Cisco ASR 5000 Administration Manual page 35

Enhanced wireless access gateway

Hide thumbs Also See for ASR 5000:

Administration manual (466 pages)

Installation manual (294 pages)

Installation procedure (8 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

page of 123

/ 123
Contents
Table of Contents
Bookmarks

Table of Contents

RADIUS-based Enhanced Wireless Access Gateway Overview

Table 3. Session Setup using Accounting-Interim Call Flow Descriptions

Step

Description

The UE attaches to the WLAN network using WLAN technology attach procedure by selecting SSID advertised for 3G

access.

The UE provides its EAP-identity for authentication in 802.1x message.

The WLC forwards the UE EAP-identity to the Wi-Fi AAA server through RADIUS Access-Request message by

encapsulating the EAP message in it. This message also contains the WLAN UE MAC Address and the WLAN Radio

Network Identifier.

The Wi-Fi AAA server proxies the Access-Request message to the 3GPP AAA server.

The 3GPP AAA server identifies the subscriber as a candidate for authentication with EAP-SIM/AKA based on received

identity. It interacts with the HLR to fetch the GSM/UMTS authentication vectors for EAP-SIM/AKA authentication and

other 3GPP-specific attributes from the subscriber profile, including IMSI, MSISDN, APN, and Charging Characteristics.

The 3GPP AAA sends the Access-Challenge-Request to the UE as part of EAP-SIM/AKA authentication procedure to the

Wi-Fi AAA proxy server.

The Wi-Fi AAA proxies the Access-Challenge message back to the WLC.

The WLC sends the EAP-Challenge message to the UE over 802.1x.

Similar EAP message exchanges happen between the UE and 3GPP AAA as part of authentication procedure.

After successful authentication, the 3GPP AAA sends an Access-Accept message with 3GPP-specific attributes including

IMSI, MSISDN, Charging-Characterstics, APN, etc.

The Wi-Fi AAA server caches the 3GPP attributes in the Access-Accept message, which will be later used to enrich the

RADIUS accounting messages generated from WLC and sent to the R-eWAG.

The Wi-Fi AAA proxies the Access-Accept message to the WLC.

The WLC sends the EAP-Success message over 802.1x to the UE and completes the authentication procedure.

The UE gets an IP address allocated from the Wi-Fi domain using DHCP exchanges as per the normal WLAN procedure of

allocating the IP address.

Note that the DHCP server allocating this IP address to the UE is part of Wi-Fi domain and the IP address thus allocated is

hereon referred to as the Wi-Fi IP address.

After the IP address is allocated to the attaching UE, the WLC initiates RADIUS accounting for the UE session by sending

RADIUS Accounting-Start message to the Wi-Fi AAA.

The Wi-Fi AAA server sends back the Accounting-Response to the WLC as acknowledgement.

The Wi-Fi AAA server sends the Accounting-Interim message enriched with 3GPP-specific attributes to the R-eWAG.

And, the R-eWAG creates the session based on this message and establishes GTP tunnel with the GGSN.

The R-eWAG creates new session based on this Accounting-Interim message. It assumes the default APN configured in the

R-eWAG service if it is not available in the Accounting-Interim message. It also assigns a default QoS value for the R-

eWAG session if not available in the Accounting-Interim message.

The R-eWAG identifies the GGSN to connect to using the same 3G procedure of identifying GGSN from SGSN/TTG

using DNS resolution. The R-eWAG then sends the Create PDP Context Request message to the GGSN to create the GTP

tunnel.

Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄

How it Works ▀

Table of Contents

Cisco ASR 5000 Administration Manual page 35

Related Manuals for Cisco ASR 5000

Related Products for Cisco ASR 5000

Table of Contents