ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE4_FGT-6.0 All Questions

View all questions & answers for the NSE4_FGT-6.0 exam
Go to Exam

Exam NSE4_FGT-6.0 topic 1 question 28 discussion

Actual exam question from Fortinet's NSE4_FGT-6.0
Question #: 28
Topic #: 1
[All NSE4_FGT-6.0 Questions]

Which of the following conditions are required for establishing an IPSec VPN between two FortiGate devices? (Choose two.)

  • A. If XAuth is enabled as a server in one peer, it must be enabled as a client in the other peer.
  • B. If the VPN is configured as route-based, there must be at least one firewall policy with the action set to IPSec.
  • C. If the VPN is configured as DialUp User in one peer, it must be configured as either Static IP Address or Dynamic DNS in the other peer.
  • D. If the VPN is configured as a policy-based in one peer, it must also be configured as policy-based in the other peer.
Show Suggested Answer Hide Answer
Suggested Answer: BC 🗳️
by rogue7 at Aug. 12, 2019, 9:40 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
rogue7
Highly Voted 5 years, 8 months ago
B is incorrect. https://help.fortinet.com/fos60hlp/60/Content/FortiOS/fortigate-ipsecvpn/Defining_VPN_Policies/Defining_Policies_for_Policy_and_Route.htm?Highlight=route%20based%20vpn
upvoted 5 times
...
SebaAr22
Most Recent 4 years, 3 months ago
A - C are correct
upvoted 1 times
...
farmez
4 years, 4 months ago
A and C B incorrect => IPSEC ACTION in a firewall policy is used with policy-based VPN and not route-based VPN
upvoted 1 times
...
Vlad_R
4 years, 7 months ago
B- action can be set to Accept,Deny and learn so is wrong.A is correct : Adding XAuth authentication Extended Authentication (XAuth) increases security by requiring additional user authentication in a separate exchange at the end of the VPN Phase 1 negotiation. The FortiGate unit challenges the user for a user name and password. It then forwards the user’s credentials to an external RADIUS or LDAP server for verification. Implementation of XAuth requires configuration at both the FortiGate unit and the FortiClient application. For information about configuring a FortiGate unit as an XAuth server, see Phase 1 parameters. The following procedure explains how to configure the FortiClient application. So the correct answers are A&C.
upvoted 4 times
NETeng01
4 years, 5 months ago
for me correct are C and D
upvoted 1 times
...
...
Levis
4 years, 11 months ago
A and c
upvoted 4 times
...
montonearm
5 years, 2 months ago
i think A & C
upvoted 3 times
Ctnroger
4 years, 5 months ago
But Xauth is use for dialup vpn no site to site vpn
upvoted 1 times
...
...
ni
5 years, 5 months ago
Answer is AC
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago