View all questions & answers for the FCSS - Enterprise Firewall 7.4 Administrator Exam Materials exam


Question 30 Discussion

Refer to the exhibit, which contains a partial command output. The administrator has configured BGP on FortiGate. The status of this new BGP configuration is shown in the exhibit. What configuration must the administrator consider next? (Choose one answer)

  • A. Configure a static route to 100.65.4.1.
  • B. Configure the local AS to 65300.
  • C. Contact the remote peer administrator to enable BGP
  • D. Enable ebgp-enforce-multihop
Correct Answer: D

Brave-Dump Clients Votes

D 100%

Comments



Brave-Dumps Admin 2025-04-28 22:28:46

Selected Answers: D


- BGP state is Idle.

- Update source is configured as Loopback.

- It is clearly indicated that this is a Not directly connected EBGP session.

- Given this situation, the FortiGate remains in the Idle state because it expects to establish a TCP connection with a BGP peer that is not directly reachable via a directly connected interface (i.e., through a Loopback).
Since EBGP by default requires direct connectivity (single-hop), and here the neighbor is logically more than one hop away (due to Loopback sourcing), the BGP session cannot progress beyond Idle without special handling.

- To resolve this, the "ebgp-enforce-multihop" setting must be enabled, allowing the FortiGate to establish EBGP sessions with peers that are not directly connected, thereby permitting multi-hop reachability over intermediate networks.