Creating An Rfc3576 Server Instance - AMIGOPOD PowerConnect W Clearpass 100 Software Integration Manual

Amigopod and ArubaOS Integration
Adding a AAA Server Group
aaa server-group "Guest-Amigopod"
auth-server "Amigopod" position 1

Creating an RFC3576 Server Instance

RFC3576 is an extension to the RADIUS standard that allows for a RADIUS server initiated control of
an established RADIUS AAA session. The two primary functions of the RFC are represented by the
following two messages:
Disconnect messages: The RADIUS server sends a Disconnect-Request packet to terminate a

user session on a NAS and removes all associated session context. The Disconnect-Request
packet is sent to UDP port 3799 and it identifies the user session to be terminated by inclusion of
the session identification attributes.
Change of Authorization (CoA) messages: CoA-request packets contain information for

dynamically changing session authorizations. Typically these messages are used to change the
context of the user session. For ArubaOS, this means changing the user role that the current
session is assigned. This feature enables many different business rules, such as bandwidth
throttling after a quota is exceeded.
Configuring an RFC3576 Server
As part of the guest access solution addressed by this guide, Amigopod serves as the RFC3576
server and can perform the disconnect and CoA functions.
Make these configurations in the RFC3576 server definition:
The name of the RFC3576 server definition must be the IP address of the Amigopod.

The Key must match the shared secret configuration that was defined for the RADIUS server.

Aruba Networks, Inc.
Figure 6 Adding a AAA server group
Application Note
ArubaOS Configuration | 16