September 14, 2021 by Admin
A company installed an AWS Site-to-Site VPN and configured it to use two tunnels. The company has learned that the VPN connectivity is unstable. During a ping test from the on-premises data center to AWS, a network engineer notices that the first few ICMP replies time out but that subsequent requests are successful. The AWS Management Console shows that the status for both tunnels last changed at the same time the ping responses were successfully received.
Which steps should the network engineer take to resolve the instability? (Choose two.)
- Enable dead peer detection (DPD) on the customer gateway device.
- Change the tunnel configuration to active/standby on the virtual private gateway.
- Use AS PATH prepending on one path to cause all traffic to prefer that tunnel.
- Send ICMP requests to an instance in the VPC every 5 seconds from the on-premises network.
- Use a higher multi-exit discriminator (MED) value on the preferred path to prefer that tunnel.