HPE Aruba Certified ClearPass Associate (ACCA) — Question 3

A customer wants to implement Virtual IP redundancy, such that in case of a ClearPass server outage, 802.1x authentications will not be interrupted. The administrator has enabled a single Virtual IP address on two ClearPass servers.
Which statements accurately describe next steps? (Select two.)

Answer options

• A. The NAD should be configured with the primary node IP address for RADIUS authentication on the 802.1x network.
• B. A new Virtual IP address should be created for each NAD.
• C. Both the primary and secondary nodes will respond to authentication requests sent to the Virtual IP address when the primary node is active.
• D. The primary node will respond to authentication requests sent to the Virtual IP address when the primary node is active.
• E. The NAD should be configured with the Virtual IP address for RADIUS authentications on the 802.1x network.

Correct answer: D, E

Explanation

The correct answers, D and E, are accurate because when the primary node is active, only it responds to authentication requests sent to the Virtual IP, while the NAD should be configured with the Virtual IP for RADIUS authentications. Options A and B are incorrect since using the primary node's IP address or creating separate Virtual IPs for each NAD does not ensure redundancy and could lead to service interruptions.