Monitoring And Troubleshooting Coa Functionality; Configuring Radius Server Load Balancing - Cisco Catalyst 2960 Software Configuration Manual
Hide thumbs
Also See for Catalyst 2960:
- Configuration manual (2288 pages) ,
- Command reference manual (800 pages) ,
- Hardware installation manual (108 pages)
Table of Contents
Advertisement
Controlling Switch Access with RADIUS
Command
Step 8
ignore session-key
Step 9
ignore server-key
Step 10
authentication command bounce-port
ignore
Step 11
authentication command disable-port
ignore
Step 12
end
Step 13
show running-config
Step 14
copy running-config startup-config
To disable AAA, use the no aaa new-model global configuration command. To disable the AAA server
functionality on the switch, use the no aaa server radius dynamic authorization global configuration
command.
Monitoring and Troubleshooting CoA Functionality
Use these Cisco IOS commands to monitor and troubleshoot CoA functionality on the switch:
•
•
•
•
•
•
Configuring RADIUS Server Load Balancing
This feature allows access and authentication requests to be evenly across all RADIUS servers in a server
group. For more information, see the "RADIUS Server Load Balancing" chapter of the Cisco IOS
Security Configuration Guide:
http://www.ciscosystems.com/en/US/docs/ios/12_2sb/feature/guide/sbrdldbl.html
Catalyst 2960 and 2960-S Switches Software Configuration Guide, Release 15.0(1)SE
9-40
Purpose
(Optional) Configure the switch to ignore the session-key.
For more information about the ignore command, see the
Intelligent Services Gateway Command Reference
(Optional) Configure the switch to ignore the server-key.
For more information about the ignore command, see the
Intelligent Services Gateway Command Reference
(Optional) Configure the switch to ignore a CoA request to temporarily
disable the port hosting a session. The purpose of temporarily disabling
the port is to trigger a DHCP renegotiation from the host when a VLAN
change occurs and there is no supplicant on the endpoint to detect the
change.
(Optional) Configure the switch to ignore a nonstandard command
requesting that the port hosting a session be administratively shut down.
Shutting down the port results in termination of the session.
Use standard CLI or SNMP commands to re-enable the port.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
debug radius
debug aaa coa
debug aaa pod
debug aaa subsys
debug cmdhd [detail | error | events]
show aaa attributes protocol radius
Chapter 9
Configuring Switch-Based Authentication
on Cisco.com.
on Cisco.com.
Cisco IOS
Cisco IOS
OL-26520-01
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
