Recent

  • Show all results for ""
quiz image
By @lagopett

Mastering Hub Device Routing in AD-VPN

VisionarySugilite avatar
VisionarySugilite
·
·
Download

Start Quiz

Study Flashcards

20 Questions

Which component is used to manage the AD-VPN configuration on FortiManager?

VPN Manager

What needs to be changed from their default values when configuring AD-VPN on FortiManager?

Protected networks

Which option needs to be disabled on the hub when configuring AD-VPN on FortiManager?

Add Route option

What needs to be enabled on the spokes when configuring AD-VPN on FortiManager?

Net-device

What needs to be configured on the IPsec virtual interfaces when configuring AD-VPN on FortiManager?

IP-addresses

What needs to be configured when using IBGP?

Route reflector

What is the naming convention for phase-1 when using a FortiManager VPN console?

phase1name_0

Where is the configuration of the Protected Subnet located?

All VPN Communities

Which setting needs to be changed to enable AD-VPN in the IPsec phase-1?

Add Route option

Which component needs to be enabled to allow dynamic routing?

BGP neighbor

Which command can be used to verify the on-demand tunnels that are up?

get ipsec tunnel list

What is the purpose of turning off the Add Route switch on the hub device for AD-VPN?

To prevent the hub from adding routes based on IKE negotiations

What protocol does AD-VPN use instead of adding routes based on IKE negotiations?

BGP

When can the commands shown on the slide be run on the spokes to verify routing updates?

After the tunnels between the hub and the spokes come up

What does the IKE real-time debug help with in AD-VPN?

Debugging shortcut messages and spoke-to-spoke negotiations

What does the output of the real-time debug show in AD-VPN?

Exchange of all shortcuts

What happens when Spoke-1 receives an OFFER from the Hub in AD-VPN?

Spoke-1 sends a shortcut-query to Spoke-2

When do on-demand tunnels in AD-VPN remain active?

Until they time out

What does the routing table show after the on-demand tunnel is up in AD-VPN?

The network of Spoke-2 is directly accessible using the on-demand tunnel

What can be specified when debugging IKE in AD-VPN?

Multiple IP-addresses

Learn how to disable the Add Route switch on the hub device in AD-VPN. This quiz will guide you through the steps to prevent the hub from adding routes based on IKE negotiations and use a dynamic routing protocol instead. Discover how to update the spoke routing table before and after the tunnels between the hub and spokes are established.

Make Your Own Quizzes and Flashcards

Convert your notes into interactive study material.

Get started for free

More Quizzes Like This

FortiManager VPN Manager
20 questions

FortiManager VPN Manager

VisionarySugilite avatar
VisionarySugilite
VPN Gateways
20 questions

VPN Gateways

VisionarySugilite avatar
VisionarySugilite
Mastering SD-WAN Zone Configuration with FortiManager GUI
20 questions

Mastering SD-WAN Zone Configuration with FortiManager GUI

VisionarySugilite avatar
VisionarySugilite
FortiManager Performance SLA Configuration Quiz
20 questions

FortiManager Performance SLA Configuration Quiz and Flashcards

VisionarySugilite avatar
VisionarySugilite
Use Quizgecko on...
Browser
Open
Browser
Browser