FCP – FortiGate Administrator 7.4 — Question 25

There are multiple dial-up IPsec VPNs configured in aggressive mode on the HQ FortiGate. The requirement is to connect dial-up users to their respective department VPN tunnels.

Which phase 1 setting you can configure to match the user to the tunnel?

Answer options

• A. Peer ID
• B. Local Gateway
• C. Dead Peer Detection
• D. IKE Mode Config

Correct answer: A

Explanation

The correct answer is A, Peer ID, as it allows the FortiGate to identify and connect users to the appropriate VPN tunnel based on their unique identifiers. The other options, such as Local Gateway, Dead Peer Detection, and IKE Mode Config, do not serve the purpose of matching individual users to specific tunnels.