Refer to the exhibit.
Based on the exhibit, which action does FortiGate take?
Refer to the exhibits.
Exhibit A
Exhibit B -
Exhibit A shows the configuration for an SD-WAN rule and exhibit B shows the respective rule status, the routing table, and the member status.
The administrator wants to understand the expected behavior for traffic matching the SD-WAN rule.
Based on the exhibits, what can the administrator expect for traffic matching the SD-WAN rule?
What is a benefit of using application steering in SD-WAN?
Refer to the exhibits.
Exhibit A shows two IPsec templates to define Branch_IPsec_1 and Branch_IPsec_2. Each template defines a VPN tunnel.
Exhibit B shows the error message that FortiManager displayed when the administrator tried to assign the second template to the FortiGate device.
Which statement best explain the cause for this issue?
Which two protocols in the IPsec suite are most used for authentication and encryption? (Choose two.)
Exhibit B –
Exhibit A shows the system interface with the static routes and exhibit B shows the firewall policies on the managed FortiGate.
Based on the FortiGate configuration shown in the exhibits, what issue might you encounter when creating an SD-WAN zone for port1 and port2?
What are two benefits of using forward error correction (FEC) in IPsec VPNs? (Choose two.)
Exhibit.
The exhibit shows VPN event logs on FortiGate. In the output shown in the exhibit, which statement is true?
Refer to the exhibit.
Based on the output, which two conclusions are true? (Choose two.)
Which statement about using BGP for ADVPN is true?
Refer to the exhibit.
Which two statements about the IPsec VPN configuration and the status of the IPsec VPN tunnel are true? (Choose two.)
Which two statements are true about using SD-WAN to steer local-out traffic? (Choose two.)
The SD-WAN overlay template helps to prepare SD-WAN deployments. To complete the tasks performed by the SD-WAN overlay template, the administrator must perform some post-run tasks. What are three mandatory post-run tasks that must be performed? (Choose three.)
Refer to the exhibit.
In a dual-hub hub-and-spoke SD-WAN deployment, which is a benefit of disabling the anti-replay setting on the hubs?
Refer to the exhibit.
Which statement about the role of the ADVPN device in handling traffic is true?
Refer to the exhibit.
An administrator is troubleshooting SD-WAN on FortiGate. A device behind branch1_fgt generates traffic to the 10.0.0.0/8 network. The administrator expects the traffic to match SD-WAN rule ID 1 and be routed over T_INET_0_0. However, the traffic is routed over T_INET_1_0.
Based on the output shown in the exhibit, which two reasons can cause the observed behavior? (Choose two.)
Two hub-and-spoke groups are connected through a site-to-site IPsec VPN between Hub 1 and Hub 2. The administrator configured ADVPN on both hub-and-spoke groups.
Which two outcomes are expected if a user in Toronto sends traffic to London? (Choose two.)
Refer to the exhibit.
FortiGate has multiple dial-up VPN interfaces incoming on port1 that match only FIRST_VPN.
Which two configuration changes must be made to both IPsec VPN interfaces to allow incoming connections to match all possible IPsec dial-up interfaces? (Choose two.)
Refer to the exhibits.
An administrator is testing application steering in SD-WAN. Before generating test traffic, the administrator collected the information shown in exhibit A.
After generating GoToMeeting test traffic, the administrator examined the respective traffic log on FortiAnalyzer, which is shown in exhibit B. The administrator noticed that the traffic matched the implicit SD-WAN rule, but they expected the traffic to match rule ID 1.
Which two reasons explain why the traffic matched the implicit SD-WAN rule? (Choose two.)
What is the route-tag setting in an SD-WAN rule used for?
What does enabling the exchange-interface-ip setting enable FortiGate devices to exchange?
Refer to the exhibit.
Based on the exhibit, which two actions does FortiGate perform on sessions after a firewall policy change? (Choose two.)
Refer to the exhibits.
Exhibit A
Exhibit B
Exhibit A shows the source NAT (SNAT) global setting and exhibit B shows the routing table on FortiGate.
Based on the exhibits, which two actions does FortiGate perform on existing sessions established over port2, if the administrator increases the static route priority on port2 to 20? (Choose two.)
Refer to the exhibits.
Exhibit A -
Exhibit B -
Exhibit A shows a site-to-site topology between two FortiGate devices: branch1_fgt and dc1_fgt. Exhibit B shows the system global and system settings configuration on dc1_fgt.
When branch1_client establishes a connection to dc1_host, the administrator observes that, on dc1_fgt, the reply traffic is routed over T_INET_0_0, even though T_INET_1_0 is the preferred member in the matching SD-WAN rule.
Based on the information shown in the exhibits, what configuration change must be made on dc1_fgt so dc1_fgt routes the reply traffic over T_INET_1_0?