Ends in
00
days
00
hrs
00
mins
00
secs
SHOP NOW

🎆 New Year Sale Extension - 25% OFF on ALL Reviewers to Start Your 2026 Strong with our New Year, New Skills Sale!

Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Advanced Networking – Specialty AWS site-to-site VPN doesn't support transitive networking

Tagged: , ,

  • AWS site-to-site VPN doesn't support transitive networking

     Carlo-TutorialsDojo updated 5 years ago 2 Members · 3 Posts
    AWS Certified Advanced Networking – Specialty

  • tim-armstrong

    Member
    December 19, 2020 at 11:25 am

    Hi.

    For the flowing question from practice exam, I did not think that the correct answer provided would allow for transitive communication between the VPCs, which appears to be a requirement from the question, “These applications must be able to connect to the on-premises data center as well to each other.” What am I missing or failing to interpret correctly? How does an AWS Site-To-Site VPN meet the transitive VPC requirements of the question? What does the complete solution look like?

    EXAM QUESTION: A company has hundreds of applications deployed in three different Amazon VPCs. These applications must be able to connect to the on-premises data center as well to each other. The connection must have an AES256 encryption and be authenticated with SHA1 or SHA2 hashing functions. It should also use Diffie-Hellman (DH) groups for key exchange to support Perfect Forward Secrecy (PFS). The solution should automatically rotate the certificate for the AWS-side of the tunnel endpoint using a service-linked role.

    What are the steps required in order to properly set up this network architecture?

    <b style=”font-family: inherit; font-size: inherit;”>CORRECT ANSWER: Set up an AWS VPN connection.

  • tim-armstrong

    Member
    December 20, 2020 at 1:19 am

    I think i understand now, but want to confirm. The solution would be a complete full mesh AWS site-to-site VPN, where each VPC would have connectivity to each other VPC and the on-prem data center. That would meet the requirements of the question, meeting the VPN options requirements and allowing the applications to connect to each other and the on-prem data center. Let me know if i am now on the right track.

    • Carlo-TutorialsDojo

      Member
      December 21, 2020 at 3:03 pm

      Hello tim,

      Thank you for your insights.

      Not necessarily a mesh. Although that is the old of doing it, you can instead use the AWS Transit Gateway to interconnect VPCs and on-premises network in a central hub. This is much simpler than setting up many complex peering networks.

      Let me know if you need more clarifications.

      Regards,

      Carlo @ Tutorials Dojo

Viewing 1 - 2 of 2 replies

Log in to reply.

Original Post
0 of 0 posts June 2018
Now
All products - Video Courses,
Practice Exams and eBooks
NON-PROMO
PERIOD
25% OFF Sale
eBooks as low as $6.99 $2.99
AWS Associate-Level Video Courses $12.99 $9.74
AZ-900, AI-900, KCNA Practice Exams $12.99 $9.74
AWS Foundational, Associate & Pro-Level Mock Exams $14.99 $11.24
AZ-104, AZ-305, AZ-400 & AZ-500 Mock Exams  $14.99 $11.24
AWS Specialty Practice Exams  $17.99 $13.49
AWS CCP Triple Bundle $29.97 $21.72
AWS Associate-Level Triple Bundle  $34.97 $24.97

 

Skip to content