ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE8_812 All Questions

View all questions & answers for the NSE8_812 exam
Go to Exam

Exam NSE8_812 topic 1 question 53 discussion

Actual exam question from Fortinet's NSE8_812
Question #: 53
Topic #: 1
[All NSE8_812 Questions]

Refer to the exhibit showing FortiGate configurations.

FortiManager VM high availability (HA) is not functioning as expected after being added to an existing deployment.
The administrator finds that VRRP HA mode is selected, but primary and secondary roles are greyed out in the GUI. The managed devices never show online when FMG-B becomes primary, but they will show online whenever the FMG-A becomes primary.
What change will correct HA functionality in this scenario?

  • A. Change the FortiManager IP address on the managed FortiGate to 10.3.106.65.
  • B. Make the monitored IP to match on both FortiManager devices.
  • C. Unset the primary and secondary roles in the FortiManager CLI configuration so VRRP will decide who is primary.
  • D. Change the priority of FMG-A to be numerically lower for higher preference.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Viewable8041 at Sept. 7, 2023, 2:25 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
jhonnyjhon
4 months ago
Selected Answer: A
A is the answer D Incorrect answer here why: "Priority: <1-253>, Set the priority for this device between 1 (lowest) and 253 (highest). The device with a higher priority will operate as the primary unit when possible."
upvoted 1 times
...
re_j0hn
9 months, 3 weeks ago
A is the answer. https://community.fortinet.com/t5/FortiManager/Technical-Tip-FortiManager-VRRP-HA-configuration-in-Azure-Public/ta-p/267503 https://community.fortinet.com/t5/FortiManager/Technical-Tip-FortiManager-HA-setup-and-troubleshooting/ta-p/222998
upvoted 1 times
...
jr01239a
9 months, 3 weeks ago
A. The managed devices go off-line (e.g. Fortigate) if they are not pointed to the VIP of the FortiManager. When FM-A comes back-online all is good - suggesting that the managed FG points to the real IP of FM-A, hence failover to FM-B = no visibility. Monitored IPs don't have to match. Primary Secondary roles grayed out when VRRP configured and will change in the CLI output based upon the primary/secondary. Priority is un-related.
upvoted 1 times
...
ama6
1 year, 2 months ago
https://docs.fortinet.com/document/fortimanager/7.4.1/administration-guide/203784/if-the-primary-or-a-backup-unit-fails
upvoted 1 times
...
ama6
1 year, 2 months ago
B is correct because the monitored IP must match on both FortiManager devices for HA to function properly. This is explained in the FortiManager Administration Guide under High Availability > Configuring HA options > Configuring HA options using the GUI.
upvoted 1 times
...
Viewable8041
1 year, 2 months ago
Selected Answer: A
https://docs.fortinet.com/document/fortimanager/7.4.1/administration-guide/800686/configuring-ha-options
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel