Configuring Coa On The Switch - Cisco IE-4000 Software Configuration Manual

Configuring Switch-Based Authentication
How to Configure Switch-Based Authentication
Command
5. radius-server deadtime minutes
6. radius-server vsa send [accounting |
authentication]
7. end
Configuring the Switch for Vendor-Proprietary RADIUS Server Communication
Command
1. configure terminal
2. radius-server host {hostname | ip-address} non-standard
3. radius-server key string
4. end
5. show running-config
6. copy running-config startup-config

Configuring CoA on the Switch

Command
1. configure terminal
2. aaa new-model
3. aaa server radius dynamic-author
Purpose
Specifies the number of minutes a RADIUS server, which is not responding
to authentication requests, to be skipped, thus avoiding the wait for the
request to timeout before trying the next configured server. The default is
0; the range is 1 to 1440 minutes.
Enables the switch to recognize and use VSAs as defined by RADIUS IETF
attribute 26.

(Optional) accounting—Limits the set of recognized vendor-specific
attributes to only accounting attributes.

(Optional) authentication—Limits the set of recognized
vendor-specific attributes to only authentication attributes.
If you enter this command without keywords, both accounting and
authentication vendor-specific attributes are used.
Returns to privileged EXEC mode.
Purpose
Enters global configuration mode.
Specifies the IP address or hostname of the remote
RADIUS server host and identifies that it is using a
vendor-proprietary implementation of RADIUS.
Specifies the shared secret text string used between
the switch and the vendor-proprietary RADIUS
server. The switch and the RADIUS server use this
text string to encrypt passwords and exchange
responses.
Note:
encryption key used on the RADIUS server. Leading
spaces are ignored, but spaces within and at the end
of the key are used. If you use spaces in your key, do
not enclose the key in quotation marks unless the
quotation marks are part of the key.
Returns to privileged EXEC mode.
Verifies your settings.
(Optional) Saves your entries in the configuration file.
Purpose
Enters global configuration mode.
Enables AAA.
Configures the switch as an authentication, authorization, and accounting
(AAA) server to facilitate interaction with an external policy server.
177
The key is a text string that must match the