ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 19 - FCSS_SASE_AD-23 discussion

Report
Export

Refer to the exhibit.

A company has a requirement to inspect all the endpoint internet traffic on FortiSASE, and exclude Google Maps traffic from the FortiSASE VPN tunnel and redirect it to the endpoint physical Interface.

Which configuration must you apply to achieve this requirement?

A.
Exempt the Google Maps FQDN from the endpoint system proxy settings.
Answers
A.
Exempt the Google Maps FQDN from the endpoint system proxy settings.
B.
Configure a static route with the Google Maps FQDN on the endpoint to redirect traffic
Answers
B.
Configure a static route with the Google Maps FQDN on the endpoint to redirect traffic
C.
Configure the Google Maps FQDN as a split tunneling destination on the FortiSASE endpoint profile.
Answers
C.
Configure the Google Maps FQDN as a split tunneling destination on the FortiSASE endpoint profile.
D.
Change the default DNS server configuration on FortiSASE to use the endpoint system DNS.
Answers
D.
Change the default DNS server configuration on FortiSASE to use the endpoint system DNS.
Suggested answer: C

Explanation:

To meet the requirement of inspecting all endpoint internet traffic on FortiSASE while excluding Google Maps traffic from the FortiSASE VPN tunnel and redirecting it to the endpoint's physical interface, you should configure split tunneling. Split tunneling allows specific traffic to bypass the VPN tunnel and be routed directly through the endpoint's local interface.

Split Tunneling Configuration:

Split tunneling enables selective traffic to be routed outside the VPN tunnel.

By configuring the Google Maps Fully Qualified Domain Name (FQDN) as a split tunneling destination, you ensure that traffic to Google Maps bypasses the VPN tunnel and uses the endpoint's local interface instead.

Implementation Steps:

Access the FortiSASE endpoint profile configuration.

Add the Google Maps FQDN to the split tunneling destinations list.

This configuration directs traffic intended for Google Maps to bypass the VPN tunnel and be routed directly through the endpoint's physical network interface.

FortiOS 7.2 Administration Guide: Provides details on split tunneling configuration.

FortiSASE 23.2 Documentation: Explains how to set up and manage split tunneling for specific destinations.

asked 18/09/2024
Robert Aghten
34 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first