PrepAway - Latest Free Exam Questions & Answers

Which three configuration scenarios will result in an I…

Which three configuration scenarios will result in an IPsec negotiation failure between two FortiGate
devices? (Choose three.)

PrepAway - Latest Free Exam Questions & Answers

A.
mismatched phase 2 selectors

B.
mismatched Anti-Replay configuration

C.
mismatched Perfect Forward Secrecy

D.
failed Dead Peer Detection negotiation

E.
mismatched IKE version

Explanation:
In IPsec negotiations, Perfect Forward Secrecy (PFS) ensures that each new cryptographic key is unrelated
to any previous key. Either enable or disable PFS on both the tunnel peers; otherwise, the LAN-to-LAN
(L2L) IPsec tunnel is not established

PrepAway - Latest Free Exam Questions & Answers

2 Comments on “Which three configuration scenarios will result in an I…

  1. Whatever says:

    Other answers here are A and E. B is a local security option and the remote side doesn’t know or care if it’s on. D is wrong because DPD does not negotiate, it simply checks to see if peer is alive.




    1



    0

Leave a Reply

Your email address will not be published. Required fields are marked *