Refer to the exhibits. An administrator is testing application steering in SD-WAN. Before generating test traffic, the administrator collected the information shown in the first exhibit. After generating GoToMeeting test traffic, the administrator examined the corresponding traffic log on FortiAnalyzer, which is shown in the second exhibit. The administrator noticed that the traffic matched the implicit SD-WAN rule, but they expected the traffic to match rule ID 1. Which two reasons explain why some log messages show that the traffic matched the implicit SD-WAN rule? (Choose two answers)

A. The session 3-tuple did not match any of the existing entries in the ISDB application cache.
B. No configured SD-WAN rule matches the traffic related to the collaboration application GoToMeeting.
C. FortiGate could not refresh the routing information on the session after the application was detected.
D. Full SSL inspection is not enabled on the matching firewall policy.

Correct Answer: A,C

Brave-Dump Clients Votes

AC 50%

AB 50%

Comments

Brave-Dumps Admin 2025-06-13 19:02:42

Selected Answers: A, C

There’s no session (3-tuple) involving the IP address 23.212.248.205.

According to the guide, "By default, SNAT sessions are not flagged as dirty following a routing change that impacts the session."
This means that when the session was first established, it matched the default SD-WAN rule based on the routing table at that time.
Later, once the application was identified, it should have matched rule ID 1.
However, because the session uses SNAT to access the internet, FortiGate didn’t mark the session as “dirty,” so it wasn’t re-evaluated.
As a result, the traffic continued to flow through port2, instead of being redirected to the new preferred path.

Jonathan 2025-08-17 06:12:28

Selected Answers: A, B

Can anyone see a Rule with application gotomeeting ? 16354 28 as shown ? i

Mattia Bruno 2025-08-27 15:50:28
It's part of the collaboration (28)