You have an Azure subscription named Subscription1 that contains two Azure virtual networks named VNet1 and VNet2. VNet1 contains a VPN gateway named
VPNGW1 that uses static routing. There is a site-to-site VPN connection between your on-premises network and VNet1.
On a computer named Client1 that runs Windows 10, you configure a point-to-site VPN connection to VNet1.
You configure virtual network peering between VNet1 and VNet2. You verify that you can connect to VNet2 from the on-premises network. Client1 is unable to connect to VNet2.
You need to ensure that you can connect Client1 to VNet2.
What should you do?
Click on the arrows to vote for the correct answer
A. B. C. D.A
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-point-to-site-routingTo enable Client1 to connect to VNet2, we need to understand the current scenario and identify the issue. From the given scenario, we have two virtual networks VNet1 and VNet2, and a VPN gateway named VPNGW1 is deployed in VNet1 that uses static routing. Also, we have a site-to-site VPN connection between the on-premises network and VNet1. Further, we have configured a point-to-site VPN connection on a Windows 10 computer named Client1 to VNet1. Additionally, we have configured virtual network peering between VNet1 and VNet2, and we have verified that we can connect to VNet2 from the on-premises network. However, Client1 is unable to connect to VNet2.
The issue here is that VNet peering does not automatically enable transit between virtual networks. By default, traffic between virtual networks in Azure does not traverse through a virtual network gateway. Therefore, traffic from Client1 to VNet2 does not go through VPNGW1 in VNet1, and thus the connection is not established.
To enable connectivity between Client1 and VNet2, we need to allow gateway transit on one of the virtual networks involved in the peering. This enables traffic to flow through the virtual network gateway in that virtual network.
Option B "Select Allow gateway transit on VNet1" is the correct answer. We need to allow gateway transit on VNet1, as it contains the VPN gateway ( VPNGW1) that serves as the entry point for traffic from the on-premises network. When we allow gateway transit on VNet1, traffic from Client1 to VNet2 will traverse through VPNGW1, and the connection will be established.
Option A, Download and re-install the VPN client configuration package on Client1, is not required as the VPN client configuration package is already installed and working with VNet1.
Option C, Select Allow gateway transit on VNet2, is not needed in this scenario as the transit is required in VNet1, where the VPN gateway is located.
Option D, Enable BGP on VPNGW1, is not necessary in this scenario. BGP is used to exchange routing information between two BGP-enabled routers to dynamically update the routing table. In this scenario, we are using static routing, and enabling BGP will not resolve the issue.