Hi Robin I have updated my controller, and you are right, the CoA option is back, but only available when WPA2 is selected, weird as CoA can also be used when doing MAC AUTH and Radius assigned VLANS
You can still switch to the old UI and configure your SSID there. I post a comment on Unifi, and I also open a forum thread, but still no luck. https://community.ui.com/releases/UniFi-Network-Application-8-4-62/40240312-bb43-4648-adab-5b05f3d4354e#comment/6b44ecc8-4c87-4aa6-bf31-1e03239aa66e https://community.ui.com/questions/CoA-Status/d7ae3d74-b448-4c62-a1cc-615b0230b8dc Enrique El lun, 16 sept 2024 a las 9:12, Robin Buhr (filder.cloud) (<robin@filder.cloud>) escribió: > Hi Enrique, > > unifi controller is at 8.4.59. Almost the latest version... > Am 16.09.2024 um 13:05 schrieb Enrique Gross via PacketFence-users: > > Hi Robin > > What version of the Unifi Software are you running? > > Enrique > > El lun, 16 de sept de 2024, 06:42, Robin Buhr (filder.cloud) > <robin@filder.cloud> <robin@filder.cloud> escribió: > >> Hi Enrique, >> >> yes, the CoA Option is available in Unifi-Controller. But it appears >> only, if Wireless Security Protocoll is set to "WPA2 Enterprise" within a >> specific SSID. Since I want to use the CP-Portal in my scenario, Security >> Protocoll is set to "Open". Is it even possible to deauth in this >> combination? >> >> I have one more question: Must the controller be set up as a switch in >> PF? If not, when do I set Switch Type to "Unifi Controller"? >> >> Regards >> Robin >> Am 10.09.2024 um 20:56 schrieb Enrique Gross via PacketFence-users: >> >> Hi Robin >> >> If your deauth method is RADIUS, just configure a RADIUS secret password, >> use CoA, and your VLANS per role. There is no need to configure web >> services or SNMP, controller ip address. >> >> I think the radius connector should be disabled too >> >> And of course don't forget to configure RADIUS profile on the unifi >> controller. >> >> Like Micheal said, Unifi is doing a massive reworking on the UI. I didn't >> know the CoA option is now back on new UI, good news. >> >> You can debug CoA on the UAPs with tcpdump so you can check if RADIUS >> messages are reaching APs. >> >> Enrique >> >> >> >> El mar, 10 de sept de 2024, 12:24, Michael Preissner via >> PacketFence-users <packetfence-users@lists.sourceforge.net> escribió: >> >>> I know there are several folks with working solutions, but many of them >>> rely on using the old legacy interface and/or outdated firmware versions. >>> UI did recently re-introduce the RADIUS CoA to the New interface in the >>> SSID configuration (might still be an EA feature). I haven't had an >>> opportunity to test yet, but we should be able to do it at this point >>> without going back to the legacy interface. >>> >>> Mike >>> >>> On Tue, Sep 10, 2024 at 11:04 AM Robin Buhr (filder.cloud) via >>> PacketFence-users <packetfence-users@lists.sourceforge.net> wrote: >>> >>>> Hello Community, >>>> >>>> I am new to the topic of Packetfence and find it really exciting. >>>> Currently, I am trying to overcome the following challenge: Dynamic VLAN >>>> assignment with Unifi APs/Controller(VM) after authentication via a >>>> captive portal provided by Packetfence. Since it is an open SSID provided >>>> by the Unifi AP, RADIUS (and CoA?) is not possible. >>>> I am stuck at the point of Deauth. Is there a guide on how the "switch" in >>>> PF must be configured for Deauth to work? The protocol >>>> (SSH/SNMP/HTTP/S/RADIUS) doesn't matter to me. I simply want a device to >>>> be moved to another VLAN after successful authentication. >>>> >>>> -- >>>> Beste Grüße >>>> Robin >>>> >>>> _______________________________________________ >>>> PacketFence-users mailing list >>>> PacketFence-users@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>>> >>> _______________________________________________ >>> PacketFence-users mailing list >>> PacketFence-users@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>> >> >> >> _______________________________________________ >> PacketFence-users mailing >> listPacketFence-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/packetfence-users >> >> -- >> Beste Grüße >> Robin Buhr >> >> T +49 (711) 50483726 >> M robin@filder.cloud >> >> filder.cloud UG (Haftungsbeschränkt)In den Gärtlesäckern 18/2 >> 70771 Leinfelden-Echterdingen >> <https://www.google.com/maps/search/In+den+G%C3%A4rtles%C3%A4ckern+18%2F2+%0D%0A70771+Leinfelden-Echterdingen?entry=gmail&source=g> >> HRB 778485 >> >> > > _______________________________________________ > PacketFence-users mailing > listPacketFence-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/packetfence-users > > -- > Beste Grüße > Robin Buhr > > T +49 (711) 50483726 > M robin@filder.cloud > > filder.cloud UG (Haftungsbeschränkt) > In den Gärtlesäckern 18/2 > 70771 Leinfelden-Echterdingen > HRB 778485 > > -- [image: Imágenes integradas 1]
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
