Cisco Cisco Packet Data Gateway (PDG) Guia De Resolução De Problemas
CoA, RADIUS DM, and Session Redirection (Hotlining)
▀ RADIUS Change of Authorization and Disconnect Message
▄ Cisco ASR 5000 Series Enhanced Feature Configuration Guide
OL-22983-01
RADIUS Change of Authorization and Disconnect Message
This section describes how the system implements CoA and DM RADIUS messages and how to configure the system to
use and respond to CoA and DM messages.
use and respond to CoA and DM messages.
CoA Overview
The system supports CoA messages from the AAA server to change data filters associated with a subscriber session.
The CoA request message from the AAA server must contain attributes to identify NAS and the subscriber session and a
data filter ID for the data filter to apply to the subscriber session. The filter-id attribute (attribute ID 11) contains the
name of an Access Control List (ACL). For detailed information on configuring ACLs, refer to the IP Access Control
Lists chapter.
The CoA request message from the AAA server must contain attributes to identify NAS and the subscriber session and a
data filter ID for the data filter to apply to the subscriber session. The filter-id attribute (attribute ID 11) contains the
name of an Access Control List (ACL). For detailed information on configuring ACLs, refer to the IP Access Control
Lists chapter.
If the system successfully executes a CoA request, a CoA-ACK message is sent back to the RADIUS server and the data
filter is applied to the subscriber session. Otherwise, a CoA-NAK message is sent with an error-cause attribute without
making any changes to the subscriber session.
filter is applied to the subscriber session. Otherwise, a CoA-NAK message is sent with an error-cause attribute without
making any changes to the subscriber session.
Important:
Changing ACL and rulebase together in a single CoA is not supported. For this, two separate CoA
requests can be sent through AAA server requesting for one attribute change per request.
DM Overview
The DM message is used to disconnect subscriber sessions in the system from a RADIUS server. The DM request
message should contain necessary attributes to identify the subscriber session. If the system successfully disconnects the
subscriber session, a DM-ACK message is sent back to the RADIUS server, otherwise, a DM-NAK message is sent
with proper error reasons.
message should contain necessary attributes to identify the subscriber session. If the system successfully disconnects the
subscriber session, a DM-ACK message is sent back to the RADIUS server, otherwise, a DM-NAK message is sent
with proper error reasons.
Enabling CoA and DM
To enable RADIUS Change of Authorization and Disconnect Message:
Step 1
Enable the system to listen for and respond to CoA and DM messages from the RADIUS server as described in the
Enabling CoA and DM section.
Enabling CoA and DM section.
Step 2
Save your configuration as described in the Verifying and Saving Your Configuration chapter.
Step 3
View CoA and DM message statistics as described in the Viewing CoA and DM Statistics section.
Important:
Commands used in the configuration examples in this section provide base functionality to the extent
that the most common or likely commands and/or keyword options are presented. In many cases, other optional