Important: The commands or keywords/variables that are available are dependent on platform type, product version, and installed license(s).
group_name must be a string of 1 through 63 characters in length.
Important: The system’s GTPP parameters must be configured prior to using this protocol for accounting. Refer to the
gtpp commands in the Context Configuration Mode Commands chapter of this reference.
Important: The system’s RADIUS/Diameter accounting parameters must be configured prior to using either of the protocols for accounting. Refer to the
radius/
diameter commands in the Context Configuration Mode Commands and the AAA Server Group Configuration Mode Commands chapters of this reference.
Disables the generation of RADIUS interims per APN. If no-interims is specified, then it won't send any RADIUS INTERIM-UPDATEs for this APN, regardless of what is configured in the context that is used for RADIUS accounting.
If the radius-diameter option is used, either the RADIUS or the Diameter protocol is used as configured in the Context Configuration mode or the AAA Server Group Configuration mode.
Important: If the accounting type in the APN is set to ‘none’ then G-CDRs will not be generated. If accounting type is left as default ’GTPP’ and ‘billing-records’ are configured in Rulebase configuration mode in ECS, then both G-CDRs and eG-CDRs would be generated.
bandwidth_policy must be an alpha and/or numeric string from 1 through 63 characters in length.
rulebase_name must be an alpha and/or numeric string of 1 through 63 characters in length.
downlink: Applies the AMBR parameters to the downlink direction.
uplink: Applies the AMBR parameters to the uplink direction.
auto-readjust duration seconds: A duration, in seconds, used in this burst size calculation:
seconds must be an integer value from 1 to 30. Default is 1 second
bytes: Specifies the burst size in bytes allowed by this APN for the associated PDNs.
bytes must be an integer value from 1 to 4294967295 (1 byte to 4 GB).
drop: Violating packets are dropped.
lower-ip-precedence: The DSCP value is set to zero (“best effort”) for the violating packets.
shape [ transmit-when-buffer-full ]: Place all violating packets into a buffer and, optionally, packets are transmitted when the buffer is full.
transmit: Violating packets are transmitted. This is the default setting.
Associates the P-GW APN with an accounting policy configured in the same context. name must be an existing accounting policy and be from 1 to 63 alpha and/or numeric characters.
This keyword if enabled , eaither with msisdn-auth or
imsi-auth strips the APN name from the user name
msisdn@
apn or
imsi@
apnreceived from AAA and make the user name as
msisdn or
imsi respectively.
A preference must be specified in conjunction with this option. Priorities specify which authentication protocol should be attempted first, second, third and so on. preference must be an integer from 1 through 1000. The lower the integer, the higher the preference.
A preference can be specified in conjunction with this option. Priorities specify which authentication protocol should be attempted first, second, third and so on. preference must be an integer from 1 through 1000. The lower the integer, the higher the preference.
A preference must be specified in conjunction with this option. Priorities specify which authentication protocol should be attempted first, second, third and so on. preference must be an integer from 1 through 1000. The lower the integer, the higher the preference.
|
|
|
|
If the there was no match and the aaa constructed-nai authentication parameter is enabled in the authentication context, the system attempts to determine a subscriber profile (via PAP with no password) using the subscriber’s MSISDN as the username.
|
If the aaa constructed-nai authentication parameter is enabled in the authentication context, the system attempts to determine a subscriber profile (via PAP with no password) using the subscriber’s MSISDN as the username.
|
|
|
|
|
|
|
|
If this protocol is used is specified and the allow-noauth parameter is disabled, the system will attempt to use the APN’s default username/password specified by the outbound command for authentication via PAP.
|
|
|
|
|
|
|
|
|
|
|
To enable imsi-auth or
msisdn-auth, the following command instances must be issued:
bits can be configured to any unique bit from 001H to FFFH (0001 to 1111 1111 1111 bin) where the least-significant bit corresponds to B1 and the most-significant bit corresponds to B12.
index can be configured to any integer value between 0 and 15.
Important: 3GPP standards suggest that profile index values of 1, 2, 4, and 8 be used for hot billing, flat rate billing, prepaid billing and normal billing, respectively. A single charging characteristics profile can contain multiple behavior settings.
bits can be configured to any unique bit from 001H to FFFH (0001 to 1111 1111 1111 bin) where the least-significant bit corresponds to B1 and the most-significant bit corresponds to B12.
index can be configured to any integer value between 0 and 15.
Important: 3GPP standards suggest that profile index values of 1, 2, 4, and 8 be used for hot billing, flat rate billing, prepaid billing and normal billing, respectively. A single charging characteristics profile can contain multiple behavior settings.
Causes the GGSN to accept CCs from the SGSN(s) when the no cc-sgsn command is entered with all applicable keywords. Otherwise,
no cc-sgsn can be used to turn off one or more of the GGSN sources of CC.
Before entering no cc-sgsn, it is helpful to determine which CC sources have been configured. This can be done with either
show configuration or
show apn name in Exec Command Mode.
use-GGSN [ behavior bits ] profile index[ 0...15 ]
bits specifies the behavior bit for the charging characteristic. This variable can be configured to any unique bit from 001H to FFFH (0001 to 1111 1111 1111 bin) where the least-significant bit corresponds to B1 and the most-significant bit corresponds to B12.
index indicates which profile defined with
cc profile, in GGSN Service Configuration mode, GGSN uses as a source for CCs. The index can be configured to any integer value from 0 to 15.
use-GGSN keyword can be entered alone or in conjunction with the
radius-returned keyword. When entered, this keyword, overrides previous configuration using any of the home, roaming, and/or visiting keywords.
•
|
Home: Subscribers belonging to the same Public Land Mobile Network (PLMN) as the one on which the GGSN is located.
|
•
|
Roaming: Subscribers that are serviced by a an SGSN belonging to a different PLMN than the one on which the GGSN is located.
|
•
|
Visiting: Subscribers belonging to a different PLMN than the one on which the GGSN is located.
|
bits can be configured to any unique bit from 001H to FFFH (0001 to 1111 1111 1111 bin) where the least-significant bit corresponds to B1 and the most-significant bit corresponds to B12.
index can be configured to any integer value between 0 and 15.
Important: 3GPP standards suggest that profile index values of 1, 2, 4, and 8 be used for hot billing, flat rate billing, prepaid billing and normal billing, respectively. A single charging characteristics profile can contain multiple behavior settings.
cf_policy_id must be a preconfigured category policy ID in Active Charging Configuration Mode.
In case category policy identifier cf_policy_id used here is not configured in Active Charging Configuration Mode, all packets will be passed regardless of the categories determined for such packets.
Important: Category Policy Id configured through this mode overrides the Category Policy id configured through
content-filtering category policy-id command in Rulebase Configuration Mode of Active Charging Service Configuration mode.
Important: If Content Filtering Category Policy ID is not specified here the similar command in ACS Rulebase Configuration Mode determines the policy.
cc_group_name must be a alpha and/or numeric string of 1 through 63 characters in length.
DescriptionThis command is obsolete. To configure the Diameter Credit Control Origin Endpoint, in the Credit Control Configuration mode, use the
diameter origin endpoint command.
peer_name must be an alpha and/or numeric string of from 1 through 127 characters.
peer_name allows punctuation marks.
The realm_name must be an alpha and/or numeric string of from 1 to 127 characters. The realm may typically be a company or service name.
realm_name allows punctuation marks.
Warning: This configuration completely overrides all instances of
diameter peer-select that have been configured within the Credit Control Configuration Mode for an Active Charging service.
•
|
multicast discard: configures the default multicast settings which is to discard PDUs
|
•
|
qos-dscp: conversational ef streaming af11 interactive af21 background be
|
•
|
required: Configures handling of RRQ to enable the acceptance without NAI extension in this APN. Default: Disabled.
|
Configures the IP address of the DNS server. address must be expressed in dotted decimal notation.
Specifies the IP address of the DNS server to remove. dns_address must be expressed in dotted decimal notation.
4. DNS values configured at context level with ip name-servers command has the last preference.
Important: The same preference would be applicable for the NBNS servers to be negotiated via ICPC with the LNS.
Important: This command is only available in StarOS 8.0. In StarOS 8.1 and later, this configuration is available in the Rulebase Configuration Mode.
Important: Unless Stateful Firewall support for this APN is enabled using this command, firewall processing for this APN is disabled.
Important: If firewall is enabled, and the rulebase has no firewall configuration, Stateful Firewall will cause all packets to be discarded.
fw_nat_policy must be an alpha and/or numeric string of 1 through 63 characters in length. Note that this policy will override the
default Firewall-and-NAT policy configured in the ACS rulebase.
Important: This command is customer-specific and is only available in StarOS 8.1.
Important: This command must be used to configure the Policy-based Firewall-and-NAT feature.
sdu-error-ratio sdu-error-ratio-code
sdu-error-ratio-code corresponds to distinct SDU Error ratio values in integer between the range of 1 to 7.
residual-ber residual-ber-code
residual-ber-code corresponds to distinct Residual Bit Error Ratio values in integer between the range of 1 to 9.
The mapping for sdu-error-ratio-code is as follows:
gtpp group group_name [ accounting-context
ac_context_name ]
group_name must be a string of size 1 to 63 character. It must be the same as configured earlier within the same context of APN.
ac_context_name specifies the name of the context to be used for accounting. The name must be between 1 and 79 alpha and/or numeric characters and is case sensitive.
group_name must be a string of size 1 to 63 character. It must be the same as configured earlier within the same context of APN.
ac_context_name specifies the name of the context to be used for accounting. The name must be between 1 and 79 alpha and/or numeric characters and is case sensitive.
It will also be ignored, if the configured GTPP group group_name and/or accounting context
ac_context_name is invalid. In such a case, the call will be established successfully unlike the primary group configuration where the call drops.
In the absence of the configured ac_context_name context; by default the GGSN service context is chosen.
If idle-timeout-activity ignore-downlink is configured, the downlink traffic will not be used to reset the idle-timeout. Only uplink packets will be able to reset the idle-timeout.
By default, ignore-downlink is negated by the
no command so downlink traffic is also used to reset the idle-timeout.
auth_svc_name must be a string of size 1 to 63 character preconfigured with in the same context of this APN.
no ims-auth-service gx_interface1
Specifies the name of the IPv4/IPv6 access group. acl_group_name is a configured ACL group and must be an alpha and/or numeric string of 1 to 79 characters.
The following command associates the sampleipv4Group access group with the current APN profile for both inbound and outbound access.
Important: If this option is used, the system’s DHCP parameters must be configured.
Important: If this option is used, the system’s DHCP parameters must be configured.
Important: If this option is used, the name of the IP address pool from which to allocate addresses must be configured using the
ip address pool-name command. If no pool name is specified, the system will attempt to allocate an address from any public pool configured in the destination context.
This keyword, when specified with dhcp-proxy for IP address allocation configuration, GGSN will prefer DHCP supplied parameters over values provided by AAA server or by local configuration. This keyword controls following parameters:
Important: This keyword is available only with dhcp-proxy ip allocation method as this functionality is implemented only for GGSN acting as DHCP proxy.
Important: If this option is not enabled, PDP contexts requesting the use of a static address will be rejected with a cause code of 220 (Unknown PDP address or PDP type).
If the ip address alloc-method command is configured to allow the assignment of IP addresses from a local pool configured on the system, this command instructs the system as to which pool should be used.
ip_address must be expressed in dotted-decimal notation.
allocation-retention-priority can be the integers 1, 2, or 3.
Important: If you only configure DCSP marking for interactive traffic classes without specifying ARP, it may not properly take effect. The CLI allows this scenario for backward compatibility however, it is recommended that you configure all three values.
interactive traffic_priority
traffic_priority is the 3GPP traffic handling priority and can be the integers 1,2 or 3.
•
|
af11: Assured Forwarding 11 per-hop-behavior (PHB)
|
|
•
|
af33: Assured Forwarding 33 PHB
|
|
•
|
af12: Assured Forwarding 12 PHB
|
|
•
|
af41: Assured Forwarding 41 PHB
|
|
•
|
af13: Assured Forwarding 13 PHB
|
|
•
|
af42: Assured Forwarding 42 PHB
|
|
•
|
af21: Assured Forwarding 21 PHB
|
|
•
|
af43: Assured Forwarding 43 PHB
|
|
•
|
af22: Assured Forwarding 22 PHB
|
|
•
|
be: Best effort forwarding PHB
|
|
•
|
af23: Assured Forwarding 23 PHB
|
|
•
|
ef: Expedited forwarding PHB
|
|
•
|
af31: Assured Forwarding 31 PHB
|
|
•
|
pt: Pass through (ToS of user packet is not modified)
|
|
•
|
af32: Assured Forwarding 32 PHB
|
|
|
Syntaxip source-violation { ignore | check [ drop-limit limit ] } [ exclude-from-accounting ]
A drop-limit can be configured to set a limit on the number of invalid packets that can be received from a subscriber prior to their session being deleted.
limit can be configured to any integer value between 0 and 1000000. A value of 0 indicates that all invalid packets will be discarded but the session will never be deleted by the system.
Specifies the name of the IPv6 access group. group_name must be an alpha and/or numeric string of 1 to 79 characters.
The following command associates the sampleipv6Group access group with the current APN profile for both inbound and outbound access:
4. DNS values configured at context level with ip name-servers command has the last preference.
Important: The same preference would be applicable for the NBNS servers to be negotiated via ICPC with the LNS.
Refer to the timeout idle and
timeout long-duration command for information on setting the long duration timer.
Refer to the timeout idle and
timeout long-duration command for information on setting the long duration timer.
secondary_ctx can be configured to any integer value from 0 to 10.
number can be configured to any integer value from 1 to 4000000.
total_number can be configured to any integer value from 1 to 4000000.
bmsc_profile_name can be from 1 to 62 alpha and/or numeric characters and is not case sensitive. It may also contain dots (.) and/or dashes (-).
context-name context-name
context-name can be from 1 to 79 alpha and/or numeric characters and is case sensitive.
ip [ access-group access_group_name | address pool name
pool_name | context-name | header-compression | hide-service-address | local-address | qos-dscp [ background | conversational | interactive
interaction level | streaming ] | user-datagram-tos copy data-tunnel ] |
The encrypted keyword is intended only for use by the chassis while saving configuration scripts. The system displays the
encrypted keyword in the configuration file as a flag that the variable following the
password keyword is the encrypted version of the plain text password. Only the encrypted password is saved as part of the configuration file.
pwd must be from 1 to 63 alpha and/or numeric characters and is case sensitive.
name must be from 1 to 63 alpha and/or numeric characters and is case sensitive.
If only a username is specified using this command, the password is determined based on the setting of the aaa constructed-nai command in the Context Configuration mode. That command is also used to determine the password if an outbound username and password are configured for the APN when the imsi-auth keyword is specified for the
authentication command in this mode.
Important: Entering both IPv4 and IPv6 in either order enables support for both.
Important: Entering both IPv4 and IPv6 in either order enables support for both.
data-compression { mode modes | protocols protocols}
mode modes: Sets the compression mode to one of the following:
•
|
normal: Packets are compressed using the packet history for automatic adjustment and for best compression.
|
•
|
stateless: Each packet is compressed individually.
|
protocols protocols: Sets the compression protocol to one of the following:
•
|
mppc: Microsoft Point-to-Point Compression
|
Important: The MTU refers to the PPP payload which excludes the 2 PPP octets. Therefore, an MTU of 1500 corresponds to the 3GPP standard MTU of 1502 for GTP packets with PPP payloads.
Important: When no Qos Profile is configured, the system’s default behavior is to use the information provided by the SGSN.
•
|
background : Specifies the QOS for traffic patterns in which the data transfer is not time-critical (for example email exchange). This traffic pattern should be the lowest QOS.
|
•
|
conversational : Specifies the QOS for traffic patterns in which there is an constant flow of packets in each direction, upstream and downstream. This traffic pattern should be the highest QOS.
|
•
|
interactive traffic_priority : Specifies the QOS for traffic patterns in which there is an intermittent flow of packets in each direction, upstream and downstream. This traffic pattern should be a higher QOS than the background pattern, but not as high as that for the streaming pattern. traffic_priority is the 3GPP traffic handling priority and can be the integers 1,2 or 3.
|
•
|
streaming : Specifies the QOS for traffic patterns in which there is a constant flow of data in one direction, either upstream or downstream. This traffic pattern should be a higher QOS than the interactive pattern, but not as high as that for the conversational pattern.
|
Important: If this keyword is omitted, the same values are used for all classes.
bps must be an integer from 1 through 16000000 for the downlink direction or 1 through 8640000 for the uplink direction. The value must also correspond to one of the permitted values identified in table given in this chapter. Note that if a non-permitted value is entered for this parameter, then the system rounds the value to the nearest lower supported value, except in the case where value is less than 1,000 bps. In this case, the system rounds the value to 1,000 bps. In addition, if the configured committed rate is lower than the value configured for the peak-data-rate, then the system uses the configured peak rate for this parameter.
Important: System measurements for this value exclude the GTP and outer packet headers. In addition, some traffic classes have both a committed rate and a peak rate, while other traffic classes have just a peak rate. If a committed rate is not applicable (i.e., the traffic class is
background or
interactive), then an error occurs if this option is configured. If the committed-rate is applicable (i.e., the traffic class is
conversational or
streaming), the values supplied by the SGSN are used if this option is not configured.
bps must be an integer from 1 through 16000000 for the downlink direction or 1 through 8640000 for the uplink direction. The value must also correspond to one of the permitted values identified in table given in this chapter. Note that if a non-permitted value is entered for this parameter, then the system rounds the value to the nearest lower supported value, except in the case where value is less than 1,000 bps. In this case, the system rounds the value to 1,000 bps.
Important: This command should be used in conjunction with the
max-contexts command to limit the maximum possible bandwidth consumption by the APN.
Important: If a “Subscribed” traffic class is received, the system changes the class to “Background” and sets the following parameters: The uplink and downlink guaranteed data rates are set to 0. If the received uplink or downlink data rates are 0 and traffic policing is disabled, the default of 64 kbps is used. When enabled, the APN configured values are used. If the configured value for downlink max data rate is larger than can fit in an R4 QoS profile, the default of 64 kbps is used. If either the received uplink or downlink max data rates is non-zero, traffic policing is employed if enabled for the “Background” class. The received values are used for responses when traffic policing is disabled.
qos rate-limit { downlink | uplink } [ class { background | conversational | interactive traffic_priority | streaming } ] [ burst-size {
bytes | auto-readjust [ duration
dur ] } ] [ exceed-action { drop | lower-ip-precedence | transmit } [ violate-action { drop | lower-ip-precedence | shape [transmit-when-buffer-full] | transmit }]] | [ violate-action { drop | lower-ip-precedence | shape [transmit-when-buffer-full] | transmit } [ exceed-action { drop | lower-ip-precedence | transmit }]] +
Important: When no Qos Profile is configured, the system’s default behavior is to use the information provided by the SGSN.
•
|
background : Specifies the QOS for traffic patterns in which the data transfer is not time-critical (for example email exchange). This traffic pattern should be the lowest QOS.
|
•
|
conversational : Specifies the QOS for traffic patterns in which there is an constant flow of packets in each direction, upstream and downstream. This traffic pattern should be the highest QOS.
|
•
|
interactive traffic_priority : Specifies the QOS for traffic patterns in which there is an intermittent flow of packets in each direction, upstream and downstream. This traffic pattern should be a higher QOS than the background pattern, but not as high as that for the streaming pattern. traffic_priority is the 3GPP traffic handling priority and can be the integers 1,2 or 3.
|
•
|
streaming : Specifies the QOS for traffic patterns in which there is a constant flow of data in one direction, either upstream or downstream. This traffic pattern should be a higher QOS than the interactive pattern, but not as high as that for the conversational pattern.
|
Important: If this keyword is omitted, the same values are used for all classes.
burst-size { bytes | auto-readjust [ duration dur ] }
bytes must be an integer from 1 through 6000000.
Important: It is recommended that the minimum value of this parameter be configured to the greater of the following two values: 1) 3 times greater than packet MTU for the subscriber connection, OR 2) 3 seconds worth of token accumulation within the “bucket” for the configured peak-data-rate. In addition, if the committed-data-rate parameter is specified, the burst-size is applied to both the committed and peak rates.
auto-readjust [ duration dur ] keyword provides the option to calcualte the Burst size dynamically while configuring rate-limit. Whenever this keyword is enabled to calculate burst size GGSN QoS negotiated rate to be enforced for this calculation.
duration dur describes the duration of burst in seconds. If duration is not specified this keyword will use 1 second as default value.
dur must be an integer between 1 through 30.
lower-ip-precedence: Transmit the packet after lowering the IP precedence
shape [transmit-when-buffer-full]: Enables the traffic shaping and provides the buffering of user packets when subscriber traffic violates the allowed peak/committed data rate. The
[transmit-when-buffer-full] keyword allows the packet to be transimitted when buffer memory is full.
transmit: Transmit the packet
Important: The user packet buffer function in traffic shaping is not applicable for real-time traffic.
Important: If the exceed/violate action is set to “lower-ip-precedence”, this command may override the configuration of the
ip qos-dscp command in the GGSN service configuration mode for packets from the GGSN to the SGSN. In addition, the GGSN service
ip qos-dscp command configuration can override the APN setting for packets from the GGSN to the Internet. Therefore, it is recommended that command not be used in conjunction with this action.
Important: This command should be used in conjunction with the
max-contexts command to limit the maximum possible bandwidth consumption by the APN.
Important: If a “Subscribed” traffic class is received, the system changes the class to “Background” and sets the following parameters: The uplink and downlink guaranteed data rates are set to 0. If the received uplink or downlink data rates are 0 and traffic policing is disabled, the default of 64 kbps is used. When enabled, the APN configured values are used. If the configured value for downlink max data rate is larger than can fit in an R4 QoS profile, the default of 64 kbps is used. If either the received uplink or downlink max data rates is non-zero, traffic policing is employed if enabled for the “Background” class. The received values are used for responses when traffic policing is disabled.
To calculate the burst size dynamically a new optional keyword auto-readjust [ duration dur ] is provide with
burst-size keyword. By default the burst size is fixed if defined in bytes with this command. In other words irrespective of the rate being enforced, burst-size fixed as given in the
burst-size bytes parameter.
For the need of variable burst size depending on the rate being enforced this new keyword auto-readjust [ duration dur ] is provided. Use of this keyword enables the calculation of burst size as per token bucket algorithm calculation as T=B/R, where T is the time interval, B is the burst size and R is the Rate being enforced.
If auto-readjust keyword is not used a fixed burst size must be defined which will be applicable for peak data rate and committed data rate irrespective of rate being enforced.
If auto-readjust keyword is provided without specifying the duration a default duration of 1 second will be taken for burst size calculation.
DescriptionThis command is obsoleted.
DescriptionThis command is obsoleted.
Important: If the username is available in the PCO, then that username will be used irrespective of this CLI (radius returned-username).
•
|
1: Value used for WAP or MMS type of networks. This corresponds to APN type public-1.
|
•
|
2: Value used for Internet or PSPDN type of networks. This corresponds to APN type public-2.
|
•
|
3: Value used for corporate customers who use MMS. This corresponds to APN type private-1.
|
•
|
4: Value used for corporate who do not use MMS. his corresponds to APN type private-2.
|
Entering either default or
no restriction-value sets the internal value to zero (0) so that connection to any APN is allowed.
•
|
If value = 1, then PDP contexts with restriction values of 0, 1, 2, and/or 3 are allowed
|
•
|
If value = 2, then PDP contexts with restriction values of 0, 1 and/or 2 are allowed
|
•
|
If value = 3, then PDP contexts with restriction values of 0 and/or 1 are allowed
|
•
|
If value = 4, then PDP contexts with no restriction values are allowed
|
•
|
If default or no syntax is entered, then no PDP contexts have restriction
|
pool_name must be an alpha and/or numeric string of 1 through 31 characters in length.
Important: This command is license dependent, requiring the 600-00-7871 NAT Bypass license. Please contact your local sales representative for more information.
time must be an integer value from 3600 through 2592000.
bytes must be an integer value from 1 through 4294967295.
The following commands enables the inactivity time on bearer with timeout duration of 7200 seconds and total traffic volume of
256000 bytes in uplink and downlink direction as threshold:
idle_dur must be a value in the range from 0 through 4294967295.
Refer to the long-duration-action detection and
long-duration-action disconnection command in this chapter for additional information.
ldt_timeout must be a value in the range from 0 through 4294967295.
inact_timeout must be a value in the range from 0 through 4294967295.
Refer to the long-duration-action detection and
long-duration-action disconnection command in this chapter for additional information.
timeout long-duration 300 inactivity-time 45
For calls coming through L2TP tunnels, the command l3-to-l2-tunnel address policy as defined in the APN Configuration mode, will continue to be in effect.
peer-address peer_address
peer_address must be expressed in dotted decimal notation.
local_addr must be expressed in dotted decimal notation.
preference can be configured to any integer value from 1 to 128.
Important: Only one GRE tunnel per APN is supported. Therefore, the preference should always be set to “1”.
peer-address peer_address
peer_address must be expressed in dotted decimal notation.
local_addr must be expressed in dotted decimal notation.
preference can be configured to any integer value from 1 to 128.
tunnel l2tp [peer-address lns-address [[encrypted] secret
l2tp_secret] [preference
num] [tunnel-context
name] [local-address
ip-address] [crypto-map
map_name {[encrypted] isakmp-secret
crypto_secret}] [local-hostname
hostname]
Important: A maximum of four LNS peers can be configured per APN.
l2tp_secret must be from 1 to 127 alpha and/or numeric characters and is case sensitive.
preference can be configured to any integer value from 1 to 128.
name must be from 1 to 79 alpha and/or numeric characters and is case sensitive.
Important: If this option is not configured, the system will attempt to determine the name of the destination context from the
ip context-name parameter configured for the APN.
address is the IP address of the interface in dotted decimal notation.
Important: If the address configured does not exist or is not bound to a LAC service, the system will automatically choose a LAC service to use.
Important: For this configuration to take effect
allow aaa-assigned-hostname command, which is used to configure LAC-Hostname based on the “Tunnel-Client-Auth-ID” attribute received from the RADIUS Server, needs to be configured in the LAC Service Configuration mode.
hostname is name of the local host for the LNS peer and must be an alpha and/or numeric string of between 1 through 127 characters.
crypto-map map_name { [ encrypted ] secret crypto_secret }
map_name is the name of a crypto-map policy configured on the system and must be from 1 to 127 alpha and/or numeric characters and is case sensitive.
encrypted is intended only for use by the system while saving configuration scripts. The system displays the encrypted keyword in the configuration file as a flag that the variable following the secret keyword is the encrypted version of the plain text secret. Only the encrypted secret is saved as part of the configuration file.
secret specifies the secret associated with the crypto-map policy.
crypto_secret can be from 0x to 255 bytes.
virtual-apn {gcdr apn-name-to-be-included {gn |
virtual} | preference
priority apn
apn_name { domain
domain_name | mcc
mcc_number mnc
mnc_number | ggsn-service
svc-name | sgsn-address {
ip_address |
ip_address/mask } | roaming-mode { home | visiting | roaming } } }
If virtual APN to be used is configured, the virtual APN name is sent in G-CDRs. Provides an option to either send the virtual APN name or the Gn APN name (that comes from the SGSN) in G-CDRs.
gn: the APN received in the Create PDP Context Request message from SGSN
virtual: the APN selected by the GGSN. This is the default.
priority specifies the order and can be configured to any integer value from 1 (highest priority) to 1000 (lowest priority).
apn_name is the name of the alternative APN and can be from 1 to 62 alpha and/or numeric characters and is not case sensitive. It may also contain dots ( . ) and/or dashes ( - ).
domain_name must be a string of 1 through 79 characters in length, is case sensitive and can contain all special characters.
svc-name must be from 1 to 63 alpha and/or numeric characters and is case sensitive.
mcc_number is the PLMN MCC identifier and can be configured to any integer value between 100 and 999.
mnc_number is the PLMN MNC identifier and can be configured to any 2 or 3 digit integer value between 00 and 999.
sgsn-address {ip_address | ip_address/mask}
ip_address is the IP address of the SGSN in dotted decimal notation.
ip_address/mask is the IP address of the SGSN in dotted decimal notation with network-host mask separation.