nerdexam
Cisco

300-430 · Question #120

An engineer must implement a CPU ACL that blocks web management traffic to the controller, but they also must allow guests to r a h a Web Authentication Redirect page. To which IP address is guest cli

The correct answer is C. virtual interface IP. For guests to reach a Web Authentication Redirect page while blocking web management traffic to the controller, guest client HTTPS traffic must be allowed to a specific IP address that does not interfere with management access. The virtual interface IP on a Cisco Wireless LAN Con

Device Hardening

Question

An engineer must implement a CPU ACL that blocks web management traffic to the controller, but they also must allow guests to r a h a Web Authentication Redirect page. To which IP address is guest client HTTPS traffic allowed for this to work?

Options

  • Acontroller management IP
  • BDNS server IP
  • Cvirtual interface IP
  • DClient interface IP

How the community answered

(65 responses)
  • A
    8% (5)
  • B
    3% (2)
  • C
    78% (51)
  • D
    11% (7)

Explanation

For guests to reach a Web Authentication Redirect page while blocking web management traffic to the controller, guest client HTTPS traffic must be allowed to a specific IP address that does not interfere with management access. The virtual interface IP on a Cisco Wireless LAN Controller serves as a DHCP relay and is used for web authentication processes. Therefore, allowing HTTPS traffic to this IP enables guests to reach the redirect page without granting them access to manage the controller.

Topics

#CPU ACL#web authentication redirect#virtual interface#guest HTTPS

Community Discussion

No community discussion yet for this question.

Full 300-430 Practice