What are the two best connection solutions available between your company headquarters, branch sites, and the Azure vWAN hub?

Your administrator instructed you to deploy an Azure vWAN solution to create a connection between the main company site and branch sites to the other company VNETs.

What are the two best connection solutions available between your company headquarters, branch sites, and the Azure vWAN hub? (Choose two.)
A . ExpressRoute
B . GRE tunnels
C . SSL VPN connections
D . An L2TP connection
E . VPN Gateway

View Answer

Answer: AE

Explanation:

The two best connection solutions available between your company headquarters, branch sites, and the Azure vWAN hub are A) ExpressRoute and E. VPN Gateway.

According to the Azure documentation for Virtual WAN, ExpressRoute and VPN Gateway are two of the supported connectivity options for connecting your on-premises sites and Azure virtual networks to the Azure vWAN hub1. These options provide secure, reliable, and high-performance connectivity for your network traffic.

ExpressRoute is a service that lets you create private connections between your on-premises sites and Azure. ExpressRoute connections do not go over the public internet, and offer more reliability,

faster speeds, lower latencies, and higher security than typical connections over the internet2.

VPN Gateway is a service that lets you create encrypted connections between your on-premises sites and Azure over the internet using IPsec/IKE protocols. VPN Gateway also supports point-to-site VPN connections for individual clients using OpenVPN or IKEv2 protocols3.

The other options are incorrect because:

GRE tunnels are not a supported connectivity option for Azure vWAN. GRE is a protocol that encapsulates packets for tunneling purposes. GRE tunnels are established between the connect attachment and your appliance in Azure vWAN4.

SSL VPN connections are not a supported connectivity option for Azure vWAN. SSL VPN is a type of VPN that uses the Secure Sockets Layer (SSL) protocol to secure the connection between a client and a server. SSL VPN is not compatible with the Azure vWAN hub5.

An L2TP connection is not a supported connectivity option for Azure vWAN. L2TP is a protocol that creates a tunnel between two endpoints at the data link layer (Layer 2) of the OSI model. L2TP is not compatible with the Azure vWAN hub.

1: Azure Virtual WAN Overview | Microsoft Learn 2: [ExpressRoute overview – Azure ExpressRoute |

Microsoft Docs] 3: [VPN Gateway – Virtual Networks | Microsoft Azure] 4: [Transit Gateway Connect –

Amazon Virtual Private Cloud] 5: [SSL VPN – Wikipedia] : [Layer 2 Tunneling Protocol – Wikipedia]