nerdexam
Cisco

350-701 · Question #339

An administrator is adding a new switch onto the network and has configured AAA for network access control. When testing the configuration, the RADIUS authenticates to Cisco ISE but is being rejected.

The correct answer is A. Only requests that originate from a configured NAS IP are accepted by a RADIUS server. When the Radius policy is configured on the radius server, to prevent unauthorized devices from matching the policy, NAS IP can be specified within the policy.

Submitted by kwame.gh· Mar 30, 2026Secure Network Access, Visibility, and Enforcement

Question

An administrator is adding a new switch onto the network and has configured AAA for network access control. When testing the configuration, the RADIUS authenticates to Cisco ISE but is being rejected. Why is the ip radius source-interface command needed for this configuration?

Options

  • AOnly requests that originate from a configured NAS IP are accepted by a RADIUS server
  • BThe RADIUS authentication key is transmitted only from the defined RADIUS source interface
  • CRADIUS requests are generated only by a router if a RADIUS source interface is defined.
  • DEncrypted RADIUS authentication requires the RADIUS source interface be defined

How the community answered

(39 responses)
  • A
    79% (31)
  • B
    10% (4)
  • C
    3% (1)
  • D
    8% (3)

Explanation

When the Radius policy is configured on the radius server, to prevent unauthorized devices from matching the policy, NAS IP can be specified within the policy.

Topics

#AAA#RADIUS configuration#Cisco ISE#Network Access Control

Community Discussion

No community discussion yet for this question.

Full 350-701 Practice