hiexam
fortinet · NSE7_EFW-70 · Q427 · multiple_response · topic_1

Refer to the exhibit, which shows a partial routing table. //IMG// Assuming all the appropriate firewall policies are…

Refer to the exhibit, which shows a partial routing table. //IMG// Assuming all the appropriate firewall policies are configured, what two changes would an administrator need to make if they wanted to send traffic from a client directly connected to port3, to a server directly connected to port4? (Choose two.)
  • A.Configure route leaking between VRF 12 and VRF 21.
  • B.Disable auto-asic-offload as this is not supported between VRF instances.
  • C.Configure RIPv2 to exchange route information between the VRF instances.
  • D.Configure route leaking between port3 and port4.
  • E.Enable SNAT on the relevant firewall policies to prevent RPF check drops.
Explanation
Selected Answer: AE A -> you need to configure route leaking E -> net 10.1.0.0/24 overlaps, so SNAT can bypass the RPF check

Reference: examtopics_top_comment

Practice with progress tracking

Sign in to track wrong answers, get spaced-repetition reminders, and run timed exam mode.

Start tracked practicePricing