NSE 4 – FortiGate 7.2 — Question 99

An administrator needs to configure VPN user access for multiple sites using the same soft FortiToken. Each site has a FortiGate VPN gateway.

What must the administrator do to achieve this objective?

Answer options

• A. The administrator must register the same FortiToken on more than one FortiGate device.
• B. The administrator must use the user self-registration server.
• C. The administrator must use a FortiAuthenticator device.
• D. The administrator must use a third-party RADIUS OTP server.

Correct answer: C

Explanation

The correct answer is C, as a FortiAuthenticator can manage multiple FortiGate devices and handle shared tokens effectively. Option A is incorrect because registering the same FortiToken on multiple FortiGate devices will not provide the desired centralized management. Option B is not suitable as self-registration does not address the need for a unified token management system. Option D is also incorrect because using a third-party RADIUS OTP server does not integrate with the FortiGate environment as seamlessly as a FortiAuthenticator does.