Is it possible? CoA disconnect packet communication between radius 3 and Unifi AP Clients
Alan DeKok
aland at deployingradius.com
Tue May 19 01:45:32 CEST 2020
On May 18, 2020, at 6:26 PM, Luis Gutierrez <luisgc.bps at gmail.com> wrote:
> I will be brief, I need an AAA server over a network of Ubiquiti AP Unifi,
> I have to say that it was not difficult for me to install a freeradius
> 3.0.x server.
That's good.
> My problem:
> But I can't disconnect devices, using CoA packets:
>
> echo User-Name = 'user' radclient 127.0.0.1:3799 disconnect testing123
That sends the packets to localhost, which isn't the AP.
On top of that, the AP usually needs a lot more attributes than just the User-Name.
> I consult them:
> Someone managed to use the CoA disconnect packets between a freeradius
> 3.0.X server
> and AP's ubuquiti Unifi AP.
Yes.
1) you need to send packets to the AP, not to 127.0.0.1
2) the packets need to contain information which identifies the user's session. e.g. Framed-IP-Address, or other things. These attributes are typically the ones seen in Accounting-Request packets for the user.
Alan DeKok.
More information about the Freeradius-Users
mailing list