In a remote-office rollout with VLANs 100 (mgmt), 200 (clients), and 300 (guests), which port-access configuration correctly enables AP onboarding?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the HPE Aruba Networking Certification. Enhance your skills with interactive quiz formats, detailed explanations, and valuable study resources. Ensure you're ready for the exam!

Multiple Choice

In a remote-office rollout with VLANs 100 (mgmt), 200 (clients), and 300 (guests), which port-access configuration correctly enables AP onboarding?

Explanation:
The essential idea is to use port-access to automatically onboard Aruba APs by recognizing their model (via LLDP/system description), assign them to an onboarding group and role, and place them on the correct VLANs for management and data traffic. For remote-office AP onboarding, the port must be a trunk carrying the management VLAN as native and allowing the client and guest VLANs to be tagged, so the AP can obtain its management IP on the native VLAN and carry user traffic on the other VLANs. In the correct configuration, AP models AP-515 and AP-575 are identified by their system descriptions, and the port is configured to trust DSCP marks for QoS, with the native VLAN set to 100 for management. Only the data VLANs are allowed on the trunk (200 and 300), so client and guest traffic can be tagged while management remains untagged on VLAN 100. The port-access policy ties the port to the IAP onboarding group and the IAP role, and the device-profile ensures the AP receives the proper onboarding behavior. The other options fail because they either misconfigure the native VLAN or the trunk’s allowed VLANs (for example, listing the native VLAN among the allowed VLANs, or leaving the native VLAN unspecified), use the wrong trust method, or contain typos and inconsistent names for groups, roles, or LLDP associations.

The essential idea is to use port-access to automatically onboard Aruba APs by recognizing their model (via LLDP/system description), assign them to an onboarding group and role, and place them on the correct VLANs for management and data traffic. For remote-office AP onboarding, the port must be a trunk carrying the management VLAN as native and allowing the client and guest VLANs to be tagged, so the AP can obtain its management IP on the native VLAN and carry user traffic on the other VLANs.

In the correct configuration, AP models AP-515 and AP-575 are identified by their system descriptions, and the port is configured to trust DSCP marks for QoS, with the native VLAN set to 100 for management. Only the data VLANs are allowed on the trunk (200 and 300), so client and guest traffic can be tagged while management remains untagged on VLAN 100. The port-access policy ties the port to the IAP onboarding group and the IAP role, and the device-profile ensures the AP receives the proper onboarding behavior.

The other options fail because they either misconfigure the native VLAN or the trunk’s allowed VLANs (for example, listing the native VLAN among the allowed VLANs, or leaving the native VLAN unspecified), use the wrong trust method, or contain typos and inconsistent names for groups, roles, or LLDP associations.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy