Podcast
Questions and Answers
Which component is used to manage the AD-VPN configuration on FortiManager?
Which component is used to manage the AD-VPN configuration on FortiManager?
- BGP neighbor
- IPsec phase-1
- Route reflector
- VPN Manager (correct)
What needs to be changed from their default values when configuring AD-VPN on FortiManager?
What needs to be changed from their default values when configuring AD-VPN on FortiManager?
- Protected networks (correct)
- Net-device
- IP-addresses
- Add Route option
Which option needs to be disabled on the hub when configuring AD-VPN on FortiManager?
Which option needs to be disabled on the hub when configuring AD-VPN on FortiManager?
- Protected networks
- Add Route option (correct)
- IP-addresses
- Net-device
What needs to be enabled on the spokes when configuring AD-VPN on FortiManager?
What needs to be enabled on the spokes when configuring AD-VPN on FortiManager?
What needs to be configured on the IPsec virtual interfaces when configuring AD-VPN on FortiManager?
What needs to be configured on the IPsec virtual interfaces when configuring AD-VPN on FortiManager?
What needs to be configured when using IBGP?
What needs to be configured when using IBGP?
What is the naming convention for phase-1 when using a FortiManager VPN console?
What is the naming convention for phase-1 when using a FortiManager VPN console?
Where is the configuration of the Protected Subnet located?
Where is the configuration of the Protected Subnet located?
Which setting needs to be changed to enable AD-VPN in the IPsec phase-1?
Which setting needs to be changed to enable AD-VPN in the IPsec phase-1?
Which component needs to be enabled to allow dynamic routing?
Which component needs to be enabled to allow dynamic routing?
Which command can be used to verify the on-demand tunnels that are up?
Which command can be used to verify the on-demand tunnels that are up?
What is the purpose of turning off the Add Route switch on the hub device for AD-VPN?
What is the purpose of turning off the Add Route switch on the hub device for AD-VPN?
What protocol does AD-VPN use instead of adding routes based on IKE negotiations?
What protocol does AD-VPN use instead of adding routes based on IKE negotiations?
When can the commands shown on the slide be run on the spokes to verify routing updates?
When can the commands shown on the slide be run on the spokes to verify routing updates?
What does the IKE real-time debug help with in AD-VPN?
What does the IKE real-time debug help with in AD-VPN?
What does the output of the real-time debug show in AD-VPN?
What does the output of the real-time debug show in AD-VPN?
What happens when Spoke-1 receives an OFFER from the Hub in AD-VPN?
What happens when Spoke-1 receives an OFFER from the Hub in AD-VPN?
When do on-demand tunnels in AD-VPN remain active?
When do on-demand tunnels in AD-VPN remain active?
What does the routing table show after the on-demand tunnel is up in AD-VPN?
What does the routing table show after the on-demand tunnel is up in AD-VPN?
What can be specified when debugging IKE in AD-VPN?
What can be specified when debugging IKE in AD-VPN?
Flashcards are hidden until you start studying
