Filter
Top Products
13-18
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 13 Managing Reports
Working with Catalog Reports
Enabling RADIUS CoA Options on a Device
To view all the RADIUS Active Session reports you have to enable RADIUS CoA options on the device.
To configure the RADIUS CoA options:
Step 1 Configure MAB, 802.1X and Web Authentication on the NAD against ACS RADIUS Server.
Step 2 Configure CoA on the NAD as follows, which is connected to the supplicant.
aa server radius dynamic-author
client {<ip_addr> - <name>} [vrf <vrfname>] [server-key<string>]
server-key [0 - 7] <string>
port <port-num>
auth-type {any - all - session-key}
ignore session-key
ignore server-key
Step 3 Configure the authentication order (Flex-Auth).
Changing Authorization and Disconnecting Active RADIUS Sessions
Note Some of the NADs in your deployment do not send an Accounting Stop or Accounting Off packet after
a reload. As a result of this, you might find two sessions in the Session Directory reports, one of which
has expired. Hence, when you want to dynamically change the authorization of an active RADIUS
session or disconnect an active RADIUS session, ensure that you always choose the most recent session.
To change authorization or disconnect an active RADIUS session:
Step 1 Run the RADIUS Active Sessions report under Session Directory.
See Running Catalog Reports, page 13-11 for information on how to run a RADIUS Active Sessions
report.
A report similar to the one shown in Figure 13-2 appears.