Exam AZ-300 topic 1 question 75 discussion

Every Azure VPN gateway consists of two instances in an active-standby configuration. For any planned maintenance or unplanned disruption that happens to the active instance, the standby instance would take over (failover) automatically, and resume the S2S VPN or VNet-to-VNet connections. The switch over will cause a brief interruption. For planned maintenance, the connectivity should be restored within 10 to 15 seconds. For unplanned issues, the connection recovery will be longer, about 1 minute to 1 and a half minutes in the worst case. So I think active-standby will be good enough one Public IP , one VPN gateway and two local gateways.

the question said "In Azure" , so: 2 Public IPs , 1 VPN Gateway in active/active config , 2 Local Network Gateways I already implemented this before.

The questions says required in Azure, I believe its 3 public addresses, 1 IP will be created during the LNG creation and then 2 IPS are required to configure with LNG's, seems its 3, 1, 2.

To save time for others, Copy pasting from above and its absolutely correct answer: 3-1-2 is correct answer for this. 3: 2 ( 2 local gws need 1 Pubip each so, total 2) + 1 ( pubip for active instance only) 1: just need 1 azure VPN gateway with active - passive HA (fail over takes max 1 min 30 sec) 2: Local device needs its own local gw. so total 2 Local GW needed So the answer is 3 IPs, 1 VPN gateway, 2 Local Gateways

Here is the correct answer : 2,1,2. refer this link https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-highlyavailable

Question is about to resource requirement in Azure; not in on-prem network. This is an Active-Standby at Azure side since 2min down time is mentioned. For Active-Standby, 1 IP, 1 Virtual Network and 2 Local Network (from two VPN Gateways) need to be created.

Why one public IP? Shouldn't there be two; one for the on-premise network and one for the azure network?

1,1,2 Each VPN gateway has two instances, one in active and one in standby. If one instance goes down, we would still have the other one available. Hence, we just need one Virtual Network gateway resource. And for this we just need to one Public IP address resource.

"What is the minimum number of public IP addresses, virtual network gateways, and local network gateways required in Azure?" The question is about resources in Azure, not both azure and on-prem. It should be : 1 PIP 1 Virtual GW 1 Local GW If active-active is not selected when Virtual GW is created , it automatically creates in Active-standby. One pip will do here. For unplanned issues, the connection recovery will be longer, about 1 minute to 1 and a half minutes in the worst case. (well with-in SLA stated) Ref: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-highlyavailable

Given answer correct refer - Dual-redundancy: active-active VPN gateways for both Azure and on-premises networks

2,1,2 https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-highlyavailable#activestandby The configuration described here is "Multiple on-premises VPN devices"

The correct answer is: 1 Public IP address 1 Virtual network gateway 2 Local network gateways Description: 1 Public IP address - Each VPN gateway has two instances, one in active and one in standby. If one instance goes down, we would still have the other one available. Hence, we just need one Virtual Network gateway resource. And for this we just need to one Public IP address resource. 1 Virtual network gateway - Each VPN gateway has two instances, one in active and one in standby. If one instance goes down, we would still have the other one available. Hence, we just need one Virtual Network gateway resource. 2 Local network gateways - Here we would need to have two VPN devices registered on the client side. This would ensure that if one of the client VPN devices were to fail, you would still have another one available. For this we need to register two Local network gateways.

3,1,2 is the right answer

3 pub IP's (2x on premise, 1 for the active/standby VPN Gateway (1 - 1.5 minute downtime, questions states max 2 minutes) and 2 local Network Gateways (one for each on premise pub IP

Understand the existing infrastructure and the requirement. Existing: Two on prem VPN device and 1 Azure Vnet Gateway (This consists one active and standby be default) Requirement: the failure will not cause an interruption that is longer than two minutes Ans: You need 2 public IP for the VPN devices so that you can configure two local network gateway. You need one public IP for your VPN gateway (it has active and standby mode by default so you dont need two VPN gateways for the failover). So 3 public IP and 1 VPN gateway and 2 local Network Gateway

Apologies, there was no way to edit... We need 4 connections connection 1 with PIP 1 to VPN A on-premises connection 2 with PIP 2 to VPN A on-premises connection 3 with PIP 1 to VPN B on-premises connection 4 with PIP 2 to VPN B on-premises

This is so wrong What is the minimum number of public IP addresses, virtual network gateways, and local network gateways required in Azure? The question specifically said Azure? I have personally labbed this ... When active - active mode is activated on a VPN Gateway, it would have 2 PIP. To create a highly available architecture with two on-premises devices then... 4 connections 1 with PIP 1 to VPN A on-premises connections 2 with PIP 1 to VPN A on-premises connections 3 with PIP 3 to VPN B on-premises connections 4 with PIP 1 to VPN B on-premises Since the LNG have same public endpoint we would need only 2 of them... The correct answer is 2 1 2 Again...The subscription contains an Azure virtual network named VNet1 Looking at that statement, only 1 VPN gateway is allowed in a VNET