Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Fortinet Exam NSE8_812 Topic 1 Question 17 Discussion

Actual exam question for Fortinet's NSE8_812 exam
Question #: 17
Topic #: 1
[All NSE8_812 Questions]

Refer to the exhibits.

The exhibits show a diagram of a requested topology and the base IPsec configuration.

A customer asks you to configure ADVPN via two internet underlays. The requirement is that you use one interface with a single IP address on DC FortiGate.

In this scenario, which feature should be implemented to achieve this requirement?

Show Suggested Answer Hide Answer
Suggested Answer: A

A is correct because using network-overlay id allows you to configure multiple ADVPN tunnels on a single interface with a single IP address on the DC FortiGate. This is explained in the FortiGate Administration Guide under ADVPN > Configuring ADVPN > Configuring ADVPN on the hub. References: https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/978793/advpn https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/978793/advpn/978794/configuring-advpn


Contribute your Thoughts:

Elizabeth
6 months ago
That's a good point, Una. It's important to consider all the options before making a decision.
upvoted 0 times
...
Una
6 months ago
I prefer option A) Use network-overlay id because it provides a more dynamic and flexible approach to configuring ADVPN.
upvoted 0 times
...
Valda
7 months ago
Using peer-id allows for better identification of the peer device, which is crucial for establishing a secure connection.
upvoted 0 times
...
Elizabeth
7 months ago
Why do you think peer-id is the right choice?
upvoted 0 times
...
Valda
7 months ago
I disagree, I believe the correct feature is D) Use peer-id.
upvoted 0 times
...
Elizabeth
7 months ago
I think the feature that should be implemented is C) Use local-id.
upvoted 0 times
...
Francine
8 months ago
Haha, this is like a trick question! I bet the real answer is something we're not even considering. Maybe we need to think outside the box a little.
upvoted 0 times
Josphine
8 months ago
C) Use local-id
upvoted 0 times
...
Paz
8 months ago
Haha, this is like a trick question! I bet the real answer is something we're not even considering. Maybe we need to think outside the box a little.
upvoted 0 times
...
Donette
8 months ago
A) Use network-overlay id
upvoted 0 times
...
...
Dallas
8 months ago
I'm not so sure about that. Wouldn't using 'peer-id' be a better option? That way, we can identify the remote peers instead of just the local device.
upvoted 0 times
...
Stefan
8 months ago
You know, I've dealt with this kind of configuration before. I think the answer might be to use the 'local-id' feature. That way, we can identify the FortiGate using a single IP address, rather than needing multiple interfaces.
upvoted 0 times
...
Kirk
8 months ago
Hmm, this question seems tricky. I'm not too familiar with ADVPN, but it looks like we need to find a way to use a single interface with one IP address on the DC FortiGate to achieve the requirement.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77