Exam NSE7_SDW-7.2 topic 1 question 39 discussion

Indeed D is the correct answer: advpnsc=1 for shortcut, vpntunnel="T_MPLS_0" is the shortcut tunnel name (study guide)

https://docs.fortinet.com/document/fortigate/7.2.0/new-features/661245/add-log-field-to-identify-advpn-shortcuts-in-vpn-logs 'A value of 1 indicates the tunnel is an ADVPN shortcut, and 0 indicates it is not'

I did not find anything in the text book referencing a "master tunnel" on page 283 it clearly states that a tunnel is assigned 1 for shortcut tunnel and 0 for normal tunnel. Therefore D is correct.

Explanation: Line 8:The log entry shows an IPsec tunnel named "T_MPLS_0", with an advpnc=1. This indicates that the tunnel T_MPLS_0 is being used as a master tunnel and has created a shortcut tunnel for ADVPN. The presence of advpnc=1 confirms the shortcut tunnel. Why not the other options? B. The master tunnel T_INET_0 cannot accept the ADVPN shortcut. Incorrect. The logs do not indicate that T_INET_0 is incapable of ADVPN shortcuts. The advpnc=0 simply means no shortcut was created for that particular tunnel. C. There are no IPsec tunnel statistics log messages for ADVPN shortcuts. Incorrect. The log entry for T_MPLS_0 clearly shows an advpnc=1, confirming the presence of an ADVPN shortcut. D. The VPN tunnel T_MPLS_0 is a shortcut tunnel. Incorrect. T_MPLS_0 is a master tunnel, and a shortcut tunnel is built from it. Thus, A is the correct answer because there is one shortcut tunnel built from T_MPLS_0 as indicated by advpnc=1 in the logs

D is indeed the correct answer we've been so used to tunnel names with NAME_NUMBER, thus the confusion that letter A is the correct one but we need to remember that as long as advpnsc=1, that means that tunnel is a shortcut tunnel. for this example, the parent tunnel is likely named only T_MPLS (no number)

SG p 283: "the field advpnsc will help you identify the shortcut VPN tunnels. FG will set advpnsc value 1 for . . . shortcut tunnels."

Given that T_MPLS_0 is marked with advpnsec=1, this log entry confirms that it is indeed an ADVPN shortcut tunnel. D is correct

D is correct. A is wrong, because the name of master should be T_MPLS. Shortcut tunnel name is T_MPLS_0

D is correct When reviewing VPN log messages, the field advpnsc will help you identify the shortcut VPN tunnels. FortiGate will set advpnsc value 1 for any log messages related to shortcut tunnels; for any other tunnel, the advpnsc value is set to 0.

D is correct, advpnsc=1 means shortcut, vpntunnel="T_MPLS_O" name of the tunnel

There is one shortcut built over T_MPLS_0 because second log has "advpnsc=1" and page 283 says "FortiGate will set advpnsc value 1 for any log messages related to shortcut tunnels; for any other tunnel, the advpnsc value is set to 0."

Correct answer is D - advpnsc=1 means that it is a shortcut.

Correct answer is A