Based on the output, which two statements are correct?

NSE7_NST-7.2 0 Comments

Refer to the exhibit, which contains the partial output of a diagnose command.

Based on the output, which two statements are correct? (Choose two.)
A . The remote gateway IP is 10.200.5.1.
B . The remote gateway has quick more selectors containing a destination subnet of 10.1.2.0/24.
C . DPD is disabled.
D . Anti-replay is enabled.

Answer: A, D

Explanation:

Remote Gateway IP:

The output shows 10.200.5.1 as the remote gateway IP, confirming that this is the IP address of the remote gateway involved in the IPsec VPN tunnel.

Quick Mode Selectors:

The quick mode selectors specify the subnets involved in the VPN. The output shows src:

0:10.1.2.0/255.255.255.0:0 and dst: 0:10.1.1.0/255.255.255.0:0, indicating the subnets being tunneled.

DPD (Dead Peer Detection):

DPD is shown as mode=on-demand on=1 idle=20000ms retry=3 count=0 seqno=0, indicating that DPD is enabled in on-demand mode.

Anti-replay:

The output includes replaywin=2048 and replaywin_lastseq=00000000, which are indicators that

anti-replay protection is enabled for the IPsec tunnel.

Reference: Fortinet Network Security 7.2 Support Engineer Documentation VPN Configuration and Diagnostic Guides

Latest NSE7_NST-7.2 Dumps Valid Version with 40 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download NSE7_NST-7.2 PDF     NSE7_NST-7.2 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments