Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Fortinet Exam NSE8_812 Topic 1 Question 22 Discussion

Actual exam question for Fortinet's NSE8_812 exam
Question #: 22
Topic #: 1
[All NSE8_812 Questions]

An HA topology is using the following configuration:

Based on this configuration, how long will it take for a failover to be detected by the secondary cluster member?

Show Suggested Answer Hide Answer
Suggested Answer: B, D, E

Bmust be set to enable mode-cfg, which is required for injecting IKE routes on the ADVPN shortcut tunnels.

Dmust be set to enable add-route, which is the command that actually injects the IKE routes.

Emust be set to enable mode-cfg-allow-client-selector, which allows custom phase 2 selectors to be configured.

The other options are incorrect. Option A is incorrect because net-device disable is not required for injecting IKE routes on the ADVPN shortcut tunnels. Option C is incorrect because IKE version 1 is not supported for ADVPN.

References:

Phase 2 selectors and ADVPN shortcut tunnels | FortiGate / FortiOS 7.2.0

Configuring SD-WAN/ADVPN with FortiGate | FortiGate / FortiOS 7.2.0


by Laurene at May 13, 2024, 12:55 PM

Limited Time Offer

25%

Off

Get Premium NSE8_812 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Sabra
2 months ago
A) 600ms? Whoa, that's like a whole lifetime in the tech world! By the time the failover happens, the primary cluster member will have already been on vacation for a week.
upvoted 0 times
Junita
9 days ago
D) 100ms
upvoted 0 times
...
Keena
14 days ago
A) 600ms? That's way too long for a failover!
upvoted 0 times
...
Verlene
15 days ago
C) 300ms
upvoted 0 times
...
Filiberto
24 days ago
B) 200ms
upvoted 0 times
...
...
Evangelina
2 months ago
I'm going with B) 200ms. It's a happy medium between being too fast and too slow. Gotta keep that failover snappy, you know?
upvoted 0 times
Stanford
6 hours ago
I'm leaning towards D) 100ms for quick failover detection.
upvoted 0 times
...
Stephaine
3 days ago
I agree, C) 300ms seems like a reasonable time for failover detection.
upvoted 0 times
...
Cassie
1 months ago
I think A) 600ms is too slow for failover detection.
upvoted 0 times
...
...
Glory
2 months ago
D) 100ms? That's way too fast. These clusters need some time to communicate and make sure there's a real failure before switching over.
upvoted 0 times
Carmelina
28 days ago
B) 200ms
upvoted 0 times
...
Paz
1 months ago
A) 600ms
upvoted 0 times
...
...
Carey
2 months ago
Hmm, I think the answer is C) 300ms. That delay seems like a reasonable time for the secondary cluster member to detect a failover.
upvoted 0 times
Ria
20 days ago
D) 100ms seems too short for failover detection, I would go with a longer delay.
upvoted 0 times
...
Kimbery
1 months ago
I'm leaning towards B) 200ms, a quicker response time could be more efficient.
upvoted 0 times
...
Lindy
2 months ago
I think it might be A) 600ms, a longer delay could be safer for failover detection.
upvoted 0 times
...
Golda
2 months ago
I agree, C) 300ms sounds like a reasonable time for failover detection.
upvoted 0 times
...
...
Chaya
2 months ago
I'm confident in my answer because the configuration shows a longer detection time.
upvoted 0 times
...
Kendra
2 months ago
I disagree, I believe it's B) 200ms.
upvoted 0 times
...
Chaya
3 months ago
I think the answer is A) 600ms.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77