hiexam
fortinet · NSE8_811 · Q425 · multiple_choice · topic_1

Refer to the exhibit. //IMG// A FortiGate is configured for a dial-up IPsec VPN to allow multiple remote FortiGate dev…

Refer to the exhibit. //IMG// A FortiGate is configured for a dial-up IPsec VPN to allow multiple remote FortiGate devices to connect to it. However, FortiGate A and B have problems connecting to the VPN. Only one of them can be connected at a time. If site B tries to connect while site A is connected, site A is disconnected. The IKE real-time debug shows the output in the exhibit when site A is disconnected. Referring to the exhibit, which configuration setting should be executed in the dial-up configuration to allow both VPNs to be connected at the same time?
  • A.set route-overlap allow
  • B.set single-source disable
  • C.set enforce-unique-id disable
  • D.set add-route enable
Explanation
Selected Answer: A A is correct as per https://community.fortinet.com/t5/FortiGate/Technical-Tip-Allowing-multiple-IPSec-dial-up-connection-from/ta-p/198550 There are 3 options: Action for overlapping routes. - use-old: Use the old route and do not add the new route. - use-new: Delete the old route and add the new route. - allow: Allow overlapping routes.

Reference: examtopics_top_comment

Practice with progress tracking

Sign in to track wrong answers, get spaced-repetition reminders, and run timed exam mode.

Start tracked practicePricing