Refer to the exhibit. In your Amazon Web Services (AWS), you must allow inbound HTTPS access to the Customer VPC FortiGate VM from the internet. However, your HTTPS connection to the FortiGate VM in the Customer VPC is not successful. Also, you must ensure that the Customer VPC FortiGate VM sends all the outbound Internet traffic through the Security VPC. How do you correct this issue with minimal configuration changes? (Choose three answers)

A. Deploy an internet gateway, associate an EIP with the Customer VPC private subnet, and then add a new route with destination 0.0.0.0/0 with the internet gateway as the target.
B. Deploy an internet gateway, attach it to the Customer VPC, and then associate an EIP with the port1 of the FortiGate in the Customer VPC.
C. Add a route with your local internet public IP address as the destination and the transit gateway as the target.
D. Add a route to the destination 0.0.0.0/0 with the transit gateway as the target.
E. Add a route with your local internet public IP address as the destination and the internet gateway as the target.

Correct Answer: B,C,D

Brave-Dump Clients Votes

BCD 100%

Comments

alex silva 2025-09-13 14:52:06

Selected Answers: B, C, D

There is no way it can be A, you do not associate an EIP with an entire subnet, but rather with a specific network interface (ENI), which in this case is port 1 on the FortiGate.
And C, ensures that the return route for incoming traffic is established, allowing the HTTPS connection to succeed.

B, C and D