Notifications
Clear all
Topic starter
An administrator is implementing a downloadable user role solution involving AOS-CX switches. The AAA solution and the AOS-CX switches can successfully authenticate users; however, the role information fails to download to the switches.
What policy should be added to an intermediate firewall to allow the downloadable role function to succeed?
- A . Allow TCP 443
B. Allow UDP 1811
C. Allow UDP 8211
D. Allow TCP 22
Suggested Answer: A
Explanation:
pg 681 from the Aruba guide - "When using DUR, the ClearPass HPE-CPPM-Role VSA is used in combination with HTTPS to transfer the role to the switch." UDP 8211 (PAPI) is related to dynamic segmentation and the communication to the MC not DUR.
Explanation:
pg 681 from the Aruba guide - "When using DUR, the ClearPass HPE-CPPM-Role VSA is used in combination with HTTPS to transfer the role to the switch." UDP 8211 (PAPI) is related to dynamic segmentation and the communication to the MC not DUR.
Posted : 07/11/2022 12:01 pm