An administrator creates a user role that department A in a company uses. Various other roles exist for other departments. All employees connect to the same
ESSID, which authenticates to an external AAA server.
How should the administrator configure the controller to assign the appropriate roles to the employees?
In this scenario, the administrator needs to assign specific roles to employees based on which department they belong to, even though they all connect to the same ESSID and authenticate via an external AAA server. The appropriate way to achieve this is by implementing server-derived roles. These roles can be assigned dynamically based on attributes returned by the authentication server or client attributes, allowing for the correct role to be assigned to each employee based on the department they are in.
An administrator implements two redundant Aruba Mobility Masters (MMs). Which protocol should the administrator use to detect a failure in a single subnet?
The Virtual Router Redundancy Protocol (VRRP) is used to provide automatic assignment of available IP routers to participating hosts, which helps in detecting failures within a single subnet. For redundant Aruba Mobility Masters, VRRP is the appropriate protocol to use in order to detect a failure.
An administrator creates new pre- and post-authentication roles for a new WLAN. For which profile should the administrator assign these new roles under the
Managed Network section?
An administrator should assign the new pre- and post-authentication roles under the AAA profile in the Managed Network section. The AAA (Authentication, Authorization, and Accounting) profile is the correct place to configure roles that dictate what actions users can perform before and after they authenticate to the network. This profile deals with the rules and policies that govern user access and authentication procedures.
Which forwarding mode is used for a WLAN if a RAP needs to decrypt all user traffic and forward it locally?
If a Remote Access Point (RAP) needs to decrypt all user traffic and forward it locally, the correct forwarding mode is 'Decrypt-tunnel'. In Decrypt-tunnel mode, the RAP terminates the secure tunnel, decrypts the user traffic, and then forwards the traffic according to local routing rules. This allows the RAP to process and manage the traffic locally while maintaining security.
A company opens a new branch office and a RAP is used to connect to a corporate office Aruba Mobility Controller (MC). The company needs to provide connectivity to the office across the street. There is an AP across the street. However, there is no wired connectivity between the buildings.
Which actions can the administrator select to provide the required connectivity? (Choose two.)
To provide the required connectivity between the branch office and the office across the street without wired connectivity, one can provision the RAP as a Remote Mesh Portal. This will enable the RAP to act as a central point for the mesh network. Additionally, implementing one of the APs as a Mesh Point will allow it to connect wirelessly to the Remote Mesh Portal, thereby extending network connectivity to the office across the street.