350-701 · Question #339
An administrator is adding a new switch onto the network and has configured AAA for network access control. When testing the configuration, the RADIUS authenticates to Cisco ISE but is being rejected.
The correct answer is A. Only requests that originate from a configured NAS IP are accepted by a RADIUS server. When the Radius policy is configured on the radius server, to prevent unauthorized devices from matching the policy, NAS IP can be specified within the policy.
Question
An administrator is adding a new switch onto the network and has configured AAA for network access control. When testing the configuration, the RADIUS authenticates to Cisco ISE but is being rejected. Why is the ip radius source-interface command needed for this configuration?
Options
- AOnly requests that originate from a configured NAS IP are accepted by a RADIUS server
- BThe RADIUS authentication key is transmitted only from the defined RADIUS source interface
- CRADIUS requests are generated only by a router if a RADIUS source interface is defined.
- DEncrypted RADIUS authentication requires the RADIUS source interface be defined
How the community answered
(39 responses)- A79% (31)
- B10% (4)
- C3% (1)
- D8% (3)
Explanation
When the Radius policy is configured on the radius server, to prevent unauthorized devices from matching the policy, NAS IP can be specified within the policy.
Topics
Community Discussion
No community discussion yet for this question.