Radius Accounting - Cisco ASR 5000 Administration Manual

DHCP-based Enhanced Wireless Access Gateway Overview
 The UE MAC address present in the "Calling-Station-ID" AVP of Access-Request message is used to identify
the UE session at D-eWAG for subsequent RADIUS messages from the WLC.
 At the end of 802.1X authentication, the Access-Accept message from 3GPP-AAA server carries the 3G-specific
attributes of the authenticated user such as IMSI, MSISDN, and APN. This information is used by D-eWAG
for creating a GTP PDP context with the GGSN.
DHCP Requirements

The WLC should act as DHCP-Relay and should be configured with D-eWAG service IP address as the "external dhcp-
server" for the 3G-SSIDs.

D-eWAG processes all the DHCP messages sent to standard DHCP server UDP port 67.

When DHCP-Discover message is received from the UE, DHCP server in the ASR5000 chassis goes into pending state to
wait until the signaling on the MNO side (GTP tunnel creation) is done to get an IP address for the UE.

On the arrival of the Create PDP Context Response, which carries the assigned IP address c.c.c.c for the client, DHCP is
fully resumed to offer c.c.c.c back to the client.

On the completion of DHCP signaling, the session on the DP is fully activated to tunnel the client's entire traffic to the
GGSN over GTP-U.

In subsequent DHCP message exchanges over time (for example, DHCP Request and DHCP ACK), no further signaling
will happen on the MNO side. The DHCP-REQUEST on the D-eWAG needs to always turn around to compose a
corresponding response to reassign or renew this same address with an endless lease back to the client.
Important:

supported in this release.

UE connecting through D-eWAG should include the "PARAMETER REQUEST LIST" DHCP option in DHCP-
Discover/Request to ask for subnet-mask, default-router, and DNS configuration parameters from DHCP Server (D-
eWAG) as DHCP-Inform message is not supported in this release.

DHCP service should be configured in the same context as the D-eWAG service. This is because D-eWAG is using the
existing DHCP service in the ASR5000 chassis to act as DHCP-server in this model.

RADIUS Accounting

RADIUS accounting messages are exchanged in the WLC-D-eWAG interface as described here:
 WLC node can be configured with D-eWAG service IP address as the RADIUS accounting-server for the 3G-
SSID sessions.
 After the IP address is allocated to the WLAN UE using DHCP signaling, WLC will send the RADIUS
Accounting-Start/Interim/Stop messages for the UE session to D-eWAG.
 The accounting messages received are proxied to the 3GPP-AAA server (like authentication process) by D-
eWAG. Acct-Interim message are used for D-eWAG session updates like identifying AP change, and Acct-
Stop message are used to teardown the D-eWAG session as the corresponding session at WLC is down.
 Note that this accounting proxy is optional. WLC can have different AAA server configured for RADIUS
accounting.
 When D-eWAG receives a RADIUS accounting message from WLC, it is forwarded to the AAA server. In this
scenario, if the call goes down for any reason apart from Acct-Stop from WLC, D-eWAG creates Acct-Stop on
its own for this WLC-initiated accounting and sends it to the AAA server. This ensures that the AAA server
will know that the WLC-initiated accounting session needs to be stopped as the session has gone down.
UE suggesting the IP address to DHCP server in DHCP-Discover or DHCP-Request messages is not
Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide ▄
Product Overview ▀
73