ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam FCSS_EFW_AD-7.4 All Questions

View all questions & answers for the FCSS_EFW_AD-7.4 exam
Go to Exam

Exam FCSS_EFW_AD-7.4 topic 1 question 50 discussion

Actual exam question from Fortinet's FCSS_EFW_AD-7.4
Question #: 50
Topic #: 1
[All FCSS_EFW_AD-7.4 Questions]

Refer to the exhibit, which shows the ADVPN IPsec interface representing the VPN IPsec phase 1 from Hub A to Spoke 1 and Spoke 2, and from Hub В to Spoke 3 and Spoke 4.

An administrator must configure an ADVPN using IBGP and EBGP to connect overlay network 1 with 2.
What must the administrator configure in the phase 1 VPN IPsec configuration of the ADVPN tunnels?

  • A. set auto-discovery-sender enable and set network-id x
  • B. set auto-discovery-forwarder enable and set remote-as x
  • C. set auto-discovery-crossover enable and set enforce-multihop enable
  • D. set auto-discovery-receiver enable and set npu-offload enable
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by djekson at March 18, 2025, 12:41 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
yo86
20 hours, 2 minutes ago
Selected Answer: C
Should be C : https://community.fortinet.com/t5/FortiGate/Technical-Tip-Usage-of-auto-discovery-crossover-option-in-ADVPN/ta-p/293762 As we discuss about connected two different overlay, it should be C. Moreover, ebgp-enforce is mandatory too as hub is not the next-hop. Question is very ambiguous : IPSEC between hub must have auto-discovery-forwarder option, every HUB must have auto-discovery-sender option to permit intra ADVN and each spokes must have auto-discovery-receiver to permit shortcut to be created. To connect different overlay, crossover must be enable but it's already the case by default...
upvoted 1 times
...
9ac98b6
1 month, 3 weeks ago
Selected Answer: B
I think the answer is B (forwarder) because the question says "to connect overlay network 1 with 2" , so HubA must forward messages to HubB ! someone can enlighten me ?
upvoted 2 times
...
piotto777
3 months, 2 weeks ago
Selected Answer: A
shouldnt we configure auto-discovery-forwarder? page 233 in study guide.
upvoted 1 times
...
Tweefo
7 months, 2 weeks ago
Selected Answer: A
A is correct. As specified in the question, it's the ADVPN tunnels configuration, so hub must send shortcut.
upvoted 2 times
...
Yaghu
8 months, 1 week ago
Selected Answer: A
Based on how a similar illustration appears on page 233 of the EFW 7.4 Admin Study Guide, I think the answer is A.
upvoted 2 times
...
djekson
8 months, 2 weeks ago
Selected Answer: A
I think this should be A. Answer C is for scenarios where you have multiple overlay types (MPLS vs INET) and you do not want shortcuts created between MPLS and INET overlays.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel