View all questions & answers for the NSE 5 - FortiSASE and SD-WAN 7.6 Core Administrator Exam Materials exam


NSE 5 - FortiSASE and SD-WAN 7.6 Core Administrator Exam Materials-Question 6 Discussion
Comment Image Comment Image Comment Image

Which two statements correctly describe what happens when traffic matches the implicit SD-WAN rule? (Choose two answers)

  • A. Traffic is load balanced using the algorithm set for the v4-ecmp-mode setting.
  • B. Traffic does not match any of the entries in the policy route table.
  • C. FortiGate flags the session with may_dirty and vwl_default.
  • D. The traffic is distributed, regardless of weight, through all available static routes.
  • E. The session information output displays no SD-WAN service id.
Correct Answer: B,E

Brave-Dump Clients Votes

BE 100%

Comments



Diaa El-rayse 2026-04-28 10:43:24

Selected Answers: B, E


Based on Fortinet’s official technical documentation and certification training the two correct statements are:

B. Traffic does not match any of the entries in the policy route table.

E. The session information output displays no SD-WAN service id.

Detailed Technical Explanation
1. Fallback through the Routing Hierarchy (Statement B)
FortiGate processes traffic using a specific order of precedence. SD-WAN rules are technically implemented as policy routes. The lookup order is generally:

Policy Routes (including user-defined SD-WAN rules)

ISDB Routes

FIB / Routing Table (where the Implicit SD-WAN Rule resides)

If traffic reaches the implicit SD-WAN rule, it means it has already failed to match any entries in the policy route table (the user-defined rules).

2. Session Diagnostics (Statement E)
When a session matches an explicit SD-WAN rule, the session information (viewed via diagnose system session list) includes an sdwan_service_id corresponding to that rule's ID.

Because the implicit rule is not a user-defined service rule but a fallback to the FIB, it is assigned a Service ID of 0.

In FortiOS 7.0.4 and newer, the field for sdwan_service_id is often omitted entirely from the output when it hits the implicit rule, meaning it "displays no SD-WAN service id."

Why the other options are incorrect:
A. Traffic is load balanced using the algorithm set for the v4-ecmp-mode setting: When SD-WAN is enabled, FortiOS hides the global v4-ecmp-mode setting and replaces it with the load-balance-mode parameter under config system sdwan. The implicit rule uses this SD-WAN-specific setting rather than the legacy global ECMP setting.

C. FortiGate flags the session with may_dirty and vwl_default: While vwl_default is a flag associated with the implicit rule, may_dirty is a standard flag used for many types of sessions (indicating they are subject to re-evaluation). This is considered a diagnostic detail rather than a core functional description of the rule's behavior.

D. The traffic is distributed, regardless of weight, through all available static routes: The implicit rule still respects the load-balancing algorithm (like source-ip-based or weight-based) configured in the SD-WAN settings. It does not ignore weight.