Cisco Systems 3.5 Access-Request Authentication, Attribute Number Attribute Name Description

Page 59

Chapter 6 Prepaid Billing Solution

Generic Call Flow

Note In the following attribute tables, entries beginning with APPL indicate application-specific attributes. Another application might use the field for different purpose or ignore the field. All the fields with APPL are specific to Mobile Wireless usage for illustration purpose.

Access-Request (Authentication)

Flow 1c shows the client sending the Access-Request to AAA server, part of a normal authentication request. The exact nature of the message contents is dictated by the access technology, be it be CDMA1X-RTT, GPRS, or another. The Access-Request might involve other messages such as PAP/CHAP or another form of authentication.

The Flow 1c Access-Request might contain a prepaid specific VSA, CRB_AUTH_REASON. Table 6-2lists the attributes included in the authentication Access-Request. This tells the Cisco AR 3.5 server to authenticate the subscriber with the Prepaid server as well. If the value is CRB_AR_INIT_AUTHENTICATE, the initial quota must be obtained for a single service prepaid solution. If this VSA is not present, the Cisco AR 3.5 server will not authenticate with the Prepaid billing server.

Table 6-2 Attributes Sent During Subscriber Authentication

Attribute

 

 

 

Number

Attribute Name

Description

Notes

 

 

 

 

1

User-Name

APPL: Mobile Node

Required

 

 

Username

 

 

 

 

 

2

NAS IP Address

Accounting Node IP

APPL: Required, POA

 

 

Address

 

 

 

 

 

31

Calling-station-ID

APPL:MSISDN or IMSI

APPL: Conditional

 

 

 

 

26, 9

CRB_AUTH_REASON

Refer to VSA section

Required

 

CRB_AR_INIT_AUTHENTICATE

 

 

 

 

 

 

26, 9

CRB_USER_ID

APPL:PDSN address or

APPL: Required,

 

 

SSG address

Address of the PDSN

 

 

 

 

26, 9

CRB_SERVICE_ID

APPL: Service ID such as

 

 

 

Simple IP service, Mobile

 

 

 

IP service, or VPN

 

 

 

service

 

 

 

 

 

26, 9

CRB_SESSION_ID

This VSA contains the

Required; the session

 

 

session key ID

ID must be globally

 

 

information

unique across all clients

 

 

 

and across reboots of

 

 

 

the client

 

 

 

 

In Flow 1s, the Cisco AR 3.5 server sends a call to the billing server to authenticate the prepaid user and possibly determine more information about the subscriber’s account. The Cisco AR 3.5 server can be configured to generate this packet flow, using a subscriber profile parameter, if the request is from a prepaid subscriber.

Cisco Access Registrar 3.5 Concepts and Reference Guide

 

OL-2683-02

6-5

 

 

 

Image 59
Contents Corporate Headquarters Cisco Access Registrar 3.5 Concepts and Reference GuideCisco Access Registrar 3.5 Concepts and Reference Guide Iii N T E N T SSession-Service Service Step and Radius-Session Service Replication’s Impact on Request Processing IPAddress Port Understanding Snmp Vii Accounting Start Data FlowViii World Wide Web Obtaining DocumentationCisco.com Obtaining Technical AssistanceOrdering Documentation Documentation FeedbackContacting TAC by Telephone Contacting TAC by Using the Cisco TAC WebsiteTechnical Assistance Center Xii Radius Protocol OverviewPacket Exchange Between User, NAS, and Radius Steps to ConnectionTypes of Radius Messages Packet ContentsAttribute Dictionary Proxy ServersProxying to an Ldap Server for Authentication Basic Authentication and AuthorizationOverview Basic Authentication and Authorization Cisco Access Registrar Hierarchy Understanding Cisco Access RegistrarScripts ServicesUserLists and Groups ProfilesSession Management Using Resource Managers Subdirectory Description Cisco AR Directory StructureProgram Flow Action Explanation Scripting PointsClient or NAS Scripting Points Cisco AR Server Action ExplanationRadius/Advanced/RequireNASsBehindProxyBeInClie Authentication and/or Authorization Scripting PointsFailover by the NAS and Session Management Session ManagementIncoming Scripts Authentication/Authorization ScriptsScript Processing Hierarchy Outgoing Scripts Cross Server Session and Resource ManagementOverview Configuring a Front Line Cisco Access Registrar Session-Service Service Step and Radius-Session ServiceConfigure Central AR OL-2683-02 AltigaIncomingScript Using Cisco AR ScriptsACMEOutgoingScript AscendIncomingScript AuthorizeServiceAltigaOutgoingScript ANAAAOutgoingCiscoIncoming AuthorizeTelnetCabletronIncoming CabletronOutgoingExecNASIPRule ExecTimeRuleExecDNISRule ExecFilterRuleParseAAASRealm LDAPOutageMapSourceIPAddress ParseAAARealmParseServiceAndAASRealmHints ParseServiceAndAAARealmHintsParseServiceAndAAASRealmHints ParseServiceAndAARealmHintsParseTranslationGroupsByRealm ParseServiceHintsParseTranslationGroupsByCLID ParseTranslationGroupsByDNISUSROutgoingScript Replication Overview Understanding ReplicationMaster Server How Replication WorksReplication Data Flow Slave Server SecurityReplication Archive Ensuring Data IntegrityAutomatic Resynchronization Transaction Data VerificationTransaction Order Replication’s Impact on Request Processing Replication Configuration SettingsUnderstanding Hot-Configuration Full ResynchronizationMaster RepTypeRepTransactionSyncInterval RepTransactionArchiveLimitRepIPMaster RepIPAddressRepPort RepSecretIPAddress Rep Members SubdirectoryRep Members/Slave1 NameSupported MIBs OverviewRADIUS-AUTH-SERVER-MIB Snmp TrapsCarInputQueueFull Supported TrapsCarServerStart CarServerStopCarOtherAccServerNotResponding CarOtherAuthServerNotRespondingCarOtherAuthServerResponding Directories Searched Configuring TrapsCarOtherAccServerResponding CarAccountingLoggingFailureSwitching Configuration Files in Mid-File Configuration File TypesCommunity String OL-2683-02 Prepaid Billing Solution Measurements and Component Actions Configuring Prepaid Billing Call Flow Details Generic Call FlowAttribute Number Attribute Name Description Access-Request AuthenticationAccess-Accept Authorization Access-Accept AuthenticationAccess-Request Authorization Attribute Number Attribute Name Accounting StartData Flow Accept-Accept Quota Depleted Access-Request Quota DepletedAccounting Response Final Status Accounting Stop Session EndSource VSA Name Type Call Flow Description Vendor-Specific AttributesTotal Volume quota received by Crbprivate GL-1 O S S a R YGL-2 Scalable wholesale access/open access solutionGL-3 GL-4 GL-5 GL-6 GL-7 GL-8 GL-9 GL-10 IN-1 RadiusIN-2 RFCIN-3 IN-4
Related manuals
Manual 180 pages 47.88 Kb

3.5 specifications

Cisco Systems 3.5 is an advanced version of Cisco's renowned networking and security solutions. This iteration showcases significant enhancements in performance, scalability, and security, making it a preferred choice for enterprises aiming to optimize their network operations and bolster their cybersecurity posture.

One of the main features of Cisco Systems 3.5 is its enhanced network automation capabilities. Automation streamlines network management, allowing organizations to apply consistent policies across their infrastructure while minimizing human error. This version employs advanced algorithms and machine learning to predict and rectify network issues proactively. With automation tools, network administrators can configure, monitor, and troubleshoot their networks with unprecedented efficiency.

Another notable characteristic of Cisco Systems 3.5 is its integration of artificial intelligence and machine learning into networking processes. The incorporation of AI enhances decision-making by analyzing vast amounts of network data, identifying patterns, and offering insights that help ensure optimal performance. This predictive analytics capability allows organizations to predict potential disruptions before they impact operations.

Security is a major focus in Cisco Systems 3.5. The platform introduces advanced threat detection and response systems that utilize deep learning to identify and mitigate emerging threats in real-time. Enhanced encryption protocols ensure that data transmitted over the network remains secure, protecting sensitive information from cyber threats. The integrated security features ensure compliance with various regulatory standards, a crucial requirement for businesses across multiple sectors.

The platforms' support for Software-Defined Networking (SDN) allows for dynamic resource allocation and traffic management. This flexibility enables organizations to adjust their network resources quickly in response to changing demands, leading to improved efficiency and reduced operational costs. Cisco Systems 3.5 also supports multicloud environments, facilitating seamless integration with cloud services such as AWS, Google Cloud, and Microsoft Azure.

Moreover, Cisco Systems 3.5 offers robust telemetry features, providing detailed real-time insights into network performance and health. This data-driven approach allows organizations to make informed decisions regarding capacity planning and resource optimization.

In summary, Cisco Systems 3.5 combines cutting-edge technologies such as AI, machine learning, and SDN to deliver a comprehensive networking solution. With its focus on automation, enhanced security, and multicloud support, this version is well-suited for modern enterprises looking to enhance their network infrastructure and security measures. As organizations continue to evolve in a digital-centric world, Cisco Systems 3.5 stands out as a critical tool to achieve connectivity and security goals effectively.