Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet Exam NSE7_NST-7.2 Topic 1 Question 1 Discussion

Actual exam question for Fortinet's NSE7_NST-7.2 exam
Question #: 1
Topic #: 1
[All NSE7_NST-7.2 Questions]

Refer to the exhibit. which contains the output of diagnose vpn tunnel list.

Which command will capture ESP traffic for the VPN named DialUp_0?

Show Suggested Answer Hide Answer
Suggested Answer: C

Capturing ESP Traffic:

ESP (Encapsulating Security Payload) traffic is associated with IPsec and is identified by the protocol number 50. To capture ESP traffic, you need to filter packets based on this protocol.

In this specific case, you also need to filter for the host associated with the VPN tunnel, which is 10.200.3.2 as indicated in the exhibit.

Sniffer Command:

The correct command to capture ESP traffic for the VPN named DialUp_0 is:

diagnose sniffer packet any 'esp and host 10.200.3.2'

This command ensures that only ESP packets to and from the specified host are captured, providing a focused and relevant data set for troubleshooting.


Fortinet Documentation: Verifying IPsec VPN Tunnels (Fortinet Docs) (Welcome to the Fortinet Community!).

Fortinet Community: Troubleshooting IPsec VPN Tunnels (Welcome to the Fortinet Community!) (Fortinet Docs).

by Nickolas at Jun 03, 2024, 09:31 PM

Limited Time Offer

25%

Off

Get Premium NSE7_NST-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Reita
9 months ago
Option B, for sure. It's the simple and straightforward way to capture the ESP traffic.
upvoted 0 times
Gracia
9 months ago
I'll go with option B as well. It seems like the right command to capture ESP traffic.
upvoted 0 times
...
Pearly
9 months ago
Yeah, I agree. It's the most straightforward option.
upvoted 0 times
...
Leonor
9 months ago
I think option B is the best choice.
upvoted 0 times
...
...
Sueann
10 months ago
Hold up, is that a typo in option C? 10*200.3.2? Looks like someone's been playing around with their calculator!
upvoted 0 times
Lawrence
8 months ago
Definitely a typo, they probably meant to put a period instead of an asterisk.
upvoted 0 times
...
Fidelia
8 months ago
I think so too, it should be '10.200.3.2' instead of '10*200.3.2'.
upvoted 0 times
...
Stephaine
9 months ago
Yeah, that does look like a typo in option C.
upvoted 0 times
...
...
Verdell
10 months ago
Hmm, this is tricky. I'll have to go with D. Capturing traffic on port 4500 should do the trick.
upvoted 0 times
...
Galen
10 months ago
I'm going with C. The command 'esp and host 10*200.3.2' seems to target the specific VPN tunnel.
upvoted 0 times
...
Devora
10 months ago
Option B looks good. 'ip proto 50' should capture the ESP traffic for the VPN.
upvoted 0 times
Melina
9 months ago
Yeah, 'ip proto 50' should capture the ESP traffic for the VPN.
upvoted 0 times
...
Derick
9 months ago
I think option B is the correct one.
upvoted 0 times
...
Rozella
9 months ago
Yeah, 'ip proto 50' should capture the ESP traffic for the VPN.
upvoted 0 times
...
Amber
9 months ago
C) diagnose sniffer packet any 'esp and host 10*200.3.2'
upvoted 0 times
...
Tambra
9 months ago
B) diagnose sniffer packet any 'ip proto 50'
upvoted 0 times
...
Vonda
9 months ago
I think option B is the correct one.
upvoted 0 times
...
Marlon
10 months ago
A) diagnose sniffer packet any 'host 10.0.10.10'
upvoted 0 times
...
...
Dorothy
10 months ago
I disagree, I believe the correct answer is C) diagnose sniffer packet any 'esp and host 10*200.3.2'.
upvoted 0 times
...
Hyman
10 months ago
I think the answer is A) diagnose sniffer packet any 'host 10.0.10.10'.
upvoted 0 times
...

Save Cancel