01-30-2013 04:40 PM
We'd like to set some daily limit of data traffic for the guest clients. We've already set radius accounting which is working well but don't know how to terminate the client after he exceeds the limit. As I read in some documents, it should be realized by Radius CoA. Unfortunatelly I'm an Aruba novice and I'm not familiar with the CPPM's philosophy, yet. I read the accounting TN for Amigopod, but CPPM has different gui to set the policies, so it doesn't help me. Could somebody write me some advice or workflow how to set the profiles, policies, etc. in CPPM, please?
Solved! Go to Solution.
01-30-2013 05:06 PM
You will want to create a post-authentication enforcement profile ("Session Restrictions Enforcement"), and apply this to the sessions that should be restricted.
The options in the enforcement profile are hopefully self-explanatory: you can set Post-Auth-Check : Action = Disconnect, and then appropriate values for Bandwidth-Check : Check-Type = Daily, Bandwidth-Check : Allowed-Limit = 50, Bandwidth-Check : Limit-Units = MB.
02-12-2013 05:56 AM
This works fine for me.
Can I change user-role on mobility controller when user reaches his data limit ?
The reason is, that user is not disconnected, but he is droped to user-role (eg.) with lower bandwidth ?
03-31-2014 11:14 PM
Apologies for digging out an old post...
Is there anything special required to deploy this of Aruba Instant? I've set up a profile with the attributes you have suggested below, they are assigned to a policy, yet my users is fully capable of downloading past their Allowed-Limit.
04-01-2014 04:25 AM
Well - you need to have CoA and Radius Interim Accounting configured. With that in place it should work.
You can check an account in Access Tracker to verify that Radius Accounting is going on - and if there has been fired off any CoA.
-ACMX #316 :: ACCP-
Intelecom - Norway
Remember to Kudo if a post helped you! || Problem Solved? Click "Accept as Solution" in a post!
04-02-2014 03:36 PM
I know for sure that accounting is enabled, it's how I am able to check that the client has downloaded more than their limit (CPPM Guest -> Active Session and also in Access Tracker)
I'll check CoA, I know its enabled on the IAP as well as RFC3576 (default config).
Is there anything else I should check?
Actually, how do I check CoA is enabled?
04-02-2014 03:38 PM
04-02-2014 03:42 PM
There is no CoA tab under Access Tracker (I get Summary, Input, Output and Accounting) and the only option under "Change Status" is "Server Action" (The others are greyed out)
So I'm assuming CoA is not enabled.
04-02-2014 03:44 PM