A coffee shop offering free Internet service to customers wants to implement the following security
policies:
1. Every customer must agree to a set of terms and conditions before accessing the Internet.
2. Log out customers that are logged in for more than one hour.
3. Log out customers that are idle for more than 5 minutes.
4. Authenticate employee desktop computers with known hardware addresses in the office of the
coffee shop to access the Internet without the above restrictions.
The following configuration has been applied to the switch:
set access radius-server 172.16.14.26 port 1812
set access radius-server 172.16.14.26 secret Am@zingC00f33
set access profile dot1x authentication-order radius
set access profile dot1x radius authentication-server 172.27.14.226
What would you add to implement these policies?
A.
set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple
set protocols dot1x authenticator interface ge-0/0/12.0 mac-radius
set protocols dot1x authenticator authentication-profile-name dot1x
set services captive-portal authentication-profile-name dot1x
set services captive-portal interface ge-0/0/12.0
set services captive-portal secure-authentication https
set services captive-portal custom-options header-message “Welcome to Our Coffee Shop”
set services captive-portal custom-options banner-message “Terms and Conditions of Use”
B.
set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple
set protocols dot1x authenticator authentication-profile-name dot1x
set services captive-portal authentication-profile-name dot1x
set services captive-portal interface ge-0/0/12.0
set services captive-portal secure-authentication https
set services captive-portal custom-options header-message “Welcome to Our Coffee Shop”
set services captive-portal custom-options banner-message “Terms and Conditions of Use”
C.
set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple
set protocols dot1x authenticator interface ge-0/0/12.0 mac-radius
set protocols dot1x authenticator authentication-profile-name dot1x
set services captive-portal authentication-profile-name dot1x
set services captive-portal interface ge-0/0/12.0
set services captive-portal interface ge-0/0/12.0 idle-timeout 300
set services captive-portal interface ge-0/0/12.0 user-timeout 3600
set services captive-portal secure-authentication https
set services captive-portal custom-options header-message “Welcome to Our Coffee Shop”
set services captive-portal custom-options banner-message “Terms and Conditions of Use”
D.
set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple
set protocols dot1x authenticator interface ge-0/0/12.0 mac-radius
set protocols dot1x authenticator interface ge-0/0/12.0 idle-timeout 300
set protocols dot1x authenticator interface ge-0/0/12.0 user-timeout 3600
set protocols dot1x authenticator authentication-profile-name dot1x
set services captive-portal authentication-profile-name dot1x
set services captive-portal interface ge-0/0/12.0
set services captive-portal secure-authentication https
set services captive-portal custom-options header-message “Welcome to Our Coffee Shop”
set services captive-portal custom-options banner-message “Terms and Conditions of Use”
Correct answer seems A, but could be correct also D answer ?
Are Idle-timeout do 300 and user-timeout 3600 sec default parameters ?
default timer… correct A
It seems correct A