Cisco
300-365 · Question #64
300-365 Question #64: Real Exam Question with Answer & Explanation
The correct answer is B: IP protocol 97. Cisco WLC mobility tunneling between a foreign controller and an anchor controller in the DMZ uses IP Protocol 97 (EtherIP) for the data tunnel and UDP 16666 for mobility control messaging.
Question
An engineer has configured an anchor controller in the DMZ for guest traffic, but the traffic is failing at the firewall. Which two ports must be opened on the firewall? (Choose two.)
Options
- AIP protocol 43
- BIP protocol 97
- CTCP port 23
- DTCP port 443
- EUDP port 123
- FUDP port 16666
Explanation
Cisco WLC mobility tunneling between a foreign controller and an anchor controller in the DMZ uses IP Protocol 97 (EtherIP) for the data tunnel and UDP 16666 for mobility control messaging.
Common mistakes.
- A. IP Protocol 43 is used for IPv6 routing headers in IPv6-over-IPv4 tunneling, not for Cisco WLC EtherIP mobility tunnels.
- C. TCP port 23 is Telnet management access, which is unrelated to the data or control plane traffic required for a WLC guest anchor deployment.
- D. TCP port 443 is HTTPS and while it may be used for WLC web management or WebAuth guest portals, it is not one of the two ports specifically required for the mobility tunnel itself to function.
- E. UDP port 123 is NTP time synchronization, which is not required for the mobility tunnel between a foreign and anchor WLC to pass guest traffic.
Concept tested. WLC guest anchor mobility tunnel firewall requirements
Community Discussion
No community discussion yet for this question.