Cisco Catalyst 2960 Software Configuration Manual page 236
Hide thumbs
Also See for Catalyst 2960:
- Configuration manual (2288 pages) ,
- Command reference manual (800 pages) ,
- Hardware installation manual (108 pages)
Table of Contents
Advertisement
Controlling Switch Access with RADIUS
Table 9-3
Value
501
502
503
504
505
506
507
508
Preconditions
To use the CoA interface, a session must already exist on the switch. CoA can be used to identify a
session and enforce a disconnect request. The update affects only the specified session.
CoA Request Response Code
The CoA Request response code can be used to convey a command to the switch. The supported
commands are listed in
Session Identification
For disconnect and CoA requests targeted at a particular session, the switch locates the session based on
one or more of the following attributes:
•
•
•
Unless all session identification attributes included in the CoA message match the session, the switch
returns a Disconnect-NAK or CoA-NAK with the Invalid Attribute Value error-code attribute.
For disconnect and CoA requests targeted to a particular session, any one of these session identifiers can
be used:
•
•
•
If more than one session identification attribute is included in the message, all the attributes must match
the session or the switch returns a Disconnect- negative acknowledgement (NAK) or CoA-NAK with the
error code Invalid Attribute Value.
The packet format for a CoA Request code as defined in RFC 5176 consists of the fields: Code,
Identifier, Length, Authenticator, and Attributes in Type:Length:Value (TLV) format.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Catalyst 2960 and 2960-S Switches Software Configuration Guide, Release 15.0(1)SE
9-22
Error-Cause Values (continued)
Explanation
Administratively Prohibited
Request Not Routable (Proxy)
Session Context Not Found
Session Context Not Removable
Other Proxy Processing Error
Resources Unavailable
Request Initiated
Multiple Session Selection Unsupported
Table 9-4 on page
Calling-Station-Id (IETF attribute 31 which contains the host MAC address)
Audit-Session-Id (Cisco VSA)
Acct-Session-Id (IETF attribute 44)
Calling-Station-ID (IETF attribute 31, which should contain the MAC address)
Audit-Session-ID (Cisco vendor-specific attribute)
Accounting-Session-ID (IETF attribute 44).
0
1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Chapter 9
9-23.
2
Configuring Switch-Based Authentication
3
OL-26520-01
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
