We've just migrated our dev WiFi from 6.5 to 8.5
The attached image shows current setup. All airgroup configs done at the "dev(2)" level.
Looking at clearpass Access-Tracker, I can see the normal wifi device auths and the Airgroup Authorization Service request/sesponse entries. These come from the mobility master arubammdev0
In 6.5 I could do a RADIUS CoA and force a terminate session. With our current setup in 8.5 I'm not given the option of performing a CoA. The mobility master is configured as a device correctly in clearpass with CoA on 3999
so, given that clearpass has port 3999 configured for CoA and I'm logging onto arubammdev0 using my credentials via the clearpass server, how does clearpass decide whether it can use CoA on 3999 back to a device?
Conf/System/Profiles/RFC 3576 server/ seems to have both my clearpass servers in there ... assuming with correct shared key ... I didn't set it up