nse8_812 Exam QuestionsBrowse all questions from this exam
Go to Exam

nse8_812 Exam - Question 54

A remote IT Team is in the process of deploying a FortiGate in their lab. The closed environment has been configured to support zero-touch provisioning from the FortiManager, on the same network, via DHCP options. After waiting 15 minutes, they are reporting that the FortiGate received an IP address, but the zero-touch process failed.

The exhibit below shows what the IT Team provided while troubleshooting this issue:

Which statement explains why the FortiGate did not install its configuration from the FortiManager?

Show Answer
Correct Answer: B

The issue lies in the DHCP server configuration, specifically with the fully qualified domain name (FQDN) of the FortiManager. The diagnosis output shows that the FortiManager IP address is correctly assigned to the FortiGate (fmg-ip=172.18.60.115), and there is no mention of an incorrect option type being used for the IP address. However, the fmg-domain-name is shown as an empty string, which indicates that the DHCP server did not provide the necessary FQDN for the FortiManager. This could prevent the zero-touch provisioning process from completing successfully.

Discussion

6 comments
Sign in to comment
WBP43Option: D
Sep 21, 2023

Fortigate must be in factory default status https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-perform-zero-touch-provisioning-with/ta-p/197623

Viewable8041
Sep 7, 2023

I do not see any issue here. https://docs.fortinet.com/document/fortigate/6.4.2/administration-guide/861490/zero-touch-provisioning-with-fortimanager

ama6Option: C
Sep 25, 2023

Correct C C is correct because the DHCP server used the incorrect option type for the FortiManager IP address. The option type should be 43 instead of 15, as shown in the FortiManager Administration Guide under Zero-Touch Provisioning > Configuring DHCP options for ZTP. References: https://docs.fortinet.com/document/fortimanager/7.4.0/administration-guide/568591/high-availability https://docs.fortinet.com/document/fortimanager/7.4.0/administration-guide/568591/high-availability/568592/configuring-ha-options

GoluxOption: D
Jan 5, 2024

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-perform-zero-touch-provisioning-with/ta-p/197623

ac89l
Jan 23, 2024

D would be correct if fmg-ip=0.0.0.0

max22222Option: D
Feb 13, 2024

it can be route change etc, so the correct is D

re_j0hnOption: C
Feb 17, 2024

Answer is C. Using DHCP Option 240/241 to discover the FMG.