New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet NSE8_812 Exam - Topic 1 Question 22 Discussion

Actual exam question for Fortinet's NSE8_812 exam
Question #: 22
Topic #: 1
[All NSE8_812 Questions]

An HA topology is using the following configuration:

Based on this configuration, how long will it take for a failover to be detected by the secondary cluster member?

Show Suggested Answer Hide Answer
Suggested Answer: B, D, E

Bmust be set to enable mode-cfg, which is required for injecting IKE routes on the ADVPN shortcut tunnels.

Dmust be set to enable add-route, which is the command that actually injects the IKE routes.

Emust be set to enable mode-cfg-allow-client-selector, which allows custom phase 2 selectors to be configured.

The other options are incorrect. Option A is incorrect because net-device disable is not required for injecting IKE routes on the ADVPN shortcut tunnels. Option C is incorrect because IKE version 1 is not supported for ADVPN.

References:

Phase 2 selectors and ADVPN shortcut tunnels | FortiGate / FortiOS 7.2.0

Configuring SD-WAN/ADVPN with FortiGate | FortiGate / FortiOS 7.2.0


by Laurene at May 13, 2024, 12:55 PM

Limited Time Offer

25%

Off

Get Premium NSE8_812 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Nakisha
3 months ago
100ms? That’s super optimistic, I doubt it!
upvoted 0 times
...
Mendy
3 months ago
I’m leaning towards 300ms, just feels safer.
upvoted 0 times
...
Marvel
3 months ago
Wait, is it really that fast? Sounds too quick.
upvoted 0 times
...
Louann
4 months ago
Definitely agree, 200ms seems right!
upvoted 0 times
...
Tijuana
4 months ago
I think it's 200ms based on the config.
upvoted 0 times
...
Ranee
4 months ago
I vaguely remember that the default settings often lead to a quicker detection, maybe around 100ms? But I could be mixing it up with another topic.
upvoted 0 times
...
Elke
4 months ago
I feel like 300ms might be the right answer, but I’m a bit confused about how the configuration impacts that timing.
upvoted 0 times
...
Bulah
4 months ago
I think I practiced a similar question where the failover time was around 200ms, but I can't recall if that was for this specific setup.
upvoted 0 times
...
Sharee
5 months ago
I remember studying that failover detection time can vary based on the heartbeat settings, but I’m not sure about the exact timing here.
upvoted 0 times
...
Charlette
5 months ago
This is a tricky one. I'll need to double-check the HA failover timing thresholds to make sure I'm not missing any nuances in the question. Gotta be careful with these configuration-based questions.
upvoted 0 times
...
Venita
5 months ago
Okay, based on the heartbeat interval and failover time settings shown in the diagram, I think the answer is 300ms. The secondary cluster member should detect a failover within that timeframe.
upvoted 0 times
...
Buddy
5 months ago
Hmm, I'm a bit unsure about this one. The configuration diagram is helpful, but I'll need to make sure I understand how the HA failover process works to figure out the right answer.
upvoted 0 times
...
Lawrence
5 months ago
This looks like a straightforward question about HA topology and failover times. I'll need to carefully review the configuration details to determine the correct answer.
upvoted 0 times
...
Twila
5 months ago
I'm not sure about this one. The number of PEs and participating sites is throwing me off. Maybe I should review the VPLS configuration concepts again before answering.
upvoted 0 times
...
Madalyn
5 months ago
Understandability, learnability, and attractiveness are definitely attributes of usability. I'm pretty sure I know the right answer here.
upvoted 0 times
...
Larae
5 months ago
I feel like sulphide stress corrosion cracking could also be a possibility, but since we're dealing with chlorides here, I think it must be option C.
upvoted 0 times
...
Herschel
5 months ago
Okay, let me think this through. Scrum emphasizes short, iterative cycles, so I don't think a fixed amount of months or days would be the best approach. I'm leaning towards B - a fixed amount of weeks, excluding holidays. That seems to align best with Scrum principles.
upvoted 0 times
...
Sabra
10 months ago
A) 600ms? Whoa, that's like a whole lifetime in the tech world! By the time the failover happens, the primary cluster member will have already been on vacation for a week.
upvoted 0 times
Junita
9 months ago
D) 100ms
upvoted 0 times
...
Keena
9 months ago
A) 600ms? That's way too long for a failover!
upvoted 0 times
...
Verlene
9 months ago
C) 300ms
upvoted 0 times
...
Filiberto
9 months ago
B) 200ms
upvoted 0 times
...
...
Evangelina
10 months ago
I'm going with B) 200ms. It's a happy medium between being too fast and too slow. Gotta keep that failover snappy, you know?
upvoted 0 times
Omer
8 months ago
B) 200ms sounds like a good balance for failover speed.
upvoted 0 times
...
Stanford
8 months ago
I'm leaning towards D) 100ms for quick failover detection.
upvoted 0 times
...
Stephaine
8 months ago
I agree, C) 300ms seems like a reasonable time for failover detection.
upvoted 0 times
...
Cassie
9 months ago
I think A) 600ms is too slow for failover detection.
upvoted 0 times
...
...
Glory
10 months ago
D) 100ms? That's way too fast. These clusters need some time to communicate and make sure there's a real failure before switching over.
upvoted 0 times
Carmelina
9 months ago
B) 200ms
upvoted 0 times
...
Paz
10 months ago
A) 600ms
upvoted 0 times
...
...
Carey
11 months ago
Hmm, I think the answer is C) 300ms. That delay seems like a reasonable time for the secondary cluster member to detect a failover.
upvoted 0 times
Ria
9 months ago
D) 100ms seems too short for failover detection, I would go with a longer delay.
upvoted 0 times
...
Kimbery
10 months ago
I'm leaning towards B) 200ms, a quicker response time could be more efficient.
upvoted 0 times
...
Lindy
10 months ago
I think it might be A) 600ms, a longer delay could be safer for failover detection.
upvoted 0 times
...
Golda
10 months ago
I agree, C) 300ms sounds like a reasonable time for failover detection.
upvoted 0 times
...
...
Chaya
11 months ago
I'm confident in my answer because the configuration shows a longer detection time.
upvoted 0 times
...
Kendra
11 months ago
I disagree, I believe it's B) 200ms.
upvoted 0 times
...
Chaya
11 months ago
I think the answer is A) 600ms.
upvoted 0 times
...

Save Cancel