ACMP-6.4 question 36 discussion

answered

The Aruba Policy Enforcement Firewall (PEF-NG) module supports destination network
address translation (dst-nat).
Which is the default use of this statement in an Aruba controller configuration?
A. source the IP addresses of users to specific IP address
B. redirect HTTP sessions to Captive Portal
C. redirect Access Points to another Aruba controller
D. provide a telnet connection to the controller
E. redirect a SSH session to terminate on the controller

Created 3 months, 1 week ago by PCLuis04

PCLuis04

This is wrong. The answer is A. Primary reason for a feature like this is to facilitate communication between devices especially during redundancy HA.

etherguy

Actually, this is correct. Without dst-nat, captive portal redirect wouldn't be possible. Since it's dst-nat, not src-nat, answer A doesn't fit at all.

Zemerick

This is SO misleading. A is definitely the technically correct answer. I understand captive portal wouldn't be possible, but either would DNAT!