A company's network engineer is setting up an AWS Site-to-Site VPN connection between a transit gateway and their on-premises network, using BGP over two tunnels in active/active mode with ECMP routing enabled on the transit gateway. When traffic is sent from the on-premises network to an Amazon EC2 instance, it flows through the first tunnel, but the return traffic arrives via the second tunnel and is dropped at the customer gateway. The network engineer needs to resolve this issue while maintaining the full VPN bandwidth.

What solution will address this requirement?

Exam-Like

Configure the customer gateway to use AS PATH prepending and local preference to prefer one tunnel over the other.

Configure the Site-to-Site VPN options to set the first tunnel as the primary tunnel to eliminate asymmetric routing.

Configure the virtual tunnel interfaces on the customer gateway to allow asymmetric routing.

Configure the Site-to-Site VPN to use static routing in active/active mode to ensure that traffic flows over a preferred path.

AWS Certified Advanced Networking - Specialty