Which two features of IPsec IKEv1 authentication are supported by FortiGate? (Choose two.)
Which two features of IPsec IKEv1 authentication are supported by FortiGate? (Choose two.)
FortiGate supports two features for IPsec IKEv1 authentication: Extended authentication (XAuth) can be used to request the remote peer to provide a username and password, and both pre-shared key and certificate signature methods are supported for authentication. These features ensure that FortiGate can handle a variety of authentication scenarios, providing flexibility and enhanced security during the setup of IPsec VPNs.
B. Extended authentication (XAuth) to request the remote peer to provide a username and password D. Pre-shared key and certificate signature as authentication methods FortiGate Infrastructure 7.2 Study Guide (p.237): "Authentication-wise, both versions support PSK and certificate signature. Although only IKEv1 supports XAuth, IKEv2 supports EAP, which is equivalent to XAuth." Reference and download study guide: https://ebin.pub/fortinet-fortigate-infrastructure-study-guide-for-fortios-72.html
Correct B and D, Fortigate infrastructure 7.2 page 237
Correct B and D, Fortigate infrastructure Study Guide 7.2 page 237
The answer are B and D
sabemos por la pag. 237 de Infrastructure guide xauth solo esta para ikev v1 adicional el la pag 260 esta esta referencia: Phase 1 supports two types of authentication: pre-shared keys and digital signatures. The XAuth extension, sometimes called phase 1.5, forces remote users to authenticate additionally with their credentials (username and password). So, additional authentication packets are exchanged if you enable it. What is the benefit? Stronger authentication.
BD is the correct answersA