VMware vSAN Administrator (2025) — Question 41

An architect is working on a VMware Cloud Foundation (VCF) architecture design and identified the following requirements:
The organization is using a third-party virtual appliance that does not support overlay networks.
The virtual appliance must reside on the same L2 domain as an external physical firewall.
The virtual appliance also needs access to workloads that are currently hosted on overlay segments provided by NSX.
Which design decision should the architect make to meet these requirements?

Answer options

• A. Place the virtual appliance and all workloads on VLAN-backed segments.
• B. Connect the virtual appliance to a VLAN-backed segment and configure NSX bridging to allow access to overlay segments.
• C. Request the third-party vendor to certify the virtual appliance for NSX Overlay segments.
• D. Connect the virtual appliance to an overlay-backed segment and use static routes to the firewall.

Correct answer: B

Explanation

The correct answer is B because connecting the virtual appliance to a VLAN-backed segment and configuring NSX bridging allows the appliance to communicate with both the external firewall and the overlay segments. Option A does not meet the requirement of accessing overlay segments. Option C is not a feasible solution since it depends on the vendor's actions. Option D incorrectly suggests using an overlay-backed segment which the appliance cannot support.