SGSN Operator Policy Configuration Mode Commands


SGSN Operator Policy Configuration Mode Commands
 
 
The SGSN Operator Policy configuration mode enables the operator to specify a single policy with rules governing the services, facilities, and privileges available to one, multiple, or all subscribers. These policies can override standard behaviors and provide mechanisms for an operator to get around the limitations of other infrastructure elements such as DNS servers and HLRs. By configuring an operator policy, the operator fine-tunes any desired restrictions or limitations needed to control call handling per subscriber or for a group of callers within a defined IMSI range.
Important: To create and use an operator policy, you must first define the IMSI range using the mcc command. This does not apply to the default operator policy.
The system supports up to 1000 operator policies, including the single operator policy named default. This default operator policy must be configured by the user to define limitations to be applied to any IMSIs that are not covered by any other defined operator policy.
Upon accessing this mode, your prompt should look similar to the following:
[local]asn5000(config-sgsn-op-policy-<pol_name>)#
 
Important: The commands or keywords/variables that are available are dependent on platform type, product version, and installed license(s).
 
accounting context
This command defines the name of the accounting context and optionally associates a GTPP group with this SGSN operator policy.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
accounting context ctxt_name [ gtpp group grp_name ]
remove accounting context
remove
Removes the accounting configuration from this SGSN operator policy configuration.
context ctxt_name
Use this keyword to identify the accounting context.
ctxt_name: Enter a string of 1 to 79 alphanumeric characters.
gtpp group grp_name
This keyword set identifies the GTPP group, where the GTPP related parameters have been configured in the GTPP Group configuration mode, to associate with this SGSN operator policy.
grp_name: Enter a string of 1 to 63 alphanumeric characters to identify the GTPP group created with the gtpp group command in the Context configuration mode.
Usage
This command can be used to associate a predefined GTPP server group - including all its associated configuration - with a specific operator policy. The GTPP group would have been defined with the gtpp group command in the Context Configuration Mode chapter of the CLI Reference Guide.
If the GTPP group is not specified, then a default GTPP group in the accounting context will be used.
If this command is not specified, use the name of the accounting context configured in the SGSN service configuration mode (for 3G) or the GPRS service configuration mode (for 2G), either will automatically use a “default” GTPP group generated in that accounting context.
If the accounting context is specified in the GPRS service or SGSN service and in an SGSN operator policy, then priority is given to the accounting context of the operator policy.
Example
For this SGSN operator policy, the following command identifies an accounting context called acctng1 and associates a GTPP server group named roamers with defined charging gateway accounting functionality.
accounting context acctng1 gtpp group roamers
 
allocate-ptmsi-signature
This command enables the allocation of a P-TMSI signature.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
allocate-ptmsi-signature
no allocate-ptmsi-signature
default allocate-ptmsi-signature
no
Disables the allocation of the P-TMSI signature.
default
Resets the configuration value to the default: allocates the P-TMSI signature.
Usage
Enable the allocation of the P-TMSI signature.
Example
allocate-ptmsi-signature
 
apn
This command creates and associates an SGSN access point name (APN) configuration instance with the SGSN operator policy.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
apn { network-identifier apn_net_id| operator-identifier apn_op_id} +
no { network-identifier apn_net_id | operator-identifier apn_op_id }
default apn
no
Disables the specified APN policy.
default
Creates a default SGSN APN policy with default values for all parameters.
network-identifier apn_net_id
apn_net_id : Enter a string of 1 to 62 alphanumeric characters, including dots (.) and dashes (-), to define the GT-address network identifier. For releases 8.0 the maximum number of characters is 63; for releases 8.1 and higher, the maximum number of characters is 62.
operator-identifier apn_op_id
apn_op_id: Enter a string of 1 to 18 alphanumeric characters including dots (.). The entry must be in the following format, where # represents a digit: : MNC###.MCC###.GPRS.
Usage
Use this command, to create an SGSN APN policy configuration or to access the SGSN APN configuration mode to update/modify the policy. Either of the two keywords can be used to identify the specific APN policy configuration.
Example
For this SGSN operator policy, create an APN configuration for network cust1-net:
apn network-identifier cust1-net
 
apn-restriction
DescriptionWith this command, this SGSN operator policy instructs the system to apply APN restrictions at the SGSN-level.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
apn-restriction update-policy deactivate restriction
default apn-restriction
default
Creates a default APN restriction configuration.
restriction
Select one of the two restrictions:
least-restrictive: applies a lower APN restriction value.
most-restrictive: applies a higher APN restriction value.
Usage
Configures the level of restrictions.
Example
Apply the lowest level of APN restrictions.
apn-restriction update-policy deactivate least-restrictive
 
apn-selection-default
This command enables/disables and configures the Default APN feature for use when the normal APN selection process fails. This command is available in releases 8.1 and higher.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
apn-selection-default network-identifier apn_net_id [ require-subscription-apn network-identifier apn_net_id ]
no apn-selection-default
no
Delete the configuration statement and disable the Default APN feature.
network-identifierapn_net_id
The network identier will be used as the default APN name.
apn_net_id : Enter a string of 1 to 62 alphanumeric characters, including dots (.) and dashes (-), to define the GT-address network identifier. For releases 8.0 the maximum number of characters is 63; for releases 8.1 and higher, the maximum number of characters is 62.
require-subscription-apn network-identifier apn_net_id
If defined, this APN name must also be included in the subscription data for the Default APN feature to function.
apn_net_id : Enter a string of 1 to 62 alphanumeric characters, including dots (.) and dashes (-), to define the GT-address network identifier. For releases 8.0 the maximum number of characters is 63; for releases 8.1 and higher, the maximum number of characters is 62.
Usage
The default APN will be used in error situations when the SGSN cannot select a valid APN via the normal APN selection process.
Within an operator policy, a default APN can be configured for the SGSN to:
In either of these instances, the SGSN can provide the default APN as an alternate behavior to ensure that PDP context activation is successful.
 
attach
This command defines attach-related configuration for this SGSN operator policy.
 
Important: Before using this command, ensure that the appropriate LAC information has been defined with the location-area-list command.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
[ no ] attach allow access-type { gprs | umts } location-area-list list_id
[ no ] attach restrict access-type { gprs | umts } { all | location-area-list instance list_id }
[ no ] attach access-type { gprs | umts } { all | location-area-list list_id } failure-code
default attach { access-type { gprs | umts } { all failure-code | location-area-list instance list_id } }
no
Deletes the specified attach configuration that was previously defined with this command for this operator policy.
default
Restores the default values for the operator policy for the specified parameter.
allow
Allow re-enables attaches in the configuration after an attach restrict command has been used.
restrict
Restrict attaches (do not accept calls) of specified access-type and from specified location areas (defined using either the all or location-area-list keywords).
access-type type
Defines the type of access to be allowed or restricted.
If this keyword is not included, then both access types are allowed by default.
all
Instructs the SGSN to apply the command action to all location areas.
location-area-list instance list_id
This keyword identifies a location area list already created with the location-area-list command. The location area list consists of one or more LACs, location area codes, where the MS is when placing the call. Using this keyword with either the allow or restrict keywords enables you to configure with more granularity.
list_id must be an integer between 1 and 5.
failure-code
Specify a GMM failure cause code to identify the reason an attach did not occur. This GMM cause code will be sent in the reject message to the MS.
fail-code must be an integer from 2 to 111. Default is 14. Refer to the GMM failure cause codes listed below (information has been taken from section 10.5.5.14 of the 3GPP TS 124.008 v7.2.0 R7):
Usage
Once the IMSI of an incoming call is known and matched with a specific operator policy, according to the filter definition of the mcc command, then that specific operator policy is selected to determine how the incoming call is handled.
By default, all attaches are allowed. If no access limitations are needed, then do not use the attach command.
Important: Before using this command, ensure that the appropriate LAC information has been defined with the location-area-list command.
Use this command to define this operator policy’s attach configuration.
Use this command to fine-tune the attach configuration specifying which calls/subscribers can attach and which calls are restricted from attaching.
Attachment restrictions can be based on any one or combination of the options, such as location area code or access type. It is even possible to restrict all attaches.
The command can be repeated using different keyword values to further fine-tune the attachment configuration.
Example
For calls under this operator policy, the following command restricts the attaches of all subscribers using the GPRS access type.
attach restrict access-type gprs all
Use the next command to reverse the previous attach restrict command:
attach allow access-type gprs all
Or, change the attach restriction to only restrict attaches of GPRS subscribers from specified LACs included in location area list #2 and include failure-code 45 as the reject cause. This configuration requires two CLI commands:
attach restrict access-type gprs location-area-list instance 2
attach access-type gprs location-area-list instance 2 failure-code 45
In the case of a dual-access SGSN, it is possible to also add a second definition to restrict attaches of UMTS subscribers within the LACs included in location area list #3.
attach restrict access-type UMTS location-area-list instance 3
Change the configuration to allow attaches for GPRS access for all previously restricted LACs - note that GPRS attaches would still be limited.
no attach restrict access-type gprs all
Restrict (deny) all GPRS attach requests (coming from any location area) and assign a single failure code for the reject messages. This is a two command process:
attach restrict access-type gprs all
attach access-type grps all failure-code 22
Remove the restrictions defined above - so that the access type is reset to the default (both types) and the failure code returns to the default value (14).
default attach access-type gprs all failure-code
 
authenticate
Product
This command enables/disables authentication for procedures like attach and service request.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
authenticate { activate | all-events | attach [ access-type | attach-type | frequency | inter-rat ] | detach | rau | service-request }
no authenticate { activate | attach | detach | rau | service-request }
default authenticate { activate | attach | detach | rau | service-request }
no
Disables and removes the defined authentication configuration for this SGSN operator policy.
default
Resets all parameters to default values for the authentication process configured for this SGSN operator policy.
activate
This keyword enables/disables authentication for activate requests and allows one or more of the following options to the configuration:
access-type type : Select one of the two options:
first - Enables/disables authentication for first activate .
frequency frequency - Defines 1-in-N selective authentication of subscriber events - where an event is an Attach Request, RAU, Service Request, Activate-Primary-PDP-Context Request, or Detach Request. If the frequency is set for 12, then the SGSN skips authentication for the first 11 events and authenticates on the 12th event.
frequency must be an integer from 1 to 16.
primary - Enables/disables authentication for every primary activate request.
all-events
Specifies that procedures - attaches, service requests, RAUs, detaches, and activations - will be authenticated. This can be fine-tuned by adding either or both of the following parameters:
access-type type must be one of the two:
frequency frequency - Defines 1-in-N selective authentication of subscriber events - where an event is an Attach Request, RAU, Service Request, Activate-Primary-PDP-Context Request, or Detach Request. If the frequency is set for 12, then the SGSN skips authentication for the first 11 events and authenticates on the 12th event.
frequency must be an integer from 1 to 16.
attach
This keyword configures the Attach authentication parameters. It enables/disables authentication for an Attach with a local P-TMSI or Attaches with an IMSI will be authenticated to acquire the CK (cipher key) and the IK (integrity key) .
access-type type : Must be one of the following options:
attach-typetype : Must be one of the following options:
combined : Authenticates combined GPRS/IMSI Attaches.
gprs-only : Authenticates GRPS Attaches only.
frequency frequency - Defines 1-in-N selective authentication of subscriber events - where an event is an Attach Request, RAU, Service Request, Activate-Primary-PDP-Context Request, or Detach Request. If the frequency is set for 12, then the SGSN skips authentication for the first 11 events and authenticates on the 12th event.
frequency must be an integer from 1 to 16.
inter-rat: Enables authentication for Inter-RAT Attaches.
detach
This keyword enables/disables and configures the access-type authentication for detach.
access-type type : must be one of the two:
rau
This keyword enables/disables and configures authentication for routing area updates (RAUs).
access-type type : Must be one of the two options:
frequency frequency - Defines 1-in-N selective authentication of subscriber events - where an event is an Attach Request, RAU, Service Request, Activate-Primary-PDP-Context Request, or Detach Request. If the frequency is set for 12, then the SGSN skips authentication for the first 11 events and authenticates on the 12th event.
frequency must be an integer from 1 to 16.
periodicity duration : Defines the length of time (number of minutes) that authentication can be skipped.
duration : Must be an integer from 1 to 10800.
update-type: Defines the type of RAU Request. Select one of the following:
combined-update { access-type | with inter-rat-local-ptmsi }
imsi-combined-update { access-type | with inter-rat-local-ptmsi }
periodic { access-type | frequency | periodicity }
ra-update { access-type | with inter-rat-local-ptmsi }
service-request
This keyword enables/disables authentication for service request.
frequency frequency - Defines 1-in-N selective authentication of subscriber events - where an event is an attach request, RAU, service request, activate-primary-PDP-context request, or detach request. If the frequency is set for 12, then the SGN skips authentication for the first 11 events and authenticates on the 12th event. frequency must be an integer from 1 to 16.
periodicity duration : Defines the length of time (number of minutes) that authentication can be skipped.
duration : Must be an integer from 1 to 10800.
service-type: Defines the service request type. Options include:
Usage
Use this command with the frequency keyword to determine the support for selective execution of the re-authentication and/or P-TMSI reallocation procedure in case of a 3G service request.
Example
Configure authentication to occur after every 10th event for GPRS access.
authenticate all-events frequency 9 access-type gprs
Disable authentication for Inter-RAT Attaches, use:
default authenticate attach inter-rat
Enable authentication for Inter-RAT RAU of the combined IMSI type:
authenticate rau update-type imsi-combined-update with inter-rat-local-ptmsi
 
cc
DescriptionThis command defines the charging characteristics to be applied for CDR generation through SGSN operator policy.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
cc { behavior-bit no-recordsbit_value | local-value behavior bit_value profile index_bit | prefer { hlr-value | local-value } }
no cc behavior-bit no-records
remove cc { behavior-bit no-records | local-value | prefer }
no
Disables the charging characteristics configuration of behavior bit from this SGSN operator policy.
remove
Removes the configured charging characteristics from this operator policy.
behavior-bit no-records bit_value
Default: Disabled
Specify that which behavior bit in charging characteristic is used to no accounting records will be generated. no-records to indicate which behavior bit in charging characteristics, means that no accounting records should be generated.
If we use a charging characteristics with the no-records bit set, then we won’t generate any accounting records, regardless of what may be configured elsewhere. . Use “no” to indicate that there is no such bit.
bit_value must be an integer value from 1 through 12.
local-value behavior bit_value profile index_bit
Default: bit_value = 0x0
index_bit = 8
This keyword sets the SGSN operator policy to configure the value of the behavior bits and profile index for the charging characteristics when the HLR does not provide value for this.
If the HLR provides the charging characteristics with behavior bits and profile index and operator want to ignore it, then specify prefer local-value keyword with this command.
bit_value must be a hexadecimal value between 0x0 and 0xFFF.
index_bit must be an integer value from 1 through 15.
Some of the index values are predefined according to 3GPP standard:
1 for hot billing
2 for flat billing
4 for prepaid billing
8 for normal billing
prefer
Default: hlr-value
Specifies preference for using charging characteristics settings received from HLR or set by SGSN locally.
hlr-value: Sets the operator policy to use charging characteristics settings received from HLR. This is the default preference.
local-value: Sets the operator policy to use charging characteristics settings from SGSN only. If no charging characteristics received from HLR then local value will be applicable.
Usage
Use this command to set the SGSN operator policy behavior to use charging characteristic either from HLR or locally from SGSN.
These charging characteristics parameters are configurable from SGSN APN Policy Configuration mode too. For generation of M-CDRs the parameters configured in this mode of SGSN Operator Policy Configuration mode will prevail but for generation of S-CDRs the parameters configured in SGSN APN Policy Configuration mode will prevail.
The first four bits of charging characteristics (use keyword profile) is for the charging trigger profile index and is used to select different charging trigger profiles.
The 12 behavior bits (with keyword local-value behavior) can to enable or disable the CDR generation.
Example
The following command configures the SGSN operator policy not to use records for charging characteristics and to set behavior bit to 2:
cc behavior-bit no-records 2
 
charging context
DescriptionThis command has been deprecated in favor of the accounting-context command for configuration of charging per SGSN operator policy.
 
description
Set to a relevant descriptive string.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
description description
no description
description
Enter an alphanumeric string of 1 to 100 alphanumeric characters. The string may include spaces, punctuation, and case-sensitive letters if the string is enclosed in double quotes ( “ ).
no
Removes the description configuration from this SGSN operator policy.
Usage
Define information that identifies this particularly SGSN operator policy.
Example
descriptionsgsn1 operator policy carrier1
 
direct-tunnel
This command allows direct tunneling if the direct tunneling is supported by destination node.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
direct-tunnel attempt-when-permitted
remove direct-tunnel
remove
Removes the configured setting to permit direct tunneling in this operator policy.
attempt-when-permitted
Default: Disabled.
Enables direct tunneling if the destination node allows it.
Usage
Use this command to enable the direct-tunnel feature at the operator policy level.
To ensure that direct tunnel is supported, check the settings of the direct-tunnel commands in the SGSN APN policy configuration mode and the Radio Network Controller (release 8.0) or RNC (releases 8.1 or higher) configuration mode. Direct tunneling must be enabled at these two point to allow direct tunneling for the MS/UE.
Example
The following command sets the SGSN operator policy to attempt to setup a direct tunnel if permitted at the destination node:
direct-tunnel attempt-when-permitted
 
dns-ggsn
Define the context to be used to do DNS lookup.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
dns-ggsn context ctxt_name
no dns-ggsn context ctxt_name
no
Removes the dns-ggsn configuration from this SGSN operator policy.
ctxt_name
Enter an alphanumeric string of 1 to 64 alphanumeric characters.
Usage
Use this command to define the context to be used to do DNS lookup to find the GGSN address.
Example
dns-ggsn context sgsn1
 
dns-sgsn
Identify the context to be used to do DNS to find the SGSN Address
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
[ no ] dns-sgsn context ctxt_name
no
Removes the dns-sgsn configuration from this SGSN operator policy.
ctxt_name
Enter an alphanumeric string of 1 to 64 alphanumeric characters.
Usage
Use this command to configure the context ID for the SGSN address that will be used to do the DNS lookup.
Example
dns-sgsn context sgsn1
 
encryption-algorithm-umts
Defines the order of preference for the encryption algorithm. This feature is specific to a 3G configuration.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
encryption-algorithm-umts type
[ default | no ] encryption-algorithm-umts
default
Resets the encryption-algorithm definition with default values.
no
Disables the encryption-algorithm definition.
type
Enter your first choice, first. After entering the first choice, you are prompted to indicate another type as a second priority choice.
uea0 - No encryption algorithm
uea1 - uea1 Algorithm
uea2 - uea2 Algorithm
Usage
Use this command to determine which UMTS encryption algorithm is to be used first.
Example
encryption-algorithm-umts uea1 then-uea2
 
end
Exits the configuration mode and returns to the Exec mode.
Product
All
Privilege
Security Administrator, Administrator
Syntax
end
 
equivalent-plmn
Configures the definition for an equivalent PLMNID and the preferred radio access technology (RAT). This command can be entered multiple times
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
equivalent-plmn radio_access_technology { 2G | 3g | any } plmnid mcc_number mnc_number priority priority
no equivalent-plmn radio_access_technology { 2G | 3g | any } plmnid mcc_number mnc_number
no
Removes the equivalent-PLMN configuration from this SGSN operator policy.
radio_access_technology
Enter one of the following options:
2G : 2nd generation
3G : 3rd generation
any : Any RAT
plmnid mcc_number mnc_number
mcc: Specifies the mobile country code (MCC) portion of the PLMN’s ID. The number can be any integer between 100 and 999.
mnc: Specifies the mobile network code (MNC) portion of the PLMN’s ID. The number can be any integer between 00 and 999.
priority priority
Select an integer between 1 and 15 with the highest priority assigned to the integer of the lower numeric value.
Usage
Use the priority option to define the preferred equivalent PLMN to be used.
Example
equivalent-plmn radio_access_technology any plmnid mcc 121 mnc 767 priority 2
 
exit
Exits the configuration mode and returns to the previous configuration mode.
Product
All
Privilege
Security Administrator, Administrator
Syntax
exit
 
gmm information-in-messages
This command provides the configuration to include the information in messages for the GPRS mobility management (GMM) parameters.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
gmm information-in-messages access-type { { gprs | umts } [ network-name { full-text name | short-text name } | [ send-after { attach | rau } ] }
[ default | no ] gmm { information-in-messages access-type { gprs | umts }
no
Disables the GMM configuration from this SGSN operator policy.
default
Sets up a GMM configuration with system default values.
access-type
Must select one of the following options:
gprs - General Packet Radio Service network
umts - Universal Mobile Telecommunications System network
After selecting the access-type, an additional parameter can be configured:
network-name: identifies the network name in either short text or full text.
send-after: configures the information in message to send after attachement or Routing Area Update (RAU).
network-name { full-text name | short-text name }
This keyword provides the option to add the network name to the message. The network name will in full text or short text. Possible options are:
full-text name: Indicate the network name in full text
short-text name: Indicate the network name in short text
send-after { attach | rau }
This keyword configures the information in message to send after attachment or RAU message. Possible options are:
attach: Information sent after attachment
rau: Information sent after routing area update
Usage
Use this command to configure identifying information about the network that will be included in GMM messages.
Example
default gmm information-in-messages access-type gprs
 
gmm retrieve-equipment-identity
This command configures the International Mobile Equipment Identity (IMEI) or software version (SV) retrieval and validation procedure for SGSN operator policy.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
gmm retrieve-equipment-identity { imei | imeisv [ unciphered ] [ then-imei ] } [ verify-equipment-identity [ deny-greylisted ] ]
[ no | default ] gmm retrieve-equipment-identity
no
Disables the equipment identity retrieval procedure configured for this SGSN operator policy.
default
Sets the default action of equipment identity retrieval (EIR) procedure configuration from this SGSN operator policy:
retrieve-equipment-identity : Default action is disabled - no retrieval of IMEI/IMEI-SV
verify-equipment-identity : Default action is disabled - no verification with Equipement Indentity Register (EIR)
equipment-identity-type
Default: disabled
Indicates the type of equipment identity to be configured for operator policy. The possible values are:
imei : International Mobile Equipement Identity
imeisv : International Mobile Equipement Identity - Software Version
imei
Indicates the equipment identity retrieval type to International Mobile equipment Identity (IMEI). IMEI is a unique 15 digit number consists of TAC (technical approval code), FAC (Final Assembly Code), SNR (Serial Number), and a check digit.
imeisv [ unciphered ] [ then-imei ]
Indicates the equipment identity retrieval type to IMEI with software version (SV). IMEI with SV becomes a unique 16 digit number consists of TAC (technical approval code), FAC (Final Assembly Code), SNR (Serial Number), and 2 digit software version number.
unciphered: This optional keyword enables the unciphered retrieval of IMEI-SV. If this option is enabled the retrieval procedure will get IMEISV (if auth is still pending, get as part of Authentication and Ciphering Response otherwise, via explicit Identification Request after Security Mode Complete).
then-imei: This otional keyword enables the retrieval of software version numbr before the IMEI. If this option is enabled the equipement identiry retrieval procedure will get IMEISV on secured link (after Security mode procedure via explicit Gmm Idenitification Request), and if MS is not having IMEISV(responded with NO Identity), SGSN will try to get IMEI.
If no other keyword is provided, imeisv will get IMEISV on secured link (after Security mode procedure via explicit Gmm Identification Request).
verify-equipment-identity [ deny-greylisted ]
Default: disabled
This keyword enables the equipment identity validation and validates the equipment identity against EIR.
Usage
Use this command to enable and configure the procedures for mobile equipment identity retrieval and validation from the EIR identified in the MAP Service configuration mode.
Example
The following command enables the SGSN to send ‘check IMEI’ messages to the EIR:
gmm retrieve-equipment-identity imei verify-equipment-identity
 
gs-service
This command associates the context of a Gs service interface with an SGSN operator policy.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
gs-service gs_srvc_name context ctx_name
no gs-service svc_name
no
Removes/disassociates the named Gs service from an SGSN operator policy.
gs_srvc_name
Specifies the name of a specific Gs service for which to display information.
gs_srvc_name is the name of a configured Gs service and can be from 1 to 63 alpha and/or numeric characters and is case sensitive.
context ctx_name
Specifies the specific context name where Gs service is configured. If this keyword is omitted, the named Gs service must be exist in the same context as the GPRS/SGSN service.
ctx_name is name of the configured context of Gs service. This can be from 1 to 63 alpha and/or numeric characters and is case sensitive.
Usage
Use this command to associate a specific Gs service interface with this GPRS service instance.
Important: A Gs service can be used with multiple SGSN and/or GPRS service.
Example
Following command associates a Gs service instance named stargs1, which is configured in context named star_ctx, with an SGSN operator policy:
gs-service stargs1 context star_ctx
 
gtp send
This command configures which information elements (IE) this operator policy sends in GTP messages. These IEs are required by the GGSN.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
gtp send { imeisv | ms-timezone | rat | uli }
remove gtp send { imeisv | ms-timezone | rat | uli }
no gtp send
remove
Removes the specified GTP send definition from the system configuration.
no
Disables the specified GTP send configuration.
imeisv
Instructs the SGSN to include the IMEISV (international mobile equipment identity (and software version) of the mobile when sending GTP messages of the type “Create PDP Context Request”.
ms-timezone
Instructs the SGSN to include this IE in GTP messages of the type “Create PDP Request” and “Update PDP Context Request”. This IE specifies the offset between universal time and local time, where the MS currently resides, in steps of 15 minutes.
This IE is sent by default.
rat
The RAT IE specifies which radio access technology (RAT) is being used by the MS (GERAN, UTRAN, or GAN). Including this keyword instructs the SGSN to include this IE when sending GTP messages of the type “Create PDP Request” and “Update PDP Context Request”.
This IE is sent by default.
uli
The ULI IE specifies the CGI (MCC, MNC, etc.) and SAI of the MS where it is registered. Including this keyword instructs the SGSN to include the IE when sending GTP messages of the type “Create PDP Request” and “Update PDP Context Request”.
This IE is not sent by default.
Usage
Use this command to define a preferred set of information to include when GTP messages are sent. Repeat this command multiple times to enable or disable multiple options. This instruction will be implemented when the specific operator policy is applied.
Example
Following command series instructs the SGSN to send ULI and RAT in the GTP messages.
gtp send uligtp send rat
 
gtpu fast-path
This command enables/disables the network processing unit (NPU) Fast Path support for NPU processing of GTP-U packets of user sessions at the NPU.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
[ remove ] gtpu fast-path
remove
Removes the NPU fast path functionality from an operator policy.
Usage
Use this command to enable/disable the NPU processed fast-path feature for processing of GTP-U data packets received from GGSN/RNC. This feature enhances the GTP-U packet processing by adding the ability to fully process and forward the packets through the NPU itself.
Important: When enabled/disabled, fast-path processing will be applicable only to new subscriber who establishes a PDP context after issuing this command (enabling GTP-U fast path). No existing subscriber session will be affected by this command.
Example
Following command enables the NPU fast path processing for all new subscribers’ session established with this operator policy:
gtpu fast-path
 
integrity-algorithm-umts
This command configures the order of preference for the Integrity Algorithm used for 3G.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
integrity-algorithm-umts type then_type
default integrity-algorithm-umts
default
Creates a configuration defining an order of preference based on system defaults.
type
Enter one or more of the following options in the order of preference:
uia1 - uia1 Algorithm
uia2 - uia2 Algorithm
Usage
Use this command to determine which integrity algorithm is preferred 3G. This command is configured in tandem with the algorithm type for encryption-algorithm-umts command.
Example
default integrity-algorithm-umts
 
location-area-list
Define the location area list to allow or restrict services in the specified location areas identified by location area code (LAC).
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
location-area-list instance instancearea-code area_code [ area_code * ]
no location-area-list instance instance [ area-code area_code ]
no
If the area-code keyword is included in the command, then only the specified area code is removed from the identified list. If the area-code keyword is not included with the command then the entire list of LACs is removed from this operator policy.
instance instance
Specifies an identification for the specific location area list.
instance must be an integer between 1 and 5.
area-code area_code *
This keyword defines the location area codes (LACs) to be used by this operator policy as a determining factor in the handling of incoming calls. Multiple LACs can be defined in a single location-area-list.
area_code must be an integer between 1 and 65535.
* If desired, enter multiple LACs separated by a single blank space.
Usage
Use the command multiple times to configure multiple LAC lists or to modify the a list.
Example
The following command creates a location area list for a single area code:
location-area-list instance 1 area-code 514
This command creates a second location area list for with multiple area codes - all separated by a single blank space:
location-area-list instance 2 area-code 514 62552 32 1513
The next command corrects an area code mistake (327 not 32) made in the previous configuration :
location-area-list instance 1 area-code 514 62552 327 1513
 
map
Use this command to configure the optional extensions to MAP messages.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
[ remove ] map message update-gprs-location [ imeisv | private-extension access-type ]
remove
IMEI-SV is not included in the GLU request -- this is the default behavior.
update-gprs-location
Includes an GLU message. This keyword-set is required.
imeisv
Default: disabled
Specifies the International Mobile equipment Identity-Software Version (IMEI-SV) information to include in GPRS Location Update (GLU) request message. SGSN will include IMEI-SV if available in message.
private-extension access-type
Include specific access-type private extension in the message.
Usage
This command configures optional extensions to MAP messages. The HLR should ignore these extensions if not supported by the HLR.
Example
map message update-gprs-location private-extension access-type
 
map-service
This command identifies a MAP service to associate with the operator policy and the context in which the service is configured.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
map-service context ctxt_name service map_srvc_name
no map-service context
no
Disables use of MAP service with this operator policy.
ctxt_name
Enter an alphanumeric string of 1 to 64 alphanumeric characters.
map_srvc_name
Enter an alphanumeric string of 1 to 64 alphanumeric characters.
Usage
Use this command to enable or disable MAP service with this operator policy.
Example
no map-service context
 
max-attached-subscribers
Defines the maximum number of subscribers allowed to attach at one time.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
max-attached-subscribers number
default max-attached-subscribers
default
Creates a configuration based on a system default.
number
Enter an integer from 1 to 4294967295.
Usage
Use this command to limit the number of simultaneous subscriber sessions.
Example
max-attached-subscribers 1231231234
 
mcc
This command defines a range of IMSI (the international mobile subscriber identity) numbers upon which an operator policy is based. Specifically, this command identifies: the mobile country code (MCC), and the mobile network code (MNC).
Optionally, the command can define, either or both, the mobile subscriber international number (MSIN - the last portion of the IMSI) and the public land mobile network ID (PLMNID).
Important: This command is mandatory if an operator policy is to be used. However, you do not need to complete this command if you are using the default operator policy.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
mcc mcc_num mnc mnc_num [ msin first start_num last stop_num | plmnid id ] +
mcc mcc_num
mcc defines the mobile country code (MCC) of an IMSI.
mcc_num : Enter a 3-digit number from 100 to 999 - 000 to 099 are reserved.
mnc mnc_num
mnc defines the mobile network code (MNC) of an IMSI.
mnc_num : Enter a 2 or 3-digit number from 00 to 999.
msin
MSIN (mobile subscriber international number) portion of the IMSI.
first start_num : Defines first MSIN prefix number in a range
last stop_num : Defines the last or final MSIN prefix number in a range.
plmnid
PLMN-ID consists of the MCC (mobile country code) plus the MNC (mobile network code) to identify the public land mobile network (PLMN) for a specific operator. This keyword associates a specific PLMN with this specific SGSN operator policy.
+
This symbol indicates that command can be repeated to create repeated definitions.
Usage
An IMSI = maximum of 15 digits. An IMSI consists of the MCC (3 digits) + the MNC (2 or 3 digits) + the MSIN (the remaining 10 or 9 digits depending on the length of the MNC ).
MCC and MNC are the minimum amount of information required to identify a unique operator policy with IMSI filtering. The MCC and MNC combine uniquely to identify the country and the network operator, for example: Cingular Wireless in the United States = mcc 311 mnc 180
To improve the granularity of call handling, an operator policy with additional IMSI filtering parameters can be defined, to include filtering based on the MSIN, by defining a MSIN range - first (or start-of-range) MSIN and last (or end-of-range) MSIN. The range numbers do not include the maximum allowed for the MSIN but should include a sufficient number to enable the operator policy to filter effectively.
For the most efficient IMSI filter, the operator policy should include all of the above parameters and the PLMN ID which defines the current location of the MS -- this parameter is particularly useful for highlighting which calls are roaming.
And if none of the operator policies contain useful filtering information, then the default operator policy will be applied as the information in this command is never defined for the default operator policy.
The following table will illustrate how these filtering parameters determine which operator policy will govern a call:
The filtering selects which operator policy will be used to determine how a call is handled - the operator policy that best matches the IMSI. So, a call with IMSI 123456789012345 PLMNID 23232 is best matched with OpPol-6.
In most cases, the operator policy with the most information defined will be used as a combination of PLMNID and IMSI provides the best match. But OpPol-6 won’t always be the best match. Using the table above:
OpPol-1 is the best match for IMSI 123456789011111.
OpPol-2 is the best match for IMSI 123456789099999
OpPol-5 is the best match for IMSI 123456789012345 if the PLMNID is 12344
Example
The following defines an operator policy with country code 310, mobile network code of 33, and PLMN ID of 42244.
mcc 310 mnc 33 plmnid 42244
 
network-initiated-pdp-activation
This command configures the Operator Policy to support activation of network-initiated PDP contexts and defines any desired activation restrictions.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
network-initiated-pdp-activation { allow | primary | restrict | secondary } +
allow
Allows either or both primary and secondary network-initiated PDP context activation.
primary
Specifies that only network-initiated primary PDP context activation is to be allowed.
restrict
Restricts network-initiated PDP context activation to either primary or secondary PDP contexts.
secondary
Specifies that only network-initiated secondary PDP context activation is to be allowed.
Usage
Use this command to define activation restrictions for network-initiated PDP contexts.
Example
network-initiated-pdp-activation allow
 
nri
This command specifies the network resource identifier (NRI) stored in bit 17 to bit 23 of Packet-temporary mobile subscriber identity (P-TMSI) to be retrieved by SGSN operator policy.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
nri length length [ value value ]
no nri [value ]
no
Removes the configured NRI value and location in P-TMSI for retrieval by this SGSN operator policy.
length length
Specifies the length of bits to be used in the P-TMSI to retrieve NRI information. This starts from bit 23 of the P-TMSI.
length must be an integer from 1 to 6.
value value
Specifies the value of the NRI to be retrieved from the P-TMSI. This value should not exceed the maximum possible value for the specified length.
value must be an integer from 0 to 63.
Usage
Use this command to retrieve the NRI stored in in bit 17 to bit 23 of the packet-temporary mobile subscriber identity (P-TMSI) .
Example
The following command specifies the length of NRI information to 5 bit and length of the NRI information to 23:
nri length 5 value 23
 
pdp-activate access-type
This command configures the PDP context activation option based on operator’s policy for type of access technology.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
pdp-activate access-type { grps | umts } { all | location-area-list instance instance } failure-code failure_code
default pdp-activate access-type { grps | umts } { all | location-area-list instance instance } failure-code code
default
Resets the configuration to system default values for PDP context activation request.
access-type { grps | umts }
Specifies the access technology type for PDP context activation.
gprs: Enables access type as GPRS.
umts: Enables access type as UMTS.
all
Default: allow
Configures the system to allow to create all PDP context activation request from MS.
location-area-list instance instance
Specifies the location area instance to create PDP context.
instance must be an integer from 1 through 5. The value must be an already defined instance of a LAC list created with the location-area-list command.
failure-code code
Default: 8
Specifies the failure code for PDP context activation.
code must be an integer from 8 through 112.
Usage
Use this command to configure this policy to allow GPRS/UMTS access through PDP context activation request from MS.
Example
Following command configures the system to create the PDP context for request from MS for GPRS access type with location area list instance 2 and failure-code 45.
pdp-activate access-type gprs location-area-list 2 failure-code 45
 
pdp-activate allow
This command configures the system to allow the PDP context activation based on operator’s policy for type of access technology.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
[ no ] pdp-activate allow access-type { grps | umts } location-area-list instance instance
no
Removes the configured permission to create PDP context on request of PDP context activation from MS for an access type.
access-type { grps | umts }
Specifies the access technology type for PDP context activation.
gprs: Enables access type as GPRS.
umts: Enables access type as UMTS.
location-area-list instance instance
Specifies the location area instance to create PDP context.
instance must be an integer from 1 through 5. The value must be an already defined instance of a LAC list created with the location-area-list command.
Usage
Use this command to configure this policy to allow GPRS/UMTS access through PDP context activation request from MS.
Example
Following command configures the system to allow the PDP context activation for GPRS access type with location area list instance 2.
pdp-activate allow access-type gprs location-area-list instance 2
 
pdp-activate restrict
This command configures the system to restrict the PDP context activation based on operator’s policy for type of access technology.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
[ no ] pdp-activate restrict { access-type { grps | umts } { all | location-area-list instance instance } | secondary-activation }
no
Removes the configured restriction on PDP context activation through this command.
access-type { grps | umts }
Specifies the access technology type to restrict PDP context activation.
gprs: Enables access type as GPRS.
umts: Enables access type as UMTS.
all
Default: allow
Configures the system to restrict all PDP context activation request from MS.
location-area-list instance instance
Specifies the location area instance to restrict PDP context activation.
list_id must be an integer from 1 through 5. The value must be an already defined instance of a LAC list created with the location-area-list command.
secondary-activation
Specifies the type of PDP context to restrict for secondary activation. This keyword restricts the system to create the secondary PDP context on receiving the PDP Context Activation Request from the MS.
Usage
Use this command to configure this policy to restrict GPRS/UMTS access through PDP context activation request from MS.
Example
Following command configures the system to restrict the PDP context activation for request from MS to access GPRS service with location area list instance 2.
pdp-activate restrict access-type gprs location-area-lis instance 2
 
ptmsi-reallocate
Define P-TMSI reallocation for attach or RAU or service requests.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
ptmsi-reallocate { attach | frequency frequency | interval minutes | routing-area-update | service-request } access-type { gprs | umts }
[ no | default ] ptmsi-reallocate { attach | frequency | interval | routing-area-update | service-request } access-type { gprs | umts }
access-type
One of the following options must be used to identify the access-type extension.
gprs - General Packet Radio Service
umts - Universal Mobile Telecommunications System
no
Disables the definition in the configuration.
default
Resets the configuration with system defaults.
attach
Enables/disables P-TMSI reallocation for attach with local P-TMSI. IMSI or inter-SGSN attach will always be reallocated.
frequency frequency
Enter an integer from 1 to 50 to define how many times a particular message can be skipped.
interval minutes
Enter an integer between 60 and 1440 to define the time interval (in minutes) for skipping the service/RAU/attach request message procedure.
routing-area-update
Enables/disables P-TMSI -reallocation for RAU (routing area update) with local P-TMSI. Inter-SGSN RAU will always be reallocated.
service-request
Enables/disables P-TMSI reallocation for service request.
Usage
Use this command to enable the various parameters that will determine the operation of P-TMSI reallocation.
Example
no ptmsi-reallocate attach access-type gprs
 
rau-inter
Define acceptable procedure for inter-SGSN routing area updates.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
rau-inter { access-type | allow access-type | restrict access-type } { [ all ] failure-code fail_code | location-area-list instance instance } }
no rau-inter { allow access-type | restrict access-type } { [ all ] failure-code fail_code | location-area-list instance instance }
default rau-inter { allow access-type | restrict access-type } { [ all ] failure-code fail_code | location-area-list instance instance } }
no
Including ‘no’ as part of the command structure disables the values already configured for parameters specified in the command.
default
Resets the configuration of specified parameters to system default values.
allow access-type
Including this keyword-set with one of the following options, configures the SGSN to allow MS/UE with the identified access-type extension to be part of the intra-RAU procedure.
gprs - General Packet Radio Service
umts - Universal Mobile Telecommunications System
restrict access-type
Including this keyword-set with one of the following options, configures the SGSN to restrict MS/UE with the identified access-type extension from the inter-RAU procedure.
gprs - General Packet Radio Service
umts - Universal Mobile Telecommunications System
location-area-list instance instance
list_id must be an integer between 1 and 5. The value must be an already defined instance of a LAC list created with the location-area-list command.
[ all ] failure-code fail-code
Specify a GMM failure cause code to identify the reason an inter SGSN RAU does not occur. This GMM cause code will be sent in the reject message to the MS.
all - adding this option to the keyword determines that the failure cause code will be applicable to all location areas.
fail-code must be an integer from 2 to 111. Refer to the GMM failure cause codes listed below (information has been taken from section 10.5.5.14 of the 3GPP TS 124.008 v7.2.0 R7):
Usage
Use this command to configure the restrictions and function of the inter-RAU procedure.
Example
default rau-inter allow access-type gprs location-area-list instance 1
 
rau-intra
Define acceptable procedure for intra-SGSN Routing Area Updates
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
rau-intra { access-type | allow access-type | restrict access-type } { [ all ] failure-code fail_code | location-area-list instance instance } }
no rau-intra { allow access-type | restrict access-type } { [ all ] failure-code fail_code | location-area-list instance instance }
default rau-intra { allow access-type | restrict access-type } { [ all ] failure-code fail_code | location-area-list instance instance } }
no
Including ‘no’ as part of the command structure disables the values already configured for parameters specified in the command.
default
Resets the configuration of specified parameters to system default values.
allow access-type
Including this keyword-set with one of the following options, configures the SGSN to allow MS/UE with the identified access-type extension to be part of the intra-RAU procedure.
gprs - General Packet Radio Service
umts - Universal Mobile Telecommunications System
restrict access-type
Including this keyword-set with one of the following options, configures the SGSN to restrict MS/UE with the identified access-type extension from the intra-RAU procedure.
gprs - General Packet Radio Service
umts - Universal Mobile Telecommunications System
location-area-list instance instance
list_id must be an integer between 1 and 5. The value must be an already defined instance of a LAC list created with the location-area-list command.
[ all ] failure-code fail-code
Specify a GMM failure cause code to identify the reason an inter SGSN RAU does not occur. This GMM cause code will be sent in the reject message to the MS.
all - adding this option to the keyword determines that the failure cause code will be applicable to all location areas.
fail-code must be an integer from 2 to 111. Refer to the GMM failure cause codes listed below (information has been taken from section 10.5.5.14 of the 3GPP TS 124.008 v7.2.0 R7):
Usage
Use this command to configure the restrictions and function of the intra-RAU procedure.
Example
default rau-intra allow access-type gprs location-area-list instance 1
 
re-authenticate
Enable or disable the re-authentication feature. This command is available in releases 8.1 and higher.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
re-authenticate [ access-type { gprs | umts } ]
remove re-authenticate
remove
Including this keyword with the command disables the feaure. The feature is disabled by default.
access-type
Defines the type of access to be allowed or restricted.
If this keyword is not included, then both access types are allowed by default.
Usage
Use this command to enable or disable the re-authentication feature, which instructs the SGSN to retry authentication with another RAND in situations where failure of the first authentication has occurred. To address the introduction of new SIM cards, for security reasons a systematic "last chance" authentication retry with a fresh Authentication Vector is needed, particularly in cases where there is an SRES mismatch at authentication.
Example
re-authenticate
 
reuse-authentication-triplets
Creates an Operator Policy configuration entry to enable or disable the reuse of authentication triplets in the event of a failure.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
[ no | remove } reuse-authentication-triplets no-limit
no
This keyword disables the SGSN Operator Policy from reusing triplets.
remove
This keyword causes the reuse configuration to be deleted from the Operator Policy configuration.
This is the default behavior. Triplets are reused.
no-limit
This keyword enables the SGSN Operator Policy to reuse triplets as needed.
Usage
Use this command to enable reuse of authentication triplets.
Example
reuse-authentication-triplets no limit
 
sgsn-address
Use this command to define the SGSN addresses for the static SGSN address table for peer SGSNs.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
sgsn-address rac rac-id lac lac_id [ nri nri ] prefer { fallback-for-dns address { ipv4 ip_address | ipv6 ip_addess } | local address { ipv4 ip_address | ipv6 ip_address } }
no sgsn-address { ipv4 ip_address | ipv6 ip_addess } rac rac_id lac lac_id
no
Disables the SGSN address configuration for the designated IP address.
rac rac_id
rac_id identifies foreign RAC of the peer SGSN address to be configured in the static peer SGSN address table.
rac_id must be an integer from 1 to 255.
lac lac_id
lac_id identifies foreign LAC of the peer SGSN address to be configured in the static peer SGSN address table.
lac_id must be an integer from 1 to 65535.
nri nri
nri identifies the network resource identifier stored in PTMSI (bit 17 to bit 23).
nri must be an integer from 0 to 63.
prefer
Indicate the preferred source of the address to be used.
fallback-for-dns - instructs the SGSN to do a DNS query to get the address.
local - instructs the system to use the local address present in the configuration.
address ip_address
ipv4 - enter a valid address in IPv4 standard notation.
ipv6 - enter a valid address in IPv6 standard notation.
 
sgsn-number
Define the SGSN’s E.164 number to be used for interactions via the MAP protocol.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
sgsn-number E164_number
no sgsn-number
no
Disables the use of this configuration definition.
E164_number
Enter a string of 1 to 16 digits to identify the SGSN’s E.164 identification.
 
sgtp-service
Identifies the SGTP service configuration to be used for this operator policy.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
sgtp-service context ctxt_name service sgtp_service_name
no sgtp-service context
ctxt_name
Enter an alphanumeric string of 1 to 64 alphanumeric characters.
sgtp_service_name
Enter an alphanumeric string of 1 to 64 alphanumeric characters.
no
Disables use of SGTP service with this operator policy.
Usage
Use this command to enable or disable SGTP service with this operator policy.
Example
sgtp-service context ctxt_name service sgtp_service_name
 
sms-mo
This command configures the operator policy dictating how mobile-originated SMS messages are handled.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
[ remove ]sms-mo { { access-type { gprs | umts } { all-location-areas | location-area-list } | allow access-type { gprs | umts } | restrict access-type { gprs | umts } }
remove
Deletes the specified configuration.
access-type type
Access by SMS will be limited to SMS coming from this network type :
allow
Allow either GPRS or UMTS type access for SMS.
restrict
Restrict either GPRS or UMTS type access for SMS.
location-area-list instance instance
instance must be an integer between 1 and 5. The value must identify an already defined LAC list created with the location-area-list command.
failure-code code
code : Must be an integer from 2 to 111.
Usage
Configure filtering for SMS-MO messaging.
Example
sms-mo access-type gprs all-location-areas failure-code code
 
sms-mt
This command configures the operator policy dictating how mobile-terminated SMS messages are handled.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
[ remove ]sms-mt { { access-type { gprs | umts } { all-location-areas | location-area-list } | allow access-type { gprs | umts } | restrict access-type { gprs | umts } }
remove
Deletes the specified configuration.
access-type type
Access by SMS will be limited to SMS coming from this network type :
allow
Allow either GPRS or UMTS type access for SMS.
restrict
Restrict either GPRS or UMTS type access for SMS.
location-area-list instance instance
instance must be an integer between 1 and 5. The value must identify an already defined LAC list created with the location-area-list command.
failure-code code
code : Must be an integer from 2 to 111.
Usage
Configure filtering for SMS-MT messaging.
Example
sms-mt access-type gprs all-location-areas failure-code code
 
srns-inter
Inter-SRNS (Serving Radio Network Subsystem) relocation.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
srns-inter ( all failure-code | allow location-area-list instance instance | location-area-list instance instance failure-code code | restrict location-area-list instance instance }
no srns-inter { allowlocation-area-list instance instance | restrictlocation-area-list instance instance }
default srns-inter { all | location-area-list-instance instance }
no
Deletes the inter-SRNS relocation configuration.
default
Resets the configuration to default values.
all failure-code code
Define the failure code that will apply to all inter-SRNS relocations.
code : Must be an integer from 2 to 111.
allow location-area-list instance instance
Identify the location area list Id (LAC Id) that will allow services in the defined location area.
location-area-list instance instance
instance : Must be an integer between 1 and 5 that identifies the previously defined location area list created with the location-area-list command.
restrict location-area-list instance instance
Identify the location area list Id (LAC Id) that indicates the location areas where services will be restricted.
Usage
This command defines the operational parameters for inter-SRNS relocation.
Example
Use the following command to allow services in areas listed in LAC list #3:
srns-inter allow location-area-list instance 3
 
srns-intra
Intra-SRNS (Serving Radio Network Subsystem) relocation.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
srns-intra ( all failure-code | allow location-area-list instance instance | location-area-list instance instance failure-code code | restrict location-area-list instance instance }
no srns-intra { allowlocation-area-list instance instance | restrictlocation-area-list instance instance }
default srns-intra { all | location-area-list-instance instance }
no
Deletes the intra-SRNS relocation configuration.
default
Resets the configuration to default values.
all failure-code code
Define the failure code that will apply to all intra-SRNS relocations.
code : Must be an integer from 2 to 111.
allow location-area-list instance instance
Identify the location area list Id (LAC Id) that will allow services in the defined location area.
location-area-list instance instance
instance : Must be an integer between 1 and 5 that identifies the previously defined location area list created with the location-area-list command.
restrict location-area-list instance instance
Identify the location area list Id (LAC Id) that indicates the location areas where services will be restricted.
Usage
This command defines the operational parameters for intra-SRNS relocation.
Example
Use the following command to restrict service in areas listed in the LAC list 1:
srns-intra restrict location-area-list instance 1
 
subscriber-control-inactivity
This command defines the time for the subscriber-control inactivity timer. The system seeks to detect inactivity where no PDP context is activated and then starts the timer.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
subscriber-control-inactivity timeout minutes time
{ no | default } subscriber-control-inactivity
no
Deletes the timer configuration.
default
Resets the timer configuration to the default value of 7 days (10080 minutes).
time
This timer is measured in minutes.
time : Enter an integer from 1 to 20160 (two weeks).
Usage
Use this command to configure the timeout timer. After this timer times out the subscriber is detached from the SGSN.
Example
subscriber-control-inactivity timeout minutes 360
 
super-charger
This command enables/disables the SGSN to work with a super-charged network.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
super-charger
remove super-charger
remove
Disables the super-charger functionality for an operator policy.
Usage
By enabling the super charger functionality for 2G or 3G connections controlled by an operator polilcy, the SGSN changes the hand-off and location update procedures to reduce signalling traffic management.
Example
Enable the feature with the following command:
super-charger
 
wildcard-apn
Define the APN to be used in case a wildcard APN is included in the subscriber record.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
wildcard-apn pdp-type pdp-type apn-network-identifier apn_net_id
no wildcard-apn pdp-type pdp-type
no
Removes the wildcard-apn definition from the configuration.
pdp-type pdp-type
pdp-type can be one of the following options:
ipv4 - for an ipv4 context
ipv6 - for an ipv6 context
ppp - for a PPP context
apn-network-identifier apn_net_id
apn_net_id : Must be one of the APN network Ids defined with the apn command in this SGSN operator policy configuration mode.
apn_net_id : Enter a string of 1 to 62 alphanumeric characters, including dots (.) and dashes (-), to define the network identifier. For releases 8.0 the maximum number of characters is 63; for releases 8.1 and higher, the maximum number of characters is 62.
Usage
This command is used to define a wildcard APN with the type of PDP context and the APN’s network ID. This wildcard APN would be used when an APN is not identified.
Example
Use this command to create an APN wildcard:
wildcard-apn -pdp-type ipv4 apn-network-identifier homer1
 
zone-code
Create a zone code and define one or more LAC Ids to specify service.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
[ no ] zone-code zc_id lac lac_id
no
Removes either a specific LAC Id from the zone-code definition or if lac_id is not included in the command then the entire zone-code definition is removed from configuration.
zc_id
Must be an integer from 1 to 65535.
lac_id
This keyword identifies a location area-code list previously defined with the location-area-list command of this SGSN operator policy configuration mode.
lac_id must be an integer from 1 to 65535.
Usage
Repeat this command to include multiple LAC Ids in the service definition.
Example
zone-code 1 lac 4132zone-code 1 lac 1234zone-code 1 lac 64321
 
 

Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883