New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet FCSS_EFW_AD-7.6 Exam - Topic 3 Question 4 Discussion

Actual exam question for Fortinet's FCSS_EFW_AD-7.6 exam
Question #: 4
Topic #: 3
[All FCSS_EFW_AD-7.6 Questions]

Refer to the exhibit, which contains a partial command output.

The administrator has configured BGP on FortiGate. The status of this new BGP configuration is shown in the exhibit.

What configuration must the administrator consider next?

Show Suggested Answer Hide Answer
Suggested Answer: D

From the BGP neighbor status output, the key issue is that BGP is stuck in the 'Idle' state, meaning the FortiGate is unable to establish a BGP session with its peer 100.65.4.1 (Remote AS 65300).

The output also shows:

'Not directly connected EBGP' This means the BGP peer is not on the same subnet, requiring multihop BGP.

'Update source is Loopback' Since a loopback interface is used, FortiGate must be configured to allow BGP neighbors over multiple hops.

To resolve this issue, the administrator must enable ebgp-enforce-multihop, which allows BGP sessions to be established even when the neighbors are not directly connected.


by Jutta at Oct 01, 2025, 01:45 PM

Limited Time Offer

25%

Off

Get Premium FCSS_EFW_AD-7.6 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Carlee
2 months ago
I disagree, the local AS is more important right now.
upvoted 0 times
...
Elliot
2 months ago
Wait, can you really enforce multihop like that?
upvoted 0 times
...
Chandra
2 months ago
Looks like they need to set the local AS to 65300.
upvoted 0 times
...
Stanford
3 months ago
Definitely need that static route for proper routing!
upvoted 0 times
...
Lindsey
3 months ago
I think contacting the remote peer is crucial too.
upvoted 0 times
...
Jacki
3 months ago
I’m leaning towards configuring a static route, but I’m not confident if that’s the immediate next step after BGP setup.
upvoted 0 times
...
Horace
3 months ago
I feel like enabling ebgp-enforce-multihop was mentioned in a different context, but I can't recall if it's necessary here.
upvoted 0 times
...
Sheridan
4 months ago
I think we had a practice question about enabling BGP with a remote peer, so contacting them might be a valid step.
upvoted 0 times
...
Marge
4 months ago
I remember we discussed the importance of setting the local AS correctly, but I'm not entirely sure if it should be 65300.
upvoted 0 times
...
Mike
4 months ago
This is a tricky one. I'd want to double-check the local BGP configuration first before reaching out to the remote peer. Making sure the local AS is set correctly could be the key to resolving this.
upvoted 0 times
...
Micaela
4 months ago
Based on the information provided, I think the best next step would be to configure a static route to 100.65.4.1. That seems like the most straightforward solution to get the BGP connection up and running.
upvoted 0 times
...
Olene
4 months ago
I'm a bit confused here. The question mentions a "new BGP configuration", so I'm not sure if the issue is with the local or remote setup. Maybe I should consider options like configuring the local AS or enabling ebgp-multihop.
upvoted 0 times
...
Micaela
4 months ago
The output shows the BGP neighbor is in the "Idle" state, so I think the administrator needs to contact the remote peer to get BGP enabled first before making any other changes.
upvoted 0 times
...
Linwood
5 months ago
Hmm, this looks like a BGP configuration issue. I'd start by checking the remote peer status and see if I can get in touch with the admin to enable BGP on their end.
upvoted 0 times
...

Save Cancel