Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

Discussions
  1. Home
  2. Discussions
  3. Fortinet
  4. NSE 7 Network Security Architect
  5. NSE7_EFW-7.0 Discussions
  6. NSE7_EFW-7.0 Exam Topic 1 Question 5 Discussion
 Fortinet Discussions
Exam NSE7_EFW-7.0 All Questions
Exam NSE7_EFW-7.0 All Questions

View all questions & answers for the NSE7_EFW-7.0 exam

Go to Exam

Fortinet NSE 7 Network Security Architect NSE7_EFW-7.0 Question # 5 Topic 1 Discussion

NSE7_EFW-7.0 Exam Topic 1 Question 5 Discussion:
Question #: 5
Topic #: 1

An administrator added the following Ipsec VPN to a FortiGate configuration:

configvpn ipsec phasel -interface

edit "RemoteSite"

set type dynamic

set interface "portl"

set mode main

set psksecret ENC LCVkCiK2E2PhVUzZe

next

end

config vpn ipsec phase2-interface

edit "RemoteSite"

set phasel name "RemoteSite"

set proposal 3des-sha256

next

end

However, the phase 1 negotiation is failing. The administrator executed the IKF real time debug while attempting the Ipsec connection. The output is shown in the exhibit.

NSE7_EFW-7.0 Question 5

NSE7_EFW-7.0 Question 5

What is causing the IPsec problem in the phase 1 ?
A.

The incoming IPsec connection is matching the wrong VPN configuration

B.

The phrase-1 mode must be changed to aggressive

C.

The pre-shared key is wrong

D.

NAT-T settings do not match

Get Premium NSE7_EFW-7.0 Questions
Actual exam question for Fortinet NSE7_EFW-7.0 exam by Sage949 at Mar 5, 2025, 4:23:49 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit