Which of the following conditions are required for establishing an IPSec VPN between two FortiGate devices? (Choose two.)
A. If XAuth is enabled as a server in one peer, it must be enabled as a client in the other peer.
B. If the VPN is configured as route-based, there must be at least one firewall policy with the action set to IPSec.
C. If the VPN is configured as DialUp User in one peer, it must be configured as either Static IP Address or Dynamic DNS in the other peer.
D. If the VPN is configured as a policy-based in one peer, it must also be configured as policy-based in the other peer.
|
Download Printable PDF. VALID exam to help you PASS. |
 |
The correct answer is A and C. Option ‘B’ is incorrect since in Policy-Based VPN only one policy controls connections in both directions i.e. require a security policy with IPSEC action that specifies the VPN tunnel, however, in Route-based VPN, a separate policy is required for connections in each direction (i.e. from LAN to tunnel interface and from a tunnel to LAN interface).
B y C , el xauth no es indispensable para establecer una VPN,.
Si se establece una VPN con base en rutas almenos debe haber una politica de firewall (B)
SI se configura una VPN como dialup, de la otra punta se debe de configurar una VPN Estatica u DNS (C)
A and C are correct. See FortiGate_Security_6.2_Study_Guide-Online.pdf pages 654 (A) and 649 (C)
Yes, it’s A & C
Proof for A: Fortigate Security Study Guide Page 621
Proof for C: Fortigate Security Study Guide Page 616
Correct В and C.
Not A – because “between two FortiGate devices”, not for DialUp USERS (XAuth for it only).
Yes, A and C, i was wrong.
correct answer A and C