350-401 · Question #739
An engineer is configuring Local WebAuth on a Cisco Wireless LAN Controller. According to RFC 5737, WHICH VIRTUAL IP address must be used in this configuration?
The correct answer is A. 192.0.2.1. Local WebAuth Virtual IP Address Explanation Option A (192.0.2.1) is correct because RFC 5737 specifically reserves the 192.0.2.0/24 block (TEST-NET-1) for documentation and example purposes, and Cisco officially requires this address as the Virtual IP for Local WebAuth on a WLC
Question
Options
- A192.0.2.1
- B172.20.10.1
- C1.1.1.1
- D192.168.0.1
How the community answered
(20 responses)- A90% (18)
- C5% (1)
- D5% (1)
Explanation
Local WebAuth Virtual IP Address Explanation
Option A (192.0.2.1) is correct because RFC 5737 specifically reserves the 192.0.2.0/24 block (TEST-NET-1) for documentation and example purposes, and Cisco officially requires this address as the Virtual IP for Local WebAuth on a WLC - it acts as a "dummy" gateway that intercepts HTTP traffic to redirect unauthenticated clients to the login page.
Why the distractors are wrong:
- B (172.20.10.1) is a private RFC 1918 address from the 172.16.0.0/12 range, not an RFC 5737 reserved address
- C (1.1.1.1) is a publicly routable IP (used by Cloudflare DNS) and has no RFC 5737 designation
- D (192.168.0.1) is a common private/RFC 1918 address typically used for home routers, not defined in RFC 5737
Memory Tip: Think "192.0.2.1 = RFC 5737 = TEST-NET-1 = WLC WebAuth" - the "2" in 192.0.2.x can remind you it's the address Cisco chooses for its second-layer (Layer 2/3) web redirect trick. If you see RFC 5737 on the exam, always select the
192.0.2.xrange.
Topics
Community Discussion
No community discussion yet for this question.