Wireless Access

 View Only
Back to discussions
Expand all | Collapse all

Issues with enforcing bandwidth quota limit

This thread has been viewed 14 times

  • 1.  Issues with enforcing bandwidth quota limit

    Posted Oct 15, 2025 05:58 AM

    Hello

    We are integrating Aruba Instant AP-505 (8.13.1.0 LSR) with our external Captive Portal and our external RADIUS server (FreeRadius). We are using one AP as a Virtual Controller for the rest of the APs. Our system is used to grant managed WiFi access to end-users which we can control the session duration, speed limit, and other session parameters. Our service works with other models like Meraki and MikroTik and now we want to integrate Aruba as well.
    We can't find a way to control the bandwidth quota limit of the users in Aruba. For example in MikroTik we send "Mikrotik-Total-Limit" with the Access-Accept attributes, which automatically disconnects the user when their session usage exceeds the limit. We could not find any similar attribute in Aruba, so instead of that we tried disconnecting the user using a CoA request initiated from RADIUS. But in practice this does not work because RADIUS is deployed on a cloud server so it cannot possibly send a request to the AP through the NAT.

    Any suggestions to solve this problem?   



    -------------------------------------------


  • 2.  RE: Issues with enforcing bandwidth quota limit

    Posted Oct 15, 2025 08:00 AM

    Quota limits are based on accounting and done from the authentication server (RADIUS) via CoA. I don't think there is a automatic disconnect based on traffic volume.

    Quota/bandwidth limits can be set on the role; or what I learned recently from VSAs.

    If your AP is behind NAT, use RadSec instead of RADIUS to allow CoA, and in the same step increase security.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your HPE Aruba Networking partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact HPE Aruba Networking TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or HPE Aruba Networking.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



Related Content