Implementing Cisco Enterprise Wireless Networks (ENWLSI) — Question 104

A corporation has employees working from their homes. A wireless engineer must connect 1810 OEAP at remote teleworker locations. All configuration has been completed on the controller side, but the network readiness is pending. Which two configurations must be performed on the firewall to allow the AP to join the controller? (Choose two.)

Answer options

• A. Block UDP ports 1812 and 1813 on the firewall.
• B. Enable NAT Address on the 5520 with an Internet-routable IP address.
• C. Configure a static IP on the OEAP 1810.
• D. Allow UDP ports 5246 and UDP port 5247 on the firewall.
• E. Allow UDP ports 12222 and 12223 on the firewall.

Correct answer: B, D

Explanation

The correct answer is B and D because enabling NAT with an Internet-routable IP address allows the AP to communicate properly with the controller, and allowing UDP ports 5246 and 5247 is essential for the CAPWAP control and data tunnels. The other options either block necessary traffic or are not required configurations for the AP to join the controller.