Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N2100 Series
301302303304305306307308309310
Authentication, Authorization, and Accounting 301
42 – Disconnect-NAK
A CoA Disconnect-Request terminates the session without disabling the
switch port. Instead, a CoA Disconnect-Request termination causes
reinitialization of the authenticator state machine for the specified host.
A CoA bounce host port request disables the port for 10 seconds. The bounce
host port is requested using the proprietary AVPair subscriber:command=
bounce-host-port. The switch may be configured to ignore bounce host port
requests using the authentication command bounce-port ignore command.
A CoA disable host port request disables the port. The operator must re-
enable the port via the UI or configure errdisable recovery for the authmgr
cause. The disable host port is requested using the proprietary AVPair
subscriber:command=disable-host-port. The switch may be configured to
ignore disable host port requests using the authentication command disable-
port ignore command.
The CoA re-authenticate request re-authenticates the identified session. If
the session is unable to successfully authenticate, it is terminated. The re-
authenticate session action is requested using the proprietary AVPair
subscriber:command=reauthenticate.
Any authentication host mode can be configured for 802.1X sessions in
conjunction with CoA. If the session cannot be located, the device returns a
Disconnect-NAK message with the Session Context Not Found error-cause
attribute. If the session is located, the device performs the requested action
on the interface or 802.1X session. After the action has been performed, the
device returns a Disconnect-ACK message. The attributes returned within a
CoA ACK can vary based on the CoA Request.
The administrator can configure whether all or any of the session attributes
are used to identify a client session. If all is configured, all session
identification attributes included in the CoA-Request/Disconnect-Request
must match a session or the device returns a Disconnect-NAK or CoA-NAK
with the Invalid Attribute Value error-code attribute. All attributes in the
CoA-Request/Disconnect-Request are treated as mandatory attributes,
except Acct-Terminate-Cause. Unsupported attributes generate a
Disconnect-NAK with error-cause Unsupported Service.
Dell EMC Networking N-Series switches support the following attributes in
responses:
User-Name (IETF attribute #1)