ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE7_SDW-7.2 All Questions

View all questions & answers for the NSE7_SDW-7.2 exam
Go to Exam

Exam NSE7_SDW-7.2 topic 1 question 12 discussion

Actual exam question from Fortinet's NSE7_SDW-7.2
Question #: 12
Topic #: 1
[All NSE7_SDW-7.2 Questions]

Which statement is correct about SD-WAN and ADVPN?

  • A. SD-WAN can steer traffic to ADVPN shortcuts only for rules defined with strategy manual or best quality.
  • B. SD-WAN does not monitor the health and performance of ADVPN shortcuts.
  • C. SD-WAN cannot steer traffic to ADVPN shortcuts established over IPSec overlays if the zone contains physical interfaces.
  • D. SD-WAN can steer traffic to ADVPN shortcuts established over IPsec overlays configured as SD-WAN members.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by IBB90704 at March 8, 2024, 2:05 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ccie8122
1 month, 4 weeks ago
Selected Answer: D
D is correct per page 266 of the guide: "SD-WAN supports ADVPN shortcuts. For this, SD-WAN automatically steers the traffic through shortcuts and monitors their health and performance. You add the parent tunnel as member, and after the shortcut is negotiated, SD-WAN automatically starts steering traffic through the shortcut." C is INCORRECT for the same reason D is correct: "you add the parent tunnel as member." There is no discussion of (nor is there any need to) add the physical interface to the overlay zone -- only the tunnel interface need be added.
upvoted 2 times
ccie8122
1 month, 4 weeks ago
Correction ^^ There is no discussion that adding the physical interface will prevent SD-WAN from steering traffic over the member tunnel interface. I agree it is an incorrect configuration (physical interface SHOULD NOT be a member), but ADVPN/SD-WAN shortcut steering will still work.
upvoted 1 times
...
...
GCISystemIntegrator
6 months, 1 week ago
Selected Answer: D
need to listen the audio and in the ADVPN slite the voice tell exactely the "D" answer
upvoted 3 times
...
sugar12
7 months ago
Selected Answer: C
A - Wrong B - Wrong D - Wrong - SD-WAN supports ADVPN shortcuts. For this, SD-WAN automatically steers the traffic through shortcuts and monitors their health and performance. You add the parent tunnel as member, and after the shortcut is negotiated, SD-WAN automatically starts steering the traffic through the shortcut Lets say that the parent interface is called ADVPN and an example of a shortcut will be ADVPN1_0 . You do not add in the zone the ADVPN1_0 as described on choice D you add the parent tunnel. I am not really sure how all people gave as an answer D as correct. Its a tricky one as they play with words. C is the correct one. SD-WAN ADVPN is an overlay solution so it not expected to use the physical interfaces as members when specifically at C it says "established over IPSEC overlays"
upvoted 1 times
ccie8122
1 month, 4 weeks ago
Just because it is not expected to have the physical interface in the zone does not mean it will not work. C is INCORRECT because it states that "SD-WAN cannot steer traffic" if the zone contains physical interfaces. This is not true. You could have a physical interface in the zone. Since there is no valid route out that interface, that member will never be used, but the SD-WAN will still steer traffic over the IPSec overlay.
upvoted 1 times
...
stbb
6 months ago
Answer D, the ipsec overlays are configured as SD-WAN members meaning in your example the "ADVPN".
upvoted 1 times
...
...
truserud
8 months, 1 week ago
Selected Answer: D
D is correct
upvoted 1 times
...
alejandrofern43
9 months, 1 week ago
Selected Answer: D
D is correct
upvoted 1 times
...
KavinT
9 months, 3 weeks ago
Selected Answer: D
D is correct
upvoted 1 times
...
IBB90704
9 months, 3 weeks ago
D es la correcta
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago