Review the following truncated output from an Aruba controller for this item.
(example) #show rights logon
access-list List
—————-
Position Name Location
——– —- ——–
1 logon-control
2 captiveportal
logon-control
————-
Priority Source Destination Service Action
——– —— ———– ——- ——
1 user any udp 68 deny
2 any any svc-icmp permit
3 any any svc-dns permit
4 any any svc-dhcp permit
5 any any svc-natt permit
captiveportal
————-
Priority Source Destination Service Action
——– —— ———– ——- ——
1 user controller svc-https dst-nat 8081
2 user any svc-http dst-nat 8080
3 user any svc-https dst-nat 8081
4 user any svc-http-proxy1 dst-nat 8088
5 user any svc-http-proxy2 dst-nat 8088
6 user any svc-http-proxy3 dst-nat 8088
Based on the above output from an Aruba controller, an unauthenticated user assigned to the logon role attempts to start an http session to IP address 172.16.43.170.
What will happen?
A . the user’s traffic will be passed to the IP address because of the policy statement: user any svc-http dst-nat 8080
B . the user’s traffic will be passed to the IP address because of the policy statement: user any svc-https dst-nat 8081
C . the user’s traffic will be passed to the IP address because of the policy statement: user any svc-httpproxy1 dst-nat 8088
D . the user will not reach the IP address because of the policy statement: user any svc-http dst-nat 8080
E . the user will not reach the IP address because of the implicit deny any any at the end of the policy.
Answer: D
Leave a Reply