New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet NSE8_812 Exam - Topic 1 Question 14 Discussion

Actual exam question for Fortinet's NSE8_812 exam
Question #: 14
Topic #: 1
[All NSE8_812 Questions]

Refer to the exhibits.

A customer has deployed a FortiGate with iBGP and eBGP routing enabled. HQ is receiving routes over eBGP from ISP 2; however, only certain routes are showing up in the routing table-Assume that BGP is working perfectly and that the only possible modifications to the routing table are solely due to the prefix list that is applied on HQ.

Given the exhibits, which two routes will be active in the routing table on the HQ firewall? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: B, D, E

Bmust be set to enable mode-cfg, which is required for injecting IKE routes on the ADVPN shortcut tunnels.

Dmust be set to enable add-route, which is the command that actually injects the IKE routes.

Emust be set to enable mode-cfg-allow-client-selector, which allows custom phase 2 selectors to be configured.

The other options are incorrect. Option A is incorrect because net-device disable is not required for injecting IKE routes on the ADVPN shortcut tunnels. Option C is incorrect because IKE version 1 is not supported for ADVPN.

References:

Phase 2 selectors and ADVPN shortcut tunnels | FortiGate / FortiOS 7.2.0

Configuring SD-WAN/ADVPN with FortiGate | FortiGate / FortiOS 7.2.0


by Kenneth at Dec 21, 2023, 08:40 AM

Limited Time Offer

25%

Off

Get Premium NSE8_812 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Diane
3 months ago
A and D are definitely correct, no doubt about it!
upvoted 0 times
...
Rosamond
3 months ago
I thought B might be active too, not sure though.
upvoted 0 times
...
Lavonda
3 months ago
Wait, is C even a valid subnet?
upvoted 0 times
...
Theola
4 months ago
Totally agree, A and D make sense!
upvoted 0 times
...
Theresia
4 months ago
I think A and D are the active routes.
upvoted 0 times
...
Odelia
4 months ago
I feel like I should be able to eliminate one of the options based on the prefix list, but I can't recall the specifics right now.
upvoted 0 times
...
Crista
4 months ago
I’m a bit confused about the subnet masks. I think I need to double-check how they affect route selection in BGP.
upvoted 0 times
...
Yasuko
4 months ago
This question feels similar to one we practiced where we had to identify active routes based on prefix lists. I think I might lean towards A and D.
upvoted 0 times
...
Stevie
5 months ago
I remember studying prefix lists and how they filter routes, but I'm not entirely sure which ones are allowed here.
upvoted 0 times
...
Claribel
5 months ago
This is a good test of my BGP knowledge. I'll need to double-check my work, but I think I can figure out the right answer here.
upvoted 0 times
...
Marcos
5 months ago
I'm feeling pretty confident about this one. The prefix list information seems straightforward, and I know BGP routing well, so I should be able to nail this.
upvoted 0 times
...
Major
5 months ago
Okay, I think I've got this. The key is to focus on the prefix list and which routes it will allow through. I'll work through the options methodically.
upvoted 0 times
...
Carolann
5 months ago
This looks like a tricky BGP routing question. I'll need to carefully review the prefix list details to determine which routes will be active.
upvoted 0 times
...
Fanny
5 months ago
Hmm, I'm a bit confused by the wording here. I'll need to re-read the question and exhibits a few times to make sure I understand the requirements.
upvoted 0 times
...
Glen
5 months ago
Hmm, I'm a bit confused by the event handling requirements here. I'll need to make sure I understand how the component is designed to be used.
upvoted 0 times
...
Howard
5 months ago
I'm a bit unsure about this one. Is it really that simple? I feel like there might be some trick to it that I'm missing.
upvoted 0 times
...
Aracelis
5 months ago
I think this is about pharmacy network structures and their pros/cons for health plans. Gotta read each option carefully.
upvoted 0 times
...
Krystal
9 months ago
Wait, did they accidentally include a picture of a cat instead of the actual routing table? I'm starting to doubt the validity of this entire question.
upvoted 0 times
Blondell
8 months ago
So, the picture of the cat is just a distraction. Focus on the routing table information provided.
upvoted 0 times
...
Tomas
8 months ago
I believe the correct routes are A) 172.16.204.128/25 and D) 172.16.204.64/27.
upvoted 0 times
...
Hershel
8 months ago
Yeah, the question is about which routes will be active in the routing table on the HQ firewall.
upvoted 0 times
...
Tashia
9 months ago
I think the picture is just for reference, not the actual routing table.
upvoted 0 times
...
...
Christiane
9 months ago
Is it just me, or does this prefix list look like something a toddler would come up with? I bet the exam writers are having a good laugh at our expense on this one.
upvoted 0 times
Stevie
8 months ago
Definitely. It's all about understanding how the prefix list is filtering the routes.
upvoted 0 times
...
Darrin
8 months ago
I think the key is to focus on the subnet masks and match them with the routes.
upvoted 0 times
...
Amira
9 months ago
Yeah, I agree. These prefixes are all over the place.
upvoted 0 times
...
...
Ezekiel
10 months ago
Ah, the old 'choose two' trick. Easy peasy, I'm going with A and D. Can't wait to ace this exam and show off my BGP expertise to my coworkers!
upvoted 0 times
Mila
8 months ago
Dylan: Let's hope we both ace the exam with our BGP knowledge!
upvoted 0 times
...
Dylan
9 months ago
User 2: Yeah, those routes look like they would be active in the routing table.
upvoted 0 times
...
Lorita
9 months ago
User 1: I think you're right, A and D seem like the correct choices.
upvoted 0 times
...
...
Terrilyn
10 months ago
Wait, what's that weird format for the C option? 172,620,64,27? That can't be right. Gotta be careful with the formatting on these tricky questions.
upvoted 0 times
Sarah
9 months ago
Thanks for pointing that out, it's always good to double-check the information provided in the options.
upvoted 0 times
...
Carey
9 months ago
So, the correct routes in the routing table are A) 172.16.204.128/25 and D) 172.16.204.64/27.
upvoted 0 times
...
Lajuana
9 months ago
I agree, the format is definitely incorrect. It's important to pay attention to those details.
upvoted 0 times
...
Mickie
9 months ago
Yeah, that does look strange. It should be 172.16.204.27 instead of 172,620,64,27.
upvoted 0 times
...
...
Hana
10 months ago
I'm not sure about the routes. Can someone explain why A and D are the correct choices?
upvoted 0 times
...
Jovita
10 months ago
I agree with Paulene. Those routes seem to match the prefix list applied on HQ.
upvoted 0 times
...
Paulene
10 months ago
I think the active routes are A) 172.16.204.128/25 and D) 172.16.204.64/27.
upvoted 0 times
...
Rolande
11 months ago
I'm not sure about the routes, but I think we need to carefully analyze the prefix list to determine the active routes.
upvoted 0 times
...
Willow
11 months ago
Hmm, the prefix list is the key here. Let's see, 172.16.204.128/25 and 172.16.204.64/27 should be the active routes based on the information provided.
upvoted 0 times
Matthew
9 months ago
Exactly, the prefix list is filtering out the other routes.
upvoted 0 times
...
Malcom
10 months ago
Yes, those two routes should be the ones showing up in the routing table.
upvoted 0 times
...
Mable
10 months ago
I agree, 172.16.204.128/25 and 172.16.204.64/27 are the active routes.
upvoted 0 times
...
Gabriele
10 months ago
Yes, those are the routes that will be active in the routing table.
upvoted 0 times
...
Andra
10 months ago
I agree, 172.16.204.128/25 and 172.16.204.64/27 are the correct routes.
upvoted 0 times
...
Leota
10 months ago
So, only those two routes will be in the routing table at HQ.
upvoted 0 times
...
Reita
10 months ago
That makes sense, those are the routes allowed by the prefix list.
upvoted 0 times
...
Georgeanna
10 months ago
I agree, 172.16.204.128/25 and 172.16.204.64/27 are the active routes.
upvoted 0 times
...
...
Vallie
11 months ago
I agree with you, Cruz. Those routes seem to match the criteria based on the prefix list applied.
upvoted 0 times
...
Cruz
11 months ago
I think the active routes will be 172.16.204.128/25 and 172.16.204.64/27.
upvoted 0 times
...

Save Cancel