Which steps should the SysOps administrator take to resolve the issue?

By:
On:
In: SOA-C02
Tagged:
With: 0 Comments
A company currently runs its infrastructure within a VPC in a single Availability Zone.The VPC is connected to the company’s on-premises data center through an AWS Site-to-Site VPN connection attached to a virtual private gateway.The on-premises route tables route all VPC networks to the VPN connection.Communication between the two environments is working correctly.A SysOps administrator created new VPC subnets within a new Availability Zone, and deployed new resources within the subnets.However, communication cannot be established between the new resources and the on-premises environment.

Which steps should the SysOps administrator take to resolve the issue?

Add a route to the route tables of the new subnets that send on-premises traffic to the virtual private gateway.

Create a ticket with AWS Support to request adding Availability Zones to the Site-to-Site VPN route configuration.

Establish a new Site-to-Site VPN connection between a virtual private gateway attached to the new Availability Zone and the on-premises data center.

Replace the Site-to-Site VPN connection with an AWS Direct Connect connection.

Explanations:

The new subnets in the new Availability Zone need to have routes to the virtual private gateway in the route table to communicate with the on-premises network.

Adding Availability Zones to the Site-to-Site VPN configuration is unnecessary, as the VPN connection does not depend on the Availability Zones. Routing is the issue.

A new Site-to-Site VPN connection is not required. The existing VPN connection is already functioning correctly, and the issue lies with routing in the VPC.

AWS Direct Connect is an alternative network connection but is unnecessary in this scenario. The issue is with VPC routing, not the type of connection.

Leave a Reply

Your email address will not be published. Required fields are marked *

3 × four =