Exam4Training

What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel?

What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel?
A . FortiGate automatically negotiates different local and remote addresses with the remote peer.
B. FortiGate automatically negotiates a new security association after the existing security association expires.
C. FortiGate automatically negotiates different encryption and authentication algorithms with the remote peer.
D. FortiGate automatically brings up the IPsec tunnel and keeps it up, regardless of activity on the IPsec tunnel.

Answer: B

Explanation:

The auto-negotiate feature in phase 2 configuration of an IPsec tunnel allows the FortiGate to negotiate a new security association when the existing one expires. This feature ensures that the tunnel stays up without any interruption in the secure connection between the peers.

Exit mobile version