CCIE Wireless Written Exam: Differentiating User Authentication Requests | Cisco WLC Attributes

Differentiating User Authentication Requests with Cisco WLC Attributes

Q: Which two IETF RADIUS attributes the Cisco WLC can be used to differentiate authentication requests based on the user location? (Choose two.)

RADIUS attribute [32] NAS-IdentifierRADIUS attribute [31] Calling-Station-Id

Prev Question Next Question

Question

Which two IETF RADIUS attributes the Cisco WLC can be used to differentiate authentication requests based on the user location? (Choose two.)

Answers

A. RADIUS attribute [95] NAS-IPv6-Address

B. RADIUS attribute [32] NAS-Identifier

C. RADIUS attribute [303] Source-IP

D. RADIUS attribute [31] Calling-Station-Id

E. RADIUS attribute [4] NAS-IP-Address

F. RADIUS attribute [30] Called-Station-id.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E. F.

BD.

The Cisco Wireless LAN Controller (WLC) can use RADIUS (Remote Authentication Dial-In User Service) attributes to differentiate authentication requests based on the user location. RADIUS is a client/server protocol that provides centralized authentication, authorization, and accounting management for users who connect and use network services.

The two IETF (Internet Engineering Task Force) RADIUS attributes that can be used by the Cisco WLC to differentiate authentication requests based on the user location are:

RADIUS attribute [32] NAS-Identifier: This attribute identifies the network access server (NAS) that is requesting authentication from the RADIUS server. The NAS-Identifier is typically set to the hostname or IP address of the WLC. This attribute can be used to differentiate authentication requests based on the location of the WLC. For example, if an organization has multiple WLCs in different geographic locations, the NAS-Identifier can be used to differentiate authentication requests from each location.
RADIUS attribute [4] NAS-IP-Address: This attribute identifies the IP address of the NAS that is requesting authentication from the RADIUS server. The NAS-IP-Address is typically set to the IP address of the WLC. This attribute can be used to differentiate authentication requests based on the location of the WLC. For example, if an organization has multiple WLCs in different geographic locations, the NAS-IP-Address can be used to differentiate authentication requests from each location.

The other answer options provided are not relevant to differentiating authentication requests based on user location. RADIUS attribute [95] NAS-IPv6-Address is used to specify the IPv6 address of the NAS. RADIUS attribute [303] Source-IP is used to specify the source IP address of the packet. RADIUS attribute [31] Calling-Station-Id is used to specify the phone number or MAC address of the caller. RADIUS attribute [30] Called-Station-id is used to specify the phone number or MAC address of the called party.

Prev Question Next Question