Change of Authorization (CoA) is a feature that allows a RADIUS server to control a device’s network access policy after authentication. RADIUS servers can send CoA messages to reauthenticate and reauthorize a device. CoA can trigger a change of the group policy, VLAN, firewall ACL, traffic shaping, bandwidth limits, and more. CoA enables continuous control over devices’ network access and allows the policy to be automated by the RADIUS server. Meraki’s CoA is supported by several RADIUS vendors including Cisco, Bradford, ForeScout, PacketFence, and Impulse Point.
Customers with Cisco ISE workflows with Meraki MR access points can now use all ISE features including Device Posturing and Central Web Authentication (CWA). Meraki access points will automatically redirect users' web browsers to the Cisco ISE server's splash page. By sending Change of Authorization (CoA) messages to the Meraki network, Cisco ISE can now control a user's firewall ACL, traffic shaping, bandwidth limits, and VLAN assignment.
To enable these features, please contact Meraki support (email@example.com) or your systems engineer and request the CoA / Cisco ISE integration feature to be enabled.
For more on CoA with RADIUS, please read the article on .