Connect Client1 to VNet2 | Azure Networking | AZ-300 Exam Preparation

Connect Client1 to VNet2

Question

You have an Azure subscription named Subscription1 that contains two Azure networks named VNet1 and VNet2. VNet1 contains a VPN gateway named

VPNGW1 that uses static routing. There is a site-to-site VPN connection between your on-premises network and VNet1.

On a computer named Client1 that runs Windows 10, you configure a point-to-site VPN connection to VNet1.

You configure virtual network peering between VNet1 and VNet2. You verify that you can connect to VNet2 from the on-premises network. Client1 is unable to connect to VNet2.

You need to ensure that you can connect Client1 to VNet2.

What should you do?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

B

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-point-to-site-routing

The problem described in the scenario is that Client1, which is connected to VNet1 through a point-to-site VPN, cannot connect to VNet2 despite the fact that virtual network peering is configured between VNet1 and VNet2.

To enable communication between Client1 and VNet2, it is necessary to allow traffic to flow from VNet1 to VNet2. This can be achieved by allowing gateway transit on VNet1. When gateway transit is enabled on VNet1, traffic from VNet1 can be forwarded to other virtual networks that are peered with VNet1, such as VNet2.

Therefore, the correct answer is A. Select Allow gateway transit on VNet1.

Option B, Download and re-install the VPN client configuration package on Client1, is not necessary because the point-to-site VPN connection is already established between Client1 and VNet1.

Option C, Enable BGP on VPNGW1, is not necessary for this scenario because static routing is already configured on VPNGW1 and the site-to-site VPN connection between the on-premises network and VNet1 is working properly.

Option D, Select Allow gateway transit on VNet2, is not necessary because VNet2 is already peered with VNet1, and the problem is related to allowing traffic to flow from VNet1 to VNet2, not the other way around.