Big 11.11 Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Discussions
  3. Fortinet
  4. NSE 7 Network Security Architect
  5. NSE7_EFW-7.0 Discussions
  6. NSE7_EFW-7.0 Exam Topic 2 Question 15 Discussion

Fortinet NSE 7 - Enterprise Firewall 7.0 NSE7_EFW-7.0 Question # 15 Topic 2 Discussion

 Fortinet Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Fortinet NSE 7 - Enterprise Firewall 7.0 NSE7_EFW-7.0 Question # 15 Topic 2 Discussion

NSE7_EFW-7.0 Exam Topic 2 Question 15 Discussion:
Question #: 15
Topic #: 2

An administrator added the following Ipsec VPN to a FortiGate configuration:

configvpn ipsec phasel -interface

edit "RemoteSite"

set type dynamic

set interface "portl"

set mode main

set psksecret ENC LCVkCiK2E2PhVUzZe

next

end

config vpn ipsec phase2-interface

edit "RemoteSite"

set phasel name "RemoteSite"

set proposal 3des-sha256

next

end

However, the phase 1 negotiation is failing. The administrator executed the IKF real time debug while attempting the Ipsec connection. The output is shown in the exhibit.

NSE7_EFW-7.0 Question 15

NSE7_EFW-7.0 Question 15

What is causing the IPsec problem in the phase 1 ?
A.

The incoming IPsec connection is matching the wrong VPN configuration

B.

The phrase-1 mode must be changed to aggressive

C.

The pre-shared key is wrong

D.

NAT-T settings do not match

Get Premium NSE7_EFW-7.0 Questions
Actual exam question for Fortinet NSE7_EFW-7.0 exam by Thorne41956 at Nov 13, 2025, 7:12:34 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next