NSE 4 – FortiGate 5.4 — Question 31

An administrator needs to create a tunnel mode SSLVPN to access an internal web server from the Internet. The web server is connected to port1. The Internet is connected to port2. Both interfaces belong to the VDOM named Corporation. What interface must be used as the source for the firewall policy that will allow this traffic?

Answer options

• A. ssl.root
• B. ssl.Corporation
• C. port2
• D. port1

Correct answer: C

Explanation

The correct answer is port2 because it is the interface connected to the Internet, which is the source of incoming traffic for the SSLVPN. The other options, ssl.root and ssl.Corporation, do not represent physical interfaces for traffic routing, while port1 is the destination interface, not the source.