04-25-2013 12:54 PM
We're in the process of testing a Cisco ISE appliance and one feature I'm trying to get to work is RFC 3576 / AKA COA. It seems however that Cisco has decided to use UDP port 1700 instead of the RFC standard of 3799. Also, it doesn't seem to be possible to change this on the Cisco side and they have indicated that it would have to be added as a feature request.
What I'm wondering is if Aruba might consider adding in the port number in the ArubaOS configuration so we can specify which port to listen on for COA packets?
03-16-2015 09:30 AM
Did you try this?
(Aruba650) #configure terminal
Enter Configuration commands, one per line. End with CNTL/Z
(Aruba650) (config) #firewall cp
(Aruba650) (config-fw-cp) #permit proto 17 ports 1700 1700
(Aruba650) (config-fw-cp) #exit
(Aruba650) (config) #ip radius rfc-3576-server udp-port 1700
(Aruba650) (config) #end