Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1000
Views
1
Helpful
2
Replies

SNMP CoA in third party NAD documentation

Go to solution
rovargas
Cisco Employee
Cisco Employee

‎07-10-2017 01:43 AM

Hi,


According to our famous Cisco Identity Services Engine Network Component Compatibility, Release 2.2 - Cisco we do require Radius CoA for many functions:

Whouldn't it be more accurate to say that we require CoA instead of Radius CoA? We now have SNMP CoA.

Regards

Roman

1 Accepted Solution

Accepted Solutions

Go to solution
Craig Hyps
Level 10
Level 10
In response to rovargas

‎07-10-2017 03:33 AM

In general, that is correct, but not all flows and use cases that entail CoA have been validated using SNMP such as MDM, TrustSec, and ANC operations.   Also, due to the fact that SNMP CoA does not allow for a "soft" reauth or push, the client connection is typically disruptive (port shut/no shut) and relies on what I termed "session stitching" to bind the pre- and post-CoA sessions.  This logic is linked to specific flows.

Similarly, URL Redirection with walled garden approach was not validated for all redirect flows (more specifically MDM) but that is more of a test exercise since the basic principles should apply to any session that requires redirection.

/Craig

View solution in original post

0 Helpful
2 Replies 2

Go to solution
rovargas
Cisco Employee
Cisco Employee

‎07-10-2017 01:46 AM

BTW, the same applies to URL Redirect with the Walled Garden approach...

0 Helpful

Go to solution
Craig Hyps
Level 10
Level 10
In response to rovargas

‎07-10-2017 03:33 AM

In general, that is correct, but not all flows and use cases that entail CoA have been validated using SNMP such as MDM, TrustSec, and ANC operations.   Also, due to the fact that SNMP CoA does not allow for a "soft" reauth or push, the client connection is typically disruptive (port shut/no shut) and relies on what I termed "session stitching" to bind the pre- and post-CoA sessions.  This logic is linked to specific flows.

Similarly, URL Redirection with walled garden approach was not validated for all redirect flows (more specifically MDM) but that is more of a test exercise since the basic principles should apply to any session that requires redirection.

/Craig

0 Helpful
Customers Also Viewed These Support Documents