ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE7_NST-7.2 All Questions

View all questions & answers for the NSE7_NST-7.2 exam
Go to Exam

Exam NSE7_NST-7.2 topic 1 question 31 discussion

Actual exam question from Fortinet's NSE7_NST-7.2
Question #: 31
Topic #: 1
[All NSE7_NST-7.2 Questions]

Refer to the exhibit, which contains the output of diagnose vpn tunnel list.

Which command will capture ESP traffic for the VPN named DialUp_0?

  • A. diagnose sniffer packet any 'host 10.0.10.10'
  • B. diagnose sniffer packet any 'ip proto 50'
  • C. diagnose sniffer packet any 'esp and host 10.200.3.2'
  • D. diagnose sniffer packet any 'port 4500'
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by ad01c21 at Dec. 4, 2024, 6:16 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
gneeha
3 weeks ago
Selected Answer: D
because mode=silent means nat is forced so nat is present so udp 4500 refer https://www.examtopics.com/discussions/fortinet/view/94129-exam-nse7_efw-70-topic-1-question-46-discussion/
upvoted 1 times
...
tuky88
1 month ago
Selected Answer: C
C is correct. Refer to: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Capture-ESP-and-Interesting-traffic-on-single-GUI/ta-p/193867
upvoted 1 times
ad01c21
4 weeks ago
I'm not agree, we are in situation of NAT-T, because port 4500 is used, hence ESP traffic is encapsulated in UDP 4500.
upvoted 3 times
evdw
3 weeks ago
We are in a NAT-T because scr addr of device is not same as scr addr of the packet, and indeed most of the time UDP/4500 is then used, as in this case so correct answer is D
upvoted 1 times
...
...
...
ad01c21
1 month ago
Selected Answer: D
Should be D, UDP 4500
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago