nse8_812 Exam QuestionsBrowse all questions from this exam
Go to Exam

nse8_812 Exam - Question 35

Refer to the exhibits.

Topology -

Configuration -

The exhibits show a FortiGate network topology and the output of the status of high availability on the FortiGate.

Given this information, which statement is correct?

Show Answer
Correct Answer: C

The configuration status indicates that the two FortiGate units are in-sync, which is a requirement for high availability (HA). Unicast HA heartbeat interfaces must be connected to the same network, and this necessitates that IP addresses be assigned to these interfaces. The topology depicts that the devices are connected through switches on the same local area network, implying that the IP addresses for the HA heartbeat interfaces are statically assigned. Contrary to some comments, only the peer IP is relevant in unicast HA, indicating static assignment.

Discussion

7 comments
Sign in to comment
Viewable8041Option: C
Sep 5, 2023

It is C https://docs.fortinet.com/document/fortigate-private-cloud/7.4.0/microsoft-hyper-v-administration-guide/397100/ha Unicast HA heartbeat interfaces must be connected to the same network and you must add IP addresses to these interfaces. The unicast method does not change the FortiGate-VM interface MAC addresses to virtual MAC addresses.

pplee_shOption: C
Sep 8, 2023

Agree with Viewable8041

pplee_shOption: D
Aug 21, 2023

When HA A-P, they are sharing the same virtual MAC

ama6Option: D
Sep 25, 2023

guys D is correct

ac89l
Jan 24, 2024

nah ,,C is correct

gabrielfOption: D
Jan 29, 2024

D is correct, C is wrong because the IP address can be obtained using DHCP even if the FGTs are running in HA A-P mode. https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGate-HA-and-dynamic-interface-support-DHCP/ta-p/193933

node345Option: D
Feb 29, 2024

D is correct because both members in the HA a-p cluster share a virtual MAC for each service port. C is incorrect because only the peer IP should be statically added in unicast mode. The local interface IP can be added by a DHCP server. The documentation says "The heartbeat interfaces must be connected to the same network and the IP addresses must be added to these interfaces". It does not say how - statically or by a DHCP server.

node345
Mar 6, 2024

I have to correct myself. C is the correct answer. The diagram shows that port 3 is directly connected, which means that there can be no DHCP server on this segment.

dspavvnOption: D
May 30, 2024

All answers can be correct to an extent, I would choose D because the virtual mac address is always asigned to the primary. C states they are on the same network, but they are not because there is no connection bridging the switches.