X

AZ 801 / Q10 / T5

  • 1 view
Exam
Microsoft AZ-801
Answer needs confirmation
Exam Topics Questions
Question

You have a Site-to-Site VPN between an on-premises network and an Azure VPN gateway. BGP is disabled for the Site-to-Site VPN.
You have an Azure virtual network named Vnet1 that contains a subnet named Subnet1. Subnet1 contains a virtual machine named Server1.
You can connect to Server1 from the on-premises network.
You extend the address space of Vnet1. You add a subnet named Subnet2 to Vnet1. Subnet2 uses the extended address space. You deploy an Azure virtual machine named Server2 to Subnet2.
You cannot connect to Server2 from the on-premises network. Server1 can connect to Server2.
You need to ensure that you can connect to Subnet2 from the on-premises network.
What should you do?

Proposed answer
  • A. Add an additional Site-to-Site VPN between the on-premises network and Vnet1.
  • B. Add a private endpoint to Subnet2.
  • C. To Subnet2, add a route table that contains a user-defined route.
  • D. Update the routing information on the on-premises routers.
Suggested answer

D. Update the routing information on the on-premises routers.

Comments
syu31svc

3 months, 1 week ago 

Selected Answer: D

By default, Azure VPN gateway advertises the virtual network address space to the on-premises VPN device using the Border Gateway Protocol (BGP). However, in this scenario, BGP is disabled for the Site-to-Site VPN. Therefore, you need to manually update the on-premises VPN device with the new extended address space of Vnet1 and create a new route for it. Answer is D

upvoted 3 times 

jecawi9630

6 months, 2 weeks ago 

Selected Answer: D

Correct. Your on-prem needs to know that the new subnet is part of the VPN tunnel, and to send traffic to the tunnel.

upvoted 4 times 

Related exam questions

AZ-800 / Q15 / T3

You have an Azure virtual machine named Server1 that runs a network management application. Server1 has the following network configurations:

AZ-800 / Q19 / T3

You have an Azure subscription that contains the virtual networks shown in the following table.

AZ-800 / Q27 / T3

You have an Azure subscription that contains a virtual network named VNet1. Vnet1 contains three subnets named Subnet1, Subnet2, and Subnet3.

AZ-800 / Q13 / T4

You need to connect only Server1 to the Azure virtual network.
What should you use?

AZ-800 / Q29 / MS

You have an Azure subscription that contains a virtual network named VNet1 and a virtual machine named VM1. VM1 is connected to VNet1 and has a dynamic private IP configuration.

AZ-800 / Q31 / MS

You have an Azure virtual network named Vnet1 that contains a subnet named Subnet1.

AZ-800 / Q32 / MS

You have an Azure subscription that contains a virtual machine named VM1 and virtual network named VNet1 that has a single subnet named Subnet1. VM1 is connected to Subnet1.

AZ-800 / Q38 / MS

You have an Azure subscription that contains a virtual network named VNet1 and a subnet named Subnet1. Subnet1 is configured to use an IP address range of 192.168.0.0/24.

AZ-800 / Q40 / MS

You have an Azure subscription.

You need to deploy an Azure Virtual WAN.

Which three resources should you create? Each correct answer presents part of the solution.

AZ-800 / Q41 / MS

Your on-premises network connects to the internet.

You have an Azure subscription that contains a virtual network named VNet1.