send an "coa" packet from "authorize {}" section

Jorge Pereira jpereiran at
Sun Oct 4 21:47:55 CEST 2015

Hi Alan,

    This sound bad... I will look for some other solution. btw, I believe
that we need to allow the home_server to set the type like "coa+auth+acct"
or other option like "all" or multiple sets (type="coa", type="auth",

Will help a lot the integration with *crap radius vendors* that listens to
everything in the same port. eg: Nokia & Juniper.

Currently, my solutions is changing the udp-packet like: "all packets from
X of kind is UDP to port 3799, replace the DPORT to 1812".... works well,
but I don`t like that.

thanks for your help!

Jorge Pereira

On Sun, Oct 4, 2015 at 4:27 PM, Alan DeKok <aland at>

> On Oct 4, 2015, at 3:21 PM, Jorge Pereira <jpereiran at> wrote:
> >    I need to send a COA to another NAS during the section "authorize {
> }",
> ...
> > 3) From this point, I can't figure out about the best way to wait and
> only
> > responds after coa feedback.
>   You can't do that right now.  Addressing that for 3.1.x might be a
> possibility.  We're looking into fixing some of the state machine issues to
> make this easier.
>   The main issue is that originating a CoA packet is not quite the same as
> proxying.  So for a proxy, we can wait for a response.  For a CoA packet,
> we can't.
>   Fixing this requires changes to the server core.  I'd prefer to wait
> until that's been cleaned up a bit before adding new behaviour.
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list