CCIE Data Center (legacy) — Question 2

Which two steps only allow access to the supplier management database application in EPG "DB-EPG" through VPN connection using subnet 10.10.10.0/16?
(Choose two.)

Answer options

• A. Create an external network under L3Out. Add subnet 10.10.10.0/16 with scope "External Subnets for the External EPG"
• B. Assign a contract as "Consumer Contract" in an external network under L2Out.
• C. Create an EPG and name it "VPN-Access". Create a bridge domain with subnet 10.10.10.0/16 and associate it with "VPN-Access" EPG. Create a contract as "Provider Contract" in EPG.
• D. Create an EPG and name it "VPN-Access". Create a bridge domain with subnet 10.10.10.1/16 and associate it with "VPN-Access" EPG. Create a contract as "Provider Contract" in EPG.
• E. Assign a contract as "Provider Contract" in DB-EPG.

Correct answer: A, B

Explanation

Option A is correct because creating an external network with the specified subnet allows external access. Option B is also correct as assigning a consumer contract in an external network facilitates the required access. Options C and D are incorrect because they pertain to configuring the EPG and bridge domain but do not directly enable VPN access. Option E is incorrect as it does not involve the necessary external network setup for VPN connectivity.