ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-720 All Questions

View all questions & answers for the AZ-720 exam
Go to Exam

Exam AZ-720 topic 4 question 33 discussion

Actual exam question from Microsoft's AZ-720
Question #: 2
Topic #: 4
[All AZ-720 Questions]

A company has an Azure Virtual Network gateway named VNetGW1. The company enables point-to-site connectivity on VNetGW1. An administrator configures VNetGW1 for the following:
• OpenVPN for the tunnel type.
• Azure certificate for the authentication type.
Users receive a certificate mismatch error when connecting by using a VPN client.
You need to resolve the certificate mismatch error.
What should you do?

  • A. Reissue the client certificate with client authentication enabled.
  • B. Install a Secure Socket Tunneling Protocol (SSTP) VPN client on the users' computers.
  • C. Reissue the client certificate with server identity validation disabled.
  • D. Configure preshared key for authentication on the VPN profile.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Kanoniermalri at March 13, 2023, 11:06 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
terawatt
1 year, 11 months ago
Selected Answer: A
A. Reissue the client certificate with client authentication enabled. OpenVPN relies on certificate-based authentication. If the users are seeing a certificate mismatch error, it might be because the client certificate was not properly issued with client authentication enabled. So, reissuing the client certificates with client authentication enabled should resolve this error. Option B, installing a Secure Socket Tunneling Protocol (SSTP) VPN client on the users' computers, would not necessarily fix a certificate mismatch error with OpenVPN. Option C, reissuing the client certificate with server identity validation disabled, may bypass some checks but it's not a secure approach as it opens up potential vulnerabilities. Option D, configuring a preshared key for authentication on the VPN profile, would not address the certificate mismatch issue, as the error is related to certificate-based authentication, not preshared key authentication.
upvoted 1 times
...
cris_exam
2 years, 2 months ago
Selected Answer: A
I say A. "Make sure the client certificate is based on a user certificate template that has Client Authentication listed as the first item in the user list." https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-point-to-site-resource-manager-portal#generateclientcert
upvoted 1 times
...
MarshalLaw
2 years, 2 months ago
Selected Answer: A
I agree it should be A. Once you create a server certificate you need to issue the client certificate to the users. If a problem persists, then it should be reissued from the clients' side to resolve it.
upvoted 1 times
...
Kanoniermalri
2 years, 3 months ago
Selected Answer: A
Reissue the client certificate with client authentication enabled.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel