.10). The fact that the administrator does not see any sniffer output for incoming traffic suggests that the FortiGate is not responding to ARP requests for the public IP address (203.0.113.2).
Enabling arp-reply in the VIP configuration allows the FortiGate to respond to ARP requests for the public IP, thereby allowing traffic to reach the FortiGate, which will then forward it to the web server based on the VIP mapping.
Mindy
2 months agoDenae
29 days agoTy
30 days agoCarissa
1 months agoAnthony
1 months agoDominga
2 months agoDalene
2 months agoTashia
12 days agoRikki
13 days agoGeraldo
17 days agoRodolfo
1 months agoAshlyn
2 months agoMarg
2 months agoMary
2 months agoNidia
2 months agoMary
2 months agoGerald
3 months agoVallie
2 months agoKatie
2 months agoMammie
2 months ago