ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-300 All Questions

View all questions & answers for the AZ-300 exam
Go to Exam

Exam AZ-300 topic 1 question 44 discussion

Actual exam question from Microsoft's AZ-300
Question #: 44
Topic #: 1
[All AZ-300 Questions]

SIMULATION -
Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.






When you are finished performing all the tasks, click the "˜Next' button.
Note that you cannot return to the lab once you click the "˜Next' button. Scoring occur in the background while you complete the rest of the exam.

Overview -
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

To start the lab -
You may start the lab by clicking the Next button.
Another administrator attempts to establish connectivity between two virtual networks named VNET1 and VNET2. The administrator reports that connections across the virtual networks fail.
You need to ensure that network connections can be established successfully between VNET1 and VNET2 as quickly as possible.
What should you do from the Azure portal?

Show Suggested Answer Hide Answer
Suggested Answer: See solution below.
You can connect one VNet to another VNet using either a Virtual network peering, or an Azure VPN Gateway.
To create a virtual network gateway
Step 1: In the portal, on the left side, click +Create a resource and type 'virtual network gateway' in search. Locate Virtual network gateway in the search return and click the entry. On the Virtual network gateway page, click Create at the bottom of the page to open the Create virtual network gateway page.
Step 2: On the Create virtual network gateway page, fill in the values for your virtual network gateway.


Name: Name your gateway. This is not the same as naming a gateway subnet. It's the name of the gateway object you are creating.
Gateway type: Select VPN. VPN gateways use the virtual network gateway type VPN.
Virtual network: Choose the virtual network to which you want to add this gateway. Click Virtual network to open the 'Choose a virtual network' page. Select the
VNet. If you don't see your VNet, make sure the Location field is pointing to the region in which your virtual network is located.
Gateway subnet address range: You will only see this setting if you did not previously create a gateway subnet for your virtual network. If you previously created a valid gateway subnet, this setting will not appear.
Step 4: Select Create New to create a Gateway subnet.

Step 5: Click Create to begin creating the VPN gateway. The settings are validated and you'll see the "Deploying Virtual network gateway" tile on the dashboard.
Creating a gateway can take up to 45 minutes. You may need to refresh your portal page to see the completed status.
References:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-vnet-vnet-resource-manager-portal?
by chukks_19 at Oct. 23, 2019, 11:54 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
chukks_19
Highly Voted 5 years, 7 months ago
Think we should be using Peering here it's much faster, as Virtual network gateways can take up to 45 mins to finish set up.
upvoted 50 times
ron_b
5 years ago
>> You need to ensure that network connections can be established successfully between VNET1 and VNET2 as quickly as possible. Definitely Peering
upvoted 9 times
...
...
TYT
Highly Voted 5 years, 1 month ago
The best option is to go to the vnets and see if there is a peering. If there is a peering, check if something is disabled or something and make the change to get the Peering status to connected. Check on both VNETS. If no peering exists, create one. The other approach is creating virtual network gateways. This takes a lot of time to create, and you have to create two of them. If gateway subnets doesn't exist in the VNETs, you have to go and create those first before creating Virtual network gateways. After half hour or hour, come back once the VNG are created, then add connections by going to the VNG and through keys. This options is very unlikely and not realistic, in my opinion.
upvoted 10 times
...
Dineshvishe
Most Recent 4 years, 11 months ago
The correct option is VPN Peering which is the quickest.
upvoted 1 times
...
tundervirld
4 years, 11 months ago
We have two options, Virtual network peering(fast) or an Azure VPN Gateway(about 45 min). The question is about what the administrator will do to test the fail connectivity. - Step 1: Review if peering exists or create, if exist and is disconnected “Delete & Recreate”(The fastest way) - Step 2: Review if Virtual Network Gateway exists or create. -- To create, you’ll need to create 2 VNG and 2 GatewaySubnet in the Vnets. -- Associate the bidirectionality in the VNG to a VNET and their respective GatewaySubnet, selecting Connection Type Vnet-to-Vnet, and doing the inverse connections in the Second virtual network gateway. - Step 3: If there exists a Network Watcher, Start troubleshooting to see the problems and solve. References: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-troubleshoot-peering-issues#the-peering-status-is-disconnected https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-vnet-vnet-resource-manager-portal https://docs.microsoft.com/en-in/azure/network-watcher/diagnose-communication-problem-between-networks#diagnose-a-gateway
upvoted 3 times
...
PS36363
5 years, 3 months ago
Assuming we take the route of creating Virtual Network Gateways, wouldn't we need to create two seperate Gateways one for VNET1 and One for VNET2. Then we need to go to connections to enable connection between VNET1->VNET2 and VNET2->VNET1. The solution mentioned does not include these steps. Please let me know if I am missing something here.
upvoted 1 times
TYT
5 years, 1 month ago
Yes. You need to add a connection on both vnet gateways to other gateway to complete the process. I am not sure how we can do that in the exam though? Wait 45 minutes for the deployment to complete? I would try vnet peering first before the gateway option, tbh.
upvoted 3 times
...
...
xfit
5 years, 3 months ago
If the vnets were created through the classic deployment method, peering is not possible, you must create a VPN. I guess that is what is happening here. "A virtual network peering cannot be created between two virtual networks deployed through the classic deployment model. If you need to connect virtual networks that were both created through the classic deployment model, you can use an Azure VPN Gateway to connect the virtual networks."
upvoted 1 times
...
turtle666
5 years, 3 months ago
https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks
upvoted 1 times
...
pola22
5 years, 4 months ago
@karls We have an option to disable/enable peering at Configuration --> Configure virtual network access settings --> disable/enable
upvoted 4 times
Andy001
5 years, 3 months ago
The setting you mentioned does not disable/enable peering - it actually disables/enables communication between the two virtual networks, but it does not impact on the "Peering status" https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-manage-peering
upvoted 1 times
riyamalin
5 years, 1 month ago
agree with Andy001
upvoted 2 times
...
...
...
Karls
5 years, 4 months ago
Nowaday, you cann't enable/disable peering connection in Portal. Only I can see "delete" option. Maybe, other case, it would be that configuration option of "Allow forwarded traffic from Vnet01 to Vnet02", it was "Disabled". Then, we need review both peering and check that it is Enable to can send traffic between both vnets.
upvoted 3 times
bootyholeman
5 years, 4 months ago
Allow forwarded traffic doesn't make sense if you have two vnets, it makes sense if you have more.
upvoted 1 times
maniaX
5 years, 3 months ago
Allow forwarded trafic makes sence only if you have more vnets which have no peering between them but you have peering just with vnet where virtual network appliance (VNA) is located. Then if you enable this feature traffic will flow over vnet with VNA to others vnet, so you are able to connect them without peering.
upvoted 3 times
...
...
...
Benkyoujin
5 years, 5 months ago
Mentions quickly so means VNET. Could also be a scenario where an existed peering is disconnected or something so you’ll have to delete and recreate.
upvoted 6 times
onlyfunmails
5 years, 5 months ago
Got it in my 103, one of the peering connection disabled, just enabled.
upvoted 23 times
...
...
sigma
5 years, 5 months ago
Check both the VNETs. If both are in same subscription (assuming it would be in the lab), then VNET peering is the right choice.
upvoted 5 times
Ekramy_Elnaggar
5 years, 5 months ago
VNET peering can be between 2 VNETS in 2 different subscriptions
upvoted 10 times
Mathai
5 years, 2 months ago
Ekramy is right.. Please see this for more information https://azure.microsoft.com/en-us/blog/vnet-peering-and-vpn-gateways/
upvoted 1 times
...
Sun_mon
5 years, 1 month ago
Is the correct answer peering for this question or we have to create Virtual network gatway
upvoted 1 times
...
...
...
VK
5 years, 6 months ago
>>The administrator reports that connections across the virtual networks fail. Is that the reason why the answer deals with creating virtual network gateway instead of simple vnet peering?
upvoted 3 times
Bart78
4 years, 8 months ago
This simply says that both vnets cannot communicate to each other now. Vnet peering
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel