Refer to the exhibits. You use FortiManager to manage the branch devices and configure the SD-WAN template. You have configured direct internet access (DIA) for the IT department users. Now, you must configure secure internet access (SIA) for all local LAN users and have set the firewall policies as shown in the second exhibit. Then, when you use the install wizard to install the configuration and the policy package on the branch devices, FortiManager reports an error as shown in the third exhibit. Which statement describes why FortiManager could not install the configuration on the branches? (Choose one answer)

A. You cannot install firewall policies that reference an SD-WAN member.
B. You cannot install SIA and DIA rules on the same device.
C. You cannot install firewall policies that reference an SD-WAN zone.
D. You must direct SIA traffic to a VPN tunnel.

Correct Answer: A

Brave-Dump Clients Votes

A 100%

Comments

Brave-Dumps Admin 2025-06-17 15:55:56

Selected Answers: A

I'm in conflict between A and C, but A is closer to my heart xD

Raghdan Riyadh 2025-07-24 18:39:22

Selected Answers: A

The SIA policy (ID 2) explicitly references port1 (an SD-WAN member) as the egress interface.

FortiManager blocks this because:
SD-WAN members are dynamic (controlled by SD-WAN rules, not firewall policies).
Firewall policies must reference SD-WAN zones (e.g., underlay) or physical interfaces not in SD-WAN.