If the administrator knows that there is no NAT device located between both FortiGates, what command should the administrator execute?
An administrator wants to capture ESP traffic between two FortiGates using the built-in sniffer.
If the administrator knows that there is no NAT device located between both FortiGates, what command should the administrator execute?
A . diagnose sniffer packet any ‘udp port 500’
B . diagnose sniffer packet any ‘udp port 4500’
C . diagnose sniffer packet any ‘esp’
D . diagnose sniffer packet any ‘udp port 500 or udp port 4500’
Answer: C
Explanation:
Capture IKE Traffic without NAT:diagnose sniffer packet ‘host and udp port 500’―――――――――――――――――――――――――――――――――――――-Capture ESP Traffic without NAT:diagnose sniffer packet any ‘host and esp’―――――――――――――――――――――――――――――――――――――-Capture IKE and ESP with NAT-T:diagnose sniffer packet any ‘host and (udp port 500 or udp port 4500)’
Latest NSE7_EFW-6.4 Dumps Valid Version with 102 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund