View all questions & answers for the NSE 5 - FortiSwitch 7.2 Administrator Exam Materials exam


NSE 5 - FortiSwitch 7.2 Administrator Exam Materials-Question 23 Discussion

Refer to the exhibit. FortiGate is unable to establish a tunnel with the FortiSwitch device it is supposed to manage. Based on the debug output shown in the exhibit, what is the reason for the failure? (Choose one answer)

  • A. FortiSwitch has disabled FortiLink and is only managed as a standalone.
  • B. The handshake process timed out before FortiSwitch responded.
  • C. The CAPWAP tunnel failed to come up due to a mismatch in time.
  • D. DTLS client hello had the incorrect pre-shared key.
Correct Answer: C

Brave-Dump Clients Votes

C 100%

Comments



javaughn Bryan 2025-10-02 23:12:49

Selected Answers: C


FortiSwitch uses NTP to synchronize its time with FortiGate. Time synchronization between FortiGate and FortiSwitch is key for the CAPWAP tunnel to come up. CAPWAP uses DTLS for data encryption. Because DTLS uses certificate-based authentication, a considerable time difference between the two devices will cause a DTLS handshake failure, and as a result, the CAPWAP tunnel will not come up.
PAGE: 27 & 411