HPE Aruba Certified Mobility Associate (ACMA) — Question 36

A customer needs a solution to terminate VPN tunnels for Aruba RAPs. The customer has a single site and a single public IP address for this purpose. Network address translation (NAT) will forward the IPsec traffic to the correct device to terminate the VPN tunnel. The customer also requires N+1 redundancy for the solution. Which solution meets the customer requirements?

Answer options

• A. two Aruba MCs on the same subnet that use VRRP without clustering
• B. two Aruba MCs deployed as a Layer 3 cluster
• C. two Aruba MCs on different subnets that use VRRP without clustering
• D. two Aruba MCs deployed as a Layer 2 cluster

Correct answer: B

Explanation

The correct answer is B because deploying two Aruba MCs as a Layer 3 cluster provides the necessary redundancy and allows for efficient handling of IPsec traffic through a single public IP. Option A does not provide clustering, which is essential for N+1 redundancy, while options C and D do not meet the requirement for proper NAT and redundancy, with C being on different subnets and D using Layer 2 which is not suitable for this scenario.