IMPORTANT! Upcoming changes to the Purple RADIUS servers. Please click HERE for further details.

Aruba (Controller-based) CoA / Disconnect Support

This guide details how to to enable support for CoA / Disconnect Message on the Aruba Controller. This is required in order to use the Tiered Bandwidth data cap and/or E-mail verification kick off feature.


Start by logging into your Aruba Controller.

Step 1 - Radius

Click Configuration > Authentication > Auth Servers on the left menu. Under All Servers click Add and set the following:

IP Address
*insert radius_ip here*

Click Submit and then Add again. Set the following:

IP Address
*insert radius_ip2 here*

Click Submit to save. Next, click on both of the new RFC 3576 servers you just created and set the following:

Key
*insert radius_secret here*
RetypeKey
*insert radius_secret here*

Click Submit to save. Next, click the AAA Profile tab to expand the Guest WiFi-aaa_prof profile and select RFC 3576 server. Click the add icon and add both servers you previously defined. Click Submit to sve. Remember to click Apply Pending Changes at the top to commit.


Step 2 - Firewall

IMPORTANT: CoA works by accepting inbound traffic from our RADIUS. We will send this request back to the same WAN IP of which your Aruba controller uses for outbound traffic to our RADIUS. Therefore, you will need to forward port 3799 (UDP) on your firewall from this WAN IP to the internal Aruba controller management IP on your local network.


Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.