Refer to the exhibit. The administrator configured the IPsec tunnel VPN1 on a FortiGate device with the parameters shown in exhibit. Based on the configuration, which three conclusions can you draw about the characteristics and requirements of the VPN tunnel? (Choose three answers)

A. The administrator must manually assign the tunnel interface IP address on the hub side.
B. The remote end must support IKEv2.
C. The tunnel interface IP address on the spoke side is provided by the hub.
D. The remote end can be a third-party IPsec device.
E. This configuration allows user-defined overlay IP addresses.

Correct Answer: A,B,E

Brave-Dump Clients Votes

ABE 50%

ABD 50%

Comments

michael 2025-07-04 23:21:07

Selected Answers: A, B, E

B. The remote end must support IKEv2. this is required based on output.
D. The remote end can be a third-party IPsec device. Exchange IP is proprietary and cant use third party devices.

Mohamed Shaban 2025-07-26 16:49:15

Selected Answers: A, B, D

A. The administrator must manually assign the tunnel interface IP address on the hub side.
True – Because mode-cfg is disabled, IP assignment is manual.

B. The remote end must support IKEv2.
True – The configuration explicitly uses ike-version 2.

D. The remote end can be a third-party IPsec device.
True – peertype any allows non-FortiGate devices.

Mohamed Shaban 2025-07-30 02:15:11
I change my answer to A,B,E