Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Fortinet Discussions

Exam NSE7_EFW-7.2 topic 1 question 15 discussion

Actual exam question from Fortinet's NSE7_EFW-7.2
Question #: 15
Topic #: 1
[All NSE7_EFW-7.2 Questions]

Refer to the exhibit which shows two configured FortiGate devices and peering over
FGSP.

The main link directly connects the two FortiGate devices and is configured using the set session-syn-dev <interface> command.
What is the primary reason to configure the main link?

  • A. To have only configuration synchronization in layer 3
  • B. To load balance both sessions and configuration synchronization between layer 2 and 3
  • C. To have both sessions and configuration synchronization in layer 3
  • D. To have both sessions and configuration synchronization in layer 2
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by rananaj at Feb. 22, 2024, 10:28 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
r3n0
Highly Voted 1 month, 2 weeks ago
Selected Answer: D
FGSP only sync sessions and it occur at L3 by default. We can move it at L2 with the set seesion-sync-dev. Configuration sync is an independant feature and occur, by default, at L2 as is part of FGCP and use hbdev command. Configuration sync can be configure to occur at L3 with the command unicast-peers, which is not the case here. If we move the sessions sync at L2, the configuration is already sync at L2 both will occur at L2. https://docs.fortinet.com/document/fortigate/7.2.7/administration-guide/84777/standalone-configuration-synchronization
upvoted 5 times
...
charruco
Most Recent 1 week, 4 days ago
Selected Answer: D
D is correct https://docs.fortinet.com/document/fortigate/7.2.7/administration-guide/84777/standalone-configuration-synchronization
upvoted 1 times
...
Totoahren
1 month, 2 weeks ago
Answer: D https://community.fortinet.com/t5/FortiGate/Technical-Tip-Suggested-Parameters-to-use-for-a-FortiGate/ta-p/230162
upvoted 1 times
...
truserud
1 month, 3 weeks ago
Selected Answer: D
I see a lot of discussion here with regards to the correct answer being either A or D. I think D is correct based on pages 113 and 118 in the Study Guide. Page 118 specifically states that Layer 2 is required for config sync in a FGSP standalone cluster configuration. And that you can enable session synchronization with layer 2 with the set session-syn-dev <interface #> command. I am a bit conflicted in the choice though, so it needs some further studying to be sure.
upvoted 4 times
truserud
1 month ago
In addition to my former comment, pages 110 and 111 state the following: Standalon configuration Synchronization is based on FGCP config sync, thus it requires layer 2 adjacency to form a cluster and sync config. This means that config sync already is using layer 2 as default. Page 111 states that sessions are synced between peers in an FGSP topology over layer 3 by default. Again showing that D is the correct answer.
upvoted 1 times
...
...
for3nsic
2 months ago
Selected Answer: A
p113 config sync remains at the layer 3
upvoted 2 times
...
Kop01
2 months ago
Selected Answer: A
Answer is A:To have only configuration synchronization in layer 3 p113 When peering over FGSP, by default, the FortiGate devices or FGCP clusters, share information over layer 3 between the interfaces that are configured with peer IP addresses. You can also specify the interfaces used to synchronize session in layer 2 instead of layer 3 using the "session-sync-dev" setting. When a session synchronization interface is configured and FGSP peers are directly connected on this interface, then session synchronization is done over layer 2, only falling back to layer 3 if the session synchronization interface becomes unavailable.
upvoted 1 times
...
underground07
2 months ago
Selected Answer: D
Session synchronization You can specify interfaces used to synchronize sessions in L2 instead of L3 using the session-sync-dev setting. For more information about using session synchronization, see Session synchronization interfaces in FGSP.
upvoted 2 times
...
5deee77
2 months ago
Selected Answer: D
The answer is D.
upvoted 1 times
...
Artbrut
2 months ago
Selected Answer: A
https://docs.fortinet.com/document/fortigate/6.2.14/cookbook/849059/ha-heartbeat-interface And: https://docs.fortinet.com/document/fortiweb/7.4.0/administration-guide/435480/synchronization "The configurations of the active (or primary ) node is automatically synchronized to all the members in the HA group. Synchronization ensures that all appliances in the group remain ready to process traffic, even if you only change one of the appliances. Synchronization traffic uses TCP on port number 6010 and a reserved IP address." session-sync-dev remains the traffic as layer 2. The study guide always only talks about the session sync.
upvoted 1 times
...
grani15
2 months ago
The answer is D.
upvoted 1 times
...
TheUsD
2 months, 1 week ago
The answer is D. Page 113: When peering over FGSP, by default, the FortiGate devices or FGCP clusters, share information over layer 3 between the interfaces that are configured with peer IP addresses. You can also specify the interfaces used to synchronize session in layer 2 instead of layer 3 using the "session-sync-dev" setting. When a session synchronization interface is configured and FGSP peers are directly connected on this interface, then session synchronization is done over layer 2, only falling back to layer 3 if the session synchronization interface becomes unavailable.
upvoted 2 times
...
TheUsD
2 months, 1 week ago
The answer is D. Page 113: When peering over FGSP, by default, the FortiGate devices or FGCP clusters, share information over layer 3 between the interfaces that are configured with peer IP addresses. You can also specify the interfaces used to synchronize session in layer 2 instead of layer 3 using the "session-sync-dev" setting. When a session synchronization interface is configured and FGSP peers are directly connected on this interface, then session synchronization is done over layer 2, only falling back to layer 3 if the session synchronization interface becomes unavailable.
upvoted 2 times
...
33k_
2 months, 1 week ago
Selected Answer: A
A, in a FGSP Cluster mode you can set that sessions are replicated over L2 and configuration remain in L3 with session-sync-dev:
upvoted 1 times
TheUsD
2 months, 1 week ago
The answer is D. Page 113: When peering over FGSP, by default, the FortiGate devices or FGCP clusters, share information over layer 3 between the interfaces that are configured with peer IP addresses. You can also specify the interfaces used to synchronize session in layer 2 instead of layer 3 using the "session-sync-dev" setting. When a session synchronization interface is configured and FGSP peers are directly connected on this interface, then session synchronization is done over layer 2, only falling back to layer 3 if the session synchronization interface becomes unavailable.
upvoted 2 times
...
...
rananaj
2 months, 1 week ago
The answer is D
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel