Security

Hi, I´m trying to send a CoA to 2 Extreme´s Wireless controllers. (I´m using ClearPass 6.3)

One of them is using RFC 3576 and the other is RFC 5176. so I want to know witch combinations of options I need to send to do a Terminate of Session.

I know that for Aruba I use this

And ClearPass doesn´t have a predefined template for Extreme.

Thanks in advance. 

It should just be a standard IETF.

Ok, thank you.

I will try it. 

I need the calling station id or only with the terminate session?

Sorry but I have zero experience with CoA.

Regars.

Hi,

Is there a document/datasheet that states that RFC 5176 is supported in 6.3.x or 6.4.x firmware? ____

I could not find it... Pls share if you do :)

From the research I have just done, the difference between RFC 3576 and RFC 5176 is that 5176 introduced CoA as opposed to Disconnect Messages.

See:

http://tools.ietf.org/html/rfc5176#section-2.2

We definitely support CoA, not just DM. So, I think you are good to go. If you require more proof, it is on page 210 of the 6.2 User Guide: http://community.arubanetworks.com/aruba/attachments/aruba/aaa-nac-guest-access-byod/9259/1/Aruba_CPPM_User_Guide.pdf

"Enable RADIUS CoA
RADIUS CoA Port
Enable RADIUS Change of Authorization (RFC 3576/5176) for this device. Set the UDP port on the device to send CoA actions. Default value is 3799."

Hi Zach, 

I saw it in the 6.5 CPPM UG as well. 

I'm just curious why it was not showing in the 6.3.x or 6.4.x controller User Guides...

I'm not sure either.

I think we just stick with the older RFC number due to name recognition. Most people know what RFC 3576 is but not RFC 5176.