ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-303 All Questions

View all questions & answers for the AZ-303 exam
Go to Exam

Exam AZ-303 topic 5 question 65 discussion

Actual exam question from Microsoft's AZ-303
Question #: 65
Topic #: 5
[All AZ-303 Questions]

SIMULATION -
Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.






When you are finished performing all the tasks, click the `˜Next' button.
Note that you cannot return to the lab once you click the `˜Next' button. Scoring occur in the background while you complete the rest of the exam.

Overview -
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

To start the lab -
You may start the lab by clicking the Next button.
You plan to connect a virtual network named VNET1017 to your on-premises network by using both an Azure ExpressRoute and a site-to-site VPN connection.
You need to prepare the Azure environment for the planned deployment. The solution must maximize the IP address space available to Azure virtual machines.
What should you do from the Azure portal before you create the ExpressRoute and the VPN gateway?

Show Suggested Answer Hide Answer
Suggested Answer: See explanation below.
We need to create a Gateway subnet
Step 1:
Go to More Services > Virtual Networks
Step 2:
Then click on the VNET1017, and click on subnets. Then click on gateway subnet.
Step 3:
In the next window define the subnet for the gateway and click OK

It is recommended to use /28 or /27 for gateway subnet.
As we want to maximize the IP address space we should use /27.
References:
https://blogs.technet.microsoft.com/canitpro/2017/06/28/step-by-step-configuring-a-site-to-site-vpn-gateway-between-azure-and-on-premise/
by Stevezzc at Jan. 7, 2021, 1:50 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ursnanda
Highly Voted 4 years, 4 months ago
/27 is correct
upvoted 9 times
Arush
4 years ago
I believe /28 is correct. https://docs.microsoft.com/en-us/azure/vpn-gateway/tutorial-site-to-site-portal /28 leaves more IP address spaces for VMs as required here.
upvoted 1 times
pentium75
3 years, 10 months ago
/28 is enough when you have one gateway. Here you have two (VPN and ExpressRoute), thus must be /27 per https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-coexist-resource-manager#add
upvoted 3 times
...
...
...
leo_az300
Most Recent 3 years, 10 months ago
it should be /27. question said for both expressroute and VPN. which means 2 gateways. \28 only allows one in gateway subnet
upvoted 1 times
...
nfett
3 years, 11 months ago
https://docs.microsoft.com/en-us/azure/vpn-gateway/tutorial-site-to-site-portal When you create the gateway subnet, you specify the number of IP addresses that the subnet contains. The number of IP addresses needed depends on the VPN gateway configuration that you want to create. Some configurations require more IP addresses than others. We recommend that you create a gateway subnet that uses a /27 or /28. /27/ or /28 is right.
upvoted 1 times
...
guptavishal7982
4 years ago
The Gateway Subnet must be /27. https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-coexist-resource-manager#add
upvoted 2 times
...
GabrieleSolieri
4 years, 2 months ago
/28 is correct
upvoted 2 times
pentium75
3 years, 10 months ago
Not if you have both VPN and ExpressRoute. "If you have a virtual network that has only one virtual network gateway (let's say, Site-to-Site VPN gateway) and you want to add another gateway of a different type (let's say, ExpressRoute gateway), check the gateway subnet size. If the gateway subnet is /27 or larger, you can skip the steps below and follow the steps in the previous section to add either a Site-to-Site VPN gateway or an ExpressRoute gateway. If the gateway subnet is /28 or /29, you have to first delete the virtual network gateway and increase the gateway subnet size."
upvoted 2 times
...
...
paulb2b
4 years, 4 months ago
/27 is correct subnet range or larger
upvoted 2 times
prashantjoge
4 years, 3 months ago
it says 27 or larger. I think you can do 28 so there is more space for the VM's
upvoted 2 times
...
...
CeliaZhou
4 years, 4 months ago
Agree /27, as posted in the article: https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-coexist-resource-manager#new "The Gateway Subnet must be /27 or a shorter prefix (such as /26 or /25)."
upvoted 4 times
...
Stevezzc
4 years, 5 months ago
/29 is support. https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub
upvoted 1 times
nexnexnex
4 years, 4 months ago
Mentioned link states, that /29 is a minimum for VPN-only and that it's not enough for VPN+ExpressRoute. /29 is too small /28 - there is not enough info in docs (except that it was previous minimum for a VPN) /27 is a recommended minimum
upvoted 8 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel