Is it possible? CoA disconnect packet communication between radius 3 and Unifi AP Clients

Alan DeKok aland at
Tue May 19 01:45:32 CEST 2020

On May 18, 2020, at 6:26 PM, Luis Gutierrez <luisgc.bps at> wrote:
> I will be brief, I need an AAA server over a network of Ubiquiti AP Unifi,
> I have to say that it was not difficult for me to install a freeradius
> 3.0.x server.

  That's good.

> My problem:
> But I can't disconnect devices, using CoA packets:
> echo User-Name = 'user' radclient disconnect testing123

  That sends the packets to localhost, which isn't the AP.

  On top of that, the AP usually needs a lot more attributes than just the User-Name.

> I consult them:
> Someone managed to use the CoA disconnect packets between a freeradius
> 3.0.X server
> and AP's ubuquiti Unifi AP.


1) you need to send packets to the AP, not to

2) the packets need to contain information which identifies the user's session.  e.g. Framed-IP-Address, or other things.  These attributes are typically the ones seen in Accounting-Request packets for the user.

  Alan DeKok.

More information about the Freeradius-Users mailing list