nse7_sdw-70 Exam QuestionsBrowse all questions from this exam
Go to Exam

nse7_sdw-70 Exam - Question 8

Refer to the exhibit.

Which configuration change is required if the responder FortiGate uses a dynamic routing protocol to exchange routes over IPsec?

Show Answer
Correct Answer: D

When a dynamic routing protocol is used to exchange routes over an IPsec connection, the 'add-route' setting must be disabled. This is because dynamic routing protocols handle route management dynamically, and having 'add-route' enabled (which adds static routes) would interfere with the dynamic route management process. Disabling 'add-route' prevents conflicts and allows the dynamic routing protocol to function correctly.

Discussion

9 comments
Sign in to comment
themageofsecOption: D
Jul 3, 2023

D is correct Page 209 in Study_Guide 7.0 Page 236 in Study_Guide 7.2 add-route disable if dynamic routing is use

Michael348Option: B
May 26, 2023

B, interface needs and IP address and mode-cfg adds an IP from the Hub.

mordechaydOption: D
May 29, 2023

D. for using "non ike" routes (for example BGP/static and so on) you must do disable the add-route that inject automatically kernel route based on p2 selectors from the remote site from the SD-WAN_7.2_Study_Guide page 236

Kero016Option: D
May 29, 2023

D. add-route disable if dynamic routing is use

driguilimOption: D
May 30, 2023

D is correct

JABarracusOption: D
Jun 6, 2023

D is correct, SD-WAN_7.0 Study_Guide page 209 add-route disable if dynamic routing is use

ducduc95Option: D
Jun 22, 2023

D is correct, SD-WAN_7.0 Study_Guide page 209

charrucoOption: D
Oct 31, 2023

D is correct

alejandrofern43Option: D
Mar 20, 2024

Pag 236 Study_guide 7.2