NSE 4 – FortiGate 6.2 — Question 58

Which two statements correctly describe auto discovery VPN (ADVPN)? (Choose two.)

Answer options

• A. IPSec tunnels are negotiated dynamically between spokes.
• B. ADVPN is supported only with IKEv2.
• C. It recommends the use of dynamic routing protocols, so that spokes can learn the routes to other spokes.
• D. Every spoke requires a static tunnel to be configured to other spokes, so that phase 1 and phase 2 proposals are defined in advance.

Correct answer: A, C

Explanation

Answer A is correct because ADVPN allows for dynamic negotiation of IPSec tunnels between spokes, enhancing flexibility. Answer C is also correct as ADVPN indeed recommends using dynamic routing protocols for route learning among spokes. Answers B and D are incorrect because ADVPN can operate with IKEv1 and does not require static tunnels between spokes for phase proposals.