1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Network Router
  5. OL-4387-02
  6. Configuration manual

Restrictions For Ssg Open Garden; Configuration Of Ssg Open Garden; Configuration Example For Ssg Open Garden; Ssg Port-Bundle Host Key - Cisco OL-4387-02 Configuration Manual

Router service selection gateway configuration guide
Hide thumbs
Table of Contents

Advertisement

SSG Port-Bundle Host Key

Restrictions for SSG Open Garden

The SSG Open Garden feature has the following restrictions:

Configuration of SSG Open Garden

To designate a service as an Open Garden service, use the ssg open-garden command in global
configuration mode. For more information on configuring an Open Garden, refer to the
SSG Open Garden, Release 12.2(4)B feature

Configuration Example for SSG Open Garden

The following example defines two services named og1 and og2 and adds them to the Open Garden.
!
ssg open-garden og1
ssg open-garden og2
!
local-profile og1
attribute 26 9 251 "Oopengarden1.com"
attribute 26 9 251 "D10.13.1.5"
attribute 26 9 251 "R10.1.1.0;255.255.255.0
local-profile og2
attribute 26 9 251 "Oopengarden2.com"
attribute 26 9 251 "D10.14.1.5"
attribute 26 9 251 "R10.2.1.0;255.255.255.0"
attribute 26 9 251 "R10.3.1.0;255.255.255.0"
!
ssg bind service og2 10.5.5.1

SSG Port-Bundle Host Key

The SSG Port-Bundle Host Key feature enhances communication and functionality between SSG and
SESM by introducing a mechanism that uses the host source IP address and source port to identify and
monitor subscribers.
With the SSG Port-Bundle Host Key feature, SSG performs port-address translation (PAT) and
network-address translation (NAT) on the HTTP traffic between the subscriber and the SESM server.
When a subscriber sends an HTTP packet to the SESM server, SSG creates a port map that changes the
source IP address to a configured SSG source IP address and changes the source TCP port to a port
allocated by SSG. SSG assigns a bundle of ports to each subscriber because one subscriber can have
several simultaneous TCP sessions when accessing a web page. The assigned host key, or combination
of port-bundle and SSG source IP address, uniquely identifies each subscriber. The host key is carried
in RADIUS packets sent between the SESM server and SSG in the Subscriber IP vendor-specific
attribute (VSA). When the SESM server sends a reply to the subscriber, SSG translates the destination
IP address and destination TCP port according to the port map.
Cisco 10000 Series Router Service Selection Gateway Configuration Guide
6-6
RADIUS accounting records are not created for Open Garden services.
The Cisco 10000 router supports the creation of Open Garden services by using local profiles only;
you cannot use RADIUS profiles.
The Cisco 10000 router does not support overlapping Open Garden service networks.
module.
Chapter 6
Service Connection
OL-4387-02

Advertisement

Table of Contents
loading

Related Manuals for Cisco OL-4387-02

Related Content for Cisco OL-4387-02

This manual is also suitable for:

10000 series

Table of Contents