Which three configuration scenarios will result in an IPsec negotiation failure between two FortiGate
devices? (Choose three.)
A.
mismatched phase 2 selectors
B.
mismatched Anti-Replay configuration
C.
mismatched Perfect Forward Secrecy
D.
failed Dead Peer Detection negotiation
E.
mismatched IKE version
Explanation:
In IPsec negotiations, Perfect Forward Secrecy (PFS) ensures that each new cryptographic key is unrelated
to any previous key. Either enable or disable PFS on both the tunnel peers; otherwise, the LAN-to-LAN
(L2L) IPsec tunnel is not established