Designing and Implementing Azure for AWS Professionals — Question 16

A company configures an Azure site-to-site VPN between an on-premises network and an Azure virtual network.
The company reports that after completing the configuration, the VPN connection cannot be established.
You need to troubleshoot the connection issue.
What should you do first?

Answer options

• A. Identify the shared key by running this PowerShell cmdlet: Get-AzVirtualNetworkGatewayConnectionSharedKey.
• B. Identify the shared key by running the PowerShell cmdlet: Get -AzVirtualNetworkGatewayConnectionVpnDeviceConfigScript
• C. Verify the AzureRoot.cer file exists.
• D. Verify the AzureClient.pfx file exists.

Correct answer: A

Explanation

The correct answer is A because identifying the shared key is a crucial first step in troubleshooting VPN connection issues, as it must match on both sides of the connection. Options B, C, and D are not the first steps for diagnosing the VPN connection; they relate to different aspects of VPN configuration and verification.