ExamGecko
Search Search Login
Home Home / Fortinet / NSE7_EFW-7.2
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit, which shows two configured FortiGate devices and peering over FGSP. The main link directly connects the two FortiGate devices and is configured using the set session-syn-dev <interface> command. What is the primary reason to configure the main link?
Exhibit. Refer to the exhibit, which contains a partial policy configuration. Which setting must you configure to allow SSH?
Which, three conditions are required for two FortiGate devices to form an OSPF adjacency? (Choose three.)
Which FortiGate in a Security I auric sends togs to FortiAnalyzer?
Exhibit. Refer to the exhibit, which shows information about an OSPF interlace What two conclusions can you draw from this command output? (Choose two.)
Refer to the exhibit. which contains a partial configuration of the global system. What can you conclude from this output?
Which two statements about metadata variables are true? (Choose two.)
Refer to the exhibit, which shows a network diagram. Which IPsec phase 2 configuration should you impalement so that only one remote site is connected at any time?
Which two statements about IKE vision 2 are true? (Choose two.)
Refer to the exhibits, which contain the network topology and BGP configuration for a hub. Exhibit A. Exhibit B. An administrator is trying to configure ADVPN with a hub and spoke VPN setup using iBGP. All the VPNs are up and connected to the hub. The hub is receiving route information from both spokes over iBGP; however the spokes are not receiving route information from each other. What change must the administrator make to the hub BGP configuration so that the routes learned from one spoke are forwarded to the other spoke?

Question 27 - NSE7_EFW-7.2 discussion

Report
Export

An administrator has configured two fortiGate devices for an HA cluster. While testing HA failover, the administrator notices that some of the switches in the network continue to send traffic to the former primary device What can the administrator do to fix this problem?

A.
Verify that the speed and duplex settings match between me FortiGate interfaces and the connected switch ports
Answers
A.
Verify that the speed and duplex settings match between me FortiGate interfaces and the connected switch ports
B.
Configure set link -failed signal enable under-config system ha on both Cluster members
Answers
B.
Configure set link -failed signal enable under-config system ha on both Cluster members
C.
Configure remote Iink monitoring to detect an issue in the forwarding path
Answers
C.
Configure remote Iink monitoring to detect an issue in the forwarding path
D.
Configure set send-garp-on-failover enables under config system ha on both cluster members
Answers
D.
Configure set send-garp-on-failover enables under config system ha on both cluster members
Suggested answer: B

Explanation:

Virtual MAC Address and Failover

- The new primary broadcasts Gratuitous ARP packets to notify the network that each virtual MAC is now reachable through a different switch port.

- Some high-end switches might not clear their MAC table correctly after a failover - Solution: Force former primary to shut down all its interfaces for one second when the failover happens (excluding heartbeat and reserved management interfaces):

#Config system ha

set link-failed-signal enable

end

- This simulates a link failure that clears the related entries from MAC table of the switches.

Show Answer
asked 18/09/2024
Chukwuebuka Ogbonna
41 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms