A US-based company is expanding into Europe and requires its network infrastructure to be extended using a hub and spoke architecture in the eu-west-1 Region. A network engineer establishes a transit gateway peering connection to link the new resources in eu-west-1 with an existing environment in the us-east-1 Region.

Each AWS Region's hub and spoke architecture includes an inspection VPC with AWS Network Firewall to centralize traffic inspection within the Region. To minimize costs, the network engineer opts to inspect inter-Region traffic using the inspection VPC in the originating Region and configures the transit gateway route tables accordingly.

During testing, intra-Region communication functions as intended, but inter-Region communication fails. The network engineer must identify and implement a solution to resolve the inter-Region communication issue.

What solution will address this requirement?

Exam-Like

Configure Open Shortest Path First (OSPF) routing on the transit gateway peering connection to propagate the VPC CIDR blocks from each Region to the remote peer.

Use AWS Resource Access Manager (AWS RAM) to share access between the transit gateways. Enable the Allow sharing with anyone setting.

Prevent asymmetric routing in the inspection VPCs by ensuring that both requests and responses are inspected by the same inspection VPC

Enable Appliance mode on both the transit gateway attachments for the inspection VPC.

AWS Certified Advanced Networking - Specialty

Comments

Get started today