HNB-GW Service Configuration Mode Commands


HNB-GW Service Configuration Mode Commands
 
 
The 3G UMTS Home-NodeB Gateway Service Configuration Mode is used to create, provide, and manage the Femto UMTS HNB access with UMTS core network in a 3G UMTS network.
 
 
associate gtpu-service
This command associates a previously configured GTP-U service to bind the HNB-GW service with an HNB towards the HNB side. A GTP-U service must be configured in Context Configuration mode before using this configuration.
Product
HNB-GW
Privilege
Security Administrator, Administrator
Syntax
associate gtpu-service svc_name
no associate gtpu-service
no
Removes the associated GTP-U service from this HNB-GW service configuration.
svc_name
Identifies the name of the GTP-U service preconfigured in Context configuration mode to associate with an HNB-GW service towards the Home-NodeB side.
The svc_name must be an alphanumerical string from 1 through 63 characters.
Usage
Use this command to configure GTP-U data plan between HNB-GW service and Home-NodeB. The serivce defined for GTP-U can be configured in Context configuration mode.
Important: Another GTP-U service can be used to bind the HNB-GW service towards the Core Nework and can be configured in HNB-PS Configuration mode. For more information on GTP-U service configuration, refer GTP-U Service Configuration Mode Commands.
Example
Following command associates GTP-U service named gtpu-hnb1 with specific HNB-GW service towards Home-NodeB side.
associate gtpu-service gtpu-hnb1
 
end
Exits the current mode and returns to the Exec Mode.
Product
All
Privilege
Security Administrator, Administrator
Syntax
end
Usage
Change the mode back to the Exec mode.
 
exit
Exits the current mode and returns to the previous mode.
Product
All
Privilege
Security Administrator, Administrator
Syntax
exit
Usage
Return to the previous mode.
 
radio-network-plmn
This command creates/remove and enters the HNB-RN-PLMN Configuration mode and associate/disassociate it with HNB-GW service. This mode provides configuration mode to configure various parameters for radio network public mobile land networks (PLMNs). A maximum of 16 radio PLMN id can be configured in an HNB-GW service.
Product
HNB-GW
Privilege
Security Administrator, Administrator
Syntax
radio-network-plmn mcc mcc_value mnc mnc_value [-noconfirm]
no radio-network-plmn mcc mcc_value mnc mnc_value
no
Removes the configured radio network PLMN identifier for an HNB-GW service.
Caution: Removing the PLMN identifier is a disruptive operation; the HNB-GW service shall be re-started.
mcc mcc_value
Specifies the mobile country code (MCC) part of radio network PLMN identifier.
mcc_value must be an integer value from 101 through 998.
mnc mnc_value
Specifies the mobile network code (MNC) part of radio network PLMN identifier.
mcc_value must be an integer value from 01 through 99 or 100 through 998.
-noconfirm
Indicates that the command is to execute without any additional prompt and confirmation from the user.
Usage
Use this command to configure the radio network PLMN identifier for an HNB-GW service. This command also creates a configuration mode to configure various parameters for defined radio network PLMN identifier in HNB-GW service.
Caution: Changing or removing the PLMN identifier is a disruptive operation; the MME service shall be re-started.
Entering this command results in the following prompt:
[context_name]hostname(config-radio-network-plmn)#
A maximum of 16 radio network PLMN identifiers are supported for an HNB-GW service.
Example
The following command configures the radio network PLMN identifier with MCC value as 102 and MNC value as 20 for an HNB-GW service:
radio-network-plmn mmc 102 mnc 20
 
ranap reset
This command configures various RAN Application Part reset procedure parameters with HNB-GW service.
Product
HNB-GW
Privilege
Security Administrator, Administrator
Syntax
ranap reset { ack-timeout timer_value | guard-timeout g_timer | hnbgw-initiated | max-retransmissions retries}
no ranap reset hnbgw-initiated
default ranap reset { ack-timeout | guard-timeout | hnbgw-initiated | max-retransmissions}
no
Disables the HNB-GW initiated RANAP reset procedure for an HNB-GW service.
ack-timeout timer_value
Set the timer value in seconds to wait for Reset Acknowledge from SGSN/MSC. This will be used when HNBGW Initiated Reset procedure is enabled.
timer_value must be an integer value from 5 through 10.
Default: 10
guard-timeout g_timer_value
Sets the timer value to send Reset Acknowledge to SGSN/MSC. After this duration the HNBGW sends RESET-ACK to SGSN/MSC. This will be used when SGSN/MSC Initiated Reset procedure is enabled.
g_timer_value must be an integer value from 5 through 10.
Default: 10
hnbgw-initiated
Enables the HNB-GW Initiated RANAP Reset procedures.
Default: Disabled
max-retransmission retries
Sets the maximum number of retires allowed for transmission of RESET-ACK message to SGSN/MSC. This parameter is used when HNB-GW initiated Reset procedure is enabled.
retries must be an integer value from 0 through 2. When 0 is used retransmission will be disabled.
Default: 1
Usage
Use this command to configure the RANAP Reset procedures related parameters in HNB-GW service.
Example
The following command configures the HNB-GW initiated RANAP RESET Procedure for an HNB-GW service:
ranap reset hnbgw-initiated
 
rtp address
This command configures the Real Time Protocol (RTP) address on HNB-GW and send it HNB to map RTP streams with this IP while HNB-GW connects to MSC/VLR through IuCSoIP (IuCS-over-IP) tunnel. This command is used for RTP stream management on HNB-GW.
Product
HNB-GW
Privilege
Security Administrator, Administrator
Syntax
rtp address address
no rtp address
no
Removes the RTP IP address association to be used for communication between HNB and HNB-GW while communicating with MSC/VLR -GW through IuCS over IP tunnel.
address address
Specifies the IP address of HNB-GW to use as an end point by HNB and HNB maps the RTP streams with this IP address and HNB-GW communicates with MSC/VLR through IuCS-over-IP Tunnel.
address is the same IP address as assigned to HNB-GW to communicate with HNB and must be an IP address in IPv4 or IPv6 notation.
Important: This command cannot be entered more than once. Only one RTP IP address can be configured for one HNB-GW service.
Usage
Use this command to enable the HNB-GW IP address as RTP IP address and send the same to HNB to map RTP streams while HNB-GW communicates with MSC/VLR through IuCS-over-IP tunnel.
This command is used for RTP stream management on HNB-GW.
Example
The following command sets the RTP IP address 1.2.3.4 on HNB-GW to communicate with HNB while using IuCS-over-IP tunnel with CS network:
rtp address 1.2.3.4
 
rtp port
This command configures the Real Time Protocol (RTP) port range to listen from HNB while connecting to MSC/VLR through IuCSoIP (IuCS-over-IP) interface support via an HNB-GW service. This command is used for RTP stream management on HNB-GW.
Product
HNB-GW
Privilege
Security Administrator, Administrator
Syntax
rtp port range port_start to port_end
default rtp port range
default
Sets the RTP port range to default range from 16384 to 65535.
port range range_start to range_end
Specifies the port number range to be used by HNB to map the RTP streams and HNB-GW listen on these ports while communicating with MSC/VLR through IuCS-over-IP tunnel.
range_start must be an integer between 16384 through 65535 and should be less than range_end.
range_end must be an integer between 16384 through 65535 and should be more than range_start.
Default: port 16384 through 65535
Important: This command cannot be entered more than once. Only one range of RTP port can be configured for one HNB-GW service.
Usage
Caution: This command is NOT active now.
Use this command to assign the RTP port range to be used by HNB to map RTP streams and HNB-GW listen these ports for RTP streams while communicating with MSC/VLR through IuCS-over-IP tunnel.
This command is used for RTP stream management on HNB-GW.
Example
The following command sets the RTP port number 20000 to 21000on HNB-GW to listen from HNB for RTP streams while connecting with MSC/VLR using IuCS-over-IP tunnel.
rtp port range 20000 to 21000
 
rtp mux
This command configures the HNB-GW service to allow an Home-NodeB to multiplex multiple RTP streams in one IP packet. This configuration support is provided for RTP stream management feature on HNB-GW.
Product
HNB-GW
Privilege
Security Administrator, Administrator
Syntax
[no | defualt] rtp mux
no
Removes the configured option to multiplex multiple RTP stream in one packet by Home-NodeB in HNB-GW configuration.
default
Sets the multiplexing option to default state of “disabled”.
Usage
Use this command to allow an Home-NodeB to multiplex multiple RTP streams in one IP packet. This configuration support is provided for RTP stream management feature on HNB-GW and it is disabled by default.
Example
The following command sets the HNB-GW to allow HNB to multiplex multiple RTP stream in one packet:
rtp mux
 
sctp
This command configures the SCTP IP address and port that will be used for binding the SCTP socket to communicate with the Home-NodeB over Iuh interface with an HNB-GW service.
Product
HNB-GW
Privilege
Security Administrator, Administrator
Syntax
sctp bind {address address | port port_num }
no sctp bind { address | port }
default
Sets the SCTP port to default value of 600 to communicate with the Home-NodeB using Iuh interface.
address address
Specifies the IP address of HNB-GW in IPv4 or IPv6 notation for the interface configured as Iuh interface to connect with Home-NodeB.
address must be an IP address in IPv4 or IPv6 notation.
port port_num
Specifies the SCTP port number to communicate with the Home-NodeBs using Iuh interface.
port_num must be an integer between 1 through 65535.
Usage
Use this command to assign the SCTP IP address and port with SCTP socket on HNB-GW to communicate with the Home-NodeB using Iuh interface. This SCTP configuration provides the IP-address and listen port where HNB-GW service shall bind to listen for incoming SCTP associations from HNB.
Example
The following command sets the SCTP port number 999 on HNB-GW to listen from Home-NodeB over Iuh interface:
sctp bind port 999
The following command sets the SCTP address 1.2.3.4 of HNB-GW to use with Home-NodeB over Iuh interface:
sctp bind address 1.2.3.4
 
security-gateway aaa
This command associates a preconfigured AAA Servicer group to use authentication parameters for Security Gatewa (SeGW) functionality in HNB-GW service. Associated AAA server group is a preconfigured AAA server group configured in Context configuration mode.
Product
HNB-GW
Privilege
Security Administrator, Administrator
Syntax
security-gateway aaa authentication {first-phase | second-phase} context ctx_name aaa-group aaa_grp
no security-gateway aaa {attribute calling-station-id | authentication {first-phase | second-phase}
no
Removes previously configured AAA authentication or attribute setting from HNB-GW service while using SeGW functinality.
attirbute calling-station-id ms_id
Specifies the calling station id from where the user placed the call.
authentication {first-phase | second-phase} context ctx_name aaa-group aaa_grp
Specifies the AAA authentication parameters to be used while using SeGW functionality in an HNB-GW service.
first-phase specifies the parameters to be used for first phase of authentication while using SeGW functionality in an HNB-GW service. This associates the AAA parameters through AAA server group association with in it.
second-phase specifies the parameters to be used for second phase of authentication while using SeGW functionality in an HNB-GW service. This associates the AAA parameters through AAA server group association with in it.
context ctx_name aaa-group aaa_grpespecifies the name of the pre-configured AAA server group and its context to associate AAA parameters to be used for first/second or both phase of authentication while using SeGW functionality in an HNB-GW service.
ctx_name specifies the name of the context in which AAA server group is configured.
aaa_grp specifies the name of the AAA server group configured in Context configuration mode with AAA parameters which need to be used for first/second or both phase of authentication while using SeGW functionality in an HNB-GW service.
Important: For more information on AAA server groups, refer AAA Server Group Configuration Mode Commands.
Usage
Use this command to associate or tie the AAA authentication or attribute parameters with an HNB-GW service which is to be used for first/second or both phase of authentication while using SeGW functionality in an HNB-GW service or removing AAA attribute “calling-sation-id” from AAA message. This functionality is part of SeGW configuration support in an HNB-GW service.
Caution: This is a critical configuration and need to be configured carefully if Security Gateway (SeGW) functionality is to enable on HNB-GW service.
Example
The following command associates an AAA server group named sec_gw_grp1 with HNB-GW service to use specific AAA uthentication parameters in first phase of authentication and another AAA server group named sec_gw_grp2 to use different AAA uthentication parameter in second phase of authentication. Both AAA server groups are configured in same context named SeGW_ctx1:
security-gateway aaa authentication first-phase context SeGW1 aaa-group sec_gw_grp1security-gateway aaa authentication second-phase context SeGW1 aaa-group sec_gw_grp2
The following command disables a previously configured AAA authentication parameter for first phase of authentication:
no security-gateway aaa authentication first-phase
 
security-gateway bind
This command binds the SeGW in HNB-GW service to a logical IP interface serving as an Iuh interface and associates an IPsec IKV2 crypto-map template to the HNB-GW service.
Product
HNB-GW
Privilege
Security Administrator, Administrator
Syntax
security-gateway bind address address crypto-template cryp_name
no security-gateway bind address
no
Removes a previously configured IPSec IP address use for binding the IKv2 IPSec tunnel (local bind address) to communicate with the Home-NodeBs using Iuh interface.
bind address address
Specifies the IP address in IPv4 or IPv6 notation for the interface configured as an Iuh for IPSec tunnel. This is the IP address where the HNB-GW service is bound and shall be provided to Home-NodeB during HNB-GW discovery.
address specifies the IPSec IP address in IPv4/IPv6 notation to be used for binding the IKEv2 IPSec tunnel (local bind address) to communicate with the Home-NodeBs using Iuh interface.
crypto-template cryp_name
Specifies the Crypto-map template to be used for IPsec IKEv2 tunneling for the interface configured as an Iuh.
cryp_name specifies the name of the pre-configured Crypto-map template which is configured in Crypto-Map Template Configuration Mode and associated with HNB-GW service to create IPSec tunnel with Home-NodeB during HNB-GW discovery procedure on Iuh interface.
Usage
Use this command to associate or tie the HNB-GW service to a specific logical IP address that will be used for binding the Iuh socket to communicate with the Home-NodeB using IPSec tunnel. A maximum of one IP address can be configured with this command for one HNB-GW service.
The HB-GW passes the IP address during setting up the HNB-GW discovery procedure with the Home-NodeB.
Caution: This is a critical configuration. The HNB-GW service can not be started without this configuration. Any change to this configuration would lead to restarting the HNB-GW service and removing or disabling this configuration will stop the HNB-GW service.
Example
The following command binds the logical IP interface with the address of 1.2.3.4 to the HNB-GW service using existing IPsec Crypto-Map template crypto1 to establish IPSec tunnel with Home-NodeB:
security-gateway bind address 1.2.3.4 crypto-template crypto1
The following command disables a binding that was previously configured:
security-gateway bind address
 
security-gateway username
This command configures the options related to user name received from MS.
Product
HNB-GW
Privilege
Security Administrator, Administrator
Syntax
[no | defualt] security-gateway username mac-address-stripping
no
Disbales previously configured option for user name recieved from MS.
default
Sets the user name option configuration of default setting of “Disable”.
mac-address-stripping
Default: Disabled
This keyword sets the system to strip the MAC address from the user name received from the MS.
Usage
Use this command to set the user name related options. By enabling this option system trips the MAC addres from the user name received from MS.
Example
The following command sets the system to strip the MAC address from user name received from user MS:
security-gateway username mac-address-stripping
 
 

Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883