A network engineer recently identified that a wired device connected to a CX Switch is misbehaving on the network To address this issue, a new ClearPass policy has been put in place to prevent this device from connecting to the network again.
Which steps need to be implemented to allow ClearPass to perform a CoA and change the access for this wired device? (Select two.)
A . Confirm that NTP is configured on the switch and ClearPass
B . Configure dynamic authorization on the switch.
C . Bounce the switchport
D . Use Dynamic Segmentation.
E . Configure dynamic authorization on the switchport
Answer: A B
Explanation:
To allow ClearPass to perform a CoA and change the access for a wired device, the following steps need to be implemented:
* Confirm that NTP is configured on the switch and ClearPass. NTP is required to synchronize the time between the switch and ClearPass, which is essential for CoA messages to be processed correctly1.
* Configure dynamic authorization on the switch. Dynamic authorization is a feature that enables the switch to accept CoA messages from a RADIUS server and apply them to existing sessions2. Dynamic authorization can be enabled globally or per port on the switch2.
* Optionally, configure dynamic authorization on the switchport. This step is not required, but it can provide more granular control over which ports can accept CoA messages from a RADIUS server2. Bouncing the switchport or using Dynamic Segmentation are not necessary steps for allowing ClearPass to perform a CoA and change the access for a wired device.
References:
1 https://www.arubanetworks.com/techdocs/ClearPass/6.7/Aruba_DeployGd_HTML/Content/Aruba%20Controlle
2 https://www.arubanetworks.com/techdocs/AOS-CX/10.04/HTML/5200-6692/GUID-BD3E0A5F-FE4C-4B9B-B
Latest HPE7-A01 Dumps Valid Version with 75 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund