Name: Cisco Catalyst 3560-X
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

1-22

Catalyst 3750-X and 3560-X Switch Software Configuration Guide

OL-25303-03

Chapter 1 Configuring Switch-Based Authentication

Controlling Switch Access with RADIUS

Preconditions

To use the CoA interface, a session must already exist on the switch. CoA can be used to identify a

session and enforce a disconnect request. The update affects only the specified session.

CoA Request Response Code

The CoA Request response code can be used to convey a command to the switch. The supported

commands are listed in Table 1-4 on page 1-23.

Session Identification

For disconnect and CoA requests targeted at a particular session, the switch locates the session based on

one or more of the following attributes:

• Calling-Station-Id (IETF attribute #31 which contains the host MAC address)

• Audit-Session-Id (Cisco VSA)

• Acct-Session-Id (IETF attribute #44)

Unless all session identification attributes included in the CoA message match the session, the switch

returns a Disconnect-NAK or CoA-NAK with the “Invalid Attribute Value” error-code attribute.

For disconnect and CoA requests targeted to a particular session, any one of the following session

identifiers can be used:

• Calling-Station-ID (IETF attribute #31, which should contain the MAC address)

• Audit-Session-ID (Cisco vendor-specific attribute)

• Accounting-Session-ID (IETF attribute #44).

If more than one session identification attribute is included in the message, all the attributes must match

the session or the switch returns a Disconnect- negative acknowledgement (NAK) or CoA-NAK with the

error code “Invalid Attribute Value.”

The packet format for a CoA Request code as defined in RFC 5176 consists of the fields: Code,

Identifier, Length, Authenticator, and Attributes in Type:Length:Value (TLV) format.

0 1 2 3

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

| Code | Identifier | Length |

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

| |

| Authenticator |

| |

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

| Attributes ...

+-+-+-+-+-+-+-+-+-+-+-+-+-

The attributes field is used to carry Cisco VSAs.

507 Request Initiated

508 Multiple Session Selection Unsupported

Table 1-3 Error-Cause Values (continued)

Value Explanation

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 3560-X and is the answer not in the manual?

Cisco Catalyst 3560-X Specifications

General

Enclosure Type	Rack-mountable - 1U
Subtype	Gigabit Ethernet
Ports	48 x 10/100/1000 + 4 x SFP
Flash Memory	64 MB
Power Device	Internal power supply
Voltage Required	AC 120/230 V (50/60 Hz)
Operating System	Cisco IOS
Device Type	Switch
Performance	Switching capacity: 128 Gbps
Jumbo Frame Support	Yes
Routing Protocol	RIP-1, RIP-2, EIGRP
Remote Management Protocol	SNMP 1, RMON 1, RMON 2, RMON 3, RMON 9, Telnet, SNMP 3, HTTP, HTTPS
Features	DHCP support, VLAN support, QoS, IPv6 support, Syslog
Compliant Standards	IEEE 802.3, IEEE 802.3u, IEEE 802.3z, IEEE 802.1D, IEEE 802.1Q, IEEE 802.3ab, IEEE 802.1p, IEEE 802.3af, IEEE 802.3x, IEEE 802.3ad, IEEE 802.1w, IEEE 802.1x, IEEE 802.1s, IEEE 802.3ah, IEEE 802.1ag, IEEE 802.3at
Stacking	Stackable
Security Features	SSH, RADIUS, TACACS+
Management	CLI
Dimensions (H x W x D)	17.5 in
Operating Temperature	32 to 113 °F (0 to 45 °C)
Humidity	10 - 95% (non-condensing)