A CoA can be triggered through the CLI by using a tools command that does not require a RADIUS authentication policy. The tools command can also be used to spoof a CoA from a configured server for purposes such as testing CoA python scripts. However, when spoofing the CoA from a RADIUS server, the configuration of a RADIUS authentication policy is required.
The tools command, tools>perform>subscriber-mgmt>coa, supports up to five different VSAs. If more than five VSAs are required, a file with more than five VSAs can be used for execution.
The tools command does not support lawful intercept attributes.
SNMP can also trigger the tools CoA command. However, SNMP cannot execute the command when it is referencing an on-board flash file. To execute from a file, the file must be non-local, such as using a URL specifying the location of the file on an FTP server.
Only one tools command, tools>perform>subscriber-mgmt>coa command can be performed at a time. The command must complete execution before processing a new one. If the tools command becomes unresponsive, CTRL-c can be used to break out of the CoA. In addition, a failsafe mechanism automatically terminates the tools command if it has not completed within a minute.