Question 242:
An IT firm is deploying new application servers in AWS VPC created at the ap-south-1 region for its new client. These servers will be accessed by the development team based in Bengaluru & Pune Locations. For the POC phase to keep cost minimum & faster deployment, an AWS VPN with static routes will be set up from the firm’s Mumbai Office CGW to VGW. Initially, when the development team at Pune checked reachability to application servers in Mumbai, it worked fine. Last week connectivity for the Bengaluru office was established via the Bengaluru-Mumbai internal WAN link & further VPN link to applications servers. Since then, the development team in both Pune & Bangalore locations are facing issues with establishing connectivity to servers. Further checks observed intermittent packet drops in VPN link while no issue was observed in client internal WAN links between Mumbai, Pune & Bengaluru locations. Which of the following cost-effective actions can resolve this issue?
Answer options:
A.Create 2 VPN Connections from VGW to 2 separate CGW at Mumbai & create a policy to allow each of Pune & Bengaluru subnets to pass only through a specific tunnel & deny from another tunnel. B.Create separate VPN connection from Bengaluru & Pune office to AWS VPC at ap-south-1 region bypassing internal WAN links to Mumbai & have a policy allowing only specific subnets at each location to pass through VPN tunnel. C.Create a VPN connection with a single security association by allowing a policy to pass any network (0.0.0.0/0) through a tunnel. D.Create a VPN Connection with a single security association by allowing a policy for only specific networks at Pune & Bengaluru locations & deny all other traffic to pass through the tunnel.