ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE7_EFW-7.0 All Questions

View all questions & answers for the NSE7_EFW-7.0 exam
Go to Exam

Exam NSE7_EFW-7.0 topic 1 question 10 discussion

Actual exam question from Fortinet's NSE7_EFW-7.0
Question #: 10
Topic #: 1
[All NSE7_EFW-7.0 Questions]

Refer to the exhibits, which contain the partial configurations of two VPNs on FortiGate.


An administrator has configured two VPNs for two different user groups. Users who are in the Users-2 group are not able to connect to the VPN. After running a diagnostics command, the administrator discovered that FortiGate is not matching the user-2 VPN for members of the Users-2 group.
Which two changes must the administrator make to fix the issue? (Choose two.)

  • A. Use different pre-shared keys on both VPNs.
  • B. Enable XAuth on both VPNs.
  • C. Set up specific peer IDs on both VPNs.
  • D. Change to aggressive mode on both VPNs.
Show Suggested Answer Hide Answer
Suggested Answer: CD 🗳️
by pcbbj at Jan. 5, 2023, 12:02 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kocalin
Highly Voted 12 months ago
Selected Answer: CD
"In case of multiple dialup VPN with PSK, the same local GW and the same SA settings, we have to use aggress. mode and different peer IDs" - Study Guide page 421
upvoted 12 times
...
pcbbj
Highly Voted 1 year ago
Selected Answer: CD
To set peer-id, the VPN must be set in aggressive mode - https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-use-Peer-IDs-to-select-an-IPSec-dialup/ta-p/192292
upvoted 10 times
...
xxismailh0
Most Recent 2 months ago
Selected Answer: CD
According to the kb https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-use-Peer-IDs-to-select-an-IPSec-dialup/ta-p/192292 we need to set a Set up specific peer IDs on both VPNs. and Change to aggressive mode on both VPNs.
upvoted 1 times
...
marco_a
6 months, 4 weeks ago
Selected Answer: CD
c+d are corrects
upvoted 1 times
...
certifi46
8 months ago
Selected Answer: CD
aggressive mode + set peer-id
upvoted 2 times
...
Nope_123
10 months ago
Selected Answer: CD
You must use aggressive mode and different peer IDs (C & D) Page 421 of 7.0 study guide
upvoted 2 times
...
sahin
10 months, 1 week ago
B and C is correct Study guide page 421
upvoted 1 times
...
ducduc95
10 months, 3 weeks ago
Selected Answer: CD
To set peer-id, the VPN must be set in aggressive mode - https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-use-Peer-IDs-to-select-an-IPSec-dialup/ta-p/192292
upvoted 1 times
...
Seph1
11 months, 1 week ago
Selected Answer: CD
C & D - are correct. Set peer-id and aggressive mode
upvoted 2 times
...
tururu1496
1 year ago
Selected Answer: CD
pcbbj is correct
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago