Cisco ASR 5000 Administration Manual
  1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Gateway
  5. ASR 5000
  6. Administration manual
Cisco ASR 5000 Administration Manual

Cisco ASR 5000 Administration Manual

Enhanced wireless access gateway
Hide thumbs Also See for ASR 5000:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Administration Manual, Installation Manual
Cisco ASR 5000 Enhanced Wireless Access
Gateway Administration Guide
Version 15.0
Last Updated November 30, 2013
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883

Advertisement

Table of Contents
loading

Related Manuals for Cisco ASR 5000

Summary of Contents for Cisco ASR 5000

  • Page 1 Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide Version 15.0 Last Updated November 30, 2013 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883...
  • Page 2 ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks.

  • Page 3: Table Of Contents

    How it Works ............................30 Session Setup ............................ 30 Session Setup using Accounting-Interim ..................33 Session Replacement ........................36 Session Setup Failure ........................37 Mandatory AVP Missing / No Resource ..................38 Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...
  • Page 4 D-eWAG as First-Hop Router to WLAN Network ................71 D-eWAG as Default Gateway ......................71 APN Selection ............................ 71 D-eWAG Service in the ASR5000 Chassis ..................72 WLC - D-eWAG Interface ........................72 ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...
  • Page 5 DHCP-based Enhanced Wireless Access Gateway Configuration ..... 99 Before You Begin ..........................100 D-eWAG Configuration ......................... 101 Creating and Configuring the D-eWAG Service ................101 Creating the D-eWAG Service ..................... 101 Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...
  • Page 6 RADIUS-based Enhanced Wireless Access Gateway AAA AVP Support 115 DHCP-based Enhanced Wireless Access Gateway AAA AVP Support ..117 AAA AVP Support in Accounting Messages..................118 AAA AVP Support in Authentication Messages..................121 ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 7: About This Guide

    About this Guide This document pertains to the features and functionality that run on and/or that are related to the Cisco® ASR 5000 Chassis. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 8: Conventions Used

    Text represented as menu or sub- This typeface represents menus and sub-menus that you access within a software menu names application, for example: Click the File menu, then click New ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide viii...

  • Page 9: Contacting Customer Support

    Use the information in this section to contact customer support. Refer to the support area of http://www.cisco.com for up-to-date product documentation or to submit a service request. A valid username and password are required to access this site. Please contact your Cisco sales or service representative for additional information.

  • Page 10: Additional Information

     Cisco ASR 5x00 Release Change Reference  Cisco ASR 5x00 Statistics and Counters Reference  Release notes that accompany updates and upgrades to the StarOS for your service and platform ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 11: Enhanced Wireless Access Gateway Overview

    Enhanced Wireless Access Gateway Overview This chapter provides an overview of the Enhanced Wireless Access Gateway (eWAG). The following topics are covered in this chapter:  Introduction  Platform Requirements  License Requirements Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 12: Introduction

    3G/4G services via both mobile and Wi-Fi accesses. The Cisco® eWAG enables Wi-Fi integration into 3G mobile packet core (MPC), allowing clientless UE attached to trusted Wireless Local Area Networks (WLANs) seamlessly access 3G services. In this case, the UE does not require a client, it has no dependencies on the Wi-Fi architecture, and does not realize that it is connecting to a 3G network (3G access is integrated with the normal UE-WLAN attach procedure).

  • Page 13: Platform Requirements

    Platform Requirements ▀ Platform Requirements The eWAG service is supported on Cisco® ASR 5000 Series chassis running StarOS. The chassis can be configured with a variety of components to meet specific network deployment requirements. For additional information, refer to the Installation Guide for the chassis and/or contact your Cisco account representative.

  • Page 14: License Requirements

    ▀ License Requirements License Requirements The eWAG is a licensed Cisco product. Separate session and feature licenses may be required. Contact your Cisco account representative for detailed information on specific licensing requirements. For information on installing and verifying licenses, refer to the Managing License Keys section of the Software Management Operations chapter in the System Administration Guide.

  • Page 15: Radius-Based Enhanced Wireless Access Gateway Overview

    This chapter provides an overview of the RADIUS-based Enhanced Wireless Access Gateway (R-eWAG). The following topics are covered in this chapter:  Product Overview  Feature Description  How it Works  Dependencies and Limitations Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 16: Product Overview

    The unique advantages of the eWAG include:  The Cisco® ASR5000 chassis on which the eWAG is deployed is a high capacity chassis that can support millions of subscribers on a single chassis. Therefore, a single chassis is likely to support large session/capacity requirements for several years to come.

  • Page 17: Network Deployments And Network Interfaces

     Combo R-eWAG + TTG deployment on the same ASR 5000 chassis.  Combo R-eWAG + TTG + GGSN deployment on the same ASR 5000 chassis. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 18: Network Interfaces

    GGSN in the Create PDP Context Request message. This APN is either the subscribed APN from the HLR for the connecting user, or the locally configured default APN at the R-eWAG. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 19: Feature Description

    After successful authentication and session establishment, WLAN AAA-client (WLC or ISG) generates Accounting- Start message. This message is proxied by Wi-Fi AAA, enriched with MPC-related attributes, and sent to R-eWAG. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 20: Control And Data Interfaces

    Session Update Call Flow section.  Delete PDP Context Request / Response  Error Indication  Version Not Supported  GTP Payload Forwarding  GTP Echo R-eWAG-GGSN Gn' Interface ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 21: Ip Address Allocation

    DSCP values must be configured for different QCI values. The following table lists mapping for traffic class to QCI. Table 1. Traffic Class to QCI Mapping GPRS QoS Class Identifier Value UMTS QoS Parameters Traffic Class Signalling Indication Source Statistics Descriptor Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 22: Access Point Name Selection

    APN name is configured in the profile in service configuration. If that default APN is not configured, the call is dropped. Important: Note that in all cases only the NI part (as in the APN definition) needs to be specified as APN name in R-eWAG. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 23: Quality Of Service Profile Selection

    MPC. The translation involves remapping of the Wi-Fi IP address to the MPC IP address and vice versa in the IP header as well as in the payload (Application Level Gateway (ALG)). Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 24: Virtual Apn Support

    SGSN, and is now used for R-eWAG as well. The R-eWAG Offline charging involves the following functionalities for WLAN 3GPP IP Access:  Charging Trigger Function  Charging Data Function ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 25: Triggers For Charging Information Addition And Cdr Closure

    Accounting-Start/Accounting-Interim message from the WLC. The R-eWAG encodes the UE identity information into IMEIsV IE of Create PDP Context. The UE identity information is composed of the UE's MAC Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 26: Ue Location Information Support

    This simplifies the post-processing of statistical data since it can be formatted to be parsed by external, back-end processors. When used in conjunction with the Web Element Manager, the data can be parsed, archived, and graphed. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 27: Threshold Crossing Alerts Support

    Thresholding reports conditions using one of the following mechanisms:  SNMP traps: SNMP traps have been created that indicate the condition (high threshold crossing and/or clear) of each of the monitored values. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 28: Congestion Control Support

     License Utilization: Congestion thresholds for license utilization on the system.  Maximum Sessions-per-Service Utilization: Congestion thresholds for maximum number of sessions allowed per service. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 29: Redundancy Support

    Recovery framework is same as used by other products. A minimum of four PSCs (three active and one standby) is required in an ASR 5000 chassis to support the Session Recovery feature. This is because the DEMUX Manager and VPN Manager tasks run on a PSC where no SessMgr runs when session recovery is enabled and one PSC is used as standby PSC.

  • Page 30: How It Works

    GGSN-initiated Update PDP Context  Session Teardown  UE Detach - Accounting Stop  GGSN-initiated DPC  eWAG TimeoutsAdmin Disconnect Session Setup This section presents call flow for the session setup scenario. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...
  • Page 31 RADIUS-based Enhanced Wireless Access Gateway Overview How it Works ▀ Figure 2. Session Setup Call Flow Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...
  • Page 32 The R-eWAG identifies the GGSN it needs to connect with using the same 3G procedure of identifying GGSN from SGSN(/TTG) using DNS resolution. The R-eWAG then sends the Create PDP Context Request message to the GGSN to create the GTP tunnel. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 33: Session Setup Using Accounting-Interim

    Until then, R-eWAG will drop Accounting-Interim with different AVP values. This section presents call flow for session setup using accounting-interim scenario. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...
  • Page 34 RADIUS-based Enhanced Wireless Access Gateway Overview ▀ How it Works Figure 3. Session Setup using Accounting-Interim Call Flow ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...
  • Page 35 The R-eWAG identifies the GGSN to connect to using the same 3G procedure of identifying GGSN from SGSN/TTG using DNS resolution. The R-eWAG then sends the Create PDP Context Request message to the GGSN to create the GTP tunnel. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 36: Session Replacement

    Accounting-Start message is for new subscriber with different Username+MSISDN combo. Important: In case of session replacement, old call will be disconnected with the session disconnect reason “IPSG-session-replacement”. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 37: Session Setup Failure

     GTP Tunnel Setup Failure R-eWAG supports sending RADIUS DM with UE MAC-address when call setup fails due to auth failure, no resource, missing or unknown APN, and other reasons. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 38: Mandatory Avp Missing / No Resource

    Figure 4. Session Failure Call Flow – Mandatory AVP Missing / No Resource GTP Tunnel Setup Failure This section presents call flow for the Session Failure – GTP Tunnel Setup scenario. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 39: Session Update

    How it Works ▀ Figure 5. Session Failure Call Flow – GTP Tunnel Setup Failure Session Update This section presents call flows for the following session update scenarios:  WLC-initiated Accounting Interim Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 40: Wlc-Initiated Accounting Interim

    When R-eWAG receives UPC from GGSN, it compares it with the QoS requested by AAA and QoS with smaller version is selected for UPC response. In case of same version, QoS with small Max-bit-rate (MBR) is selected. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 41: Session Teardown

    UE Detach - Accounting Stop  GGSN-initiated DPC  eWAG TimeoutsAdmin Disconnect UE Detach - Accounting Stop This section presents call flow for the UE Detach - Accounting Stop scenario. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 42: Ggsn-Initiated Dpc

    Session Teardown Call Flow – UE Detach - Accounting Stop GGSN-initiated DPC This section presents call flow for the Session Teardown – GGSN-initiated scenario. Figure 9. Session Teardown Call Flow – GGSN-initiated DPC ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 43: Ewag Timeouts/Admin Disconnect

    How it Works ▀ eWAG Timeouts/Admin Disconnect This section presents call flow for the Session Teardown – R-eWAG Timeouts and Admin Disconnect scenarios. Figure 10. Session Teardown Call Flow – R-eWAG Timeouts/Admin Disconnect Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 44: Dependencies And Limitations

    SGSN GPRS Tunneling Protocol (SGTP) service is configured. However, in the ASR 5000 chassis the R-eWAG operates based on APN profile. This means that when the GGSN (used for connecting to APN) is also configured on the same chassis, it will use the same APN profile used by the R-eWAG (assuming that the subscriber is connecting through R-eWAG to reach that APN using the collocated GGSN).

  • Page 45: Ewag + Ttg Combo Deployments

    Note that in the ASR 5000 chassis the virtual-APN selection can be based on other criteria apart from access gateway (AGW) address selection like MSISDN range, RAT type, and so on. R-eWAG uses only AGW address criteria, which is the RADIUS accounting-client from which the initial Accounting-Start message is received.

  • Page 46: Ewag + Ttg + Ggsn Combo Deployments

     If new GGSN call comes up with same IMSI, the GTPCMgr will always setup the new call on the same SessMgr where the call is previously present. If a new call comes up with the same IMSI and same NSAPI, the context replacement will happen at GGSN. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 47: Radius-Based Enhanced Wireless Access Gateway Configuration

    This chapter provides information on configuring the RADIUS-based Enhanced Wireless Access Gateway (R-eWAG) service. The following topics are covered in this chapter:  Before You Begin  R-eWAG Configuration  R-eWAG Administration Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 48: Before You Begin

    Translation Administration Guide. Also, confirm that the required license is installed. 4. Confirm that the R-eWAG license is installed. The R-eWAG is a licensed Cisco product. Separate session and feature licenses may be required. Contact your Cisco account representative for information on licensing requirements.

  • Page 49: R-Ewag Configuration

     The keyword enables the R-eWAG service (IPSG service in R-eWAG mode), and enters the IPSG ewag RADIUS Server Configuration Mode, which is common for the R-eWAG and IPSG services. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 50: Configuring The R-Ewag Service

    <dictionary_name> #To configure RADIUS accounting parameters: radius accounting { client { <ipv4/ipv6_address> | <ipv4/ipv6_address/mask> } [ encrypted ] key <key> [ acct-onoff [ aaa-context <aaa_context_name> ] [ aaa-group ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...
  • Page 51  specifies the RADIUS dictionary to use for the R-eWAG service. For information on <dictionary_name> which dictionary to use in your deployment, contact your Cisco account representative. The default dictionary starent-vsa1  In the RADIUS accounting parameter configurations, the option enables sending...
  • Page 52  specifies the RADIUS dictionary to use for the R-eWAG service. For information on <dictionary_name> which dictionary to use in your deployment, contact your Cisco account representative. The default dictionary starent-vsa1  In the RADIUS accounting parameter configurations, the option enables the sending of...

  • Page 53: Configuring The Apn

    <radius_client_ipv4/ipv6_address> | <radius_client_ipv4/ipv6_address/mask> } Notes:  In the ASR 5000 chassis, virtual APN selection can be based on other criteria apart from Access Gateway address ( ) selection, such as the MSISDN range, RAT type, and so on. However, only...

  • Page 54: Configuring The Sgtp Service

    GGSN are erroneous: max-remote-restart-counter-change <variance> Notes:  The SGTP service must be associated in the R-eWAG service configuration. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 55: Configuring Nat/Alg Support

    The routing rules must be configured in the ECS service and the routing rule priorities must be configured in the ECS rulebase for routing packets to the respective analyzers for performing NAT ALG processing. configure active-charging service <ecs_service_name> #To configure routing ruledefs: #FTP ALG: Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...
  • Page 56 <operator> <value> rule-application routing exit #PPTP ALG: ruledef <pptp_ruledef_name> tcp either-port <operator> <value> rule-application routing exit #TFTP ALG: ruledef <tftp_ruledef_name> tcp either-port <operator> <value> rule-application routing exit #H323 ALG: ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...
  • Page 57 <route_priority> ruledef <h323_tcp_ruledef_name> analyzer h323 exit #To enable payload (Layer 7) translation of IP packets, in the ECS service: firewall nat-alg ftp firewall nat-alg pptp firewall nat-alg rtsp Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 58: Additional Configurations

    CSS service has to be <ecs_service_name> configured. Configuring Bulk Statistics To configure bulk statics collection for R-eWAG service, use the following configuration: configure bulkstats mode ipsg schema <schema_name> format <schema_format> ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 59: Configuring Congestion Control

     Congestion policies are configurable for each service. These policies dictate how the services respond when the system detects that a congestion condition threshold has been crossed. For more information on the Congestion Control feature, refer to the Congestion Control chapter of the System Administration Guide. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 60: Configuring Offline Charging For R-Ewag

    #To configure remote server address: gtpp server <ip_address> #To configure triggers: gtpp trigger volume-limit #To configure CDR attributes: gtpp attribute local-record-sequence-number gtpp attribute msisdn gtpp attribute rat exit #To configure accounting policy: ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 61: Configuring Session Recovery

    <apn_name> accounting-mode gtpp gtpp group <gtpp_group_name> accounting-context <ewag_accounting_context_name> Notes:  For information on the GTPP dictionary to use contact your Cisco account representative.  Optional APN-level configuration to override charging characteristics supplied in Acct-Start: configure context <context_name> apn <apn_name>...
  • Page 62  A valid feature key is required for this configuration. This command enables/disables the feature to try to perform hitless session recovery for all session types supported by the software release. After enabling session recovery through this configuration, make sure that session recovery status is “ready”. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 63: R-Ewag Administration

    To view monitor protocol based logging information, in the Exec Mode use the following command: Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 64: Monitor Subscriber

    To view detailed subscriber information, for all subscribers. show subscribers full all show session progress To view session progress information for in-progress calls. show session subsystem facility ipsgmgr To view IPSG Manager related information. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...
  • Page 65 <analyzer_name> show active-charging rulebase name To view ECS statistics for specific rulebase. <rulebase_name> To view detailed ECS subsystem-level information. show active-charging subsystem all To view GTPP statistics. show gtpp statistics Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 67: Dhcp-Based Enhanced Wireless Access Gateway Overview

    This chapter describes the DHCP-based Enhanced Wireless Access Gateway (D-eWAG) solution. The following topics are covered in this chapter:  Product Overview  How it Works  Dependencies and Limitations Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 68: Product Overview

    These three steps are transparent to the subscriber accessing the Wi-Fi network and do not involve any subscriber intervention. At the end of the WLAN attach procedure, the UE connects to the 3G network. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 69: Deployment Models

    The D-eWAG can be deployed in any of the following ways:  Stand-alone D-eWAG deployment on an ASR 5000 chassis.  Combo D-eWAG + GGSN deployment on the same ASR 5000 chassis. Important: In this release, the following deployment option is not qualified and is not supported, it is available only for lab testing purposes.

  • Page 70: Association Process

    This way the UE gets the WLAN IP address directly from the 3G network and starts sending data traffic. The following additional host configuration parameters should be provisioned for the UE during DHCP signaling since the access is WLAN:  Default gateway  Subnet mask/prefix length ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 71: Data Traffic Between Wlan And 3G Network

    GGSN, the call will get dropped. This ensures that any consecutive DHCP packets from that UE get dropped at D- eWAG. APN Selection APN for the D-eWAG session is selected in following way: Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 72: D-Ewag Service In The Asr5000 Chassis

    This is achieved using the Subscriber Template based operation of D-eWAG in the ASR5000 chassis.  The first inbound RADIUS message (Access-Request) is the FSoL for D-eWAG to create a new D-eWAG session. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 73: Radius Accounting

    WLC-initiated accounting and sends it to the AAA server. This ensures that the AAA server will know that the WLC-initiated accounting session needs to be stopped as the session has gone down. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 74: D-Ewag - Aaa Interface

    CoA if received with Firewall policy name must be applied to the subscriber session. If the system does not support that Firewall policy for the subscriber then CoA-NACK is sent. Rulebase CoA can have Rulebase AVP to specify new rulebase to apply to subscriber. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 75: Radius Accounting Support

    GGSN-initiated UPC Request is accepted only for QoS Update case. QoS is updated for the D-eWAG session and accept status is sent in UPC Response. UPC Requests with EUA Update, PCO Update, APN Restriction Update, TFT Update, Direct Tunnel Update will be rejected by D-eWAG. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 76: Ip Address Allocation

    DHPC message. In this case, D-eWAG will also request for the same IP address to GGSN by filling it in the “End-user-address” IE in CPC Request. If the GGSN is not able to allocate the requested IP address, then D-eWAG drops the call and DHCP-Offer message is not sent back. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 77: Nsapi Allocation

    CLI. When enabled, the UE MAC received in “Calling-Station-Id” RADIUS attribute is mapped to IMEIsV and sent in GTP CPC message to the GGSN. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 78: Data-Plane

    WLC can be configured with AP-Group to use different VLAN. one APN. APN. c. Set of VLANs serving one APN are different from set of VLANs serving another APN. This way overlapping-ip can be supported. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 79: Local Traffic Breakout

    Note that NAT is applied to direct IP traffic, the subscriber’s IP address is NATd and sent to the Internet. In the downlink direction, the destination IP address is changed from the NATd IP address to the subscriber’s IP address and then forwarded to the subscriber. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 80: Controlling Local Traffic Breakout

    Thus for NAT to be applied, a realm name must be configured in the matching ruledef. If NAT has to be bypassed, then a NAT realm must not be configured in the ruledef. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 81: Data Path Flow

    Data from 3G services is received in GTPU tunnel while the NATd data from Internet is received directly. In the downlink data path, after ECS processing is done the data is sent to the UE. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 82: Recovery Support

    GGSN and local configuration in the IPSG service. DSCP values must be configured for different QCI values. The following table presents the traffic class to QCI mapping (based on 3GPP spec 23.203). ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 83: Bulk Statistics Support

    IP address of the system generating the statistics (available for only for headers and footers), and/or the time that the file was generated. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 84: Threshold Crossing Alerts Support

     PAC/PSC CPU resource availability:  Percent utilization  Available memory  Load  Memory usage  Session throughput  SPC/SMC CPU resource availability:  Memory usage  Percent utilization  Packet processing: ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 85: Congestion Control Support

    However, continuous or large numbers of these conditions within a specific time interval may have an impact on the system’s ability to service subscriber sessions. Congestion control helps identify such conditions and invokes policies for addressing the situation. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 86: Redundancy Support

    D-eWAG session such as Default-GW-IP address, UE-MAC, and so on are supported. D-eWAG GTP context information is recovered similar to R-eWAG as Gn' interface is used by both. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 87: Charging

    An S-CDR is closed as the final record of a session for the following events:  UE-initiated call termination  Admin release at D-eWAG via clear sub all  GGSN-initiated call termination Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 88: Billing Record Transfer

    In this release, NAT policy must not be configured for D-eWAG. In D-eWAG + R-eWAG combo deployments NAT is required for R-eWAG, it must be ensured that NAT policy is not configured for D-eWAG ECS session. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 89: How It Works

     Session Update - AAA Initiated  Session Update - GGSN Initiated  Session Update - WLC Initiated Session Setup This section presents the call flow for session setup scenario. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...
  • Page 90 DHCP-based Enhanced Wireless Access Gateway Overview ▀ How it Works Figure 16. D-eWAG Session Setup Call Flow ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...
  • Page 91 DHCP-based Enhanced Wireless Access Gateway Overview How it Works ▀ Figure 17. D-eWAG Session Setup Call Flow... continued Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 92: Session Teardown

    Session Teardown - GGSN Initiated  Session Teardown - UE Initiated  Session Teardown - WLC Initiated Session Teardown - AAA Initiated This section presents the call flow for AAA-initiated Session Teardown scenario. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 93: Session Teardown - Ggsn Initiated

    This section presents the call flow for GGSN-initiated Session Teardown scenario. Figure 20. Session Teardown - GGSN Initiated Call Flow Session Teardown - UE Initiated This section presents the call flow for UE-initiated Session Teardown scenario. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 94: Session Teardown - Wlc Initiated

    Session Teardown - WLC Initiated Call Flow Session Update This section presents call flows for session update scenarios.  Session Update - AAA Initiated  Session Update - GGSN Initiated  Session Update - WLC Initiated ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 95: Session Update - Aaa Initiated

    UPC response. In case of same version, QoS with small Maximum Bit Rate (MBR) is selected. Important: In this release, D-eWAG does not generate CoA RADIUS Request to WLC. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 96: Session Update - Wlc Initiated

    WLC cannot send 3gpp-qos. Thus the UPC from D-eWAG to GGSN for QoS change from WLC will not happen. UPC will only be sent for AP information change. Figure 25. Session Update - WLC Initiated Call Flow ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 97: Dependencies And Limitations

    D-eWAG functionality as Overlapping IP address is not supported in this release.  This D-eWAG solution is not tested against non-Cisco WLC nodes. However, it should work with WLCs from any vendors as long as it satisfies the requirements mentioned in the Requirements in WLC section, though it is advised to use Cisco WLC nodes for better interoperability.

  • Page 98: Requirements In Wlc

    { 12.0.0.2 to 12.0.0.100 } range and the IP-address 12.0.0.1 is configured at D-eWAG node. Also, 12.0.0.1 is conveyed to UE as default-gateway during DHCP-Offer message by D-eWAG so that it acts as default-gateway for all the uplink data-packets from the UE. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 99: Dhcp-Based Enhanced Wireless Access Gateway Configuration

    This chapter provides information on configuring the DHCP-based Enhanced Wireless Access Gateway (D-eWAG) solution. The following topics are covered in this chapter:  Before You Begin  D-eWAG Configuration  D-eWAG Administration Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 100: Before You Begin

    System Administration Guide. 2. Confirm that the eWAG license is installed. The eWAG is a licensed Cisco product. Separate session and feature licenses may be required. Contact your Cisco account representative for information on licensing requirements. For information on installing and verifying licenses, refer to the Managing License Keys section of the Software Management Operations chapter in the System Administration Guide.

  • Page 101: D-Ewag Configuration

     The keyword enables the D-eWAG service (IPSG service in D-eWAG mode), and enters the IPSG ewag RADIUS Server Configuration Mode, which is common for the eWAG and IPSG services. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 102: Configuring The D-Ewag Service

    | af32 | af33 | af41 | af42 | af43 | be | ef | pt } } + #To configure RADIUS dictionary: radius dictionary <dictionary_name> #To configure RADIUS accounting parameters: ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 103: Configuring Dhcp Service

     specifies the RADIUS dictionary to use for the D-eWAG service. For information on <dictionary_name> which dictionary to use in your setup, contact your Cisco account representative. For D-eWAG, the default dictionary is starent  In the RADIUS accounting parameter configurations, the...

  • Page 104: Configuring The Subscriber Template

    #To configure realm part for subscriber. This command must be configured in the same context where the AAA Group is defined. domain <domain_name> Configuring the SGTP Service To create and configure the SGTP service use the following configuration: configure context <context_name> sgtp-service <sgtp_service_name> ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 105: Configuring Nat For Local Traffic Breakout Support

    10 access-ruledef ruledef_1 permit nat-realm nat_pool_1 access-rule priority 15 access-ruledef ruledef_2 permit nat-realm nat_pool_2 access-rule priority 100 access-ruledef ruledef_3 permit nat-realm nat_pool_1 access-rule priority 105 access-ruledef ruledef_4 permit Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 106: Additional Configurations

     Configuring Congestion Control  Configuring Session Recovery  Configuring Offline Charging for D-eWAG Configuring Bulk Statistics To configure bulk statistics collection for D-eWAG service, use the following configuration: configure ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 107: Configuring Congestion Control

    | message-queue-utilization | port-rx-utilization | port-specific { <slot/port> | all { rx-utilization | tx-utilization } } | port-specific-rx-utilization | port-specific-tx-utilization | port-tx-utilization | service-control-cpu-utilization | system-cpu-utilization | system-memory-utilization | tolerance } [ critical ] Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 108: Configuring Session Recovery

    “ready”. Configuring Offline Charging for D-eWAG To configure Offline Charging for D-eWAG, use the following configuration: configure gtpp single-source context <context_name> #To configure GTPP Group: ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...
  • Page 109 <accounting_policy_name> exit #To configure accounting mode in the Subscriber configuration: subscriber default accounting-mode gtpp Notes:  For information on the GTPP dictionary to use contact your Cisco account representative. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 110: D-Ewag Administration

    It is highly recommended that logging be enabled on your terminal client in order to capture all of the information that is generated. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 111: Monitor Subscriber

    Gathering D-eWAG-related Statistics and Information Table 7. D-eWAG-related Statistics and Information D-eWAG-related statistics or CLI command to use information To view concise D-eWAG service- show ipsg service all level information. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...
  • Page 112 To view status of DHCP servers. show dhcp status To view summary of DHCP related show dhcp summary all statistics. show dhcp imsi <imsi> To view DHCP related information for specified IMSI. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...
  • Page 113 To view information for subscribes with NAT enabled or disabled. show active-charging analyzer statistics name <analyzer_name> For Local Traffic Breakout support. To view ALG statistics. To view GTPP statistics. show gtpp statistics Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 115: Radius-Based Enhanced Wireless Access Gateway Aaa Avp Support

    UTF-8 encoded MCC/MNC used by MCC-MNC R-eWAG to build RAI identifying Wi-Fi network, otherwise currently only R-eWAG-configured value is used and this attribute is ignored. Acct-Session-Id Accounting Session Identifier string. Acct-Session- Time Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...
  • Page 116 Contains LAC_CI of the WLAN Identifier Access Point. R-eWAG uses the information in filling ULI of CPC. SN-WLAN-UE- Contains MAC address of the UE. Identifier R-eWAG sends it in IMEIsV of CPC. User-Name ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 117: Dhcp-Based Enhanced Wireless Access Gateway Aaa Avp Support

    Appendix B DHCP-based Enhanced Wireless Access Gateway AAA AVP Support This chapter presents quick references for AAA AVP support in accounting and authentication messages for D-eWAG. Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

  • Page 118: Aaa Avp Support In Accounting Messages

    Type Acct- Authentic Acct-Input- Octets Acct-Input- Packets Acct-Interim- Interval Acct-Output- Octets Acct-Output- Packets Acct-Session- Acct-Status- Type Acct- Terminate- Cause Called- Whatever is received from WLC the same is Station-ID sent. ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...
  • Page 119 Internet. Octets SN-LBO- Indicates number of packets sent by UE directly Acct-IN-Pkts to the Internet. SN-LBO- Indicates number of octets received by UE Acct-Out- directly from the Internet. Octets Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...
  • Page 120 Medium-Type Tunnel- Assigned VLAN ID for the subscriber. Private- Group-ID Tunnel-Type User-Name Contains the identify of the user in IMSI@Realm format as defined in 3GPP TS 23.003 as follows: IMSI@wlan.mncXXX.mccYYY.3gppnetwork.o ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...

  • Page 121: Aaa Avp Support In Authentication Messages

    D-eWAG does not do anything with this. Output- Octets Acct- D-eWAG does not do anything with this. Output- Packets Acct- Session-ID Acct-Status- Type Acct- D-eWAG does not do anything with this. Terminate- Cause Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...
  • Page 122 (RADIUS Client) which initiates the RADIUS messages. NAS-Port Contains the WLC port number used for sending the RADIUS messages. NAS-Port- Type Reply- D-eWAG does not do anything with this. Message ▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide...
  • Page 123 Assigned VLAN ID for the subscriber. Private- Group-ID Tunnel- VLAN Type User-Name Contains the identify of the user in IMSI@Realm format as defined in 3GPP TS 23.003 as follows: IMSI@wlan.mncXXX.mccYYY.3gppnet work.org Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄...

Table of Contents