Users Guide

Security Commands 944

By default, RADIUS CoA disable host port requests are honored.

Command Mode

Global Configuration mode

User Guidelines

A RADIUS CoA bounce host port command disables the port for 10 seconds

by bringing the link down and then re-enables the port. The authentication

command bounce-port ignore disables processing of bounce host port CoA

requests and effectively prevents a link flap on the requested RADIUS

authenticated port. A link flap may cause the connected devices to restart the

DHCP address assignment and configuration process.

If a valid and authenticated bounce port request is received from a configured

CoA client and the session cannot be found, the switch returns a CoA-NAK

message with the 503 Session Context Not Found response code. If a valid

and authenticated request is received from a configured CoA client and the

bounce port capability is administratively disabled, a CoA-NAK response is

returned with 501 Administratively Prohibited response code.

A RADIUS CoA disable host port command administratively disables the

port. A RADIUS CoA disabled port requires administrative intervention to re-

enable the port using the no shutdown command. The authentication

command disable-port ignore disables processing of the CoA disable port

request.

If a valid and authenticated disable host port request is received from a

configured CoA client and the session cannot be found, the switch returns a

CoA-NAK message with the 503 Session Context Not Found response code.

If a valid and authenticated request is received from a configured CoA client

and the disable host port capability is administratively disabled, a CoA-NAK

response is returned with 501 Administratively Prohibited response code.

Command History

Syntax added in version 6.6 firmware.

Example

The following example sets the switch to ignore CoA bounce host port

commands.