FCP – FortiGate Administrator 7.6 — Question 33

When configuring a FortiGate in a multi-WAN setup, why would an administrator enable session preservation on an interface?

Answer options

• A. To allow the FortiGate to dynamically change interfaces for all active sessions when a WAN link fails
• B. To make sure all sessions without source NAT enabled always use the primary WAN link
• C. To improve security by forcing users to authenticate again when the WAN link changes
• D. To ensure that existing SSL VPN connections remain on the same interface even if route changes occur

Correct answer: D

Explanation

The correct answer is D because enabling session preservation ensures that ongoing SSL VPN connections are kept on the same interface, providing a stable user experience despite any route changes. The other options are incorrect as they either misinterpret the function of session preservation or address different aspects of WAN link management.