nse7_sdw-72 Exam QuestionsBrowse all questions from this exam
Go to Exam

nse7_sdw-72 Exam - Question 49

Refer to the exhibit.

Which configuration change is required if the responder FortiGate uses a dynamic routing protocol to exchange routes over IPsec?

Show Answer
Correct Answer: B

To use a dynamic routing protocol to exchange routes over IPsec, the add-route option must be disabled. This ensures that the IKE protocol does not interfere with the routing decisions made by the dynamic routing protocol, allowing it to manage the routes effectively without automatically adding them through the IPsec configuration.

Discussion

3 comments
Sign in to comment
ginmcoOption: B
Apr 23, 2024

B is correct , Study Guide page 273

lucientOption: B
Apr 26, 2024

B is correct. Page 273. Note that add-route must be disabled if you use a dynamic routing protocol. This ensures that the IKE protocol does not add routes—back to spokes to hubs—and leaves routings solely to the configured dynamic routing protocol.

truserudOption: B
Apr 24, 2024

B is correct. See Ginmco's comment for deets.