10-04-2017 01:05 AM
In session updates. Does the system update authorization attributes on re-authentication only (next networking session) or can the system support in-session updates of authorization attributes based on the conditions and access control rules set by IT?
Specifically, can the system support in-session updates:
-On client re-authentication?
-On client RADIUS accounting start or interim updates?
-On client roam to a new AP?
-On location change?
Solved! Go to Solution.
10-04-2017 11:08 AM
can you expand on what you mean for the "on-roaming"? We are using
WLC 8540
AP 3702E
AP 2802e
AP 3802i
AP1562E
10-04-2017 07:40 AM
Similar to your previous question...
On client reauthentication -- definitely
On RADIUS accountings -- not usually but possibly if an external system able to monitor the accounting info and then to issue CoA Using Change of Authorization REST APIs
On roaming -- this depends on how it is done by APs or controllers
On location change -- it would be a new authentication, if network devices changed. Besides that, ISE supports location-based authorization with Cisco MSE @ Supported Cisco Mobility Services Engine Release
10-04-2017 11:08 AM
can you expand on what you mean for the "on-roaming"? We are using
WLC 8540
AP 3702E
AP 2802e
AP 3802i
AP1562E
10-04-2017 12:22 PM
For wireless platform features, please ask the wireless product support teams.
If no fast roaming enabled, I believe the roaming will trigger re-auth. This CVD might provide more info:
802.11r, 802.11k, 802.11v, 802.11w Fast Transition Roaming
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide