1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Network Router
  5. OL-4387-02
  6. Configuration manual

Cisco OL-4387-02 Configuration Manual page 95

Router service selection gateway configuration guide
Hide thumbs
Table of Contents

Advertisement

Appendix B
SSG Implementation Notes
Table B-1
SSG Feature
RADIUS Proxy
Service Profiles
SMTP Redirect
TCP Redirect
Transparent
Passthrough
Unsupported
Features
VPI/VCI Static
Binding to a
Service Profile
OL-4387-02
SSG Implementation Notes for the Cisco 10000 Router (continued)
Implementation Notes
Not Supported.
MTU Size Attribute—In Directory Enabled Service Selection Subscription (DESS)
mode, SESM does not support the use of the MTU Size attribute.
Service-Defined Cookie Attribute—SSG does not parse or interpret the value of this
attribute. You must configure the proxy RADIUS server to interpret this attribute.
A RADIUS service profile supports only one Service-Defined Cookie.
Not supported, even if it is configured.
Supported to default network only. User traffic to services might be dropped,
even if it does not match a redirect port.
Network-specific redirects do not work unless the network is part of an exclude
network or part of an active service. As a workaround, use redirects based on
service name.
The authentication feature applies only to non-PPP users. PPP users are always
authenticated as part of the PPP negotiation process. PPP users logging off from
SESM are also redirected.
Initial Captivation—If the packet matches the redirection filter, the packet is
subject to initial captivation and is redirected. If the packet does not match the
redirection filter, the packet is not subject to initial captivation and is dropped.
Also see the
"Restrictions for SSG TCP Redirect" section on page
Supported only for traffic to the user (host). Not supported for traffic from the
user (host). Use Open Garden to allow SSG hosts access to certain networks.
Unauthorized downstream traffic is always allowed, but unauthorized upstream
traffic from an SSG host is dropped.
If an unsupported feature (such as NAT) is applied to an SSG connection, the
router does not reject the connection; however, the feature is not applied to traffic
over the connection.
The feature applies only to PPP sessions.
You must statically configure the feature.
SESM cannot map the VC to the service.
Cisco 10000 Series Router Service Selection Gateway Configuration Guide
10-4.
B-3

Advertisement

Table of Contents
loading

Related Manuals for Cisco OL-4387-02

Related Products for Cisco OL-4387-02

This manual is also suitable for:

10000 series

Table of Contents