Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified SysOps Administrator Associate vpn and internet gateway

  • vpn and internet gateway

  • jjreyn

    Member
    September 4, 2020 at 6:25 am

    A company has a requirement to connect their on-premises network to a new VPC on AWS to complete their hybrid cloud architecture. As the SysOps Administrator of the company, you are responsible in both managing their cloud infrastructure as well as establishing connectivity to their other corporate data centers.

    Which of the following should provide your resources on AWS the connectivity to external networks? (Choose 2)

    A. Enable AWS enhanced networking on your instances

    B. Assign a Public IP to your EC2 instances

    C. Assign an Elastic IP to your EC2 instances

    D. Create a Virtual Private Gateway

    E. Create additional ENI for the dedicated connection to the on-premises data center

    F. Assign an Internet Gateway to the VPC

    D and F are the correct answers, but as per AWS FAQ, an internet gateway is not required to set up a VPN, and there is no mention any need to allow the VPC to connect to the internet:

    “An AWS Site-to-Site VPN connection connects your VPC to your datacenter. Amazon supports Internet Protocol security (IPsec) VPN connections. Data transferred between your VPC and datacenter routes over an encrypted VPN connection to help maintain the confidentiality and integrity of data in transit. An Internet gateway is not required to establish a Site-to-Site VPN connection.


    I *did* get the question right because none of the other answers made sense…

    Thoughts?

    Thanks!

    -JJ

  • iulian

    Member
    September 6, 2020 at 3:31 pm

    The story for the was to lead you on the wrong path, but question was’t about VPN only: Which of the following should provide your resources on AWS the connectivity to external networks?

    So resources on AWS that provide connectivity to external networks are D F.

  • TutorialsDojo-Support

    Member
    September 18, 2020 at 10:28 am

    Hello jjreyn,

    Thank you for the feedback.

    I think it is still correct. Take note that the scenario requires you to provide CONNECTIVITY to EXTERNAL NETWORKS, not on how to SET UP A VPN CONNECTIVITY. This means that the options you select should allow your resources to access the internet. And among the options given, both the VPG and Internet gateway provides connectivity between an external network to your AWS VPC. Also, even without VPG, the resources can still access the internet through the internet gateway.

    I hope this helps.

    Let us know if you need further assistance. The Tutorials Dojo team is dedicated to help you pass your AWS exam on your first try!

    Regards,

    Gerome @ Tutorials Dojo

Log in to reply.

Original Post
0 of 0 posts June 2018
Now