Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3757
Views
1
Helpful
1
Replies

CoA port bounce vs CoA Session termination with Port Bounce

A.Manoj
Level 1
Level 1

‎03-11-2020 08:05 AM

Hello All - I would like to understand the functionality of each CoA type available for a live session. The ISE live logs as wells as the tcpdump has specific CiscoAVpair messages associated to each type. Here are my findings,

 

CoA Session Reauthcommand=reauthenticate
CoA Session termination with Port Shutdown

command=disable-host-port

 

 

I would like to understand the functional difference between the CoA port bounce and CoA Session termination with Port Bounce as it has same CiscoAVPair attribute 'command=bounce-host-port'. When I attempt to do both CoA, it creates a new session for the endpoint.

 

Also it would be helpful if anyone explains the usage of CoA SAnet Session Query. Thank you!

Preview file
13 KB
0 Helpful
1 Reply 1

Cristian Matei
VIP Alumni
VIP Alumni

‎03-11-2020 12:33 PM

Hi,

 

   This document should be self explanatory; note that some commands don't work in all environments, although not documented, but it's common sense. Like for example, bounce port will not work for a WiFi device, as there is no dedicate port to bounce.

 

https://www.cisco.com/en/US/docs/ios-xml/ios/san/configuration/15-e/san-coa-supp.html


Regards,

Cristian Matei.

Customers Also Viewed These Support Documents