Which two key configuration changes are needed in FortiGate to meet the design requirements?

A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes.

All traffic must be routed through the primary tunnel when both tunnels are up. The secondary tunnel must be used only if the primary tunnel goes down.

In addition, FortiGate should be able to detect a dead tunnel to speed up tunnel failover

Which two key configuration changes are needed in FortiGate to meet the design requirements? (Choose two.)
A . Configure a higher distance on the static route for the primary tunnel, and a lower distance on the static
route for the secondary tunnel.
B . Enable Dead Peer Detection.
C . Enable Auto-negotiate and Auto Keep Alive on the phase 2 configuration of both tunnels.
D . Configure a lower distance on the static route for the primary tunnel, and a higher distance on the static route for the secondary tunnel.

Answer: B,D

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments