Cisco Systems 3.5 manual Access-Accept Authentication, Access-Request Authorization

Page 60

Chapter 6 Prepaid Billing Solution

Generic Call Flow

Access-Accept (Authentication)

Flow 2b shows the billing server returning the authentication result. The billing server returns a failure if the prepaid subscriber has an inadequate balance.

Flow 2s shows the Cisco AR 3.5 server sending the Access-Accept to the AAA client. This message flow contains at least one prepaid billing-specific VSA (listed in Table 6-3) and may contain other access technology-specific attributes.

Table 6-3 Attributes Sent to AAA client in Access-Accept (Authentication)

Attribute

 

 

 

Number

Attribute Name

Description

Notes

 

 

 

 

26, 9

CRB__USER_TYPE

Refer to Vendor-Specific

Optional

 

CRB_AR_INIT_AUTHENTICATE

Attributes, page 6-10

 

 

 

 

 

Access-Request (Authorization)

In Flow 3c, the AAA client sends another Access-Request, this time to authorize the subscriber. Table 6-4lists the attributes required by the Cisco AR 3.5 server to authorize the subscriber. The session key ID used must be specified using a prepaid VSA pointing to the RADIUS attribute (standard or VSA).

Table 6-4 Attributes Sent During Subscriber Authorization

Attribute

 

 

 

Number

Attribute Name

Description

Notes

 

 

 

 

1

User-Name

APPL: Mobile Node

Required

 

 

Username

 

 

 

 

 

2

NAS IP Address

Accounting Node IP Address

APPL: Required, POA

 

 

 

 

31

Calling-station-ID

APPL:MSISDN or IMSI

APPL: Conditional

 

 

 

 

26, 9

CRB_AUTH_REASON

Refer to Vendor-Specific

Required

 

CRB_AR_INIT_AUTHORIZE

Attributes, page 6-10

 

 

 

 

 

26, 9

CRB_USER_ID

APPL:PDSN address or SSG

APPL: Required,

 

 

address

Address of the PDSN

 

 

 

 

26, 9

CRB_SERVICE_ID

APPL: Service ID such as

 

 

 

Simple IP service, Mobile IP

 

 

 

service, or VPN service

 

 

 

 

 

26, 9

CRB_SESSION_ID

This VSA contains the

Required; the session

 

 

session key ID information

ID must be globally

 

 

 

unique across all clients

 

 

 

and across reboots of

 

 

 

the client

 

 

 

 

.In Flow 3s, the Cisco AR 3.5 server sends the Prepaid billing server to obtain a quota. The quota might contain several values depending on the number of measurement parameters chosen.

Access-Accept (Authorization)

Flow 4b shows the billing server returning the quota array for the subscriber.

Cisco Access Registrar 3.5 Concepts and Reference Guide

6-6

OL-2683-02

 

 

Page 59 Page 61
Image 60
Page 59 Page 61
Contents Cisco Access Registrar 3.5 Concepts and Reference Guide Corporate HeadquartersCisco Access Registrar 3.5 Concepts and Reference Guide N T E N T S IiiSession-Service Service Step and Radius-Session Service Replication’s Impact on Request Processing IPAddress Port Understanding Snmp Accounting Start Data Flow ViiViii Obtaining Documentation World Wide WebObtaining Technical Assistance Ordering DocumentationDocumentation Feedback Cisco.comContacting TAC by Using the Cisco TAC Website Technical Assistance CenterContacting TAC by Telephone Xii Overview Radius ProtocolSteps to Connection Packet Exchange Between User, NAS, and RadiusPacket Contents Types of Radius MessagesProxy Servers Attribute DictionaryBasic Authentication and Authorization Proxying to an Ldap Server for AuthenticationOverview Basic Authentication and Authorization Understanding Cisco Access Registrar Cisco Access Registrar HierarchyServices UserLists and GroupsProfiles ScriptsSession Management Using Resource Managers Cisco AR Directory Structure Program FlowSubdirectory Description Scripting Points Client or NAS Scripting PointsCisco AR Server Action Explanation Action ExplanationAuthentication and/or Authorization Scripting Points Radius/Advanced/RequireNASsBehindProxyBeInClieSession Management Failover by the NAS and Session ManagementAuthentication/Authorization Scripts Script Processing HierarchyIncoming Scripts Cross Server Session and Resource Management OverviewOutgoing Scripts Session-Service Service Step and Radius-Session Service Configuring a Front Line Cisco Access RegistrarConfigure Central AR OL-2683-02 Using Cisco AR Scripts ACMEOutgoingScriptAltigaIncomingScript AuthorizeService AltigaOutgoingScriptANAAAOutgoing AscendIncomingScriptAuthorizeTelnet CabletronIncomingCabletronOutgoing CiscoIncomingExecTimeRule ExecDNISRuleExecFilterRule ExecNASIPRuleLDAPOutage MapSourceIPAddressParseAAARealm ParseAAASRealmParseServiceAndAAARealmHints ParseServiceAndAAASRealmHintsParseServiceAndAARealmHints ParseServiceAndAASRealmHintsParseServiceHints ParseTranslationGroupsByCLIDParseTranslationGroupsByDNIS ParseTranslationGroupsByRealmUSROutgoingScript Understanding Replication Replication OverviewHow Replication Works Replication Data FlowMaster Server Security Replication ArchiveEnsuring Data Integrity Slave ServerTransaction Data Verification Transaction OrderAutomatic Resynchronization Replication Configuration Settings Understanding Hot-ConfigurationFull Resynchronization Replication’s Impact on Request ProcessingRepType RepTransactionSyncIntervalRepTransactionArchiveLimit MasterRepIPAddress RepPortRepSecret RepIPMasterRep Members Subdirectory Rep Members/Slave1Name IPAddressOverview Supported MIBsSnmp Traps RADIUS-AUTH-SERVER-MIBSupported Traps CarServerStartCarServerStop CarInputQueueFullCarOtherAuthServerNotResponding CarOtherAuthServerRespondingCarOtherAccServerNotResponding Configuring Traps CarOtherAccServerRespondingCarAccountingLoggingFailure Directories SearchedConfiguration File Types Switching Configuration Files in Mid-FileCommunity String OL-2683-02 Prepaid Billing Solution Measurements and Component Actions Configuring Prepaid Billing Generic Call Flow Call Flow DetailsAccess-Request Authentication Attribute Number Attribute Name DescriptionAccess-Accept Authentication Access-Request AuthorizationAccess-Accept Authorization Accounting Start Data FlowAttribute Number Attribute Name Access-Request Quota Depleted Accept-Accept Quota DepletedAccounting Stop Session End Accounting Response Final StatusVendor-Specific Attributes Source VSA Name Type Call Flow DescriptionTotal Volume quota received by Crbprivate O S S a R Y GL-1Scalable wholesale access/open access solution GL-2GL-3 GL-4 GL-5 GL-6 GL-7 GL-8 GL-9 GL-10 Radius IN-1RFC IN-2IN-3 IN-4
Related manuals
Manual 180 pages 47.88 Kb

3.5 specifications

Cisco Systems 3.5 is an advanced version of Cisco's renowned networking and security solutions. This iteration showcases significant enhancements in performance, scalability, and security, making it a preferred choice for enterprises aiming to optimize their network operations and bolster their cybersecurity posture.

One of the main features of Cisco Systems 3.5 is its enhanced network automation capabilities. Automation streamlines network management, allowing organizations to apply consistent policies across their infrastructure while minimizing human error. This version employs advanced algorithms and machine learning to predict and rectify network issues proactively. With automation tools, network administrators can configure, monitor, and troubleshoot their networks with unprecedented efficiency.

Another notable characteristic of Cisco Systems 3.5 is its integration of artificial intelligence and machine learning into networking processes. The incorporation of AI enhances decision-making by analyzing vast amounts of network data, identifying patterns, and offering insights that help ensure optimal performance. This predictive analytics capability allows organizations to predict potential disruptions before they impact operations.

Security is a major focus in Cisco Systems 3.5. The platform introduces advanced threat detection and response systems that utilize deep learning to identify and mitigate emerging threats in real-time. Enhanced encryption protocols ensure that data transmitted over the network remains secure, protecting sensitive information from cyber threats. The integrated security features ensure compliance with various regulatory standards, a crucial requirement for businesses across multiple sectors.

The platforms' support for Software-Defined Networking (SDN) allows for dynamic resource allocation and traffic management. This flexibility enables organizations to adjust their network resources quickly in response to changing demands, leading to improved efficiency and reduced operational costs. Cisco Systems 3.5 also supports multicloud environments, facilitating seamless integration with cloud services such as AWS, Google Cloud, and Microsoft Azure.

Moreover, Cisco Systems 3.5 offers robust telemetry features, providing detailed real-time insights into network performance and health. This data-driven approach allows organizations to make informed decisions regarding capacity planning and resource optimization.

In summary, Cisco Systems 3.5 combines cutting-edge technologies such as AI, machine learning, and SDN to deliver a comprehensive networking solution. With its focus on automation, enhanced security, and multicloud support, this version is well-suited for modern enterprises looking to enhance their network infrastructure and security measures. As organizations continue to evolve in a digital-centric world, Cisco Systems 3.5 stands out as a critical tool to achieve connectivity and security goals effectively.
Top Page Image Contents