What policy should be added to an intermediate firewall to allow the downloadable role function to succeed?
An administrator is implementing a downloadable user role solution involving AOS-CX switches. The AAA solution and the AOS-CX switches can successfully authenticate users; however, the role information fails to download to the switches.
What policy should be added to an intermediate firewall to allow the downloadable role function to succeed?
A . Allow TCP 443
B . Allow UDP 1811
C . Allow UDP 8211
D . Allow TCP 22
Answer: A
Explanation:
pg 681 from the Aruba guide – "When using DUR, the ClearPass HPE-CPPM-Role VSA is used in combination with HTTPS to transfer the role to the switch." UDP 8211 (PAPI) is related to dynamic segmentation and the communication to the MC not DUR.
Latest HPE6-A73 Dumps Valid Version with 100 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
Subscribe
Login
0 Comments
Inline Feedbacks
View all comments