ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam FCSS_NST_SE-7.4 All Questions

View all questions & answers for the FCSS_NST_SE-7.4 exam
Go to Exam

Exam FCSS_NST_SE-7.4 topic 1 question 44 discussion

Actual exam question from Fortinet's FCSS_NST_SE-7.4
Question #: 44
Topic #: 1
[All FCSS_NST_SE-7.4 Questions]

Refer to the exhibit, which contains a screenshot of some phase 1 settings.

The VPN is up. To monitor traffic flow, the administrator enters the following CLI commands on an SSH session on FortiGate: diagnose sniffer packet any 'udp and port 500' 4 diagnose debug enable
However, the sniffer does not show any output. Why?

  • A. Change the filter to sniff protocol TCP.
  • B. It must sniff IP address 10.0.10.1.
  • C. Change the filter to sniff traffic on port1.
  • D. NAT Traversal is enabled.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by IBB90704 at May 5, 2025, 2:46 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
IBB90704
2 months, 1 week ago
Selected Answer: D
If NAT-T is enabled, and there is a FortiGate located in the middle that is running NAT, the sniffer command must use a different filter. In this case, IKE traffic uses port UDP 500, but switches to UDP port 4500 during the tunnel negotiation. Additionally, ESP traffic is encapsulated inside the UDP 4500 channel. Pagina 333 Network_Security_Support_Engineer_7.4_Study_Guide
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel