An administrator will be implementing tunneling between AOS-CX switches and Aruba gateways. Which list of protocols must minimally be allowed by an intermediate firewall between two sets of devices?
An administrator will be implementing tunneling between AOS-CX switches and Aruba gateways. Which list of protocols must minimally be allowed by an intermediate firewall between two sets of devices?
To implement tunneling between AOS-CX switches and Aruba gateways, the following protocols must minimally be allowed by an intermediate firewall: PAPI on UDP port 8211 and GRE on IP protocol 47. These protocols handle the necessary communication and tunneling requirements specific to this setup.
Correct Answer: C ACSP Study Guide Page 788 - Allow the following protocols/ports - PAPI: UDP 8211 - GRE: Protocoll 47
C is correct: PAPI and GRE are used. See Implementing ArubaOS-CX Switching Rev 20.21, page 164
- PAPI: UDP 8211 - GRE: Protocoll 47
B must be minimal IPsec (UDP ports 500 and 4500) and ESP (protocol 50). PAPI between a master and a local controlleris encapsulated in IPsec
And whats that relation between minimal and IPsec that you are trying to uncover?
C correct
Pages 753 Study Guide Enable GRE on IP protocol 47 and PAPI on UDP port 8211. [Aruba Networks]
From ACSP learning book Dynamic segmentation : "if any firewall or network infrastructure devices with ACLs are in the path, they must allow GRE and PAPI traffic. Enable GRE on IP protocol 47 and PAPI on UDP port 8211"