Configuring RADIUS-Initiated Change of Authorization

To configure the RADIUS dynamic-request change of authorization (CoA) feature, perform the following steps to set up the RADIUS dynamic-request server that will perform the CoA operation:

1. Configure the RADIUS dynamic-request server, and enter RADIUS Configuration mode.
   host1(config)#radius dynamic-request server 10.10.5.10
2. Enable the CoA capability on the RADIUS dynamic-request server.
   host1(config-radius)#authorization change
3. Define the key (secret) used in the RADIUS Authenticator field during exchanges between the RADIUS dynamic-request server and the RADIUS server.
   host1(config-radius)#key Secret21Clientkey
4. (Optional) Specify the UDP port on which the router listens for messages from the RADIUS server. The default is 1700.
   host1(config-radius)#udp-port 1770