ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE7_NST-7.2 All Questions

View all questions & answers for the NSE7_NST-7.2 exam
Go to Exam

Exam NSE7_NST-7.2 topic 1 question 55 discussion

Actual exam question from Fortinet's NSE7_NST-7.2
Question #: 55
Topic #: 1
[All NSE7_NST-7.2 Questions]

Refer to the exhibit, which contains a screenshot of some phase 1 settings.



The VPN is not up. To diagnose the issue, the administrator enters the following CLI commands on an SSH session on FortiGate:

Diagnose vpn ike log-filter dst-addr4 10.0.10.1
Diagnose debug application ike -1

However, the IKE real-time debug does not show any output. Why?

  • A. The administrator must also run the command diagnose debug enable.
  • B. The debug shows only error messages. If there is no output, then the phase 1 and phase 2 configurations match.
  • C. The log-filter setting is incorrect. The VPN traffic does not match this filter.
  • D. Replace diagnose debug application ike -1 with diagnose debug application ipsec -1.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Ic3Box at March 18, 2025, 10:09 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Ic3Box
1 month ago
Selected Answer: A
after specifying a log filter and a debug application, you must still run: diagnose debug enable Correct answer is A.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago