Q: 3
SD-WAN interacts with many other FortiGate features. Some of them are required to allow SD-WAN
to steer the traffic.
Which three configuration elements that you must configure before FortiGate can steer traffic
according to SD-WAN rules? (Choose three.)
Options
Discussion
A B, E. You need interfaces to define SD-WAN members, routing to direct traffic into the SD-WAN zone, and firewall policies so traffic can actually flow. Security profiles and traffic shaping aren't required for basic steering. Pretty sure about this-anyone disagree?
Not sure I agree with picking D here. From what I remember, just configuring interfaces, routing, and firewall policies (A, B, E) actually lets SD-WAN do its thing. Traffic shaping seems more like extra tuning/QoS on top. Correct me if I missed something though.
Why not D? Traffic shaping isn't actually needed for steering, just for QoS-type features.
A B E here. Saw a similar setup question in my last practice set, it's always interfaces, routing, and firewall policies for SD-WAN to steer traffic. Shaping or security profiles aren't required just for the steering part.
A B, E here. FortiGate needs the interfaces set up, routing pointed to SD-WAN, and the firewall policy allowing traffic. D (traffic shaping) isn't required for basic SD-WAN steering-it's more for QoS tweaks. Pretty sure that's how it works but open if someone sees it differently.
Looks like D, traffic shaping, should be on the list. I saw in some practice material that SD-WAN often needs traffic shaping for path steering. Anyone see official docs confirm this?
Pretty sure it's A, B, E. Interfaces and routing set up the SD-WAN path, and firewall policies let traffic use it. Saw a similar question in other exam reports. Someone correct me if I'm off here.
B A, E tbh. Routing is easy to miss here but it's needed along with the interfaces and policies-D and C are extra for this use case. Saw similar question in practice bank.
A B, E tbh. Interfaces as SD-WAN members are step one, then routing sends traffic into the SD-WAN virtual interface, and firewall policies let it out. Traffic shaping and security profiles are optional for steering. That's how I've seen it in labs, but happy if someone spots a catch.
Be respectful. No spam.
