License; Ip Security (Ipsec) - Cisco ASR 5000 Series Administration Manual

Hide thumbs Also See for ASR 5000 Series:

Product overview (992 pages)

Administration manual (509 pages)

Installation manual (317 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

Table of Contents

▀ Features and Functionality - Licensed Enhanced Feature Software

Following IPv6 EPS Bearer context establishment, the MME can perform either manual or automatic 6to4 tunneling,

according to RFC 3056, Connection of IPv6 Domains Via IPv4 Clouds.

License Keys: IPv6, part numbers 600-00-7521, 600-00-7576

License

600-00-7521, 600-00-7576

IP Security (IPSec)

IP Security provides a mechanism for establishing secure tunnels from mobile subscribers to pre-defined endpoints (i.e.

enterprise or home networks) in accordance with the following standards:

RFC 2401, Security Architecture for the Internet Protocol

RFC 2402, IP Authentication Header (AH)

RFC 2406, IP Encapsulating Security Payload (ESP)

RFC 2409, The Internet Key Exchange (IKE)

RFC-3193, Securing L2TP using IPSEC, November 2001

IP Security (IPSec) is a suite of protocols that interact with one another to provide secure private communications across

IP networks. These protocols allow the system to establish and maintain secure tunnels with peer security gateways.

IPSec can be implemented on the system for the following applications:

PDN Access: Subscriber IP traffic is routed over an IPSec tunnel from the system to a secure gateway on the

packet data network (PDN) as determined by access control list (ACL) criteria.

Mobile IP: Mobile IP control signals and subscriber data is encapsulated in IPSec tunnels that are established

between foreign agents (FAs) and home agents (HAs) over the Pi interfaces.

L2TP: L2TP-encapsulated packets are routed from the system to an LNS/secure gateway over an IPSec tunnel.

The following figure shows IPSec configurations.

▄ Cisco ASR 5000 Series Mobility Management Entity Administration Guide

MPORTANT

Once an IPSec tunnel is established between an FA and HA for a particular

subscriber, all new Mobile IP sessions using the same FA and HA are passed over the tunnel

regardless of whether or not IPSec is supported for the new subscriber sessions. Data for existing

Mobile IP sessions is unaffected.

MME in LTE/SAE Wireless Data Services

OL-22987-01

Table of Contents

License; Ip Security (Ipsec) - Cisco ASR 5000 Series Administration Manual

License

IP Security (IPSec)

Related Manuals for Cisco ASR 5000 Series

Related Content for Cisco ASR 5000 Series

Table of Contents