CoA packet
Hello,
I can't seem to get CoA to work on Omada.
I configured a Wireless Network in the Omada Controller (version 5.14.26.1)
In this configuration an external RADIUS server is being used, where CoA has been enabled
I have tried to use different kind of attributes in the CoA packet, but I can't seem to find the information what TP-Link Omada requires to be in the packet.
The client to disconnect is connected to the EAP653 with the latest version installed (1.1.0)
Help is appreciated
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
The problem has been identified, The problem was that the EAP and the RADIUS server where not in the same subnet, something what the EAP could not handle.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
@Vincent-TP Thank you for your reply
This is already correctly configured.
What I want to find out is what attributes are expected in the CoA, see this for example: https://wiki.freeradius.org/protocol/disconnect-messages#example-disconnect-request
I am now using a collection of many attributes, which does not seem to work.
- Copy Link
- Report Inappropriate Content
to be specific, I am using the same attributes as used in the example on the wiki page of freeradius.
These are the attributes:
-
Acct-Session-Id
-
User-Name
-
NAS-IP-Address
- Copy Link
- Report Inappropriate Content
If you want to use the DM function of the Radius Portal, Omada Controller can receive DM message from the radius server by turning on the Disconnect Request switch in the radius settings. It should be noted that the DM function not only disconnects the client, but also unauthorize the client’s authentication record.
- Copy Link
- Report Inappropriate Content
@Vincent-TP Once again, thank you very much for your response.
I'll try to explain what I want to achieve.
I have a RADIUS server which can be reached by Omada
and I have clients which are can be granted access or denied access by the RADIUS server
The clients cannot reach the Omada Controller
There is no need for a portal page, but there is need to be able to disconnect clients using a Disconnect Request.
That's why I used this way of configuring the RADIUS server:
All the passwords are the same, but I can't get RADIUS CoA to work.
- Copy Link
- Report Inappropriate Content
Thank you so much for taking the time to post the issue on TP-Link community!
To better assist you, I've created a support ticket via your registered email address, and escalated it to our support engineer to look into the issue. The ticket ID is TKID241035860, please check your email box and ensure the support email is well received. Thanks!
Once the issue is addressed or resolved, welcome to update this topic thread with your solution to help others who may encounter the same issue as you did.
Many thanks for your great cooperation and patience!
- Copy Link
- Report Inappropriate Content
The problem has been identified, The problem was that the EAP and the RADIUS server where not in the same subnet, something what the EAP could not handle.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 182
Replies: 7
Voters 0
No one has voted for it yet.