Google Cloud Professional Cloud Network Engineer — Question 167

You configured a single IPSec Cloud VPN tunnel for your organization to a third-party customer. You confirmed that the VPN tunnel is established. However, the BGP session status states that the BGP is not configured. The customer has provided you with their BGP settings:

• Local BGP address: 169.254.11.1/30
• Local ASN: 64515
• Peer BGP address: 169.254.11.2
• Peer ASN: 64517
• Base MED: 1000
• MD5 Authentication: Disabled

You need to configure the local BGP session for this tunnel based on the settings provided by the customer. You already associated the Cloud Router with the Cloud VPN Tunnel. What settings should you use for the BGP session?

Answer options

• A. Peer ASN: 64517 - Advertised Route Priority (MED): 100 Local BGP IP: 169.254.11.2 - Peer BGP IP: 169.254.11.1 - MD5 Authentication: Disabled
• B. Peer ASN: 64515 - Advertised Route Priority (MED): 100 Local BGP IP: 169.254.11.1 - Peer BGP IP: 169.254.11.2 - MD5 Authentication: Disabled
• C. Peer ASN: 64515 - Advertised Route Priority (MED): 100 Local BGP IP: 169.254.11.2 - Peer BGP IP: 169.254.11.1 - MD5 Authentication: Disabled
• D. Peer ASN: 64515 - Advertised Route Priority (MED): 1000 Local BGP IP: 169.254.11.2 - Peer BGP IP: 169.254.11.1 - MD5 Authentication: Enabled

Correct answer: C

Explanation

The correct answer is C, as it correctly configures the local BGP settings using the provided customer details: Local BGP IP should be 169.254.11.2, and Peer BGP IP should be 169.254.11.1, with the Peer ASN set to 64515. Options A and D incorrectly swap the local and peer IP addresses, and option B uses the wrong local BGP address, which would prevent successful BGP establishment.