Exam AZ-720 topic 4 question 15 discussion

Actual exam question from Microsoft's AZ-720

Question #: 15
Topic #: 4

A company has an Azure Virtual Network gateway named VNetGW1. The company enables point-to-site connectivity on VNetGW1. An administrator configures VNetGW1 for the following:

• OpenVPN for the tunnel type.
• Azure certificate for the authentication type.

Users receive a certificate mismatch error when connecting by using a VPN client.

You need to resolve the certificate mismatch error.

What should you do?

A. Reissue the client certificate with client authentication enabled.
B. Create a profile manually, add the server FQDN and reissue the client certificate.
C. Reissue the client certificate with server identity validation disabled.
D. Configure preshared key for authentication on the VPN profile.

Show Suggested Answer

Suggested Answer: B 🗳️

by terawatt at July 21, 2023, 2:15 p.m.

Comments

Submit Cancel

terawatt

1 year, 11 months ago

Correct. The certificate mismatch error usually occurs when the name on the certificate doesn't match the name that the server expected. When you're setting up a VPN with Azure certificate for authentication type, the client verifies the server's identity by checking the server's Fully Qualified Domain Name (FQDN) in the VPN client configuration against the name in the server certificate. To resolve this issue, you need to manually create a profile, add the correct server FQDN to the profile, and then reissue the client certificate. This ensures that the name in the server certificate matches the server name that the VPN client expects.

upvoted 1 times

...