Cisco ASR 5000 Administration Manual page 32
Enhanced wireless access gateway
Hide thumbs
Also See for ASR 5000:
- Administration manual (466 pages) ,
- Installation manual (294 pages) ,
- Installation procedure (8 pages)
Table of Contents
Advertisement
▀ How it Works
Table 2. Session Setup Call Flow Descriptions
Step
Description
1
The UE attaches to the WLAN network using WLAN attach procedure by selecting SSID advertised for 3G access.
2
The UE provides its EAP-identity for authentication in 802.1x message.
3
The WLC forwards the UE EAP-identity to the Wi-Fi AAA server in RADIUS Access-Request message by encapsulating
the EAP message in it. This message also contains the WLAN UE's MAC Address and the WLAN Radio Network
Identifier.
4
The Wi-Fi AAA server proxies the Access-Request message to the 3GPP AAA server.
5
The 3GPP AAA server identifies the subscriber as a candidate for authentication with EAP-SIM/AKA based on the
received identity. It interacts with the HLR to fetch the GSM/UMTS authentication vectors for EAP-SIM/AKA
authentication and other 3GPP-specific attributes like IMSI, MSISDN, APN, and Charging Characteristics from the
subscriber's profile.
6
The 3GPP AAA server sends Access-Challenge-Request to the UE as part of EAP-SIM/AKA authentication procedure to
the Wi-Fi AAA Proxy server.
7
The Wi-Fi AAA proxies the Access-Challenge message back to the WLC.
8
The WLC sends the EAP-Challenge message to the UE over 802.1x.
9
Similar EAP message exchanges happen between the UE and 3GPP AAA as part of the authentication procedure.
10
After successful authentication, the 3GPP AAA sends an Access-Accept message with 3GPP-specific attributes like IMSI,
MSISDN, Charging-Characteristics, APN, and others.
11
The Wi-Fi AAA server caches these 3GPP attributes in Access-Accept message, which will be later used to enrich the
RADIUS accounting messages generated from WLC and sent to the R-eWAG.
12
The Wi-Fi AAA proxies the Access-Accept message to the WLC.
13
The WLC sends the EAP-Success message over 802.1x to the UE and completes the authentication procedure.
14
The UE gets an IP address allocated from the Wi-Fi domain using the DHCP exchanges as per the normal WLAN
procedure of allocating IP address.
Note that the DHCP server allocating this IP address to the UE is part of the Wi-Fi domain, and the IP address thus
allocated is hereon referred to as the Wi-Fi IP address.
15
After the IP address is allocated to the attaching UE, the WLC initiates RADIUS accounting for the UE session by sending
a RADIUS Accounting-Start message to the Wi-Fi AAA.
16
The Wi-Fi AAA sends the Accounting-Response message back to the WLC as acknowledgement.
17
The Wi-Fi AAA server enriches the Accounting-Start message received with 3GPP-specific attributes as mentioned in Step
11. This modification of Accounting-Start message later helps the R-eWAG in creating the PDP context with the GGSN,
which requires 3G attributes like IMSI, MSISDN, APN, and others.
18
The Wi-Fi AAA server sends the Accounting-Start message enriched with the 3GPP-specific attributes to the R-eWAG.
19
The R-eWAG creates a new session based on this Accounting-Start message. It assumes the default APN configured under
R-eWAG service if it is not available in the Accounting-Start message. It also assigns a default QoS value for the R-eWAG
session if not available in the Accounting-Start message.
20
The R-eWAG identifies the GGSN it needs to connect with using the same 3G procedure of identifying GGSN from
SGSN(/TTG) using DNS resolution. The R-eWAG then sends the Create PDP Context Request message to the GGSN to
create the GTP tunnel.
▄ Cisco ASR 5000 Enhanced Wireless Access Gateway Administration Guide
32
RADIUS-based Enhanced Wireless Access Gateway Overview
Advertisement
Table of Contents
