BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet Exam NSE7_EFW-7.2 Topic 4 Question 25 Discussion

Actual exam question for Fortinet's NSE7_EFW-7.2 exam
Question #: 25
Topic #: 4
[All NSE7_EFW-7.2 Questions]

Which two statements about ADVPN are true? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: C, D

C) The hub adds routes based on IKE negotiations: This is part of the ADVPN functionality where the hub learns about the networks behind the spokes and can add routes dynamically based on the IKE negotiations with the spokes.

D) You must configure phase 2 quick mode selectors to 0.0.0.0 0.0.0.0: This wildcard setting in the phase 2 selectors allows any-to-any tunnel establishment, which is necessary for the dynamic creation of spoke-to-spoke tunnels.

These configurations are outlined in Fortinet's documentation for setting up ADVPN, where the hub's role in route control and the use of wildcard selectors for phase 2 are emphasized to enable dynamic tunneling between spokes.


by Chantell at Sep 13, 2024, 02:01 PM

Limited Time Offer

25%

Off

Get Premium NSE7_EFW-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Solange
14 days ago
B and D for sure! You've got to have all the FortiGate devices in the same AS, and those phase 2 quick mode selectors need to be set to 0.0.0.0 0.0.0.0. Anything else would be a 'route' to failure!
upvoted 0 times
...
Christiane
15 days ago
This exam question is a real 'hub' of activity! I'm going to go with C and D - the hub adding routes based on IKE negotiations, and the phase 2 quick mode selectors being set to 0.0.0.0 0.0.0.0.
upvoted 0 times
...
Glendora
16 days ago
I'm going with C and D. The hub adding routes based on IKE negotiations, and the phase 2 quick mode selectors being set to 0.0.0.0 0.0.0.0 sound like the right choices to me.
upvoted 0 times
...
Letha
29 days ago
B and D are the true statements. All FortiGate devices need to be in the same autonomous system, and the phase 2 quick mode selectors should be set to 0.0.0.0 0.0.0.0.
upvoted 0 times
Alida
1 days ago
C) The hub adds routes based on IKE negotiations.
upvoted 0 times
...
Elli
10 days ago
B) All FortiGate devices must be in the same autonomous system (AS).
upvoted 0 times
...
Dorthy
15 days ago
A) You must disable add-route in the hub.
upvoted 0 times
...
...
Corazon
2 months ago
C and D seem like the correct options. The hub adding routes based on IKE negotiations and configuring phase 2 quick mode selectors to 0.0.0.0 0.0.0.0 make sense to me.
upvoted 0 times
Lisha
10 days ago
Yes, those two statements make the most sense based on how ADVPN works.
upvoted 0 times
...
Stefany
11 days ago
So, we all think C and D are the correct options for ADVPN.
upvoted 0 times
...
Eladia
24 days ago
I agree, D also seems right since configuring phase 2 quick mode selectors to 0.0.0.0 0.0.0.0 is necessary.
upvoted 0 times
...
Meaghan
1 months ago
I think C is correct because the hub adds routes based on IKE negotiations.
upvoted 0 times
...
...
Jeannetta
2 months ago
Hmm, you might be right. I see how that could be a valid point. Thanks for sharing your perspective.
upvoted 0 times
...
Kimberlie
2 months ago
I disagree, I believe statement C is true because the hub adds routes based on IKE negotiations in ADVPN.
upvoted 0 times
...
Jeannetta
2 months ago
I think statement A is true because you need to disable add-route in the hub for ADVPN.
upvoted 0 times
...

Save Cancel