In agile network, before the user is authenticated, users may need to access servers such as DNS, DHCP and Portal. When the traffic from the user access the server pass through the firewall, the firewall queries the Agile controller-campus server for the agile security group information corresponding to the traffic. Because the user is not authenticated at this time, the Agile controller-campus server informs the firewall that the user belongs to the "unknown agile security group (Unknown)". This will cause the user’s traffic to match the "unknown agile security group" before the firewall refreshes the user identity.
After the user passes the authentication, the right authority can’t be obtained immediately. How to solve the problem?
A . Turn off state detection on F
C . Configure TSM on F
E . Set the security pre-domain. When an unauthenticated user accesses a server in the pre-security domain, FW directly forwards the traffic.
F . Release traffic to the server on F
Answer: C