NSE 4 – FortiGate 7.2 — Question 71

What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel?

Answer options

• A. FortiGate automatically negotiates different encryption and authentication algorithms with the remote peer.
• B. FortiGate automatically brings up the IPsec tunnel and keeps it up, regardless of activity on the IPsec tunnel.
• C. FortiGate automatically negotiates different local and remote addresses with the remote peer.
• D. FortiGate automatically negotiates a new security association after the existing security association expires.

Correct answer: B

Explanation

The correct answer, B, indicates that enabling auto-negotiate ensures the IPsec tunnel remains established regardless of whether data is being transmitted, which is crucial for maintaining connectivity. The other options describe different functionalities that do not pertain to the primary effect of auto-negotiation in phase 2 configuration.