ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE7_EFW-7.2 All Questions

View all questions & answers for the NSE7_EFW-7.2 exam
Go to Exam

Exam NSE7_EFW-7.2 topic 1 question 24 discussion

Actual exam question from Fortinet's NSE7_EFW-7.2
Question #: 24
Topic #: 1
[All NSE7_EFW-7.2 Questions]

You created a VPN community using VPN Manager on FortiManager. You also added gateways to the VPN community. Now you are trying to create firewall policies to permit traffic over the tunnel; however, the VPN interfaces do not appear as available options.
What step must you take to resolve this issue?

  • A. Refresh the device status using the Device Manager so that FortiGate populates the IPSec interfaces.
  • B. Install the VPN community and gateway configuration on the FortiGate devices so that the VPN interfaces appear on the Policy Objects on FortiManager.
  • C. Configure the phase 1 settings in the VPN community that you didn’t initially configure. FortiGate automatically generates the interfaces after you configure the required settings.
  • D. Create interface mappings for the IPsec VPN interfaces before you use them in a policy.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Artbrut at Feb. 28, 2024, 7:18 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
raydel92
Highly Voted 1 year ago
Selected Answer: D
When you push a config from FM to FGs nothing new appears on the Policy Objects on FortiManager. The new interfaces are created on FGs. You need to create manually vpn interface mappings under Normalized Interface option to use them on firewall policies
upvoted 8 times
...
Artbrut
Highly Voted 1 year, 5 months ago
Selected Answer: B
It 's B as per study guide p. 304 1. Create VPN community 2. Add gateways (members) to the community 3. Install the VPN community and gateways configuration <-------- 4. Add the firewall policies 5. Install the firewall policys
upvoted 5 times
...
charruco
Most Recent 1 year, 3 months ago
Selected Answer: B
B is correct study guide page 304
upvoted 3 times
...
maxwellhc
1 year, 4 months ago
Guys, I saw that everyone gets this question wrong. The correct answer is the letter D. Look at doc.fortinet. https://docs.fortinet.com/document/fortimanager/7.4.2/administration-guide/80387/interface-mapping
upvoted 3 times
dsticht
1 year, 3 months ago
I really felt like this had merit and I'm still not sure, but I dug a bit more. In this document, it talks about needing an interface for route based VPN, but not for policy based VPN. It gets VERY confusing. https://docs.fortinet.com/document/fortimanager/7.4.2/administration-guide/379233/vpn-security-policies
upvoted 1 times
...
...
truserud
1 year, 5 months ago
Selected Answer: B
Correct answer is B.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel