FortiGate TWAMP Configuration: TWAMP Server Setup Quiz and Flashcards

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which port is the default port for TWAMP server on FortiGate?

8008 (correct)
80
443
862

Which mode is used for TWAMP server on FortiGate?

Security
Probe
Authentication
Response (correct)

Which command is used to enable probe-response access on the interface for TWAMP requests?

set port 862
config system interface
config system probe-response
allowaccess probe-response (correct)

What protocols does SD-WAN support for probe monitoring?

HTTP, DNS, and FTP (A) Signup and view all the answers

What does FortiGate do when HTTP is configured as the probe protocol?

Sends an HTTP GET request (B) Signup and view all the answers

What can be optionally configured when using HTTP as the probe protocol?

Check if the response contains a specific string (B) Signup and view all the answers

What is the target server in the HTTP probe example?

captive.portal.com (C) Signup and view all the answers

What does FortiGate wait for after sending an HTTP GET request as part of the probe?

HTTP GET response (D) Signup and view all the answers

What is the default port for TWAMP server on FortiGate?

8008 (A) Signup and view all the answers

What is the mode used for TWAMP server on FortiGate?

Response (C) Signup and view all the answers

FortiGate performs a case-sensitive search for the string set as http-match in the HTML content received from the server.

FortiGate performs a case-insensitive search for the string set as http-match in the HTML content received from the server. (D) Signup and view all the answers

You indicate the path portion of the target URL in the http-get setting.

You indicate the path portion of the target URL in the server setting. (D) Signup and view all the answers

When DNS is configured as the probe protocol, FortiGate sends periodic DNS A-record queries to the configured DNS server.

When DNS is configured as the probe protocol, FortiGate sends periodic DNS AAAA-record queries to the configured DNS server. (D) Signup and view all the answers

If no domain name is configured for the DNS probe, FortiGate queries example.com.

If no domain name is configured for the DNS probe, FortiGate queries google.com. (B) Signup and view all the answers

You can send DNS queries to the system DNS servers used by FortiGate by enabling the system-dns option.

You cannot send DNS queries to the system DNS servers used by FortiGate. (B) Signup and view all the answers

FortiGate waits for the DNS response and optionally checks if the IP-address set as dns-match-ip is included in the list of resolved IP-addresses.

FortiGate waits for the DNS response and checks if the IP-address set as dns-match-ip is included in the list of resolved IP-addresses. (D) Signup and view all the answers

When FTP is configured as the probe protocol, FortiGate periodically connects to the configured FTP server and logs in with the configured credentials.

When FTP is configured as the probe protocol, FortiGate periodically connects to the configured FTP server but does not log in. (A) Signup and view all the answers

If no username is configured for the FTP probe, FortiGate uses anonymous.

If no username is configured for the FTP probe, FortiGate uses the configured username. (C) Signup and view all the answers

If you specify a file to download in the FTP probe, the file is retrieved using a passive connection by default.

If you specify a file to download in the FTP probe, the file is retrieved using an active connection by default. (D) Signup and view all the answers

If you want to use an FTP active connection to download the file in the FTP probe, then set ftp-mode to port.

If you want to use an FTP active connection to download the file in the FTP probe, then set ftp-mode to passive. (B) Signup and view all the answers

Study Notes

TWAMP Server on FortiGate

The default port for the TWAMP server on FortiGate is 862.
The TWAMP server on FortiGate operates in controller mode.

Enabling Probe-Response Access

The config system interface command is used to enable probe-response access on the interface for TWAMP requests.

SD-WAN Probe Monitoring

SD-WAN supports ICMP, TCP, UDP, and HTTP protocols for probe monitoring.

HTTP Probe Protocol

When HTTP is configured as the probe protocol, FortiGate sends an HTTP GET request to the target server.
Optionally, a string can be configured to match in the HTML content received from the server using the http-match setting.
The target server in the HTTP probe example is the one specified in the http-get setting, which includes the path portion of the target URL.
FortiGate waits for the HTTP response after sending the GET request.

DNS Probe Protocol

When DNS is configured as the probe protocol, FortiGate sends periodic DNS A-record queries to the configured DNS server.
If no domain name is configured, FortiGate queries example.com.
The system-dns option can be enabled to send DNS queries to the system DNS servers used by FortiGate.
FortiGate waits for the DNS response and optionally checks if the IP address set as dns-match-ip is included in the list of resolved IP addresses.

FTP Probe Protocol

When FTP is configured as the probe protocol, FortiGate periodically connects to the configured FTP server and logs in with the configured credentials.
If no username is configured, FortiGate uses anonymous.
If a file is specified to download, it is retrieved using a passive connection by default.
To use an FTP active connection to download the file, set ftp-mode to port.

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Description

Learn how to configure FortiGate as a TWAMP server and set up server-side settings for TWAMP. Discover how to enable probe-response access and configure authentication for added security.

Configuring FortiGate as a TWAMP Server

Choose a study mode