You manage an application deployed to virtual machines (VMs) on an Azure virtual network
named corpVnet1.
You plan to hire several remote employees who will need access to the application on
corpVnet1.
You need to ensure that new employees can access corpVnet1. You want to achieve this
goal by using the most cost effective solution.
Which two actions should you perform? Each correct answer presents part of the solution.
A.
Create a VPN subnet.
B.
Enable point-to-point connectivity for corpVnet1.
C.
Enable point-to-site connectivity for corpVnet1.
D.
Create a gateway subnet.
E.
Enable site-to-site connectivity for corpVnet1.
F.
Convert corpVnet1 to a regional virtual network.
Explanation:
http://msdn.microsoft.com/en-us/library/azure/dn133795.aspx
A & C
A point-to-site VPN also allows you to create a secure connection to your virtual network. In a point-to-site configuration, the connection is configured individually on each client computer that you want to connect to the virtual network. Point-to-site connections do not require a VPN device. They work by using a VPN client that you install on each client computer. The VPN is established by manually starting the connection from the on-premises client computer. You can also configure the VPN client to automatically restart.
http://msdn.microsoft.com/en-us/library/azure/dn133798.aspx
D. Create a gateway subnet.
C. Enable point-to-site connectivity for corpVnet1.
Reference: Add gateway subnet – The gateway subnet is required for
a point-to-site VPN. Click to add the gateway subnet. The gateway
subnet is used only for the virtual network gateway.
http://msdn.microsoft.com/en-us/library/azure/dn643737.aspx
D and E
No – its Point-to-Site for several remote employees. If it were a business the S2S would be correct
Gateway isn’t needed for P2S
isnt it A and C?
Castor is right.
We all agree that a PtS is needed, so, in order to create a PtS we need to create a gateway subnet ( same as StS Vpn)
http://www.pythian.com/blog/cloud-how-to-configure-an-azure-point-to-site-vpn-part-1/
I think A,C. it does not mention, there is already s2s vpn configured with onprem but seeing corpVnet1 name, I would guess there is already one cofigured then there should be already gateway subnet configured. We will need to enable p2s vpn and add a vpn subnet.
You will always have a virtual network, but you will not necessarily always have a S2S VPN. Never assume that something is there when it is not explicitly stated in the question.
The correct answer is C and D. You create a gateway subnet and then enable P2S connectivity.
The virtual network already exist (according to the question), this does not mean it is an S2S configured. The question seems to lead us to extend an already configured virtual network as P2S which will only require (1) VPN Subnet (2) VPN Gateway.
Why not C and E?? I think both serve the purpose and completes the solution. As part of P2S or S2S, GW subnet is automatically created if address space allows it. Why jot C and E then?
The answer given (A, D) is correct. To solve the problem you need a Point-to-Site connection, and as per the referenced article:
https://msdn.microsoft.com/en-us/library/azure/dn133792.aspx
“There are 3 main parts to configuring a point-to-site VPN: the virtual network and gateway, the certificates used for authentication, and the VPN client that is used to connect to your virtual network.”
Since there is no mention of the certificates or VPN client in any of the possible answers, A and D are correct as they talk about the required Subnet and the Gateway.
F?
there are a notion of local network in Azure Vnet, not regional
E?
we don’t connect two network, but REMOTE user to a network
A?
there are no notion of VPN subnet in Azure
B?
there are no notion of point to point connectivity in azure
so the answer is C and D
sorry I made a mistake
C doesn’t exist on azure, but B yes
the answer is B/D
sorry again, I made a confusion in the letters
It’s C and D (my first answer)
LOL – everyone out there C + D is the answer (FACT!) – move on….
CORRECT
Is there such a thing of a VPN subnet???
I only know of a gateway subnet use for vpn purposes
A and D is correct. You need a VPN subnet (VPN client subnet adress-space) and a Gateway subnet.
The Azure management portal asks for both of the subnets when ticking the “Configure point-to-site connectivity” checkbox on a VNet configuration.
Answer has to to C & D. For Point to Site configuration, there is no step to create VPN Subnet !!!
Definitely C & D, there’s no such thing as a VPN subnet, it’s a gateway subnet – trick question.
Correct answer for the given question is A + C
argh sorry I meant C + D
You need a point to site + gateway subnet
Point-to-Site connections do NOT require a VPN device (=most effective solution)
then GATEWAY subnet IS needed for the complete solution
“C + D”
New-AzureVNetGateway -VNetName “mynet” -GatewayType DynamicRouting
C+D is correct
https://azure.microsoft.com/en-us/documentation/articles/web-sites-integrate-with-vnet/
C + D are correct. Gateway + point to site. No need for a VPN gateway.
I Agree. I found something similar here http://exam-test-ms-70-533.azurewebsites.net/
There is no “VPN Subnet” it’s a Gateway Subnet and then create a Point-to-Site connection
answer is CD
P2S and Gateway Subnet – D+C
New article on patterns & practices: https://azure.microsoft.com/en-us/documentation/articles/guidance-iaas-ra-secure-vnet-hybrid/
C and D
https://azure.microsoft.com/en-us/documentation/articles/vpn-gateway-point-to-site-create/