- Email support@dumps4free.com
Refer to the exhibit.
An administrator used the SD-WAN overlay template to prepare an IPsec configuration for a hub-and-spoke SD-WAN topology. The exhibit shows the installation preview for one FortiGate device. In the exhibit, which statement best describes the configuration applied to the FortiGate device?
A. It is a hub device. It can send ADVPN shortcut offers.
B. It is a spoke device that establishes dynamic IPsec tunnels to the hub. The subnet range is 10.10.128.0/23.
C. It is a spoke device that establishes dynamic IPsec tunnels to the hub. It can send ADVPN shortcut requests.
D. It is a hub device and will automatically discover the spoke devices that are in the SDWAN topology.
Explanation:
According to the SD-WAN 7.2 Study Guide, the SD-WAN overlay template simplifies the configuration of IPsec tunnels in a hub-and-spoke topology. The template defines the following parameters:
Type: dynamic for spokes, static for hubs
Interface: the WAN interface to use for the IPsec tunnel
Network-overlay: enable for spokes, disable for hubs
Network-id: a unique identifier for each spoke
Auto-discovery-sender: enable for hubs, disable for spokes
Auto-discovery-receiver: enable for spokes, disable for hubs
Based on the exhibit, the FortiGate device has the following configuration:
Type: dynamic
Interface: port1
Network-overlay: enable
Network-id: 5
Auto-discovery-sender: disable
Auto-discovery-receiver: enable
Therefore, the FortiGate device is a spoke that establishes dynamic IPsec tunnels to the hub. It also has the network-overlay and auto-discovery-receiver options enabled, which means it can send ADVPN shortcut requests to other spokes when it receives a shortcut
offer from the hub.
Which three matching traffic criteria are available in SD-WAN rules? (Choose three.)
A. Type of physical link connection
B. Internet service database (ISDB) address object
C. Source and destination IP address
D. URL categories
E. Application signatures
Refer to the Exhibits:
Exhibit A, which shows the SD-WAN performance SLA and exhibit B shows the health of the participating SD-WAN members. Based on the exhibits, which statement is correct?
A. The dead member interface stays unavailable until an administrator manually brings the interface back.
B. Port2 needs to wait 500 milliseconds to change the status from alive to dead.
C. Static routes using port2 are active in the routing table.
D. FortiGate has not received three consecutive requests from the SLA server configured for port2.
Which two settings can you configure to speed up routing convergence in BGP? (Choose two.)
A. update-source
B. set-route-tag
C. holdtime-timer
D. link-down-failover
Which statement about SD-WAN zones is true?
A. An SD-WAN zone can contain only one type of interface.
B. An SD-WAN zone can contain between 0 and 512 members.
C. You cannot use an SD-WAN zone in static route definitions.
D. You can configure up to 32 SD-WAN zones per VDOM.
Explanation:
SD-WAN zones are a group of interfaces that share the same SD-WAN settings, such as health check, SLA, and load balancing. Some characteristics of SD-WAN zones are:
An SD-WAN zone can contain different types of interfaces, such as physical, VLAN, aggregate, and tunnel interfaces1.
An SD-WAN zone can contain up to 512 members1.
You can use an SD-WAN zone in static route definitions, as long as the destination interface is also an SD-WAN zone1.
You can configure up to 32 SD-WAN zones per VDOM1.
| Page 6 out of 19 Pages |
| Previous |