NSE 4 – FortiGate 7.2 — Question 2

FortiGate is operating in NAT mode and is configured with two virtual LAN (VLAN) subinterfaces added to the same physical interface.
In this scenario, what are two requirements for the VLAN ID? (Choose two.)

Answer options

• A. The two VLAN subinterfaces can have the same VLAN ID, only if they have IP addresses in the same subnet.
• B. The two VLAN subinterfaces can have the same VLAN ID, only if they belong to different VDOMs.
• C. The two VLAN subinterfaces must have different VLAN IDs.
• D. The two VLAN subinterfaces can have the same VLAN ID, only if they have IP addresses in different subnets.

Correct answer: B, C

Explanation

The correct answers are B and C. Subinterfaces on the same physical interface must have different VLAN IDs to prevent packet confusion, which makes C correct. B is also valid as different VDOMs can allow the same VLAN ID without conflict. Options A and D are incorrect because they suggest sharing the same VLAN ID, which would lead to issues in NAT mode.