NSE 8 – Network Security Expert (812) — Question 26

A Hub FortiGate is connecting multiple branch FortiGate devices separating the traffic centrally in unique VRFs. Routing information is exchanged using BGP between the Hub and the Branch FortiGate devices.

You want to efficiently enable route leaking of specific routes between the VRFs.

Which two steps are required to achieve this requirement? (Choose two.)

Answer options

• A. Create a vdom link between VRF10 and VRF12
• B. Enable Multi-VDOM mode on the Hub FortiGate and add a VDOM to connect VRF10 and VRF12
• C. Enable BGP recursive routing on the HUB FortiGate
• D. Configure route-maps to leak the selected routes using BGP

Correct answer: A, D

Explanation

To enable route leaking between VRFs, creating a vdom link (Option A) is necessary for direct communication between the VRFs. Additionally, using route-maps (Option D) facilitates the selection and advertisement of specific routes through BGP. Options B and C do not directly address the requirement of leaking specific routes between the VRFs.