Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

Exam AZ-300 topic 2 question 10 discussion

Actual exam question from Microsoft's AZ-300
Question #: 10
Topic #: 2
[All AZ-300 Questions]

HOTSPOT -
Your company has offices in New York and Los Angeles.
You have an Azure subscription that contains an Azure virtual network named VNet1. Each office has a site-to-site VPN connection to VNet1.
Each network uses the address spaces shown in the following table:

You need to ensure that all Internet-bound traffic from VNet1 is routed through the New York office.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
jcarlos
Highly Voted 4 years, 7 months ago
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-forced-tunneling-rm "Also, the on-premises VPN device must be configured using 0.0.0.0/0 as traffic selectors."
upvoted 10 times
tmurfet
4 years, 3 months ago
0.0.0.0/0 only if it's desired that all on-prem traffic goes to Azure. The documentation example selects *all* traffic -- but in this case only return traffic to VNet1 is indicated, so: 192.168.0.0/20.
upvoted 2 times
...
...
jf23fj3o
Highly Voted 4 years, 7 months ago
the 192.168.0.0/20 network is the traffic selector on the on prem site, so that it knows to put that traffic on the VPN. 192.168.0.0/20 is the correct selection
upvoted 9 times
milind8451
4 years, 4 months ago
No, its 0.0.0.0/0 Read here - https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-forced-tunneling-rm
upvoted 2 times
...
...
tashakori
Most Recent 6 months ago
Given answer is correct
upvoted 1 times
...
davili
3 years, 10 months ago
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-forced-tunneling-rm It says: Forced tunneling must be associated with a VNet that has a route-based VPN gateway. You need to set a "default site" among the cross-premises local sites connected to the virtual network. Also, the on-premises VPN device must be configured using 0.0.0.0/0 as traffic selectors.
upvoted 1 times
...
lehrie
3 years, 11 months ago
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-forced-tunneling-rm#requirements-and-considerations ====================================================================== Forced tunneling must be associated with a VNet that has a route-based VPN gateway. You need to set a "default site" among the cross-premises local sites connected to the virtual network. Also, the on-premises VPN device must be configured using 0.0.0.0/0 as traffic selectors.
upvoted 1 times
...
jk284362
3 years, 12 months ago
What do they mean by "Traffic Selector" in New York office VPN Box please? Is it Interesting Traffic ACL?
upvoted 1 times
...
MMohammad
4 years ago
The answer should be: 1. Set-AzVirtualNetworkGatewayDefaultSite 2. 0.0.0.0/0 Explanation 1. For this requirement, we have to implement forced tunnelling. For this , we have to issue the command Set-AzVirtualNetworkGatewayDefaultSite 2. In the on-premises VPN device, we have to set the traffic selector for the Internet IP address range – 0.0.0.0/0
upvoted 2 times
...
Remco
4 years, 1 month ago
Given answer is correct. In Azure you define the site through which you are routing. On-Premise you define which network can use the tunnel
upvoted 5 times
...
ofa_75
4 years, 1 month ago
0.0.0.0/0: "Forced tunneling must be associated with a VNet that has a route-based VPN gateway. You need to set a "default site" among the cross-premises local sites connected to the virtual network. Also, the on-premises VPN device must be configured using 0.0.0.0/0 as traffic selectors."
upvoted 1 times
...
fiol82
4 years, 1 month ago
Default site 0.0.0.0/0
upvoted 2 times
...
mango_mama
4 years, 1 month ago
Traffic selector should be 0.0.0.0/0. https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-forced-tunneling-rm
upvoted 2 times
...
nabylion
4 years, 2 months ago
question is tricky :You need to ensure that all Internet-bound traffic from VNet1 is routed through the New York office. so we all know that traffic from VNET1 to NY on premises is through internet. word internet here is trap. Answer shown in exhibit is correct
upvoted 1 times
...
gboyega
4 years, 2 months ago
Default site 0.0.0.0/0
upvoted 5 times
...
Aaru
4 years, 2 months ago
Default site 0.0.0.0/0
upvoted 3 times
...
DeveshSolanki
4 years, 2 months ago
Answer of B2 is 0.0.0.0/0
upvoted 2 times
...
[Removed]
4 years, 2 months ago
Please see the link https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-forced-tunneling-rm it would be 0.0.0.0 if you want to enable force tuneling(which means you want the traffic from vnet to voa a onpremise network to internet)
upvoted 1 times
...
Prash85
4 years, 3 months ago
Question is asking ****ensure that all Internet-bound traffic from **VNet1** not all the internet traffic from any source... Given answer is correct as per the question stated.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...