Configure Point-to-Site Connection for Azure Virtual Network Gateway | Exam AZ-303

Configure Point-to-Site Connection

Q: You have an Azure subscription that contains a policy-based virtual network gateway named GW1 and a virtual network named VNet1.You need to ensure that you can configure a point-to-site connection from an on-premises computer to VNet1.Which two actions should you perform? Each correct answer presents part of the solution.NOTE: Each correct selection is worth one point.

Create a route-based virtual network gateway.Delete GW1.

Prev Question Next Question

Question

You have an Azure subscription that contains a policy-based virtual network gateway named GW1 and a virtual network named VNet1.

You need to ensure that you can configure a point-to-site connection from an on-premises computer to VNet1.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Answers

A. Add a service endpoint to VNet1.

B. Add a public IP address space to VNet1.

C. Create a route-based virtual network gateway.

D. Reset GW1.

E. Delete GW1.

F. Add a connection to GW1.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E. F.

Need a RouteBased VPN gateway.

https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/vpn-gateway/vpn-gateway-howto-point-to-site-resource-manager-portal.md

To configure a point-to-site (P2S) VPN connection from an on-premises computer to a virtual network (VNet) in Azure, you need to perform the following two actions:

Create a policy-based VPN gateway: A policy-based VPN gateway uses static routing policies to establish a secure tunnel between the on-premises network and the VNet. In this scenario, you already have a policy-based VPN gateway named GW1, so you do not need to create a new one. If you had to create a new one, you would go to the Azure portal, navigate to the Virtual network gateways tab, and create a new policy-based VPN gateway.
Add a connection to the policy-based VPN gateway: To enable P2S connections to the VNet through GW1, you need to create a connection to the gateway. This connection is used by on-premises clients to establish a VPN tunnel to the VNet. To create a connection to the policy-based VPN gateway, you can follow these steps:

Navigate to the Virtual network gateway that you want to connect to, in this case, GW1.
Click on the Point-to-site configuration tab.
Click on the Configure Now link.
In the Address pool section, specify the IP address range that will be used for P2S clients.
In the Tunnel type section, select the SSTP (SSL) option. SSTP is a secure tunneling protocol that provides a highly secure connection between P2S clients and the VNet.
In the Root certificates section, you can upload a root certificate that will be used to authenticate P2S clients. If you don't have a root certificate, you can skip this step.
Click on the Save button to save the configuration.

Once you have completed these two actions, you should be able to configure a P2S VPN connection from an on-premises computer to the VNet. To connect to the VNet, you need to install the VPN client on the on-premises computer, and then use the VPN client to connect to the VNet using the VPN connection information provided by Azure.

Prev Question Next Question