This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ERS 35,36 trigger re-authentication

ERS 35,36 trigger re-authentication

Go to solution
TobiasW
New Contributor III

‎03-08-2021 04:33 PM

Hi guys,

can anyone help me with manual re-auth for Clients connected on ERS35 or 36?

I’m currently migrating NAC off Ignition towards Control, and I don’t really enjoy waiting until the re-auth timer passes and the switch sends an re-auth request to the new Radius Server (Control)…

“eap init re-authenticate” doesn’t work…

 

Has anyone an idea?

Thanks and BR

Tobias

 

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Miguel-Angel_RO
Valued Contributor II

‎03-09-2021 01:43 PM

Tobbias,

Reading again your post, the solution is to configure the ERS with the template mentionned in the post above concerning the re-auth server.

Configure the re-auth behaviour in Control and send a re-authentication command per client.

Mig

View solution in original post

0 Kudos
5 REPLIES 5

Go to solution
TobiasW
New Contributor III

‎04-01-2021 06:16 AM

Thanks for you answer, Mig !

0 Kudos

Go to solution
Miguel-Angel_RO
Valued Contributor II

‎03-09-2021 01:43 PM

Tobbias,

Reading again your post, the solution is to configure the ERS with the template mentionned in the post above concerning the re-auth server.

Configure the re-auth behaviour in Control and send a re-authentication command per client.

Mig

0 Kudos

Go to solution
Miguel-Angel_RO
Valued Contributor II

‎03-09-2021 01:40 PM

Tobbias,

Did you configured the CoA in IDE?

0ff32bdf3cc74bc5980cd161658cb326_67744f1d-6a7e-4f15-a2f1-cae6812fd303.png
0ff32bdf3cc74bc5980cd161658cb326_c6ded49b-ed5e-4670-9725-fdecde378b4f.png

I never tested it but you could maybe configure IDE as radius auth server and Control as CoA server as the settings for radius server and coa server are separate.

Mig

0 Kudos

Go to solution
TobiasW
New Contributor III

‎03-09-2021 12:51 PM

Hi Mig, thanks for the reply.

Yes, I use the displayed re-auth settings.

But I mean something else.

The customer has active NAC sessions on his ERS, the active Radius Server is Ignition. The Ports are configured to re-authenticate every 3500 seconds.

I am not allowed to disable and re-enable all the ports, so I’m only allowed to change the Radius settings and wait unitl the re-authentication timer triggers the switch to send new request to the Radius.

 

Therefore I am looking for a command that forces the ERS to re-authenticate the clients after I changed the Radius Server. I don’t want to wait those 3500 seconds…

I hope you can follow what I’m saying… 😉

 

Stay safe!

Tobias

0 Kudos
GTM-P2G8KFN