This guide details how to to enable support for CoA / Disconnect Message on the Aruba Controller. This is required in order to use the Tiered Bandwidth data cap and/or E-mail verification kick off feature.
Start by logging into your Aruba Controller.
Click Configuration > Authentication > Auth Servers on the left menu. Under All Servers click Add and set the following:
Click Submit and then Add again. Set the following:
Click Submit to save. Next, click on both of the new RFC 3576 servers you just created and set the following:
Click Submit to save. Next, click the AAA Profile tab to expand the Guest WiFi-aaa_prof profile and select RFC 3576 server. Click the add icon and add both servers you previously defined. Click Submit to sve. Remember to click Apply Pending Changes at the top to commit.
IMPORTANT: CoA works by accepting inbound traffic from our RADIUS. We will send this request back to the same WAN IP of which your Aruba controller uses for outbound traffic to our RADIUS. Therefore, you will need to forward port 3799 (UDP) on your firewall from this WAN IP to the internal Aruba controller management IP on your local network.