About RADIUS dynamic authorization

RADIUS dynamic authorization provides the ability to make changes to a user account session while it is in progress. This ability includes disconnecting a session or updating some aspect of the authorization for the session. It also includes "pot bounce" in which the interface on which a client is connected is brought down and then back up (using COA (change of authorization).

RADIUS dynamic authorization enables or disables the processing of "Disconnect" and "Change of Authorization (CoA)" messages from the RADIUS server. When enabled, the RADIUS server can dynamically terminate or change the authorization parameters (such as VLAN/user-role assignment) used in an active client session on the switch.


See also RFC 3576 available at http://www.ietf.org/rfc/rfc3576.txt for general information on the dynamic authorization extensions to RADIUS.