Remote Address-based RADIUS Accounting


Remote Address-based RADIUS Accounting
 
 
This chapter provides information on configuring an enhanced, or extended, service. The product administration guides provide examples and procedures for the configuration of basic services on the system. It is recommended that you select the configuration example that best meets your service model, and configure the required elements for that model before using the procedures in this chapter.
This chapter includes the following sections:
 
Overview
Remote address-based RADIUS accounting counts the number of octets exchanged between individual subscribers and specific remote IP addresses, or networks, during a packet data session. Data from the subscriber to the remote addresses, and data from the remote addresses to the subscriber are accounted for separately.
 
The remote addresses for which to collect RADIUS accounting data are configured in lists on a per-context basis. Individual subscribers are associated with particular address lists through the configuration or specification of an attribute in their locally configured or RADIUS server-based profiles. Once the lists and subscriber profiles are configured, accounting data collection can be enabled on the system.
Remote address-based RADIUS accounting is implemented in the system according to the specifications described in TIA/EIA/IS-835-B, CDMA2000 Wireless IP Network Standard, October 2002 and 3GPP2 X.S0011-005-D.
 
Configuring Remote Address-based Accounting
To configure this functionality, a list of up to ten remote addresses or networks is configured in the authentication context, the list is assigned to a subscriber, and remote address collection is enabled.
Use the following configuration example to configure remote address-based accounting:
configure
  context <context_name>
     radius group <group_name>
     radius accounting ip remote-address list <list_id>
     address <ip_address> netmask <netmask>
     end
 
Verifying the Remote Address Lists
Use the following command to verify the remote address lists:
show configuration context <context_name>
Output similar to the following is displayed.
[local] host_name # show configuration context <context_name>
configure
  context <context_name>
     subscriber default
     exit
  radius accounting ip remote-address list 1
     address <ip_address> netmask <netmask>
     address <ip_address> netmask <netmask>
     address <ip_address> netmask <netmask>
     end
Notes:
 
Save your configuration as described in the Verifying and Saving Your Configuration chapter.
 
Subscriber Attribute Configuration
Subscriber attributes are configured as part of their profile. Subscriber profiles can be configured either remotely on a RADIUS server or locally on the system.
 
This section provides information and procedures on the attributes used to support this functionality.
Important: Since the instructions for configuring subscribers differ between RADIUS server applications, this section only provides the individual attributes that can be added to the subscriber profile. Please refer to the documentation that shipped with your RADIUS server for instructions on configuring subscribers.
 
Supported RADIUS Attributes
The following RADIUS attributes are used to configure remote address-based RADIUS accounting for a subscriber session. For specific information on each attribute, see the AAA Interface Administration and Reference.
 
 
 
Configuring Local Subscriber Profiles
Use the following example to configure local subscriber profiles to support the Remote Address-based RADIUS Accounting feature:
 
configure
  context <context_name>
     subscriber name <name>
        radius accounting ip remote-address list-id <list_id>
        end
configure
  context <context_name>
     radius accounting ip remote-address collection
     end
Notes:
 
Save your configuration as described in Verifying and Saving Your Configuration chapter.
 

Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883