No subject

[Alan DeKok]

On Nov 7, 2024, at 1:49 PM, Дмитрий Ахлестин <akhlestin.dmitry at yandex.ru> wrote:
> Hello, Freeradius users,

  There is no need to email me directly.  I read the list.

> I'm engineer who is developing support of 802.1x at network operation system(NOS) based at zebos/ocnos.
> At the moment my current task is to add support of CoA(change of authorization) requests from freeradius: disable exact port(make it notauthorize), restart exact port, re- authorization of user.
> But I have several problems and questions:
> 1. Do you know exact RFC which I can use for making my own(my vendor) CoA-Request message? I mean exact set up of TLV fields as u can see at attached example for cisco traffic.

  We're not going to look at zip files, they are not helpful.

  If you need to know what goes in a CoA-Request packet which is sent to a Cisco device, then read the Cisco documentation.

  If you want to invent your own attributes to go into a CoA-Request packet, then that won't work.  The reasons are too complex to explain in a short message.

> 2. How and what should I change at freeradius settings and configuration files that I could send such CoA request from freeradius to Authenticator?

  See sites-available/originate-coa.  This is documented.

  We are not going to give a step-by-step guide for configuring your exact system.  The Cisco documentation explains what the Cisco devices need in a CoA packet.   The FreeRADIUS documentation explains how to configure FreeRADIUS to send attributes.

  It's up to you to put those together.

> 3. Possible you have some examples of traffic which contains some CoA requests? Can you share it with me?

  Google.  Or, read the Cisco documentation.

  Alan DeKok.