The Aruba Policy Enforcement Firewall (PEF) module supports source network address translation (src-nat).
Which is a use of this statement in an Aruba configuration?
Answer : A
Explanation:
2-5 - Policy Interpretation
Review the following truncated output from an Aruba controller for this item.
(example) #show rights logon
access-list List
----------------
Position Name Location -
-------- ---- --------
1 logon-control
2 captiveportal
logon-control
-------------
Priority Source Destination Service Action
-------- ------ ----------- ------- ------
1 user any udp 68 deny
2 any any svc-icmp permit
3 any any svc-dns permit
4 any any svc-dhcp permit
5 any any svc-natt permit
captiveportal
-------------
Priority Source Destination Service Action
-------- ------ ----------- ------- ------
1 user controller svc-https dst-nat 8081
2 user any svc-http dst-nat 8080
3 user any svc-https dst-nat 8081
4 user any svc-http-proxy1 dst-nat 8088
5 user any svc-http-proxy2 dst-nat 8088
6 user any svc-http-proxy3 dst-nat 8088
Based on the above output from an Aruba controller, an unauthenticated user assigned to the logon role attempts to start an http session to IP address
172.16.43.170.
What will happen?
Answer : D
Refer to the following configuration segment for this item.
ip access-list session anewone
user network 172.16.1.0 255.255.255.0 any permit
user host 172.16.1.1 any deny
user any any permit
An administrator wants users to have access to all destinations except 172.16.1.1. Based on the above Aruba Mobility Controller configuration segment, which statements best describe this policy? (Choose two)
Answer : BC
Refer to the following configuration segment for this item.
netdestination "internal"
no invert
network 172.16.43.0 255.255.255.0 position 1
range 172.16.11.0 172.16.11.16 position 2
!
ip access-list session "My-Policy"
alias "user" alias "internal" service_any permit queue low
!
A user frame is evaluated against this firewall policy with the following attributes:
Source IP: 172.17.49.3 Destination IP: 10.100.86.37 Destination Port: 80
Referring to the above file segment, how will the frame be handled by this firewall policy?
Answer : B
ip access-list session anewone
user network 10.1.1.0 255.255.255.0 any permit
user any any permit
host 10.1.1.1 host 10.2.2.2 any deny
A user sends a frame with the following attributes:
Source IP: 10.1.1.1 Destination IP: 10.2.2.2 Destination Port: 25
Based on the above Mobility Controller configuration file segment, what will this policy do with the user frame?
Answer : C
ip access-list session anewone
user network 10.1.1.0 255.255.255.0 any permit
user host 10.1.1.1 any deny
user any any permit
Referring to the above portion of a Mobility Controller configuration file, what can you conclude? (Choose two)
Answer : AE
Answer : B
Answer : B
Answer : E
Explanation:
3-2 - Configuration Wizards
What can NOT be configured from the Aruba controller configuration wizards?
Answer : B
An administrator is setting up a factory default controller. No new AP groups were created. When adding a WLAN SSID in the Campus WLAN wizard what AP group is available?
Answer : C
The reusable Aruba Controller wizards are accessible in what way?
Answer : D
The Controller wizard enables which of the following controller clock configurations? (Choose three)
Answer : ABE
When configuring ports in the Controller wizard, which of the following are NOT configuration options? (Choose two)
Answer : AD
Explanation:
3-3 - Management
By default, which CLI based remote access method is enabled on Aruba controllers?
Answer : C
Have any questions or issues ? Please dont hesitate to contact us