David,
Your understanding is correct. Currently the UniFi only supports
deauthenticating a client using the controller API and not using CoA. It is
possible to enable RADIUS CoA for a single SSID and frequency, but this may not
be useful for you. This is because the UniFi runs a separate hostapd instance
for all of the different SSIDs and frequencies. See:
https://community.ubnt.com/t5/UniFi-Wireless/RADIUS-Interim-updates/m-p/1860205/highlight/true#M216003
Sent from mobile phone
> On Jan 31, 2018, at 17:46, Durand fabrice via PacketFence-users
> <[email protected]> wrote:
>
> Hello David,
>
> the unifi AP is not yet correctly supported, there is some code about that
> but you have to do some custom config on the Unifi controller.
> Have a look at the mailing list archive about unifi.
>
> Regards
> Fabrice
>
>> Le 2018-01-31 à 13:02, David Harvey via PacketFence-users a écrit :
>> I should also note. I've just changed our APs from switch type hostapd to
>> ubiquity::unify, added the controller IP (a docker image in my case), and
>> also attempted to add the webservices field as details in the documentation:
>>
>> wsTransport=HTTPS
>> wsUser=admin
>> wsPwd=admin
>>
>>> On Wed, Jan 31, 2018 at 6:00 PM, David Harvey <[email protected]>
>>> wrote:
>>> Hi packetfence users,
>>>
>>> I just wanted to confirm a feature (or my undertsnading of).
>>>
>>> I'm using unifi access points with great success for portal login paired
>>> with EAP-TLS.
>>>
>>> Unregistered clients with certs land on the registration VLAN, and then
>>> have their proper vlans assigned by the portal login.
>>> After the portal login has been performed the client needs the wifi
>>> toggling off and on at present to reauth and get put onto the correct VLAN.
>>> subsequent reconnects work fine...
>>>
>>> If I've read the archives correctly, the wifi down/up is required becuase
>>> CoA is not supported by unifi, nor does the controller allow RADIUS
>>> disconnect events to force a client to reauth.
>>> Have I understood correctly, and is there any other magic I could try in
>>> order to smooth the portal sign in experience?
>>>
>>> Thanks in advnce,
>>>
>>> David
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>
>>
>> _______________________________________________
>> PacketFence-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
