Call Control Profile Configuration Mode

Call Control Profile configuration mode defines call-handling rules which can be combined with other profiles – such as an APN profile (see the APN Profile Configuration Mode Commands chapter) – when using the Operator Policy feature. The call control profile is a key element in the Operator Policy feature and the profile is not valid until it is associated with an operator policy (see the associate command in the Operator Policy Configuration Mode Commands chapter).

The MME and SGSN each support a maximum of 1,000 call control profiles; only one profile can be associated with an operator policy.

By configuring a call control profile, the operator fine tunes any desired restrictions or limitations needed to control call handling per subscriber or for a group of callers across IMSI (International Mobile Subscriber Identity) ranges.

Upon accessing this mode, the CLI prompt be similar to the following:
[local]asr5000(config-call-control-profile-<profile_name>)#

IMPORTANT:

The commands or keywords/variables that are available are dependent on platform type, product version, and installed license(s).

access-restriction-data

Enables the operator to assign a failure code to be included in reject messages if the attach rejection is due to access restriction data (ARD) checking in the incoming subscriber data (ISD) messages. The operator can also disable the ARD checking behavior.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
access-restriction-data { failure-code cause_code | no-check }remove access-restriction-data
failure-code
remove

Removes the failure code setting for the reject message that could result from ARD checking.

failure-code cause_code

cause_code: Enter an integer from 2 through 111; default code is 13 (roaming not allowed in this location area [LA]).

Refer to the GMM failure cause codes listed below (from section 10.5.5.14 of the 3GPP TS 124.008 v7.2.0 R7):

  • 2 - IMSI unknown in HLR
  • 3 - Illegal MS
  • 6 - Illegal ME
  • 7 - GPRS services not allowed
  • 8 - GPRS services and non-GPRS services not allowed
  • 9 - MSID cannot be derived by the network
  • 10 - Implicitly detached
  • 11 - PLMN not allowed
  • 12 - Location Area not allowed
  • 13 - Roaming not allowed in this location area
  • 14 - GPRS services not allowed in this PLMN
  • 15 - No Suitable Cells In Location Area
  • 16 -MSC temporarily not reachable
  • 17 - Network failure
  • 20 - MAC failure
  • 21 - Synch failure
  • 22 - Congestion
  • 23 - GSM authentication unacceptable
  • 40 - No PDP context activated
  • 48 to 63 - retry upon entry into a new cell
  • 95 - Semantically incorrect message
  • 96 - Invalid mandatory information
  • 97 - Message type non-existent or not implemented
  • 98 - Message type not compatible with state
  • 99 - Information element non-existent or not implemented
  • 100 - Conditional IE error
  • 101 - Message not compatible with the protocol state
  • 111 - Protocol error, unspecified
no-check

Including this keyword with the command disables the ARD checking behavior.


Usage:

By default, the SGSN checks access restriction data (ARD) within incoming insert subscriber data (ISD) messages. This enables operator to selectively restrict subscribers in either 3G (UTRAN) or 2G (GERAN). The SGSN ARD checking behavior occurs during the attach procedure and if a reject occurs, the SGSN sends the subscriber an Attach Reject message with a configurable failure cause code.


Example:
For this call control profile, the following command disables the ARD checking function:
access-restriction-data
no-check
accounting context

Defines the name of the accounting context and optionally associates a GTPP group with this call control profile.

Platform:

ASR 5000

ASR 5500

Product:

S-GW, SAEGW, SGSN


Privilege:

Security Administrator, Administrator


Syntax
accounting context
 ctxt_name [ gtpp group grp_name ] remove accounting context
remove

Removes the accounting configuration from this profile’s configuration.

ctxt_name

Specifies the accounting context as an alphanumeric string of 1 through 79 characters.

gtpp group grp_name

Identifies the GTPP group, where the GTPP related parameters have been configured in the GTPP Group Configuration mode, to associate with this call control profile.

grp_nameis a string of 1 to 63 characters (any combination of letters and digits) to identify the GTPP group created with the gtpp group command in the Context configuration mode.


Usage:

This command can be used to associate a predefined GTPP server group - including all its associated configuration - with a specific call control profile. The GTPP group would have been defined with the gtpp group command (see the Context Configuration Mode Commands chapter).

If the GTPP group is not specified, then a default GTPP group in the accounting context will be used.

If this command is not specified, use the name of the accounting context configured in the SGSN service configuration mode (for 3G) or the GPRS service configuration mode (for 2G), either will automatically use a “default” GTPP group generated in that accounting context.

If the accounting context is specified in the GPRS service or SGSN service and in a call control profile, the priority is given to the accounting context of the call control profile.


Example:
For this call control profile, the following command identifies an accounting context called acctng1 and associates a GTPP server group named roamers with defined charging gateway accounting functionality.
accounting context
acctng1 gtpp group roamers
accounting mode

Configures the mode to be used for accounting – GTPP (default), RADIUS/Diameter or None.

Platform:

ASR 5000

ASR 5500

Product:

S-GW, SAEGW


Privilege:

Administrator


Syntax
accounting mode { gtpp | none | radius-diameter }
default

Sets the accounting mode to GTPP.

gtpp

Specifies that GTPP accounting is performed. This is the default method.

none

Specifies that no accounting will be performed for the call control profile.

radius-diameter

Specifies that RADIUS/Diameter will be performed for the call control profile.


Usage:

Use this command to specify the accounting mode for a call control profile. For additional information on accounting mode and its relationship to operator policy, refer to the System Administration Guide.


Example:
The following command specifies that RADIUS/Diameter accounting will be used for the call control profile:
accounting mode radius-diameter
accounting stop-trigger

Configures the trigger point for accounting stop CDR. Default is on session deletion request.

Platform:

ASR 5000

ASR 5500

Product:

S-GW, SAEGW


Privilege:

Administrator


Syntax
accounting stop-trigger customdefault accounting stop-trigger
default

Accounting stop CDR triggered once Delete Session/Delete Bearer Request is received at S-GW.

custom

Accounting stop CDR triggered once Delete Session/Delete Bearer Response is received at S-GW.


Usage:

Use this command to specify the trigger point for accounting stop CDR for a call control profile.


Example:
The following command specifies that accounting stop trigger would be at response of session deletion:
accounting stop-trigger custom
allocate-ptmsi-signature

Enables or disables the allocation of a P-TMSI (Packet Temporary Mobile Subscriber Identity) signature.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ no | default ] allocate-ptmsi-signature
no

Disables the allocation of the P-TMSI signature.

default

Resets the configuration value to the default, which is to allocate the P-TMSI signature.


Usage:

Use this command to enable or disable the allocation of the P-TMSI signature.


Example:
allocate-ptmsi-signature
apn-restriction

Enables the APN restriction feature and configures the instruction for the SGSN on the action to take when an APN restriction value is received from the GGSN during an Update PDP Context procedure.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
apn-restriction update-policy
deactivate restrictiondefault apn-restriction
default

Creates a default APN restriction configuration.

update-policy deactivate restriction

Specifies one of the two restriction types to define the appropriate action if the APN restriction value received conflicts with the stored value:

  • least-restrictive set the least restrictive value applicable when there are no already active PDP context(s).
  • most-restrictive sets the most stringent restriction required by any already active PDP context(s).

Usage:

When this feature is enabled, the SGSN will send the maximum APN restriction value in every CPC Request message sent to the GGSN. The SGSN expects to receive an APN restriction value in each PDP Context received from the GGSN. The SGSN stores and compares received APN restriction values to check for conflicts. In the case of a conflict, the SGSN rejects the PDP Context with appropriate messages and error codes to the MS.

If an APN restriction value is not assigned by the GGSN, the SGSN assumes the value of “1” (least restrictive) to allow APN restriction rules will be possible when valid values are assigned for new PDP Context(s) from the same MS.


Example:
The following command applies the lowest level of APN restrictions:
apn-restriction update-policy
deactivate least-restrictive
associate

Associates various MME -specific lists and databases with this call control profile. On an SGSN, this command can be used to associate some of these MME-related items to GPRS and/or SGSN services in support of S4 functionality.

Platform:

ASR 5000

Product:

MME, SGSN


Privilege:

Security Administrator, Administrator


Syntax
associate { ho-restrict-list list_name | hss-peer-service service_name [ s13-interface | s6a-interface | s13-prime-interface | s6d-interface ] | tai-mgmt-db tai-db_name }remove associate { ho-restrict-list | hss-peer-service [ s13-interface | s6a-interface | s13-prime-interface | s6d-interface ] | tai-mgmt-db }
remove

Remove the specified association definition from the call control profile.

ho-restrict-list list_name

MME only.

Identifies the handover restriction list that should be associated with this call control profile.

list_name is a string of 1 to 64 characters (any combination of letters and digits).

hss-peer-service service_name

Associates a home subscriber server (HSS) peer service with this call control profile.

service_name is an existing HSS peer service expressed as a string of 1 to 63 characters (any combination of letters and digits).

[ s13-interface | s6a-interface | s13-prime-interface | s6d-interface ]

Optionally, identify the interface to be associated with the HSS service in this call control profile.

The s13-interface and the s6a-interface options apply to the MME only.

The s13-prime-interface and s6d-interface options apply to the SGSN only.

The s6d-interface is used by the SGSN to communicate with the HSS. It is a Diameter-based interface which supports location management, subscriber data handling , authentication , and fault recovery procedures.

The s13-prime-interface is used by the SGSN to communicate with the equiprement identity register (EIR). It is a Diameter-based interface which performs the mobile equipment (ME) identity check procedure.

IMPORTANT:

The s13-prime-interface can only be used if an s6d-interface is configured.

tai-mgmt-db tai-db_name

Identifies the tracking area identifier (TAI) database that should be associated with this call control profile.

tai-db_name is a string of 1 to 64 characters (any combination of letters and digits).

This configuration overrides the S-GW selection and TAI list assignment functionality for a call that uses an operator policy associated with this call control profile. The TAI management object provides a TAI list for calls and provides S-GW selection functionality if a DNS is not configured for S-GW discovery for this operator policy or if a DNS discovery fails.

On the S4-SGSN, use this option to associate a locally configured S-GW address for the RAI address for selection if operators wish to bypass DNS resolution of RAI FQDN. This option is valid only after the following commands have been executed on the S4-SGSN:

  • The tai-mgmt-db command in LTE Policy Configuration Mode
  • The tai-mgmt-obj command in TAI Management Database Configuration Mode.
  • The tai and sgw-address commands in TAI Management Object Configuration Mode.

Usage:

Use this command to associate handover restriction lists, HSS service (and interfaces), and a TAI database with the call control profile. This ensures that the information is available for application when a Request is received.

Repeat the command as needed to associate each feature.


Example:
Link HO restriction list named HOrestrict1 with this call control profile:
associate ho-restrict-list HOrestrict1
attach access-type

Defines attach-related configuration parameters for this call control profile based on the access-type (GPRS, UMTS, or both) and location area list.

IMPORTANT:

SGSN only: Before using this command, ensure that the appropriate location area code (LAC) information has been defined via the location-area-list command.

Platform:

ASR 5000

Product:

MME, SGSN


Privilege:

Security Administrator, Administrator


Syntax
attach access-type { gprs | umts } { all | location-area-list
instance list_id } { failure-code code | user-device-release { before-r99
failure code code | r99-or-later
failure code code } } default attach access-type { eps | gprs | umts } { all | location-area-list
instance list_id } { failure-code | user-device-release { before-r99 failure
code | r99-or-later failure code } 
default

Restores the default values for the for the specified parameter.

access-type type

Defines the type of access to be allowed or restricted.

  • gprs
  • umts
all

Instructs the SGSN or MME to apply the command action to all location area lists. Location area lists should already have been created with the location-area-list command. The location area list consists of one or more LACs, location area codes, where the MS is when placing the call.

location-area-list instance list_id

Instructs the SGSN to apply the command action to a specific location area list. Location area lists should already have been created with the location-area-list command. The location area list consists of one or more LACs, location area codes, where the MS is when placing the call.

Using this keyword with either the allow or restrict keywords enables you to configure with more granularity.

list_id: Enter an integer between 1 and 5.

failure-code code

Specify a GMM failure cause code to identify the reason an attach did not occur. This GMM cause code will be sent in the reject message to the MS.

Default: 14.

fail-code: Enter an integer from 2 to 111. Refer to the GMM failure cause codes listed below (from section 10.5.5.14 of the 3GPP TS 124.008 v7.2.0 R7):

  • 2 - IMSI unknown in HLR
  • 3 - Illegal MS
  • 6 - Illegal ME
  • 7 - GPRS services not allowed
  • 8 - GPRS services and non-GPRS services not allowed
  • 9 - MSID cannot be derived by the network
  • 10 - Implicitly detached
  • 11 - PLMN not allowed
  • 12 - Location Area not allowed
  • 13 - Roaming not allowed in this location area
  • 14 - GPRS services not allowed in this PLMN
  • 15 - No Suitable Cells In Location Area
  • 16 -MSC temporarily not reachable
  • 17 - Network failure
  • 20 - MAC failure
  • 21 - Synch failure
  • 22 - Congestion
  • 23 - GSM authentication unacceptable
  • 40 - No PDP context activated
  • 48 to 63 - retry upon entry into a new cell
  • 95 - Semantically incorrect message
  • 96 - Invalid mandatory information
  • 97 - Message type non-existent or not implemented
  • 98 - Message type not compatible with state
  • 99 - Information element non-existent or not implemented
  • 100 - Conditional IE error
  • 101 - Message not compatible with the protocol state
  • 111 - Protocol error, unspecified
user-device-release { before-r99 | r99-or-later } failure-code code

Default: disabled

Enables the SGSN to reject an Attach procedure based on the detected 3GPP release version of the MS equipment and selectively send a failure cause code in the reject message. The SGSN uses the following procedure to implement this configuration:

  1. When Attach Request is received, the SGSN checks the subscriber’s IMSI and current location information.
  2. Based on the IMSI, an operator policy and call control profile are found that relate to this Attach Request.
  3. Profile is checked for access limitations.
  4. Attach Request is checked to see if the revision indicator bit is set
    • if not, then the configured common failure code for reject is sent;
    • if set, then the 3GPP release level is verified and action is taken based on the configuration of this parameter

One of the following options must be selected and completed:

  • before-r99: Indicates the MS would be a 3GPP release prior to R99 and an appropriate failure code should be defined.failure-code code: Enter an integer from 2 to 111.
  • r99-or-later : Indicates the MS would be a 3GPP Release 99 or later and an appropriate failure code should be defined.failure-code code: Enter an integer from 2 to 111.

Usage:

Once the IMSI of an incoming call is known and matched with a specific operator policy, according to the filter definition of the mcc command, then the associated call control profile is selected to determine how the incoming call is handled.

By default, all attaches are allowed. If no access limitations are needed, do not use the attach command.

IMPORTANT:

Before using this command, ensure that the appropriate LAC information has been defined with the location-area-list command.

Use this command to define attach limitations for the call control profile.

Use this command to fine-tune the attach configuration specifying which calls/subscribers can attach and which calls are restricted from attaching and what failure code is included in the Reject message.

Attachment restrictions can be based on any one or combination of the options, such as location area code or access type. It is even possible to restrict all attaches.

The command can be repeated using different keyword values to further fine-tune the attachment configuration.

Related Commands

  • Use the attach restrict command to restrict attaches.
  • Use the attach allow command to re-enable restrictions after an attach restrict command has been used.

Example:
The following example sets all restrictions for access-type gprs and specified release version to the default setting.
default attach access-type
gprs all user-device-release before-r99 failure-code
attach allow

Configures the system to re-enable attaches that were previously restricted using the attach restrict command..

IMPORTANT:

SGSN only: Before using this command, ensure that the appropriate location area code (LAC) information has been defined via the location-area-list command.

Platform:

ASR 5000

Product:

MME, SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ no ] attach
allow access-type { eps | gprs | umts } location-area-list
instance list_id
no

Deletes the specified attach configuration.

allow

Enables attaches in the configuration after an attach restrict command has been used.

access-type type

Defines the type of access to be allowed.

  • eps
  • gprs
  • umts
location-area-list instance list_id

Instructs the SGSN to apply the command action to a specific location area list. Location area lists should already have been created with the location-area-list command. The location area list consists of one or more LACs, location area codes, where the MS is when placing the call.

list_id: Enter an integer between 1 and 5.


Usage:

Once the IMSI of an incoming call is known and matched with a specific operator policy, according to the filter definition of the mcc command, then the associated call control profile is selected to determine how the incoming call is handled.

By default, all attaches are allowed. If no access limitations are needed, then do not use the attach command.

IMPORTANT:

Before using this command, ensure that the appropriate LAC information has been defined with the location-area-list command.

Use this command to define attach limitations for the call control profile.

Use this command to fine-tune the attach configuration specifying which calls/subscribers can attach and which calls are restricted from attaching and what failure code is included in the Reject message.

Attachment restrictions can be based on any one or combination of the options, such as location area code or access type. It is even possible to restrict all attaches.

The command can be repeated using different keyword values to further fine-tune the attachment configuration.

Related Commands

  • Use the attach access-type command to define the type of access to restrict or allow.
  • Use the attach restrict command to restrict attaches.

Example:
For calls under the purview of this call control profile, the following command allows attaches of all subscribers using the GPRS access type.
attach allow access-type
gprs all
attach imei-query-type

Defines device Attach limitations for this call control profile if an IMEI is not already present in the Attach Request.

Platform:

ASR 5000

Product:

MME, SGSN


Privilege:

Security Administrator, Administrator


Syntax
attach imei-query-type { imei | imei-sv | none } [ verify-equipment-identity [ allow-on-eca-timeout | deny-greylisted | deny-unknown | verify-emergency ] + ] remove attach imei-query-type
remove

Deletes the specified attach configuration.

imei-query-type { imei | imei-sv | none }

Configures system behavior during Attach procedures if an IMEI is not already present in the Attach Request.

  • imei: Specifies that the system is required to query the UE for its International Mobile Equipment Identity (IMEI).
  • imei-sv: Specifies that the system is required to query the UE for its International Mobile Equipment Identity - Software Version (IMEI-SV).
  • none: Specifies that the system does not need to query for IMEI or IMEI-SV.
verify-equipment-identity [ allow-on-eca-timeout | deny-greylisted | deny-unknown | verify-emergency ]

Specifies that the identification (IMEI or IMEI-SV) of the UE is to be performed by the Equipment Identity Register (EIR) over the S13 interface.

  • allow-on-eca-timeout: Configures the MME to allow equipment that has timed-out on ECA during the attach procedure.
  • deny-greylisted: Configures the MME to deny grey-listed equipment during the attach procedure.
  • deny-unknown: Configures the MME to deny unknown equipment during the attach procedure.
  • verify-emergency: Configures the MME to ignore the IMEI validation of the equipment during the attach procedure in emergency cases. This keyword is only supported in release 12.2 and higher.

Usage:

Configures system settings related to the UE Attach procedure for the specified call control profile

The command can be repeated using different keyword values to further fine-tune the attachment configuration.


Example:
The following command configures the system to query the UE for its IMEI and to verify the UE equipment identity with an Equipment
attach imei-query-type
imei verify-equipment-identity
attach restrict

Configures the system to restrict attaches based on access type and location areas (either all or specified location area list) for this call control profile.

IMPORTANT:

SGSN only: Before using this command, ensure that the appropriate location area code (LAC) information has been defined via the location-area-list command.

Platform:

ASR 5000

Product:

MME, SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ no ] attach
restrict access-type { eps [ emm-cause-code code | imsi-attach-fail [ emm-cause-code code ] | voice-unsupported [ emm-cause-code code  ] ] | gprs | umts } { all | location-area-list
instance list_id }
no

Deletes the specified attach configuration.

access-type type

Defines the type of access to be allowed or restricted.

  • eps
  • gprs
  • umts
emm-cause-code code

Specifies the EPS Mobility Management (EMM) cause code to return to the UE:

  • eps-service-disallowed
  • eps-service-not-allowed-in-this-plmn
  • no-suitable-cell-in-tracking-area
  • plmn-not-allowed
  • roaming-not-allowed-in-this-tracking-area
  • tracking-area-not-allowed

The default cause code is no-suitable-cell-in-tracking-area.

IMPORTANT:

The tracking-area-not-allowed cause code is not supported for the MME.

IMPORTANT:

The roaming-not-allowed-in-this-tracking-area and tracking-area-not-allowed cause codes are not applicable for use with the imsi-attach-fail or voice-unsupported keywords.

imsi-attach-fail

Directs the MME to restrict EPS attach when IMSI attach fails. If the policy is configured, all IMSI failures will result in a EPS restriction.

The default cause code for calls rejected for imsi-attach-fail is no-suitable-cell-in-tracking-area.

voice-unsupported

Directs the MME to restrict EPS attach when voice is not supported, such as when Voice over IMS is not supported and the UE does not support Circuit Switched Fall Back (CSFB).

This setting is applicable when all of the following conditions apply:

  • The UE is voice-centric as determined in the UE usage setting of the Voice Domain and UE Settings IE sent in the request.
  • The UE does not support CSFB as determined in the EMM Combined procedures Capability bit of the MS Network Capability IE sent in the request, OR if CSFB is not supported on the MME as determined by the SGs service not being associated with the MME service.
  • Voice over IMS is not supported in the network as defined by the network-feature-support-ie ims-voice-over-ps command.

The default cause code for calls rejected for voice-unsupported is no-suitable-cell-in-tracking-area.

all

Instructs the system to apply the command action to all location area lists. Location area lists should already have been created with the location-area-list command. The location area list consists of one or more LACs, location area codes, where the MS is when placing the call.

location-area-list instance list_id

Instructs the SGSN to apply the command action to a specific location area list. Location area lists should already have been created with the location-area-list command. The location area list consists of one or more LACs, location area codes, where the MS is when placing the call.

Using this keyword with either the allow or restrict keywords enables you to configure with more granularity.

list_id: Enter an integer between 1 and 5.

IMPORTANT:

This keyword only applies to the SGSN.


Usage:

Once the IMSI of an incoming call is known and matched with a specific operator policy, according to the filter definition of the mcc command, then the associated call control profile is selected to determine how the incoming call is handled.

By default, all attaches are allowed. If no access limitations are needed, then do not use the attach command.

IMPORTANT:

Before using this command, ensure that the appropriate LAC information has been defined with the location-area-list command.

Use this command to restrict attaches for the call control profile.

Use this command to fine-tune the attach configuration specifying which calls/subscribers can attach and which calls are restricted from attaching and what failure code is included in the Reject message.

Attachment restrictions can be based on any one or combination of the options, such as location area code or access type. It is even possible to restrict all attaches.

The command can be repeated using different keyword values to further fine-tune the attachment configuration.

Related Commands

  • Use the attach access-type command to define the type of access to restrict or allow.
  • Use the attach allow command to re-enable restrictions after an attach restrict command has been used.

Example:
For calls under the purview of this call control profile, the following command restricts the attaches of all subscribers using the GPRS access type.
attach restrict access-type
gprs all
To change the attach restriction to only restrict attaches of GPRS subscribers from specified LACs included in location area list #2 and include failure-code 45 as the reject cause. This configuration requires two CLI commands:
attach restrict access-type
gprs location-area-list instance 2
attach access-type
gprs location-area-list instance 2 failure-code 45
In the case of a dual-access SGSN, it is possible to also add a second definition to restrict attaches of UMTS subscribers within the LACs included in location area list #3.
attach restrict access-type
UMTS location-area-list instance 3 
Change the configuration to allow attaches for GPRS access for all previously restricted LACs - note that GPRS attaches would still be limited:
no attach restrict
access-type gprs all
Restrict (deny) all GPRS attach requests (coming from any location area) and assign a single failure code for the reject messages. This is a two command process:
attach restrict access-type
gprs all
attach access-type grps
all failure-code 22
authenticate activate

Allows the operator to define authentication procedures in response to a received Activate Request.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
authenticate activate [ access-type { gprs | umts } | first | frequency frequency  | primary ] [ access-type { gprs | umts } ][ no | remove ] authenticate
activate [ access-type { gprs | umts } | first | primary ] [ access-type { gprs | umts } ] ]
no

Disables the specified activate authentication configuration in the call control profile.

remove

Removes the specified activate authentication configuration from the call control profile configuration file.

access-type type

One of the following must be selected to identify the type of network access if the access-type keyword is included in the command:

  • gprs
  • umts

The access-type keyword can be included with any of the other three keywords available with the authenticate activate command.

first

Including this keyword enables authentication only for the first Activate Request for an MS/UE.

frequency frequency

This keyword defines 1-in-N selective authentication for Activate Request events. If the frequency is set for 12, then the SGSN skips authentication for the first 11 events and authenticates on the twelfth event.

frequency must be an integer from 1 to 16.

primary

Including this keyword enables authentication for every primary PDP context Activate Request.


Usage:

Activate Requests are not authenticated by default. Use this command to enable authentication of Activate Requests.

Repeat the commands as needed to configure desired authentication responses to Activate Request messages for this call control profile.


Example:
Configure Request Activate authentication for every primary PDP context for MS with GPRS access:
authenticate activate
primary access-type gprs
authenticate all-events

Allows the operator to quickly define authentication procedures, based on limited parameters, for all types of events.

Platform:

ASR 5000

Product:

MME, SGSN


Privilege:

Security Administrator, Administrator


Syntax
authenticate all-events [ access-type { gprs | umts } | frequency frequency [ access-type { gprs | umts } ] ][ no | remove ] authenticate
all-events [ access-type { gprs | umts } ]
no

Disables the specified authentication configuration in the call control profile.

remove

Removes the specified authentication configuration from the call control profile configuration file.

access-type type

One of the following must be selected to identify the type of network access if the access-type keyword is included in the command:

  • gprs
  • umts

The access-type keyword can be included with any of the other three keywords available with the authenticate all-events command.

frequency frequency

This keyword defines 1-in-N selective authentication for all types of subscriber events. If the frequency is set for 12, then the service skips authentication for the first 11 events and authenticates on the 12th event.

frequency must be an integer from 1 to 16.


Usage:

By default, authentication is not performed for any subscriber events. Use this command to enable authentication for all types of events at one time, such as but not limited to: Activate Requests, Attach Requests, Detach Requests, Service-Requests.


Example:
The following command configures all authentication for all subscriber events to occur every tenth time a specific type of event occurs (for example every tenth time an Attach Request is received):
authenticate all-events
frequency 10
The following command configures authentication for all Detach Requests and RAUs to occur if the UE access-type is UMTS:
authenticate all-events
access-type umts
authenticate attach

Allows the operator to define authentication for Attach procedures.

Platform:

ASR 5000

Product:

MME, SGSN


Privilege:

Security Administrator, Administrator


Syntax
authenticate attach
access-type { gprs | umts }authenticate attach
attach-type { combined | gprs-only } [ access-type { gprs | umts } | frequency frequency ] authenticate attach
frequency  frequency [ access-type { gprs | umts } ]authenticate attach
inter-rat [ access-type { gprs | umts } | attach-type { combined | gprs-only } [ access-type { gprs | umts } | frequency frequency ] | frequency  frequency [ access-type { gprs | umts } ][ no | remove ] authenticate
attach [ access-type { gprs | umts } | attach-type { combined | gprs-only } | inter-rat | attach-type { combined | gprs-only } ] [ access-type { gprs | umts } ]  ]
no

Disables the defined authentication procedures configured for Attach Requests from the call control profile.

remove

Deletes the defined authentication procedures for Attach Requests from the call control profile configuration file.

access-type type

One of the following must be selected to identify the type of network access if the access-type keyword is included in the command:

  • gprs
  • umts
attach-type

This keyword configures the Attach authentication based on the type of attach requested. The attach-type must be one of the following options:

  • combined: Authenticates combined GPRS/IMSI Attaches.
  • gprs-only: Authenticates GRPS Attaches only.
frequency frequency

This keyword defines 1-in-N selective authentication for this type of subscriber event - Attach Request. If the frequency is set for 12, then the service skips authentication for the first 11 events and authenticates on the twelfth event.

frequency must be an integer from 1 to 16.

inter-rat

Enables/disables authentication for Inter-RAT Attaches.


Usage:

Authentication for Attach is disabled by default. This command enables/disables authentication for an Attach with a local P-TMSI or Attaches with an IMSI, which will be authenticated to acquire the CK (cipher key) and the IK (integrity key).


Example:
The following command configures authentication to occur after every tenth attach event for GPRS access.
authenticate attach
frequency 10 access-type gprs
The following command disables authentication for Inter-RAT Attaches, use:
no authenticate attach
inter-rat
authenticate detach

Allows the operator to enable and define authentication for Detach procedures.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
authenticate detach [ access-type
umts ] [ no | remove ] authenticate
detach [ access-type umts ] 
no

Disables the defined authentication procedures configured for Detach Requests from the call control profile.

remove

Deletes the defined authentication procedures for Detach Requests from the call control profile configuration file.

access-type umts

Optionally, identifies the type of network access if the access-type umts keywords are included in the command. By default, access-type UMTS is assumed.


Usage:

Authentication for Detach procedures is disabled by default. This command enables/disables authentication for a Detach Request and allows the operator to limit authentication based on the MS/UE access-type.


Example:
The following command configures detach authentication to occur only for UMTS attached subscribers:
authenticate detach
access-type umts
The following command disables authentication for all Detach Requests, use:
no authenticate detach
authenticate on-first-vector

Allows the operator to enable the SGSN to begin MS authentication immediately after receiving the first vector from the HLR.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
authenticate on-first-vectorremove authenticate
on-first-vector
remove

Removes the authenticate on-first-vector definition from the configuration file and resets the default behavior so that the SGSN waits to receive all vectors before beginning authentication towards the MS.


Usage:

After an initial attach request, some end devices restart themselves after waiting for the PDP to be established. In such cases, the SGSN restarts and a large number of end devices repeat their attempts to attach. The attach requests flood the radio network, and if the devices timeout before the PDP is established then they continue to retry, thus even more traffic is generated.

To avoid the high traffic levels during PDP establishment, the SGSN has been modified to reduce the attach time, as much as possible, so that the devices can attach and discontinue sending requests. The current enhancement is intended to reduce the time needed to retrieve vectors over the GR interface by allowing the operator to configure the SGSN to start authentication towards the MS as soon as it receives the first vector from the AuC/HLR. With the new command included in the configuration, the SGSN begins the MS authentication process immediately after receiving the first vector from the HLR while the SAI continues in parallel.


Example:
Use the following command to configure the SGSN to begin MS authentication immediately after receiving the first vector from the AuC/HLR:
authenticate on-first-vector
Use the following command to reset the default behavior, so that the SGSN waits to receive all vectors requested in the SAI from the AuC/HLR before begining authentication towards the MS:
remove authenticate
on-first-vector
authenticate rau

Enables or disables and fine tunes authentication procedures for routing area updates (RAUs)

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
authenticate rau [ access-type { gprs | umts } | frequency
 frequency [ access { gprs | umts } ] | periodicity duration [ access { gprs | umts } ] | update-type { combined-update | imsi-combined-update | periodic | ra-update } [ access-type { gprs | umts } | frequency frequency | periodicity duration | with { foreign-ptmsi | inter-rat-local-ptmsi | local-ptmsi } [ access-type { gprs | umts } | frequency
 frequency | periodicity duration ]  no authenticate rau [ access-type { grps | umts } | update-type { combined-update | imsi-combined-update | periodic | ra-update } [ access-type { gprs | umts } | with { foreign-ptmsi | inter-rat-local-ptmsi | local-ptmsi } [ access-type { gprs | umts } ] remove authenticate
rau [ access-type { gprs | umts } | periodicity [ access { gprs | umts } ] | update-type { combined-update | imsi-combined-update | periodic | ra-update } [ access-type { gprs | umts }  | periodicity
 | with { foreign-ptmsi | inter-rat-local-ptmsi | local-ptmsi } [ access-type { gprs | umts } | periodicity ] ]  
no

Disables authentication for the RAUs specified in the configuration for the call control profile.

remove

Deletes the authentication configuration for the RAUs from the call control profile in the configuration file.

access-type type

One of the following must be selected to identify the type of network access if the access-type keyword is included in the command:

  • gprs
  • umts

The access-type keyword can be included with any of the other keywords available with the authenticate rau command.

frequency frequency

Defines 1-in-N selective authentication for RAU events. If the frequency is set for 12, then the SGSN skips authentication for the first 11 events and authenticates on the twelfth event.

frequency must be an integer from 1 to 16.

periodicity duration

Defines the length of time (number of minutes) that authentication can be skipped.

duration: Must be an integer from 1 to 10800.

update-type

Defines the type of RAU Request. Select one of the following:

  • combined-update [ access-type | with inter-rat-local-ptmsi ]
  • imsi-combined-update [ access-type | with inter-rat-local-ptmsi ]
  • periodic [ access-type | frequency | periodicity ]
  • ra-update [ access-type | with inter-rat-local-ptmsi ]

Usage:

By default, authentication is not performed for routing area updates (RAUs). Use this command to enable/disable authentication and to fine tune the authentication procedure based on frequency, periods for skipping authentication and the various types of routing area updates.


Example:
The following command configures RAU authentication to occur after every tenth event for GPRS access.
authenticate rau frequency
10 access-type gprs
The following command disables authentication for RAUs based on the combined IMSI with foreign P-TMSIs, use:
no authenticate rau
imsi-combined-update with foreign-ptmsi
The following command deletes all authentication configuration from the call control profile for all RAUs using GPRS access-type:
remove authenticate
rau access-type gprs
authenticate service-request

Enables or disables and fine-tunes authentication procedures for Service Requests.

Platform:

ASR 5000

Product:

MME, SGSN


Privilege:

Security Administrator, Administrator


Syntax
authenticate service-request [ frequency frequency | periodicity duration | service-type { data | page-response | signaling } [ frequency frequency | periodicity  duration ] ]no authenticate service-request [ service-type { data | page-response | signaling } ] remove authenticate
service-request [ periodicity  | service-type { data | page-response | signaling } [ periodicity ] ]
no

Disables authentication for the Service Requests specified in the configuration for the call control profile.

remove

Deletes the authentication configuration for Service Requests from the call control profile in the configuration file.

frequency frequency

Defines 1-in-N selective authentication for this type of subscriber event - Service Request. If the frequency is set for 12, then the service skips authentication for the first 11 events and authenticates on the twelfth event.

frequency must be an integer from 1 to 16.

periodicity duration

Defines the length of time (number of minutes) that authentication can be skipped.

duration: Must be an integer from 1 to 10800.

signaling-type

Defines the type of service being requested by the Service Request. Select one of the following:

  • data
  • page-response
  • signaling

Usage:

By default, authentication is not performed for Service Requests. Use this command to enable/disable authentication and to fine-tune the authentication procedure based on frequency and periods for skipping authentication and the various types of service. Repeat the commands as needed to configure criteria for all service types.


Example:
The following command configures authentication Service Requests for data service to only occur every 5 minutes:
authenticate service-request
service-type data periodicity 5
authenticate sms

Enables or disables and fine tunes authentication procedures for Short Message Service (SMS).

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
authenticate sms [ access-type { gprs | umts } | frequency frequency [ access-type { gprs
 umts } ] | sms-type { mo-sms | mt-sms } [ access-type { gprs | umts } |  frequency frequency ] ][ no | remove ] 
authenticate sms [ access-type { gprs | umts } | sms-type { mo-sms | mt-sms } [ access-type { gprs
 umts } ] ]
no

Disables authentication for the SMS Requests specified in the configuration for the call control profile.

remove

Deletes the authentication configuration for SMS Requests from the call control profile in the configuration file.

access-type type

One of the following must be selected to identify the type of network access if the access-type keyword is included in the command:

  • gprs
  • umts

The access-type keyword can be included with any of the other keywords available with the authenticate sms command.

frequency frequency

Defines 1-in-N selective authentication for SMS Requests. If the frequency is set for 12, then the SGSN skips authentication for the first 11 events and authenticates on the twelfth event.

frequency must be an integer from 1 to 16.

sms-type

Enables authentication for the following SMS types:

  • mo-sms: mobile-originated SMS
  • mt-sms: mobile-terminated SMS

Usage:

By default, authentication is not performed for short message service (SMS). Use this command to enable/disable authentication and to fine-tune the authentication procedure based on MS/UE access type and the frequency for the selected SMS type. Repeat the commands as needed to configure criteria for all service types.


Example:
The following command configures MO-SMS authentication to occur every fifth request:
authenticate sms sms-type
mo-sms frequency 5
authenticate tau

Allows the operator to enable/disable and fine-tune authentication for the tracking area update (TAU) procedures.

Platform:

ASR 5000

Product:

MME


Privilege:

Security Administrator, Administrator


Syntax
authenticate tau [ freqency frequency | inter-rat | periodicity interval ] no authenticate tau
inter-rat
no

Disables the TAU authentication procedures specified in the call control profile configuration.

frequency frequency

Defines 1-in-N selective authentication for this type of subscriber event - a tracking area update for an inter-RAT Attach. If the frequency is set for 12, the MME skips authentication for the first 11 events and authenticates on the twelfth event.

frequency must be an integer from 1 to 16.

inter-rat

Enables authentication for TAU procedures for inter-RAT Attaches.

periodicity duration

Defines the length of time (number of minutes) that authentication can be skipped.

duration: Must be an integer from 1 to 10800.


Usage:

Authentication for TAU procedures is disabled by default. This command enables/disables authentication for a inter-RAT TAU procedures and allows the operator to limit authentication based on the frequency of the events or elapsed intervals between the events.


Example:
The following command configures TAU authentication to occur when there is 15 minutes between inter-RAT Attaches:
authenticate tau periodicity 15
The following command disables authentication for all TAU Inter-RAT Attaches, use:
no authenticate tau
cc

Defines the charging characteristics to be applied for CDR generation when the handling rules are applied via the Operator Policy feature.

Platform:

ASR 5000

Product:

MME, SAEGW, S-GW, SGSN


Privilege:

Security Administrator, Administrator


Syntax
cc { behavior-bit
no-records bit_value | local-value
behavior bit_value profile index_bit | prefer { hlr-hss-value | local-value } }no cc behavior-bit no-recordsremove cc { behavior-bit
no-records | local-value | prefer }
no

Disables the no records generation behavior-bit configuration for this call control profile.

remove

Removes the specified charging characteristic configuration from this profile.

behavior-bit no-records bit_value

Default: disabled

Specifies the charging characteristic behavior bit. no-records instructs the system not to generate any accounting records regardless of what may be configured elsewhere.

bit_value is an integer from 1 through 12.

local-value behavior bit_value profile index_bit

Defaults: bit_value = 0x0, index_bit = 8

Sets the local value of the behavior bits and profile index for the charging characteristics when the HLR/HSS does not provide values for these parameters.

bit_value is a hexadecimal value between 0x0 and 0xFFF.

index_bit is an integer value from 1 through 15.

Setting the profile index bis selects different charging trigger profiles to be used with the call control profile. Some of the index values are predefined according to 3GPP standard:

  • 1 for hot billing
  • 2 for flat billing
  • 4 for prepaid billing
  • 8 for normal billing

If the HLR/HSS provides the charging characteristics with behavior bits and profile index and the operator prefers to ignore the HLR/HSS values, then also configure the prefer local-value keyword.

prefer { hlr-hss-value | local-value }

Default: hlr-hss-value

Specifies a preference for using charging characteristics settings received from HLR or HSS, or those set by the SGSN or MME locally with the local-value behavior command.

  • hlr-hss-value sets the call control profile to use charging characteristics settings received from HLR or HSS. This is the default preference.
  • local-value sets the call control profile to use charging characteristics settings from the SGSN or MME only. If no charging characteristics are received from the HLR/HSS then local values will be applied.

Usage:

Use this command to set the behavior for charging characteristic comings from either an HLR/HSS or locally from an MME/SGSN.

These charging characteristics parameters can also be set within an APN profile with the commands of the APN Profile configuration mode. For generation of M-CDRs, the parameters configured in this mode, Call Control Profile configuration mode, will prevail but for generation of S-CDRs the parameters configured in the APN Profile configuration mode will prevail.

The 12 behavior bits (of the local-value behavior keyword) can be used to enable or disable CDR generation.


Example:
The following command specifies a rule not to generate charging records (CDRs) and sets the charging characteristics behavior bit to 2:
cc behavior-bit no-records 2
check-zone-code

Enables or disables the zone code checking mechanism.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ no | remove ] check-zone-code 
no

Included with the command, this keyword disables the mechanism.

remove

Included with the command, this keyword causes the removal of the current check-zone-code configuration and returns to the SGSN to the default where zone-code checking is enabled.


Usage:

Use this command to enable/disable the zone-code checking function.


Example:
Disable checking of the zone code:
no check-zone-code
ciphering-algorithm-gprs

Defines the order of preference of the ciphering algorithms.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
ciphering-algorithm-gprs
priority priority
algorithmremove ciphering-algorithm-gprs
priority priority 
remove

Delete the priority definition.

priority priority

Sets the order in which the algorithm will be selected for use.

priority is an integer from 1 to 8.

algorithm

Identifies the ciphering algorithm to be used.

algorithm is one of the following: gea0, gea1, gea2, gea3.


Usage:

Define the order in which the ciphering algorithms are chosen for use. The command can be repeated to provide multiple definitions -- multiple priorities.


Example:
Define gea1 as the third priority algorithm:
ciphering-algorithm-gprs
priority 3 gea1
csfb

Configures circuit-switched fallback options. CSFB is the mechanism to move a subscriber from LTE to a legacy technology to obtain circuit switched voice or short message.

Platform:

ASR 5000

Product:

MME


Privilege:

Administrator


Syntax
csfb { policy { not-allowed | not-preferred | sms-only } | sms-only }remove csfb { policy | sms-only }
remove csfb { policy | sms-only }

sms-only: Removes the SMS-only restriction allowing the UE to request voice and short message service (SMS) support for circuit-switched fallback (CSFB).

policy: Removes the configured policy

policy { not-allowed | not-preferred | sms-only }

not-allowed: Specifies that the CSFB function is not allowed for both voice and SMS.

not-preferred: Specifies that the MME returns a “not-preferred” response for CSFB services. The MME does not enforce this and a voice centric is allowed to make CSFB calls on a not-preferred case if it chooses to do so.

sms-only: Specifies that the CSFB function only supports SMS.

sms-only

Specifies that the circuit-switched fallback function only supports SMS.

IMPORTANT:

This is a legacy keyword that remains to support earlier versions of the code. It operates identically to the policy sms-only keyword.


Usage:

Use this command to restrict the circuit-switched fallback function to SMS only or no support for either voice or SMS.


Example:
The following command enforces the SMS-only functionality for UEs requesting circuit-switched fallback:
csfb policy sms-only
description

Allows you to enter a relevant descriptive string.

Platform:

ASR 5000

ASR 5500

Product:

MME, SAEGW, S-GW, SGSN


Privilege:

Security Administrator, Administrator


Syntax
description descriptionno description
description

Enter an alphanumeric string of 1 to 100 characters. The string may include spaces, punctuation, and case-sensitive letters if the string is enclosed in double quotation marks ( “ ).

no

Removes the description from the call control profile.


Usage:

Define information that identifies this particularly call control profile.


Example:
description “call-control-profile
handling incoming from CallTell”
diameter-result-code-mapping

Maps an EMM (EPS Mobility Management) NAS (Network Access Server) cause code to a Diameter result code.

Platform:

ASR 5000

Product:

MME


Privilege:

Administrator


Syntax
diameter-result-code-mapping
s6a diameter_result_code mme-emm-cause  mme_emm_error_coderemove diameter-result-code-mapping
s6a diameter_result_code

remove diameter-result-code-mapping s6a diameter_result_code

Removes the mapping for the specified Diameter result code.

s6a diameter_result_code

Specifies the Diameter result code to which the EMM NAS cause code is mapped.

diameter_result_code: Specify one of the supported Diameter result codes:

  • diameter-authorization-rejected - s6a result code 5003. Default mapped EMM code: “No suitable cells in tracking area.”
  • diameter-error-other - miscellaneous s6a error result code. Default mapped EMM code: “Network failure.”
  • diameter-error-rat-not-allowed - s6a result code 5421. Default mapped EMM code: “No suitable cells in tracking area.”
  • diameter-error-roaming-not-allowed - s6a result code 5004. Default mapped EMM code: “PLMN not allowed.”
  • diameter-error-user-unknown - s6a result code 5001/5030. Default mapped EMM code: “EPS Service and non-EPS services not allowed.”
  • diameter-invalid-avp-value - s6a result code 5004. Default mapped EMM code: “Network failure.”
  • diameter-unable-to-comply - s6a result code 5012. Default mapped EMM code: “Network failure.”
  • diameter-unknown-eps-subscription - s6a result code 5420. Default mapped EMM code: “No suitable cells in tracking area.”
  • diameter-unsupported-feature - s6a result code 5011. Default mapped EMM code: “Network failure.”
mme-emm-cause mme_emm_error_code

Specifies the EMM NAS cause code to be mapped to the Diameter result code.

mme_emm_error_code: Specify one of the supported EMM NAS error codes:

  • eps-non-eps-not-allowed: Specifies that the EMM NAS cause code #8 “EPS services and non-EPS services not allowed” is to be mapped to the specified Diameter result code.
  • network-failure: Specifies that the EMM NAS cause code #17 “Network failure” is to be mapped to the specified Diameter result code.
  • no-suitable-cell-in-tracking-area: Specifies that the EMM NAS cause code #15 “No suitable cells in tracking area” is to be mapped to the specified Diameter result code.
  • plmn-not-allowed: Specifies that the EMM NAS cause code #11 “PLMN not allowed” is to be mapped to the specified Diameter result code.
  • roaming-not-allowed-in-this-tracking-area: Specifies that the EMM NAS cause code #13 “Roaming not allowed in this tracking area” is to be mapped to the specified Diameter result code.
  • tracking-area-not-allowed: Specifies that the EMM NAS cause code #12 “Tracking area not allowed” is to be mapped to the specified Diameter result code.

Usage:

Use this command to map a selected EMM NAS cause code to a specific Diameter result code.


Example:
The following command maps the EMM NAS cause code “Roaming not allowed in this tracking area” to the Diameter result code “S6a Diameter error RAT not allowed”:
diameter-result-code-mapping
s6a diameter-error-rat-not-allowed mme-emm-cause roaming-not-allowed-in-this-tracking-area
direct-tunnel

Allows direct tunneling if direct tunneling is supported by the destination node.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
direct-tunnel attempt-when-permittedremove direct-tunnel
remove

Removes the configured setting from the call control profile.

attempt-when-permitted

Enables direct tunneling if the destination node allows it. Default: disabled.


Usage:

Use this command to enable the Direct-Tunnel feature.

To ensure that direct tunnel is fully configured for support by the SGSN, check the settings for direct-tunnel in
  • the APN profile -- from the Exec mode, use command: show apn-profile <profile_name> all
  • the RNC (radio network controller) configuration -- from the Exec mode, use command: iups-service <service_name> all

IMPORTANT:

Direct tunneling must be enabled at both of these two points to allow direct tunneling for the MS/UE.


Example:
The following command sets the configuration to instruct the SGSN to attempt to setup a direct tunnel if permitted at the destination node:
direct-tunnel attempt-when-permitted
dns-ggsn

Defines the context to be used to do DNS lookup for GGSNs.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
dns-ggsn context ctxt_nameno dns-ggsn context ctxt_name
no

Removes the dns-ggsn configuration from this call control profile.

context ctxt_name

Specifies the context to be used to do DNS lookup for GGSNs as an alphanumeric string of 1 through 64 characters.


Usage:

Use this command to define the context to be used to do DNS lookup to find the GGSN address.


Example:
dns-ggsn context sgsn1
dns-sgsn

Identifies the context to be used to do DNS to find an SGSN address.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ no ] dns-sgsn
context ctxt_name
no

Removes the dns-sgsn configuration from this call control profile.

context ctxt_name

Specifies the context to be used to do DNS to find an SGSN address as an alphanumeric string of 1 through 64 characters.


Usage:

Use this command to configure the context ID for the SGSN address that will be used to do the DNS lookup.


Example:
Configure context sgsn1 for DNS lookup:
dns-sgsn context sgsn1
dns-pgw

Defines the context to be used to do DNS lookup for P-GWs.

Platform:

ASR 5000

Product:

MME, SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ remove ] dns-pgw
context ctxt_name
remove

Deletes this definition from the call control profile.

context ctxt_name

Specifies the context to be used to do DNS lookup for P-GWs as an alphanumeric string of 1 through 64 characters.

On the S4-SGSN, if the interface selected for a UE is S4 and if there is no DNS-PGW context configured under a call control profile, then by default the system will look for the DNS client in the context where the eGTP service is defined. If the interface selected for a UE is Gn-Gp and if there is no dns-pgw context configured in a call control profile, then by default the S4-SGSN will look for the DNS client in the context where the SGTP service is configured for selecting a co-located PGW/GGSN if:

  • the UE is EPC capable and,
  • apn-resolve-dns-query snaptr is configured in an APN profile using APN Profile Configuration Mode.

If the dns-pgw context is deleted with the remove option, the S4-SGSN chooses the DNS client from the context where the eGTP service is configured.


Usage:

Use this command to configure the context ID for the DNS lookup.


Example:
dns-pgw context pgw1
dns-sgw

Defines the context to be used to do DNS lookup for S-GWs.

Platform:

ASR 5000

Product:

MME, SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ remove ] dns-sgw
context ctxt_name
remove

Deletes this definition from the call control profile.

context ctxt_name

Specifies the context to be used to do DNS lookup for S-GWs as an alphanumeric string of 1 through 64 characters.

On the S4-SGSN, this specifies the name of the context where the DNS client is configured that will be used for DNS resolution of S-GWs. If dns-sgw context is not specified, the S4-SGSN uses the DNS client configured in the context where the eGTP service is configured to query the S-GW DNS address.


Usage:

Use this command to configure the context ID for the DNS lookup.


Example:
dns-sgw context sgw1
encryption-algorithm-lte

Defines the priorities for using the encryption algorithms.

Platform:

ASR 5000

Product:

MME


Privilege:

Administrator


Syntax
encryption-algorithm-lte
priority1 128-eea { 0 | 1 | 2 } 
priority2 128-eea { 0 | 1 | 2 } priority3
128-eea { 0 | 1 | 2 }remove encryption-algorithm-lte
remove

Deletes the priorities definition from the call control profile configuration.

priority1 128-eea { 0 | 1 | 2 }

Enter 0, 1, or 2 at the end of 128-eea to define the algorithm being given first priority.

priority2 128-eea { 0 | 1 | 2 }

Enter 0, 1, or 2 at the end of 128-eea to define the algorithm being given second priority.

priority3 128-eea { 0 | 1 | 2 }

Enter 0, 1, or 2 at the end of 128-eea to define the algorithm being given third priority.


Usage:

Set the order or priority in which the MME will select a 128-EEA algorithm for use. All three priorities must be set or the definition is invalid. The command can be re-entered to change the priorities without removing the configuration.


Example:
Configure 128-EEA2 as first priority encryption algorithm:
encryption-algorithm-lte
priority1 128-eea 2 priority2 128-eea 0 priority3 128-eea 1
encryption-algorithm-umts

Defines the priorities for using the encryption algorithms.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
encryption-algorithm-umts {  uea0 | uea1 | uea2 } [ then-uea# | then-uea# ]  no encryption-algorithm-lte
no

Deletes the priorities definition from the call control profile configuration.

{ uea0 | uea1 | uea2 }

Enter one of the three options to define the first priority algorithm.

[ then-uea# | then-uea# ]

If a second algorithm is to be included as an option, give it second priority. Enter 0, 1, or 2 at the end of then-uea to define the algorithm being given second priority.

then-uea#

If a third algorithm is to be included as an option, give it third priority. Enter 0, 1, or 2 at the end of then-uea to define the algorithm being given third priority.


Usage:

Set the order or priority in which the SGSN will select a UEA algorithm for use. It is not necessary to define priorities for all three priority levels. The command can be re-entered to change the priorities without removing the configuration.


Example:
Configure algorithm UEA2 as the first priority encryption algorithm with no others to be considered:
encryption-algorithm-umts uea2
end

Exits the current configuration mode and returns to the Exec mode.

Product:

All


Privilege:

Security Administrator, Administrator


Syntax
end

Usage:

Use this command to return to the Exec mode.

equivalent-plmn

Configures the definition for an equivalent public land mobile network identifier (PLMN ID) and the preferred radio access technology (RAT). This is a of PLMNs which should be considered by the mobile as equivalent to the visited PLMN for cell reselection and network selection. When configured, the equivalent PLMN list will be sent to the UE in NAS ATTACH ACCEPT / TAU ACCEPT messages (up to 15 PLMNs in each message).

Platform:

ASR 5000

Product:

MME, SGSN


Privilege:

Security Administrator, Administrator


Syntax
equivalent-plmn radio-access-technology { 2G | 3g | 4g | any } plmnid
mcc mcc_number mnc mnc_number priority priorityno equivalent-plmn
radio-access-technology { 2G | 3g | any } plmnid
mccmcc_number mnc mnc_number
no

Removes the equivalent-PLMN configuration from this call control profile.

radio-access-technology { 2G | 3g | 4g | any }

Identify the RAT type of the equivalent PLMN:

  • 2G: 2nd generation
  • 3G: 3rd generation
  • 4G: 4th generation
  • any: Any RAT
plmnid mcc mcc_number mnc mnc_number
  • mcc: Specifies the mobile country code (MCC) portion of the PLMN ID. The number can be any integer between 100 and 999.
  • mnc: Specifies the mobile network code (MNC) portion of the PLMN ID. The number can be any 2- or 3-digit integer between 00 and 999.
priority priority

Enter an integer between 1 and 15 with the highest priority assigned to the integer of the lowest numeric value.


Usage:

Use the command to identify an ‘equivalent PLMN’ and assign it a priority to define the preferred equivalent PLMN to be used. This command can be entered multiple times to set priorities of usage.


Example:
The following command sets up a secondary equivalent PLMN definition that allows for any RAT with a PLMN ID of MCC121.MNC767:
equivalent-plmn radio_access_technology
any plmnid mcc 121 mnc 767 priority 2
exit

Exits the current mode and returns to the parent configuration mode.

Product:

All


Privilege:

Security Administrator, Administrator


Syntax
exit

Usage:

Use this command to return to the parent configuration mode.

gmm information-in-messages

Provides the configuration to include the information in messages for the GPRS mobility management (GMM) parameters.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
gmm information-in-messages
access-type { { gprs | umts } [ network-name { full-text name | short-text
 name } | [ send-after { attach | rau } ] }[ default | no ] gmm { information-in-messages
access-type  { gprs | umts }
no

Disables the GMM configuration from this call control profile.

default

Sets up a GMM configuration with system default values.

access-type

Must select one of the following options:

  • gprs - General Packet Radio Service network
  • umts - Universal Mobile Telecommunications System network

After selecting the access-type, an additional parameter can be configured:

  • network-name: identifies the network name in either short text or full text.
  • send-after: configures the information in message to send after attachment or Routing Area Update (RAU).
network-name { full-text name | short-text name }

This keyword provides the option to add the network name to the message. The network name will in full text or short text. Possible options are:

  • full-text name: Indicate the network name in full text
  • short-text name: Indicate the network name in short text
send-after{ attach | rau }

This keyword configures the information in message to send after attachment or RAU message. Possible options are:

  • attach: Information sent after attachment
  • rau: Information sent after routing area update

Usage:

Use this command to configure identifying information about the network that will be included in GMM messages.


Example:
Set default settings for calls coming from 2.5G networks:
default gmm information-in-messages
access-type gprs
gmm retrieve-equipment-identity

Configures the International Mobile Equipment Identity (IMEI) or software version (SV) retrieval and validation procedure.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
gmm retrieve-equipment-identity { imei | imeisv [ unciphered ] [ then-imei ] } [ verify-equipment-identity [ deny-greylisted ] ][ no | default ] gmm
retrieve-equipment-identity
no

Disables the equipment identity retrieval procedure configured for this call control profile.

default

Sets the default action for equipment identity retrieval (EIR) procedure:

  • retrieve-equipment-identity: Default action is disabled - no retrieval of IMEI/IMEI-SV
  • verify-equipment-identity: Default action is disabled - no verification with Equipment Identity Register (EIR)
equipment-identity-type

Default: disabled

Indicates the type of equipment identification, with the possible values:

  • imei: International Mobile Equipment Identity
  • imeisv: International Mobile Equipment Identity - Software Version
imei

Indicates the equipment identity retrieval type to International Mobile Equipment Identity (IMEI). IMEI is a unique 15-digit number consisting of a TAC (Technical Approval Code), a FAC (Final Assembly Code), an SNR (Serial Number), and a check digit.

imeisv [ unciphered ] [ then-imei ]

Indicates the equipment identity retrieval type to IMEI with software version (SV). IMEI with SV is a unique 16-digit number consisting of a TAC (Technical Approval Code), a FAC (Final Assembly Code), an SNR (Serial Number), and a 2-digit software version number.

  • unciphered: This optional keyword enables the unciphered retrieval of IMEI-SV. If this option is enabled the retrieval procedure will get IMEISV (if auth is still pending, get as part of Authentication and Ciphering Response otherwise, via explicit Identification Request after Security Mode Complete).
  • then-imei: This optional keyword enables the retrieval of software version number before the IMEI. If this option is enabled the equipment identity retrieval procedure will get IMEISV on secured link (after Security mode procedure via explicit GMM Identification Request), and if MS is not having IMEISV (responded with NO Identity), SGSN will try to get IMEI.

If no other keyword is provided, imeisv will get IMEISV on a secured link (after a Security mode procedure via explicit GMM Identification Request).

verify-equipment-identity [ deny-greylisted ]

Default: disabled

This keyword enables the equipment identity validation and validates the equipment identity against the EIR.

  • deny-greylisted: This keyword fine-tunes the configuration and enables the restriction to the user having mobile equipment with an IMEI in the EIR grey list.

Usage:

Use this command to enable and configure the procedures for mobile equipment identity retrieval and validation from the EIR identified in the MAP Service Configuration mode.


Example:
The following command enables the SGSN to send “check IMEI” messages to the EIR:
gmm retrieve-equipment-identity
imei verify-equipment-identity
gs-service

Associates the context of a Gs service interface with this call control profile.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
gs-service gs_srvc_name context ctx_nameno gs-service svc_name
no

Removes/disassociates the named Gs service from the call control profile.

gs-service gs_srvc_name

Specifies the name of a specific Gs service for which to display information. gs_srvc_name is the name of a configured Gs service expressed as an alphanumeric string of 1 through 63 characters that is case sensitive.

context ctx_name

Specifies the specific context name where Gs service is configured. If this keyword is omitted, the named Gs service must exist in the same context as the GPRS/SGSN service.

ctx_name is name of the configured context of Gs service expressed as an alphanumeric string from 1 through 63 characters that is case sensitive.


Usage:

Use this command to associate a specific Gs service interface with this GPRS service instance.

IMPORTANT:

A Gs service can be used with multiple SGSN and/or GPRS service.


Example:
The following command associates a Gs service instance named stargs1, which is configured in context named star_ctx, with a call control profile:
gs-service stargs1
context star_ctx
gtp send

Configures which information elements (IE) the SGSN sends in GTP messages. These are required by the GGSN.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
gtp send { imeisv [ derive-imeisv-from-imei ] | ms-timezone | rai [use-local-plmn [network-sharing {use-selected-plmn | use-ue-plmn | use-common-plmn }]]| rat | uli [use-local-plmn [network-sharing {use-selected-plmn | use-ue-plmn | use-common-plmn }]]}remove gtp send { imeisv | ms-timezone | rai | rat | uli }no gtp send
remove

Removes the specified GTP send definition from the system configuration.

no

Disables the specified GTP send configuration.

imeisv

Instructs the SGSN to include the IMEISV (International Mobile Equipment Identity with Software Version) of the mobile when sending GTP messages of the type Create PDP Context Request.

derive-imeisv-from-imei

This is a filter for the imeisv keyword. It allows the operator to configure the SGSN to send IMEI to the GGSN as IMEI-SV.

This filter instructs the SGSN to add four 1s (1111) to the final semi-octet of the CPCQ (Create PDP Context Request) message which enables the SGSN to deduce the IMEI-SV value from the IMEI. If this filter is used, then IMEI is also sent as IMEI-SV when the gmm retrieve-equipment-identity command is configured.

ms-timezone

Instructs the SGSN to include this IE in GTP messages of the type Create PDP Request and Update PDP Context Request. This IE specifies the offset between universal time and local time, where the MS currently resides, in 15-minute steps.

This IE is sent by default.

rai

Configures the SGSN to include the Routing Area Identity (RAI) of the SGSN in the following situations:

  • 2G new SGSN RAU
  • 3G new SGSN SRNS
  • 2G -> 3G HO (only if PLMN Id has changed)
  • 3G -> 2G HO (only if PLMN Id has changed)
  • multiple IUPS service RAU (only if PLMN Id has changed)
  • multiple GPRS service RAU (only if PLMN Id has changed)
  • 3G new SGSN RAU (change in behavior)
  • 3G primary and secondary PDP activation (change in behavior)
  • 2G primary and secondary PDP activation (change in behavior)
rat

Specifies which radio access technology (RAT) is being used by the MS (GERAN, UTRAN, or GAN). Including this keyword instructs the SGSN to include this IE when sending GTP messages of the type Create PDP Request and Update PDP Context Request.

This IE is sent by default.

uli

Specifies the CGI (MCC, MNC, etc.) and SAI of the MS where it is registered. Including this keyword instructs the SGSN to include the IE when sending GTP messages of the type Create PDP Request and Update PDP Context Request.

This IE is not sent by default.

IMPORTANT:

Currently, the next 5 (five) keywords, used with keywords rai or uli, are only available for Release 12.0.

use-local-plmn

This keyword includes the local PLMN when network is not shared.

network-sharing

This keyword is used to configure network-sharing.

use-selected-plmn

This keyword includes the Selected PLMN when network is shared.

use-ue-plmn

This keyword includes Selected PLMN for supporting UE and Common PLMN for non-supporting UE when network is shared.

use-common-plmn

This keyword includes the Common PLMN when network is shared.


Usage:

Use this command to define a preferred set of information to include when GTP messages are sent. Repeat this command multiple times to enable or disable multiple options. This instruction will be implemented when the specific operator policy and call control profile are applied.

The PLMN value in RAI/ULI can be selected if 3G network-sharing is enabled.


Example:
The following command series instructs the SGSN (1) not to send MS’ timezone IE, and (2) to identify the MS’ radio access technology info in the GTP messages:
no gtp send ms-timezone
gtp send rat

The next set of commands provides examples indicating the usage of keywords to select PLMN values in RAI/ULI.

On executing the following command, ULI is sent and PLMN will be “use-selected-plmn” if network-sharing is enabled. If network-sharing is not enabled, PLMN will be “use-local-plmn”.
gtp send uli
On executing the following command, ULI is sent and PLMN will be “use-selected-plmn” if network-sharing is enabled. If network-sharing is not enabled, PLMN will be “use-local-plmn”.
gtp send uli use-local-plmn
On executing the following command, ULI is sent and PLMN will be “use-selected-plmn” if network-sharing is enabled. If network-sharing is not enabled PLMN will be “use-local-plmn”.
gtp send uli use-local-plmn
network-sharing use-selected-plmn
On executing the following command, ULI is sent and PLMN will be “use-common-plmn” if network-sharing is enabled. If network-sharing is not enabled PLMN will be “use-local-plmn”.
gtp send uli use-local-plmn
network-sharing use-common-plmn
gtpp

Enables secondary GTPP accounting for an S-GW call control profile. By default, secondary GTPP accounting is disabled.

Platform:

ASR 5000

ASR 5500

Product:

S-GW, SAEGW


Privilege:

Security Administrator, Administrator


Syntax
gtpp secondary-group group_name [ accounting
context ctx_name ]no gtpp secondary-group
no

Disables secondary GTPP accounting.

secondary-group group_name

Enables secondary GTPP accounting and specifies a GTPP group name.

group_name must be an alphanumeric string of 1 through 63 characters.

accounting context ctx_name

Specifies the specific accounting context to be used for secondary GTPP accounting. If this keyword is omitted, source context will be used for secondary GTPP accounting.

ctx_name must be an alphanumeric string of 1 through 79 characters.


Usage:

Use this command to enable or disable secondary GTPP accounting for an S-GW call control profile.


Example:
The following command enables secondary GTPP accounting for an S-GW call control profile and specifies a GTPP group named gtpp-grp1:
gtpp secondary-group
gtpp-grp1
gtpu fast-path

Enables or disables the network processing unit (NPU) Fast Path support for NPU processing of GTP-U packets of user sessions at the NPU.

Platform:

ASR 5000

ASR 5500

Product:

SAEGW

SGSN

S-GW


Privilege:

Security Administrator, Administrator


Syntax
[ remove ] 
gtpu  fast-path
remove

Removes the NPU fast path functionality configuration from the call control profile.


Usage:

Use this command to enable/disable the NPU processed fast-path feature for processing of GTP-U data packets received from GGSN/RNC or P-GW/eNodeB. This feature enhances the GTP-U packet processing by adding the ability to fully process and forward the packets through the NPU itself.

IMPORTANT:

When enabled/disabled, fast-path processing will be applicable only to new subscriber who establishes a PDP context after issuing this command (enabling GTP-U fast path). No existing subscriber session will be affected by this command.


Example:
The following command enables the NPU fast path processing for all new subscribers’ session established with this call control profile:
gtpu  fast-path
gw-selection

Configures the parameters controlling the gateway selection process.

Platform:

ASR 5000

Product:

MME


Privilege:

Security Administrator, Administrator


Syntax
[ remove ] gw-selection { co-location [ weight [ prefer { sgw | pgw } ] ] | pgw weight | sgw
weight | topology [ weight [ prefer { sgw | pgw } ] ] }
remove gw-selection

Deletes the gw-selection definition from the call control profile.

co-location [ weight [ prefer { sgw | pgw } ] ]

Selects “co-location” as the determining factor for gateway selection. Collocation should be configured for both P-GW and S-GW selection for collocation to function. If a collocated PGW/SGW node cannot be found, then topologically closest nodes are chosen next. Host names with both “topon” and “topoff” labels will be considered in collocation.

weight: Enables weighted selection if there are multiple co-located pairs.

prefer { pgw | sgw}: Configures which weight to be used for weighted selection.

pgw weight

Selects PDN-Gateway as the determining factor for gateway selection.

sgw weight

Selects Serving Gateway as the determining factor for gateway selection.

topology [ weight [ prefer { sgw | pgw } ] ]

Selects topology as the determining factor for gateway selection. Topological selection is done only during initial attach, and not used during S-GW relocation or additional-pdn-connection.

weight: Enables weighted selection if there are multiple pairs with the same degree of topological closeness.

prefer { pgw | sgw}: Configures which weight to be used for weighted selection.


Usage:

Use this command to define the criteria for gateway selection.


Example:
The following command instructs the MME to determine gateway selection on the basis of topology:
gw-selection topology
idle-mode-signaling-reduction

Enables or disables the Idle-Mode-Signaling-Reduction (ISR) feature on the S4-SGSN.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
[remove] idle-mode-signaling-reduction
access-type [ gprs | umts ]
remove

Disables the ISR feature configuration from this call control profile.

idle-mode-signaling-reduction

Configures ISR for this call control profile.

access-type

Specifies the network access type for the ISR feature. Select one of the following options:

  • gprs - General Packet Radio Service network. Currently, this option is under development for future use and is not currently supported on the S4-SGSN.
  • umts - Universal Mobile Telecommunications System network. Specifies 3G network access support for the ISR feature.

Usage:

Use this command to enable or disable the ISR feature on the S4-SGSN. Note that ISR is supported on the S4-SGSN only.

This command is available only if the Idle Mode Signaling Reduction license is enabled on the SGSN.

Once ISR is enabled, operators should set the ISR deactivation timer value sent by the S4-SGSN to the UE in Attach Accept and Routing Area Update Accept messages. Use the gmm T3323-timeout command in SGSN Service Configuration Mode to set the ISR deactivation timer value.


Example:
idle-mode-signaling-reduction
access-type umts
integrity-algorithm-lte

Specifies the order of preference for using an Integrity Algorithm.

Platform:

ASR 5000

Product:

MME


Privilege:

Administrator


Syntax
integrity-algorithm-lte
priority1 { 128-eia0 |  128-eia1  | 
128-eia2 }  priority2 128-eia { 0 | 1 | 2 } priority3
128-eia { 0 | 1 | 2 }remove integrity-algorithm-lte
remove

Deletes the priorities definition from the call control profile configuration.

priority1 128-eia { 0 | 1 | 2 }

Enter 0, 1, or 2 at the end of 128-eia to define the algorithm being given first priority.

priority2 128-eia { 0 | 1 | 2 }

Enter 0, 1, or 2 at the end of 128-eia to define the algorithm being given second priority.

priority3 128-eia { 0 | 1 | 2 }

Enter 0, 1, or 2 at the end of 128-eia to define the algorithm being given third priority.


Usage:

Set the order or priority in which the MME will select an integrity algorithm for use. All three priorities must be set or the definition is invalid. The command can be re-entered to change the priorities without removing the configuration.


Example:
Configure 128-EIA0 as first priority integrity algorithm:
integrity-algorithm-lte
priority1 128-eia 0  priority2 128-eia 2 priority3 128-eia 1
integrity-algorithm-umts

Configures the order of preference for the Integrity Algorithm used for 3G.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
integrity-algorithm-umts type then_ typedefault integrity-algorithm-umts
default

Specifies the default preference based on system defaults.

type

Creates a configuration defining an order of preference. Enter one or more of the following options in the order of preference:

  • uia1 - uia1 Algorithm
  • uia2 - uia2 Algorithm

Usage:

Use this command to determine which integrity algorithm is preferred 3G. This command is configured in tandem with the algorithm type for encryption-algorithm-umts command.


Example:
default integrity-algorithm-umts
lcs-mo

This command enables/disables mobile-originating Location Requests by access-type when Location Services functionality is enabled.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
lcs-mo { allow | restrict } access-type { gprs | umts } 
allow

Enables mobile-originating Location Requests. This is the default state when Location Services are enabled.


Usage:

This command ties Location Service functionality to a call-control profile by IMSI so that Location Services can optionally be determined by an operator policy for incoming calls.


Example:
Use the following command to disable or disallow mobile-originating Location Requests within a GPRS network:
lcs-mo restrict access-type GPRS
lcs-mt

This command enables/disables mobile-terminating Location Requests by access-type when Location Services functionality is enabled.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
lcs-mt { allow | restrict } access-type { gprs | umts } 
allow

Enables mobile-terminating Location Requests. This is the default state when Location Services are enabled.


Usage:

This command ties Location Service functionality to a call-control profile by IMSI so that Location Services can optionally be determined by an operator policy for incoming calls.


Example:
Use the following command to disable or disallow mobile-terminating Location Requests within a UMTS network:
lcs-mt restrict access-type umts
lcs-ni

This command enables/disables network-initiated Location Requests by access-type when Location Services functionality is enabled.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
lcs-ni { allow | restrict } access-type { gprs | umts } 
allow

Enables network-initiated Location Requests . This is the default state when Location Services are enabled.


Usage:

This command ties Location Service functionality to a call-control profile by IMSI so that Location Services can optionally be determined by an operator policy for incoming calls.


Example:
Use the following command to enable or allow network-initiated Location Requests within a UMTS network if this function has been restricted previously:
lcs-ni allow access-type umts
local-cause-code-mapping apn-mismatch

Configures the reject cause code to send to a UE when an APN mismatch occurs.

Platform:

ASR 5000

Product:

MME


Privilege:

Administrator


Syntax
local-cause-code-mapping
apn-mismatch emm-cause-code { eps-service-not-allowed-in-this-plmn | esm-failure
esm-cause-code unknown-apn | no-suitable-cell-in-tracking-area | plmn-not-allowed | roaming-not-allowed-in-this-tracking-area | tracking-area-not-allowed } 
remove local-cause-code-mapping
apn-mismatch 
remove local-cause-code-mapping apn-mismatch

Removes the configured cause code mapping.

apn-mismatch emm-cause-code { eps-service-not-allowed-in-this-plmn | esm-failure esm-cause-code unknown-apn | no-suitable-cell-in-tracking-area | plmn-not-allowed | roaming-not-allowed-in-this-tracking-area | tracking-area-not-allowed }

Specifies the EPS Mobility Management (EMM) cause code to return when an APN mismatch occurs.

  • eps-service-not-allowed-in-this-plmn
  • esm-failure esm-cause-code unknown-apn - Default. For the esm-failure cause code only, the unknown-apn ESM code is also reported to the UE.
  • no-suitable-cell-in-tracking-area
  • plmn-not-allowed
  • roaming-not-allowed-in-this-tracking-area
  • tracking-area-not-allowed

Usage:

Use this command to configure the cause code returned to a UE when an APN mismatch occurs, such as when an APN is present in the HSS subscription but the HSS subscription for this IMSI has other APNs present in the subscription.

If a condition is specified in both the call-control-profile associated with a call, and also the mme-service, the cause configured for the call-control-profile will be signalled to the UE. See also the local-cause-code-mapping command in the mme-service configuration mode. This command is described in the MME Service Configuration Mode Commands chapter.


Example:
The following command maps the “PLMN not allowed” cause code to the APN mismatch condition:
local-cause-code-mapping
apn-mismatch emm-cause-code plmn-not-allowed
local-cause-code-mapping congestion

Configures the reject cause code to send to a UE when a procedure fails due to a congestion condition.

Platform:

ASR 5000

Product:

MME


Privilege:

Administrator


Syntax
local-cause-code-mapping congestion emm-cause-code { congestion [ esm-cause-code { congestion | insufficient-resources | service-option-temporarily-out-of-order } ] | eps-service-not-allowed-in-this-plmn | network
failure | no-suitable-cell-in-tracking-area | plmn-not-allowed | roaming-not-allowed-in-this-tracking-area | tracking-area-not-allowed }  
remove local-cause-code-mapping
congestion 
remove local-cause-code-mapping congestion

Removes the configured cause code mapping.

congestion emm-cause { congestion [ esm-cause-code { congestion | insufficient-resources | service-option-temporarily-out-of-order } ] | eps-service-not-allowed-in-this-plmn | network failure | no-suitable-cell-in-tracking-area | plmn-not-allowed | roaming-not-allowed-in-this-tracking-area | tracking-area-not-allowed }

Specifies the EPS Mobility Management (EMM) cause code to return when a UE requests access when the system is exceeding any of its congestion control thresholds.

  • congestion - Default
  • eps-service-not-allowed-in-this-plmn
  • network-failure
  • no-suitable-cell-in-tracking-area
  • plmn-not-allowed
  • roaming-not-allowed-in-this-tracking-area
  • tracking-area-not-allowed
esm-cause-code { congestion | insufficient-resources | service-option-temporarily-out-of-order }

Specifies the EPS Session Management (ESM) cause code to return when a UE requests access when the system is exceeding any of its congestion control thresholds.

  • congestion - Default
  • insufficient-resources
  • service-option-temporarily-out-of-order

Usage:

Use this command to configure the cause code returned to a UE when a UE procedure fails due to a congestion condition on the MME.

To set the cause codes for situations where a call control profile cannot be attached to a call (for example new-call restrictions, congestion during new call attempt, etc.), use the local-cause-code-mapping command in the mme-service configuration mode. This command is described in the MME Service Configuration Mode Commands chapter.


Example:
The following command maps the “network failure” cause code to the congestion event:
local-cause-code-mapping
congestion emm-cause-code network-failure
local-cause-code-mapping map-cause-code

Configures the GMM reject cause code to send to a UE for map cause ‘roaming not allowed’.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Administrator


Syntax
local-cause-code-mapping
map-cause-code roaming-not-allowed gmm-cause-code gmm-cause
remove local-cause-code-mapping
map-cause-code roaming-not-allowed 
remove local-cause-code-mapping map-cause-code roaming-not-allowed

Removes the configured cause code mapping.

roaming-not-allowed gmm-cause-code gmm-cause

Specifies the GPRS mobility management (GMM) cause code to return to a UE when the UE’s access request is rejected due to map cause ‘roaming not allowed’. Cause code options include:

  • gprs-serv-and-non-gprs-serv-not-allowed
  • gprs-serv-not-allowed
  • gprs-serv-not-in-this-plmn
  • location-area-not-allowed
  • network-failure
  • no-suitable-cell-in-this-la
  • plmn-not-allowed
  • roaming-not-allowed-in-this-la

Usage:

This command enables the operator to configure the exact GMM cause code to return to the UE when a UE access request is rejected due to map-cause ‘roaming-not-allowed’.


Example:
The following command maps network-failure as the GMM cause code to be included in a Access Reject sent to the UE when the UE is denied due to map-cause ‘roaming-not-allowed’:
local-cause-code-mapping
map-cause-code roaming-not-allowed gmm-cause-code network-failure
local-cause-code-mapping restricted-zone-code

Configures the reject cause code to send to a UE when a UE requests access to a restricted zone.

Platform:

ASR 5000

Product:

MME


Privilege:

Administrator


Syntax
local-cause-code-mapping
restricted-zone-code emm-cause-code { eps-service-not-allowed-in-this-plmn | no-suitable-cell-in-tracking-area | plmn-not-allowed | roaming-not-allowed-in-this-tracking-area | tracking-area-not-allowed } 
remove local-cause-code-mapping
restricted-zone-code 
remove local-cause-code-mapping restricted-zone-code

Removes the configured cause code mapping.

restricted-zone-code emm-cause-code emm_cause_code

Specifies the EPS Mobility Management (EMM) cause code to return when a UE requests access to a restricted zone.

emm_cause_code must be one of the following options:

  • eps-service-not-allowed-in-this-plmn
  • no-suitable-cell-in-tracking-area - Default.
  • plmn-not-allowed
  • roaming-not-allowed-in-this-tracking-area
  • tracking-area-not-allowed

Usage:

Use this command to configure the cause code returned to a UE when a UE requests access to a restricted zone.

To set the cause codes for situations where a call control profile cannot be attached to a call (for example new-call restrictions, congestion during new call attempt, etc.), use the local-cause-code-mapping command in the mme-service configuration mode. This command is described in the MME Service Configuration Mode Commands chapter.


Example:
The following command maps the “PLMN not allowed” cause code to the restricted zone code event:
local-cause-code-mapping
restricted-zone-code emm-cause-code plmn-not-allowed
local-cause-code-mapping vlr-down

Configures the cause code to send in a ATTACH ACCEPT or TAU ACCEPT to a UE that attachment to the VLR has failed because a VLR down condition is present.

Platform:

ASR 5000

Product:

MME


Privilege:

Administrator


Syntax
local-cause-code-mapping
vlr-down emm-cause-code { congestion | cs-domain-unavailable | imsi-unknown-in-hlr | msc-temp-unreachable | network-failure } 
remove local-cause-code-mapping
vlr-down 
remove local-cause-code-mapping vlr-down

Removes the configured cause code mapping.

vlr-down emm-cause-code emm_cause_code

Specifies the EPS Mobility Management (EMM) cause code to return when a VLR down condition is present.

emm_cause_code must be one of the following options:

  • congestion
  • cs-domain-unavailable
  • imsi-unknown-in-hlr
  • msc-temp-unreachable- Default.
  • network-failure

Usage:

Use this command to configure the cause code returned to a UE when a VLR down condition is present.


Example:
The following command maps the “network failure” EMM cause code to the VLR down condition:
local-cause-code-mapping
vlr-down emm-cause-code network-failure
local-cause-code-mapping vlr-unreachable

Configures the cause code to send in a ATTACH ACCEPT or TAU ACCEPT to a UE that attachment to the VLR has failed because a VLR unreachable condition is present.

Platform:

ASR 5000

Product:

MME


Privilege:

Administrator


Syntax
local-cause-code-mapping
vlr-unreachable emm-cause-code { congestion | cs-domain-unavailable | imsi-unknown-in-hlr | msc-temp-unreachable | network-failure } 
remove local-cause-code-mapping
vlr-unreachable 
remove local-cause-code-mapping vlr-unreachable

Removes the configured cause code mapping.

vlr-down emm-cause-code emm_cause_code

Specifies the EPS Mobility Management (EMM) cause code to return when a VLR unreachable condition is present.

emm_cause_code must be one of the following options:

  • congestion
  • cs-domain-unavailable
  • imsi-unknown-in-hlr
  • msc-temp-unreachable - Default.
  • network-failure

Usage:

Use this command to configure the cause code returned to a UE when a VLR unreachable condition is present.


Example:
The following command maps the “network failure” EMM cause code to the VLR unreachable condition:
local-cause-code-mapping
vlr-down emm-cause-code network-failure
location-area-list

Defines the location area list to allow or restrict services in the specified location areas identified by location area code (LAC).

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
location-area-list
instance instance area-code  area_code [ area_code * ]no location-area-list
instance instance[ area-code area_code ]
no

If the area-code keyword is included in the command, then only the specified area code is removed from the identified list. If the area-code keyword is not included with the command, the entire list of LACs is removed from this call control profile.

instance instance

Specifies an identification for the specific location area list.

instance must be an integer between 1 and 5.

area-code area_code *

This keyword defines the location area codes (LACs) to be used by this call control profile as a determining factor in the handling of incoming calls. Multiple LACs can be defined in a single location-area-list.

area_code: Enter an integer between 1 and 65535.

* If desired, enter multiple LACs separated by a single blank space.


Usage:

Use the command multiple times to configure multiple LAC lists or to modify the a list.


Example:
The following command creates a location area list for a single area code:
location-area-list
instance 1 area-code 514 
This command creates a second location area list for with multiple area codes - all separated by a single blank space:
location-area-list
instance 2 area-code 514 62552 32 1513
The next command corrects an area code mistake (327 not 32) made in the previous configuration:
location-area-list
instance 1 area-code 514 62552 327 1513
location-reporting

Enable 3G/2G Location Change Reporting feature on the SGSN.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ remove ] location-reporting
access-type { gprs | umts }  
remove

If the remove keyword is included in the command, then the location change reporting feature is disabled.

access-type type

Defines the type of subscriber access which is to reported for location changes.

  • gprs - 2G
  • umts - 3G

Usage:

Use the command multiple times to configure both types of access types.

This command enables the 3G/2G Location Change Reporting feature which notifies the GGSN whenever one of the following changes for a UE:

  • the serving cell global identity (CGI), or
  • the service area identity (SAI), or
  • the routing area identity (RAI).

Example:
The following command enables location change reporting to a GGSN for 3G subscribers:
location-reporting
access-type umts 
This command disables location change reporting that has been enabled for 2G subscribers:
remove location-reporting
access-type gprs 
lte-zone-code

Configures the enforcement of allowed or restricted zone code lists and associates an EPS Mobility Management (EMM) cause code to rejected attach attempts.

Platform:

ASR 5000

Product:

MME


Privilege:

Administrator


Syntax
lte-zone-code [ allow | restrict } { emm-cause-code { eps-service-not-allowed-in-this-plmn | no-suitable-cell-in-tracking-area | plmn-not-allowed | roaming-not-allowed-in-this-tracking-area | tracking-area-not-allowed ] zone-code-list zc_id +remove lte-zone-code
zone-code-list
remove

Removes the zone code list from the call control profile.

[ allow | restrict ]

Specifies whether the zone code list is allowed or restricted.

IMPORTANT:

You can only create an allowed or restricted list, not both.

emm-cause-code [ eps-service-not-allowed-in-this-plmn | no-suitable-cell-in-tracking-area | plmn-not-allowed | roaming-not-allowed-in-this-tracking-area | tracking-area-not-allowed ]

Optionally, specify one of the following EMM cause codes to apply when a UE request is rejected:

eps-service-not-allowed-in-this-plmn

no-suitable-cell-in-tracking-area

plmn-not-allowed

roaming-not-allowed-in-this-tracking-area

tracking-area-not-allowed

zone-code-list zc_id +

Specifies the zone code in the allowed or restricted list of zone codes. zone_code must be an integer value from 0 to 65535.


Usage:

Use this command to create zone code lists that allow or restrict access to UEs managed by this call control profile.


Example:
The following command restricts access to zone codes 234 and 456 and returns an EMM cause code of “tracking area not allowed”:
lte-zone-code restrict
emm-cause-code tracking-area-not-allowed zone-code-list 234 456
map

Configures the optional extensions to Mobile Application Part (MAP) messages.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ remove ] map
message update-gprs-location [ imeisv | private-extension
access-type ]
remove

IMEI-SV is not included in the GLU request -- this is the default behavior.

message update-gprs-location

Includes a GLU message. This keyword-set is required.

imeisv

Specifies the International Mobile equipment Identity-Software Version (IMEI-SV) information to include in the GPRS Location Update (GLU) request message. SGSN will include IMEI-SV in the message, if available. Default: disabled

private-extension access-type

Includes a specific access-type private extension in the message.


Usage:

This command configures optional extensions to MAP messages. The HLR should ignore these extensions if not supported by the HLR.


Example:
map message update-gprs-location
private-extension access-type
map-service

Identifies a Mobile Application Part (MAP) service and the context which contains it and associates both with the call control profile.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
map-service context ctxt_name service map_srvc_nameno map-service context
no

Disables use of MAP service with this call control profile.

context ctxt_name

Specifies the name of the context for the MAP service as an alphanumeric string of 1 through 64 characters.

service map_srvc_name

Specifies the MAP service name as an alphanumeric string of 1 through 64 characters.


Usage:

Use this command to enable or disable MAP service with this call control profile.


Example:
no map-service context
max-bearers-per-subscriber

Defines the maximum number of bearers allowed per subscriber.

Platform:

ASR 5000

Product:

MME


Privilege:

Security Administrator, Administrator


Syntax
max-bearers-per-subscriber numberremove max-bearers-per-subscriber
remove

Deletes the definition from the call control profile.

number

Identifies the maximum number of bearers allowed per subscriber as an integer from 1 to 11.


Usage:

Use this command to set the maximum number of bearers allowed per subscriber.


Example:
Set the maximum to 3:
max-bearers-per-subscriber 3
max-pdns-per-subscriber

Defines the maximum number of PDNs allowed per subscriber.

Platform:

ASR 5000

Product:

MME


Privilege:

Security Administrator, Administrator


Syntax
max-pdns-per-subscriber numberremove max-pdns-per-subscriber
remove

Deletes the definition from the call control profile.

number

Identifies the maximum number of PDNs allowed per subscriber as an integer from 1 to 11.


Usage:

Use this command to set the maximum number of PDNs allowed per subscriber.


Example:
Set the maximum to 4:
max-pdns-per-subscriber 4
min-unused-auth-vectors

Configures a specific minimum number of unused vectors to be maintained by the SGSN.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
min-unused-auth-vectors min#_vectorsremove min-unused-auth-vectors 
remove

Removes the definition from the configuration file and restores the default behavior, which does not use the threshold.

min#_vectors

Enables and defines a threshold for the minimum number of unused vectors that the SGSN retains to trigger the initation of a service area identity request (SAI) .

min#_vectors: Enter a digit betwen 1 and 4.


Usage:

Vectors are used by the SGSN for authentication. Use this command to enable a minimum threshold for unused vector for this call control profile. When the unused vector count falls below this configured threshold, then an SAI is initiated to fill the buffer back to 5 or to the most appropriate number based on the MAP service configuration.


Example:
Enter a command similar to the following to set a threshold of 3:
min-unused-auth-vectors 3
Use the following command to disable this function and restore the default behavior, which does not use a threshold to trigger an SAI:
remove min-unused-auth-vectors
network-feature-support-ie

Configures support for IMS Voice over Packet-Switched information element (IE) as part of the MME (Network) Feature Support.

Platform:

ASR 5000

Product:

MME


Privilege:

Administrator


Syntax
network-feature-support-ie
ims-voice-over-psremove network-feature-support-ie
remove

Disables support for Voice over PS.

ims-voice-over-ps

Enables support for Voice over PS.


Usage:

Use this command to enable Voice over PS which “switches on” an IE in a message sent by the MME indicating the features it supports.


Example:
The following command enables Voice over PS on the MME:
network-feature-support-ie
ims-voice-over-ps
network-initiated-pdp-activation

Configures the call control profile to perform two functions: (1) to enable or disable network-requested PDP context activation (NRPCA) for 3G attachments and (2) to define a failure cause code for inclusion in NRPCA-related reject messages.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ remove ] network-initiated-pdp-activation { allow
 primary  | restrict primary } access type { gprs | umts } { all | location-area-list
instance <instance> }network-initiated-pdp-activation
primary access type { gprs | umts } { all | location-area-list
instance <instance>  } failure-codecode
remove

Including this keyword with the command, removes all configured values for the specified configuration.

allow

Allows network-initiated PDP context activation. This keyword must be followed by other parameters to indicate the limitations for allowing the NRPCA.

Allow is the default for NRPCA.

restrict

Restricts network-initiated PDP context activation. This keyword must be followed by other command parameters to indicate the limitations for restricting the NRPCA.

primary

Specifies that only network-initiated primary PDP context activations are to be allowed.

secondary

IMPORTANT:

The secondary keyword is visible and can be selected, however, secondary NRPCA functionality is in development and currently this keyword is not supported for configuration.

all

Configures the SGSN to allow or to restrict NRPCA for calls within all location areas.

location-area-list instance instance

Selects a pre-defined list of location area codes (LACs) and allows/restricts the NRPCA procedure for calls within the listed area codes.

instance: Enter a list ID; an integer between 1 and 5.

IMPORTANT:

Before using this keyword, ensure that the appropriate LAC information has been defined with the location-area-list command, also in this configuration mode.

failure-codes code

Enter an integer from 192 to 226 to identify the GTPP failure cause code (from 3GPP TS29.060, list below) to be included in the reject messages when NRPCA is restricted. If a failure cause code is not defined, the default value is 200 (service not supported).

  • 192 - Non-existent
  • 193 - Invalid message format
  • 194 - IMSI not known
  • 195 - MS is GPRS Detached
  • 196 - MS is not GPRS Responding
  • 197 - MS Refuses
  • 198 - Version not supported
  • 199 - No resources available
  • 200 - Service not supported
  • 201 - Mandatory IE incorrect
  • 202 - Mandatory IE missing
  • 203 - Optional IE incorrect
  • 204 - System failure
  • 205 - Roaming restriction
  • 206 - P-TMSI Signature mismatch
  • 207 - GPRS connection suspended
  • 208 - Authentication failure
  • 209 - User authentication failed
  • 210 - Context not found
  • 211 - All dynamic PDP addresses are occupied
  • 212 - No memory is available
  • 213 - Relocation failure
  • 214 - Unknown mandatory extension header
  • 215 - Semantic error in the TFT operation
  • 216 - Syntactic error in the TFT operation
  • 217 - Semantic errors in packet filter(s)
  • 218 - Syntactic errors in packet filter(s)
  • 219 - Missing or unknown APN
  • 220 - Unknown PDP address or PDP type
  • 221 - PDP context without TFT already activated
  • 222 - APN access denied – no subscription
  • 223 - APN Restriction type incompatibility with currently active PDP Contexts
  • 224 - MS MBMS Capabilities Insufficient
  • 225 - Invalid Correlation-ID
  • 226 - MBMS Bearer Context Superseded

Usage:

Use this command to allow or restrict network-requested PDP context activation (NRPCA) based on access-type and location areas. NRPCA is used when there is downlink data at the GGSN for a subscriber, but there is no valid context for the already-established PDP address so the GGSN initiates an NRPCA procedure towards the SGSN.

This command can also be used to define the failure cause code that will be included in activation reject messages.

These commands can be repeated to define a unique set of NRPCA parameters for each access-type and each location area list.

The T3385-timeout and the max-actv-retransmission timers configure the retransmission timer and the number of retries for PDP context activation requests. Both of these timers are set in the SGSN service configuration mode.

The configuration for NRPCA can be viewed via the show call-control-profile full name profile_name. Statistics associated with NRPCA can be seen via the show gmm-sm statistics output and via the show sgtpc statistics verbose output.


Example:
The following command changes the failure code for Reject messages from 200 (service not supported) to 205 (roaming restriction) for primary NRPCA for all GRPS access and all LACs:
network-initiated-pdp-activation
primary access-type gprs all failure-code 205
The following command enables network-initiated primary PDP context activation for UMTS calls from the LACs in location-area-list 1:
network-initiated-pdp-activation
allow primary access-type umts location-area-list instance 1
The following command restricts network-initiated primary PDP context activation for UMTS calls from the LACs in location-area-list 2:
network-initiated-pdp-activation
restrict primary access-type umts location-area-list instance 2
override-arp-with-ggsn-arp

Enables or disables the ability of the SGSN to override an Allocation/Retention Priority (ARP) value with one received from a GGSN. If there is no authorized Evolved ARP received from the GGSN, by default the SGSN continues to use the legacy ARP included in the Quality of Service (QoS) Profile IE.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ remove ] override-arp-with-ggsn-arp
remove

Adding the remove keyword to the command disables the override feature.


Usage:

Enabling this function on the SGSN will allow the ARP sent by the GGSN, in CPCR / UPCR / UPCQ, to be applicable as an overriding value.


Example:
Use this command to configure the SGSN to negotiate the ARP to be used as an overriding value:
override-arp-with-ggsn-arp
pdp-activate access-type

Configures the PDP context activation option based the type of access technology.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
pdp-activate access-type { grps | umts } { all | location-area-list
instance instance } failure-code failure_codedefault pdp-activate
access-type { grps | umts } { all | location-area-list
instance instance } failure-code code
default

Resets the configuration to system default values for PDP context activation request.

{ grps | umts }

Specifies the access technology type for PDP context activation.

  • gprs: Enables access type as GPRS.
  • umts: Enables access type as UMTS.
all

Default: allow

Configures the system to allow the creation of all PDP context activation requests received from MS.

location-area-list instance instance

Specifies the location area instance for which to create a PDP context as an integer from 1 through 5. The value must be an already defined instance of a location area code (LAC) list created via the location-area-list command.

failure-code code

Specifies the failure code for PDP context activation as an integer from 8 through 112. Default: 8


Usage:

Use this command to configure this call control profile to allow GPRS/UMTS access through PDP context activation request from MS.


Example:
The following command configures the system to create the PDP context for requests from MS for GPRS access with location area list instance 2 and failure-code 5:
pdp-activate access-type
gprs location-area-list 2 failure-code 5
pdp-activate allow

Configures the system to allow the PDP context activation based on the type of access technology.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ no ] pdp-activate
allow access-type { grps | umts } location-area-list
instance instance
no

Removes the configured permission to create PDP context on request of PDP context activation from MS for an access type.

access-type { grps | umts }

Specifies the access technology type for PDP context activation.

  • gprs: Enables access type as GPRS.
  • umts: Enables access type as UMTS.
location-area-list instance instance

Specifies the location area instance to create PDP context.

instance must be an integer from 1 through 5. The value must be an already defined instance of a location area code (LAC) list created via the location-area-list command.


Usage:

Use this command to configure this call control profile to allow GPRS/UMTS access through PDP context activation request from MS.


Example:
The following command configures the system to allow the PDP context activation for GPRS access type with location area list instance 2:
pdp-activate allow
access-type gprs location-area-list instance 2
pdp-activate restrict

Configures the system to restrict the PDP context activation based on the type of access technology.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ no ] pdp-activate
restrict { { access-type { grps | umts } { all | location-area-list
instance instance } | secondary-activation { access-type { grps | umts } { all | location-area-list
instance instance } } }
no

Removes the configured restriction on PDP context activation through this command.

access-type { grps | umts }

Specifies the access technology type for which to restrict PDP context activation.

  • gprs: Enables access type as GPRS.
  • umts: Enables access type as UMTS.
all

Default: allow

Configures the system to restrict all PDP context activation requests from the MS.

location-area-list instance instance

Specifies the location area instance to restrict PDP context activation.

list_id must be an integer from 1 through 5. The value must be an already defined instance of a location area code (LAC) list created with the location-area-list command.

secondary-activation

Specifies the type of PDP context to restrict for secondary activation. This keyword restricts the system to create the secondary PDP context on receiving the PDP Context Activation Request from the MS.


Usage:

Use this command to configure this call control profile to restrict GPRS/UMTS access through PDP context activation request from MS.


Example:
The following command configures the system to restrict the PDP context activation for request from MS to access GPRS service with location area list instance 2:
pdp-activate restrict
access-type gprs location-area-list instance 2
pdn-type-override

Configures the MME or the SGSN to override the requested packet data network (PDN) type based on the inbound roamer PLMN, and re-assigns the UE to an IPv4-only or IPv6-only PDN. This override can be applied based on the type of access technology.

Platform:

ASR 5000

Product:

MME, SGSN


Privilege:

Security Administrator, Administrator


Syntax
pdn-type-override
ipv4v6 { ipv4 | ipv6 } [ access-type { eps | grps | umts } ] remove pdn-type-override [ access-type { eps | grps | umts } ]
remove

Removes the configured PDN type override.

ipv4v6 { ipv4 | ipv6 }

Defines the PDN type (IPv4 or IPv6) to which UEs should be restricted.

access-type { eps | grps | umts }

Specifies the access technology type to which the override is applied.

  • eps- enables PDN override for EPS access type.
  • gprs - enables PDN override for GPRS access type.
  • umts - enables PDN override for UMTS access type.

If this keyword is not included, then all three access types can have the PDN type overridden.


Usage:

Use this command to configure the call control profile to override the requested packet data network (PDN) type and re-assign the UE to a different PDN type. Optionally, it is possible to filter the override based on access technology.

IMPORTANT:

This call control profile becomes valid only when it is associated with an operator policy using the associate command in the Operator Policy configuration mode.


Example:
The following command configures the system to override the requested PDN type and assign a UE to an IPv4-only PDN if the UE’s access technology is GPRS:
pdn-type-override
ipv4v6 ipv4 access-type gprs 
peer-mme

Configures a peer MME address for a given MME group ID (LAC) and MME code (RAC). S4-SGSN operators can use this command if they wish to bypass DNS resolution to obtain the MME address.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
peer-mme mme-groupid <lac val> mme-code <rac value> prefer { fallback-for-dns | local } address { <ipv4_address> | <ipv6_address> } interface { gn [ s3 ] | s3 [ gn ] } remove peer-mme mme-groupid <lac val> mme-code <rac value>address [ <ipv4_address> | <ipv6_address> [ interface { gn [ s3 ] | s3 [ gn ] } ]
remove

Removes a specified peer MME from the call control profile. The interface keyword is optional. If it is not used, the entire interface will be deleted.

mme-groupid <lac val>

Specifies the location area code value of the peer MME. The MME group ID of the peer MME maps to the LAC value when GUTI is converted to P-TMSI.

<lac val> must be an integer from 1 to 65535.

mme-code <rac value>

Specifies the routing area code value of the peer MME. The MME code of the peer MME maps to the RAC value when GUTI is converted to P-TMSI.

<rac value> must be an integer from 0 to 255.

prefer { fallback-for-dns | local }

Indicates whether to use a DNS query to obtain the address or to use a locally configured peer MME address:

  • fallback-for-dns - Instructs the SGSN to perform a DNS query to get the IP address of the peer MME. If the DNS query fails, then the IP address configured with this command is used.
  • local - Use the locally configured address for the MME address.

IMPORTANT:

If the prefer command is used to change an existing peer-mme configuration (with the same LAC and RAC) from fallback-for-dns to localor from local to fallback-for-dns, the new setting overwrites the previously configured setting for all interfaces.

address { ipv4_address | ipv6_address }

Specifies the IP address of the peer MME. Currently, the IPv6 address option is not supported on the S4-SGSN.

ipv4 must be in standard dotted-decimal notation.

interface { gn [ s3 ] | s3 [ gn ] }

Specifies the interface to use for communication between the SGSN and the peer MME:

  • gn: Use the Gn interface between the S4-SGSN and the MME in the LTE network.
  • s3: Use the S3 interface between the S4-SGSN and the MME in the LTE network. This is the default setting.

Usage:

Use this command to instruct the S4-SGSN how to determine a peer MME address, via DNS or local configuration. For a local address, use this command to configure the peer MME address.

This command also sets the interface type to be used between the peer MME and the SGSN.


Example:
The following command configures LAC/RAC 111/22 for the peer MME and instructs the SGSN to use the MME’s locally configured IPv4 address of 1.1.1.1 and an S3 interface between the MME and the SGSN.
 peer-mme mme-groupid
111 mme-code 22 prefer local address 1.1.1.1 interface s3
peer-nri-length

Enables the SGSN to use NRI-FQDN-based DNS resolution for non-local RAIs when selection of the call control profile is based on the old-RAI and the PLMN Id of the RNC where the subscriber originally attached.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
peer-nri-length   lengthremove peer-nri-length
remove

Deletes the NRI length configuration for the non-local RAIs and the SGSN sends RAI-FQDN-based DNS resolution.

length

This defines the NRI length for the peer SGSN and enables use of NRI-FQDN-based DNS resolution for non-local RAIs. This variable allows for an integer from 1 to 10.


Usage:

IMPORTANT:

Currently, this feature is supported for 3G subscribers only.

The command enables the SGSN to perform DNS query with an NRI when RAU comes from an SGSN outside the pool. The SGSN uses NRI-FQDN-based DNS resolution for the non-local RAIs for 3G subscribers in place of RAI-FQDN-based DNS resolution.

This functionality is applicable in situations for either inter- or intra-PLMN when the SGSN has not chosen a local NRI value (configured with SGSN Service commands) other than local-pool-rai or nb-rai. This means the RAI (outside pool but intra-PLMN) NRI length configured here will be applicable even for intra-PLMN with differently configured NRI lengths (different from the local pool).

This functionality is not applicable to call control profiles with an associated MSIN range as ccprofile selection is not IMSI-based. When this feature is enabled, the selection of the ccprofile is based on the old-RAI and the PLMN Id (if configured) of the RNC where the subscriber originally attached.


Example:

plmn-protocol

Configures the protocol supported by the PLMN (Public Land Mobile Network).

Platform:

ASR 5000

Product:

MME


Privilege:

Security Administrator, Administrator


Syntax
plmn-protocol plmnid
mcc mcc_num mnc mnc_num { s5-protocol | s8-protocol } { gtp | pmip }remove plmn-protocol
plmnid mcc mcc_num mnc mnc_num
remove

Deletes the definition from the call control profile configuration.

plmn-id mcc mcc_num mnc mnc_num

Identifies the PLMN by MCC (mobile country code) and MNC (mobile network code).

mcc_num: Enter a 3-digit integer from 100-999.

mnc_num: Enter a 2- or 3-digit integer from 00 to 999.

s5-protocol | s8-protocol

Select which protocol – S5 or S8 – that controls the identified PLMN.

gtp | pmip

Select the protocol variant - GTP or PMIP - that controls functionality for the identified PLMN.


Usage:

Use this command to identify a particular PLMN and, at a higher level, its operational characteristics.


Example:
The following command instructs the MME to use PLMN MCC423.MNC40.GPRS with PMIP under S8 Protocol:
plmn-protocol plmnid
mcc 423 mnc 40 s8-protocol pmip
ptmsi-reallocate

Defines P-TMSI reallocation for Attach Requests, RAU Request, and Service Requests.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
ptmsi-reallocate { attach | frequency frequency | interval interval  | routing-area-update [ update-type ] | service-request [ service-type ] } [ access-type { gprs | umts } ]ptmsi-reallocate routing-area-update [ access-type { gprs | umts } | frequency frequency | update-type { combined-update | imsi-combined-update | periodic | ra-update } [  access-type { gprs | umts } | frequency frequency ] ]ptmsi-reallocate service-request [ frequency frequency | service-type { data | page-response | signaling } [ frequency frequency ] ][ no | remove ] ptmsi-reallocate { attach | frequency | interval | routing-area-update [ update-type { combined-update | imsi-combined-update | periodic | ra-update } [ access-type { gprs | umts } ] ] | service-request [ service-type { data | page-response | signaling } ] } [ access-type { gprs | umts } ] 
no

Disables the authentication procedures configured for the specified P-TMSI reallocation configuration in the call control profile.

remove

Deletes the defined authentication procedures for the specified P-TMSI reallocation configuration from the call control profile configuration file.

attach

Enables/disables P-TMSI reallocation for Attach with local P-TMSI.

IMPORTANT:

IMSI or inter-SGSN Attach is not configurable and will always be reallocated.

access-type type

One of the following must be selected to reallocate on the basis of the type of network access:

  • gprs
  • umts

This keyword can be used in combination with other keywords to refine the reallocation configuration.

frequency frequency

Defines frequency of the reallocation based on the number of messages skipped. If the frequency is set for 1, then the SGSN skips 1 message and then reallocates on receipt of the 2nd (alternate) request message. If the frequency is set for 12, then the SGSN skips reallocation for 12 messages and reallocates on receipt of the 13th request message. This keyword can be used in combination with other keywords to refine the reallocation configuration.

frequency must be an integer from 1 to 50.

By default, frequency is not defined and, therefore, reallocation is done for every request message and none are skipped.

interval minutes

Enter an integer between 1 and 1440 to define the time interval (in minutes) for skipping the service/RAU/attach request message procedure.

routing-area-update [ update-type ]

Enables/disables P-TMSI reallocation for RAU (routing area update) with local P-TMSI. To refine the reallocation configuration, include one of the optional types of updates to limit reallocation:

  • combined-update
  • imsi-combined-update
  • periodic
  • ra-update

IMPORTANT:

Inter-SGSN RAU will always be reallocated.

service-request [ service-type ]

Enables/disables P-TMSI reallocation for Service Requests. To refine the Service-Request reallocation configuration, include on of the optional service-types to limit the reallocation:

  • data
  • page-response
  • signaling

Usage:

By default, reallocation is not enabled. Use this command to enable P-TMSI reallocation for Attach Requests, RAU Request, and Service Requests. Fine-tune the reallocation configuration according to frequency, interval, or access-type.


Example:
The following command configures the SGSN to perform P-TMSI reallocation upon receiving 2G Attach Requests
ptmsi-reallocate attach
access-type  gprs
The following command configures the SGSN to disable all previously defined P-TMSI reallocations based on the combined criteria of interval and 3G requests:
no ptmsi-reallocate
interval access-type umts
ptmsi-signature-reallocate

Enables P-TMSI signature reallocation during Attach/RAU procedures.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
ptmsi-signature-reallocate { attach | frequency frequency | interval interval  | ptmsi-reallocation-command | routing-area-update [ update-type ] } [ access-type { gprs | umts } | frequency frequency ]ptmsi-signature-reallocate
routing-area-update [ access-type { gprs | umts } | frequency frequency | update-type { combined-update | imsi-combined-update | periodic | ra-update } ]  [ access-type { gprs | umts } | frequency frequency ][ no | remove ] ptmsi-signature-reallocate { attach | frequency | interval | routing-area-update [ update-type { combined-update | imsi-combined-update | periodic | ra-update } ] } [ access-type { gprs | umts } ] 
no

Disables the authentication procedures configured for the specified P-TMSI signature reallocation configuration in the call control profile.

remove

Deletes the defined authentication procedures for the specified P-TMSI signature reallocation configuration from the call control profile configuration file.

attach

Enables/disables P-TMSI signature reallocation for Attach with local P-TMSI.

access-type type

One of the following must be selected to reallocate on the basis of the type of network access:

  • gprs
  • umts

This keyword can be used in combination with other keywords to refine the reallocation configuration.

frequency frequency

Defines 1-in-N selective reallocation. If the frequency is set for 12, then the SGSN skips reallocation for the first 11 messages and reallocates on receipt of the twelfth request message.

frequency must be an integer from 1 to 50.

This keyword can be used in combination with other keywords to refine the reallocation configuration.

interval minutes

Enter an integer between 1 and 1440 to define the time interval (in minutes) for skipping the service/RAU/attach request message procedure before performing a P-TMSI signature reallocation.

ptmsi-reallocation-command

Includes P-TMSI signature reallocation as a part of the P-TMSI reallocation configuration.

routing-area-update [ update-type ]

Enables/disables P-TMSI signature reallocation for RAU (routing area update) with local P-TMSI. To refine the reallocation configuration, include one of the optional types of updates to limit reallocation:

  • combined-update
  • imsi-combined-update
  • periodic
  • ra-update

Usage:

By default, P-TMSI signature reallocation is disabled. This command allows the operator to configure when the P-TMSI signature is reallocated.


Example:
The following command configures the SGSN to reallocate the P-TMSI signature for every third UMTS attach procedure:
ptmsi-signature-reallocate
attach frequency 3 access-type umts
The following command configures the SGSN to reallocate the P-TMSI signature for every seventh GPRS periodic RAU procedure:
ptmsi-signature-reallocate
routing-area-update uupdate-type periodic frequency 7 access-type gprs
The following command removes all configuration instances for reallocating the P-TMSI signature based on intervals and UMTS access:
remove ptmsi-signature-reallocate
interval access-type umts
prefer subscription-interface

Selects the specified subscription interface (Gr or S6d) if both interfaces are associated with a call-control-profile.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
prefer subscription-interface { hlr | hss } remove prefer subscription-interface
remove

Removes the preferred subscription-interface for the call control profile.

hlr

Selects the HLR interface.

hss

Selects the HSS interface.


Usage:

The SGSN provides a mechanism to associate a MAP service with call control profile. It is possible that both MAP service and HSS peer service are associated with the call control profile. If the interface preference selected is “hlr”, the MAP protocol is used to exchange messages with the HLR. If the interface preference selected is “hss”, the Diameter-protocol is used to exchange messages with the HSS.


Example:
The following command specifies that “hlr” is selected as the subscription-interface:
prefer subscription-interface hlr
qos

Configures the quality of service (QoS) parameters to be applied. On an S4-SGSN, this command ensures proper QoS parameter mapping between the S4-SGSN and EPC UEs, SGWs and PGWs.

Platform:

ASR 5000

Product:

MME , SGSN

IMPORTANT:

The S4-SGSN supports the qos gn-gp parameters only.


Privilege:

Security Administrator, Administrator


Syntax
qos { gn-gp | ue-ambr } qos gn-gp { arp
high-priority priority medium-priority priority | pre-emption { capability { may-trigger-pre-emption | shall-not-trigger-pre-emption } | vulnerability { not-pre-emptable | pre-emptable } qos ue-ambr { max-ul mbr_up max-dl mbr_dl | prefer-as-cap
both-hss-and-local { local-when-subscription-not-available | minimum | subscription-exceed-reject } }remove qos { gn-gp | ue-ambr } 
remove

Deletes the configuration from the call control profile.

gn-gp

Configures Gn-Gp pre-release 8 ARP and pre-emption parameters.

IMPORTANT:

The S4-SGSN supports the qos gn-gp parameters only.

arp

Maps usage of ARP (allocation/retention policy) high-priority (H) and medium-priority (M):

  • high-priority priority: Enter an integer from 1 to 13.
  • medium-priority priority: Enter an integer from 2 to 14.
pre-emption

Defines the pre-emption/vulnerability criteria for PDP Contexts imported from SGSN on Gn/Gp:

  • capability
    • may-trigger-pre-emption: PDP Contexts imported from Gn/Gp SGSN may preempt existing bearers.
    • shall-not-trigger-pre-emption: PDP Contexts imported from Gn/Gp SGSN shall not preempt existing bearers.
  • vulnerability
    • not-pre-emptable: PDP Contexts imported from Gn/Gp SGSN are not vulnerable to pre-emption.
    • pre-emptable: PDP Contexts imported from Gn/Gp SGSN are vulnerable to pre-emption.
ue-ambr

IMPORTANT:

The qos ue-ambr parameters are not supported on the S4-SGSN.

Configures the aggregate maximum bit rate that will be stored on the UE (user equipment).

  • max-ul mbr-up: Defines the maximum bit rate for uplink traffic.mbr-up: Enter a value from 0 to 1410065408.
  • max-dl mbr-up: Defines the maximum bit rate for downlink traffic.mbr-up: Enter a value from 0 to 1410065408.
prefer-as-cap both-hss-and-local { local-when-subscription-not-available | minimum | subscription-exceed-reject }

For the MME only, specifies the QoS cap value to use.

  • local-when-subscription-not-available: Use the locally configured values if the Home Subscriber Server (HSS) does not provide any values.
  • minimum: Use the lower of either the locally configured QoS bit rate or the HSS-provided QoS bit rate.
  • subscription-exceed-reject: If the requested QoS bit rate exceeds the locally configured value, reject the PDN connection.

Usage:

Use this command to configure the MME QoS parameters for the call control profile.

On the S4-SGSN, use this command to:

  • Map EPC ARP parameters to pre-release 8 ARP (Gn/Gp ARP) used during S4-SGSN-to-Gn SGSN call handovers.
  • Map ARP parameters received in a GPRS subscription from the HLR to EPC ARP parameters if:
    • The S4 interface is selected for an EPC capable UE, and
    • The UE has only a GPRS subscription (but no EPS subscription) in the HLR / HSS.

Example:
qos gn-gp arp high-priority
2 medium-priority 3
rau-inter

Defines an acceptable procedure for inter-SGSN routing area updates.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
 rau-inter { accept
use-auth-vector  } | access-type { { gprs | umts } { all | location-area-list
instance instance } { failure-code fail_code | user-device-release { before-r99 | r99-or-later } failure-code fail_code } } | allow
accept access-type { gprs | umts } location-area-list
instance instance | ignore-peer-context-id | peer-sgsn-addr-resolution-failure
failure-code fail_code | restrict
access-type { { gprs | umts } { all | location-area-list
instance instance } }  default rau-inter ( accept
use-auth-vector | access-type { { gprs | umts } { all | location-area-list
instance instance } user-device-release { before-r99 | r99-or-later } failure-code fail_code } } | failure-code fail_code | ignore-peer-context-id | peer-sgsn-addr-resolution-failure
failure-code fail_code }no rau-inter ( accept
use-auth-vector | allow access-type { gprs | umts } location-area-list
instance instance | ignore-peer-context-id | restrict
access-type { gprs | umts } { all | location-area-list
instance instance } }
no

Including “no” as part of the command structure disables the values already configured for parameters specified in the command.

default

Resets the configuration of specified parameters to system default values.

accept use-auth-vector

Sets the SGSN to accept using the authorization vector.

allow access-type

Including this keyword with one of the following options, configures the SGSN to allow MS/UE with the identified access-type extension to be part of the intra-RAU procedure.

  • gprs - General Packet Radio Service
  • umts - Universal Mobile Telecommunications System
ignore-peer-context-id

Sets the SGSN to ignore the peer's context-ID and replace with PDP context-ID information based on the HLR subscription.

restrict access-type

Including this keyword-set with one of the following options, configures the SGSN to restrict MS/UE with the identified access-type extension from the inter-RAU procedure.

  • gprs - General Packet Radio Service
  • umts - Universal Mobile Telecommunications System
all

all - adding this option to the keyword determines that the failure cause code will be applicable to all location areas.

location-area-list instance instance

list_id must be an integer between 1 and 5. The value must be an already defined instance of a location area code (LAC) list created with the location-area-list command.

failure-code fail-code

Specify a GSM Mobility Management (GMM) failure cause code to identify the reason an inter SGSN RAU does not occur. This GMM cause code will be sent in the reject message to the MS.

fail-code must be an integer from 2 to 111. Refer to the GMM failure cause codes listed below (from section 10.5.5.14 of the 3GPP TS 124.008 v7.2.0 R7):

  • 2 - IMSI unknown in HLR
  • 3 - Illegal MS
  • 6 - Illegal ME
  • 7 - GPRS services not allowed
  • 8 - GPRS services and non-GPRS services not allowed
  • 9 - MSID cannot be derived by the network
  • 10 - Implicitly detached
  • 11 - PLMN not allowed
  • 12 - Location Area not allowed
  • 13 - Roaming not allowed in this location area
  • 14 - GPRS services not allowed in this PLMN
  • 15 - No Suitable Cells In Location Area
  • 16 -MSC temporarily not reachable
  • 17 - Network failure
  • 20 - MAC failure
  • 21 - Synch failure
  • 22 - Congestion
  • 23 - GSM authentication unacceptable
  • 40 - No PDP context activated
  • 48 to 63 - retry upon entry into a new cell
  • 95 - Semantically incorrect message
  • 96 - Invalid mandatory information
  • 97 - Message type non-existent or not implemented
  • 98 - Message type not compatible with state
  • 99 - Information element non-existent or not implemented
  • 100 - Conditional IE error
  • 101 - Message not compatible with the protocol state
  • 111 - Protocol error, unspecified
user-device-release { before-r99 | r99-or-later } failure-code code

Default: Disabled

Enables the SGSN to reject an Inter-RAU procedure based on the detected 3GPP release version of the MS equipment and selectively send a failure cause code in the reject message. The SGSN uses the following procedure to implement this configuration:
  1. When Attach Request is received, the SGSN checks the subscriber’s IMSI and current location information.
  2. Based on the IMSI, an operator policy and call control profile is found that relates to this Attach Request.
  3. call control profile is checked for access limitations.
  4. Attach Request is checked to see if the revision indicator bit is set
    • if not, then the configured common failure code for reject is sent;
    • if set, then the 3GPP release level is verified and action is taken based on the configuration of this parameter

One of the following options must be selected and completed:

  • before-r99: Indicates the MS would be a 3GPP release prior to R99 and an appropriate failure code should be defined.failure-code code: Enter an integer from 2 to 111.
  • r99-or-later: Indicates the MS would be a 3GPP Release 99 or later and an appropriate failure code should be defined.failure-code code: Enter an integer from 2 to 111.

Usage:

Use this command to configure the restrictions and function of the inter-RAU procedure.


Example:
Configure default inter-RAU settings for Edge calls from subscribers on location-area-list no. 1:
default rau-inter allow
access-type gprs location-area-list instance 1
rau-inter-plmn

Enables or disables restriction of all Routing Area Updates (RAUs) occurring between different PLMNs.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
rau-inter-plmn access-type { all | location-area-list
instance instance } { failure-code fail_code | user-device-release { before-r99 } 
failure-code fail_code | r99-or-later
 } { failure-code fail_code } }default rau-inter-plmn
access-type { all | location-area-list instance instance} user-device-release { before-r99
failure-code | r99-or-later failure-code }[ no ] rau-inter-plmn { restrict | allow } access-type { gprs | umts } { all | location-area-list
instance instance }[ no ] rau-inter-plmn { allow
access-type | restrict access-type } { [ all ] failure-code fail_code |  location-area-list instance instance }default rau-inter { allow
access-type | restrict access-type } { [ all ] failure-code fail_code | location-area-list instance instance } }
no

Including “no” as part of the command structure disables the values already configured for parameters specified in the command.

default

Resets the configuration of specified parameters to system default values.

allow access-type

Including this keyword-set with one of the following options, configures the SGSN to allow MS/UE with the identified access-type extension to be part of the intra-RAU procedure.

  • gprs - General Packet Radio Service
  • umts - Universal Mobile Telecommunications System
restrict access-type

Including this keyword-set with one of the following options, configures the SGSN to restrict MS/UE with the identified access-type extension from the inter-RAU procedure.

  • gprs - General Packet Radio Service
  • umts - Universal Mobile Telecommunications System
all

all - adding this option to the keyword determines that the failure cause code will be applicable to all location areas.

location-area-list instance instance

list_id must be an integer between 1 and 5. The value must be an already defined instance of a LAC list created with the location-area-list command.

failure-code fail-code

Specify a GSM Mobility Management (GMM) failure cause code to identify the reason an inter SGSN RAU does not occur. This GMM cause code will be sent in the reject message to the MS.

fail-code must be an integer from 2 to 111. Refer to the GMM failure cause codes listed below (from section 10.5.5.14 of the 3GPP TS 124.008 v7.2.0 R7):

  • 2 - IMSI unknown in HLR
  • 3 - Illegal MS
  • 6 - Illegal ME
  • 7 - GPRS services not allowed
  • 8 - GPRS services and non-GPRS services not allowed
  • 9 - MSID cannot be derived by the network
  • 10 - Implicitly detached
  • 11 - PLMN not allowed
  • 12 - Location Area not allowed
  • 13 - Roaming not allowed in this location area
  • 14 - GPRS services not allowed in this PLMN
  • 15 - No Suitable Cells In Location Area
  • 16 -MSC temporarily not reachable
  • 17 - Network failure
  • 20 - MAC failure
  • 21 - Synch failure
  • 22 - Congestion
  • 23 - GSM authentication unacceptable
  • 40 - No PDP context activated
  • 48 to 63 - retry upon entry into a new cell
  • 95 - Semantically incorrect message
  • 96 - Invalid mandatory information
  • 97 - Message type non-existent or not implemented
  • 98 - Message type not compatible with state
  • 99 - Information element non-existent or not implemented
  • 100 - Conditional IE error
  • 101 - Message not compatible with the protocol state
  • 111 - Protocol error, unspecified
user-device-release { before-r99 | r99-or-later } failure-code code

Default: Disabled

Enables the SGSN to reject an Inter-RAU procedure based on the detected 3GPP release version of the MS equipment and selectively send a failure cause code in the reject message. The SGSN uses the following procedure to implement this configuration:

  1. When Attach Request is received, the SGSN checks the subscriber’s IMSI and current location information.
  2. Based on the IMSI, an operator policy and call control profile are found that relate to this Attach Request.
  3. The call control profile is checked for access limitations.
  4. Attach Request is checked to see if the revision indicator bit is set
    • if not, then the configured common failure code for reject is sent;
    • if set, then the 3GPP release level is verified and action is taken based on the configuration of this parameter

One of the following options must be selected and completed:

  • before-r99: Indicates the MS would be a 3GPP release prior to R99 and an appropriate failure code should be defined.failure-code code: Enter an integer from 2 to 111.
  • r99-or-later: Indicates the MS would be a 3GPP Release 99 or later and an appropriate failure code should be defined.failure-code code: Enter an integer from 2 to 111.

Usage:

Use this command to configure the restrictions and function of the inter-RAU procedure occurring across RNCs or BSSs where the PLMN changes. For example:

  • inter-IuPS RAU, where the two IuPSs have different PLMNs
  • inter-GPRS RAU, where the two GPRSs have different PLMNs
  • inter-RAT RAU (2G > 3G), where the IuPS/GPRS services have different PLMNs
  • inter-RAT-RAU (3G > 2G), where the IuPS/GPRS services have different PLMNs

Example:
default rau-inter allow
access-type gprs location-area-list instance 1
rau-intra

Defines an acceptable procedure for intra-SGSN Routing Area Updates (RAUs).

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
rau-intra access-type { all | location-area-list instance instance } { failure-code fail_code | user-device-release { before-r99
 } { failure-code fail_code | r99-or-later
 } { failure-code fail_code } }default rau-intra
access-type { all | location-area-list instance instance} user-device-release { before-r99
failure-code | r99-or-later failure-code }rau-intra { allow
access-type | restrict access-type } { [ all ] failure-code fail_code |  location-area-list
instance instance } }no rau-intra { allow
access-type | restrict access-type } { [ all ] failure-code fail_code |  location-area-list
instance instance }default rau-intra { allow
access-type | restrict access-type } { [ all ] failure-code fail_code | location-area-list
instance instance } }
no

Including “no” as part of the command structure disables the values already configured for parameters specified in the command.

default

Resets the configuration of specified parameters to system default values.

allow access-type

Including this keyword-set with one of the following options, configures the SGSN to allow an MS/UE with the identified access-type extension to be part of the intra-RAU procedure.

  • gprs - General Packet Radio Service
  • umts - Universal Mobile Telecommunications System
restrict access-type

Including this keyword-set with one of the following options, configures the SGSN to restrict an MS/UE with the identified access-type extension from the intra-RAU procedure.

  • gprs - General Packet Radio Service
  • umts - Universal Mobile Telecommunications System
all

all - adding this option to the keyword determines that the failure cause code will be applicable to all location areas.

location-area-list instance instance

list_id must be an integer between 1 and 5. The value must be an already defined instance of a location area code (LAC) list created via the location-area-list command.

failure-code fail-code

Specify a GSM Mobility Management (GMM) failure cause code to identify the reason an inter SGSN RAU does not occur. This GMM cause code will be sent in the reject message to the MS.

fail-code must be an integer from 2 to 111. Refer to the GMM failure cause codes listed below (from section 10.5.5.14 of the 3GPP TS 124.008 v7.2.0 R7):

  • 2 - IMSI unknown in HLR
  • 3 - Illegal MS
  • 6 - Illegal ME
  • 7 - GPRS services not allowed
  • 8 - GPRS services and non-GPRS services not allowed
  • 9 - MSID cannot be derived by the network
  • 10 - Implicitly detached
  • 11 - PLMN not allowed
  • 12 - Location Area not allowed
  • 13 - Roaming not allowed in this location area
  • 14 - GPRS services not allowed in this PLMN
  • 15 - No Suitable Cells In Location Area
  • 16 -MSC temporarily not reachable
  • 17 - Network failure
  • 20 - MAC failure
  • 21 - Synch failure
  • 22 - Congestion
  • 23 - GSM authentication unacceptable
  • 40 - No PDP context activated
  • 48 to 63 - retry upon entry into a new cell
  • 95 - Semantically incorrect message
  • 96 - Invalid mandatory information
  • 97 - Message type non-existent or not implemented
  • 98 - Message type not compatible with state
  • 99 - Information element non-existent or not implemented
  • 100 - Conditional IE error
  • 101 - Message not compatible with the protocol state
  • 111 - Protocol error, unspecified
user-device-release { before-r99 | r99-or-later } failure-code code

Default: Disabled

Enables the SGSN to reject an Intra-RAU procedure based on the detected 3GPP release version of the MS equipment and selectively send a failure cause code in the reject message. The SGSN uses the following procedure to implement this configuration:

  1. When Attach Request is received, the SGSN checks the subscriber’s IMSI and current location information.
  2. Based on the IMSI, an operator policy and call control profile are found that relate to this Attach Request.
  3. Call control profile is checked for access limitations.
  4. Attach Request is checked to see if the revision indicator bit is set
    • if not, then the configured common failure code for reject is sent;
    • if set, then the 3GPP release level is verified and action is taken based on the configuration of this parameter

One of the following options must be selected and completed:

  • before-r99: Indicates the MS would be a 3GPP release prior to R99 and an appropriate failure code should be defined.failure-code code: Enter an integer from 2 to 111.
  • r99-or-later: Indicates the MS would be a 3GPP Release 99 or later and an appropriate failure code should be defined.failure-code code: Enter an integer from 2 to 111.

Usage:

Use this command to configure the restrictions and function of the intra-RAU procedure.


Example:
default rau-intra allow
access-type gprs  location-area-list instance 1
re-authenticate

Enables or disables the re-authentication feature. This command is available in releases 8.1 and higher.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
re-authenticate [ access-type { gprs | umts } ]remove re-authenticate
remove

Including this keyword with the command disables the feature. The feature is disabled by default.

access-type

Defines the type of access to be allowed or restricted.

  • gprs
  • umts

If this keyword is not included, then both access types are allowed by default.


Usage:

Use this command to enable or disable the re-authentication feature, which instructs the SGSN to retry authentication with another RAND in situations where failure of the first authentication has occurred. To address the introduction of new SIM cards, for security reasons a systematic "last chance" authentication retry with a fresh Authentication Vector is needed, particularly in cases where there is an SRES mismatch at authentication.


Example:
re-authenticate
regional-subscription-restriction

Allows the operator to define the cause code for subscriber rejection when it is due to regional subscription information failure.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ remove ] 
regional-subscription-restriction [ failure-code code | user-device-release { before-r99
failure-code code | r99-or-later
failure-code code } ]
remove

This keyword causes the configuration to be deleted from the call control profile configuration.

failure-code cause_code

cause_code: Enter an integer from 2 to 111; default code is 13 (roaming not allowed in this location area [LA]).

Refer to the GMM failure cause codes listed below (from section 10.5.5.14 of the 3GPP TS 124.008 v7.2.0 R7):

  • 2 - IMSI unknown in HLR
  • 3 - Illegal MS
  • 6 - Illegal ME
  • 7 - GPRS services not allowed
  • 8 - GPRS services and non-GPRS services not allowed
  • 9 - MSID cannot be derived by the network
  • 10 - Implicitly detached
  • 11 - PLMN not allowed
  • 12 - Location Area not allowed
  • 13 - Roaming not allowed in this location area
  • 14 - GPRS services not allowed in this PLMN
  • 15 - No Suitable Cells In Location Area
  • 16 - MSC temporarily not reachable
  • 17 - Network failure
  • 20 - MAC failure
  • 21 - Synch failure
  • 22 - Congestion
  • 23 - GSM authentication unacceptable
  • 40 - No PDP context activated
  • 48 to 63 - retry upon entry into a new cell
  • 95 - Semantically incorrect message
  • 96 - Invalid mandatory information
  • 97 - Message type non-existent or not implemented
  • 98 - Message type not compatible with state
  • 99 - Information element non-existent or not implemented
  • 100 - Conditional IE error
  • 101 - Message not compatible with the protocol state
  • 111 - Protocol error, unspecified
user-device-release { before-r99 | r99-or-later } failure-code code

Enables the SGSN to assign a reject cause code based on the detected 3GPP release version of the MS equipment.

One of the following options must be selected and completed:

  • before-r99: Indicates the MS would be a 3GPP release prior to R99 and an appropriate failure code should be defined.failure-code code: Enter an integer from 2 to 111. Refer to the list above.
  • r99-or-later: Indicates the MS would be a 3GPP Release 99 or later and an appropriate failure code should be defined.failure-code code: Enter an integer from 2 to 111. Refer to the list above.

Usage:

Use this command to define GMM reject cause codes when rejection is due to regional subscription information failure.


Example:
The following command sets a location area rejection message, code 12 for regional restriction rejections:
regional-subscription-restriction
failure-code 12
reuse-authentication-triplets

Creates a configuration entry to enable or disable the reuse of authentication triplets in the event of a failure.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ no | remove } reuse-authentication-triplets no-limit
no

Disables this configuration entry and disables reuse of authentication triplets.

remove

This keyword causes the reuse configuration to be deleted from the call control profile configuration.

This is the default behavior. Triplets are reused.

no-limit

This keyword enables reuse triplets as needed.


Usage:

Use this command to enable reuse of authentication triplets.


Example:
reuse-authentication-triplets
no limit
rfsp-override

Configures RAT frequency selection priority override parameters for this call control profile.

Platform:

ASR 5000

Product:

MME


Privilege:

Security Administrator, Administrator


Syntax
rfsp-override { default
 value | ue-val value new-val value + }remove rfsp-override { default | ue-val
 value }
remove

Deletes the rfsp-override configuration from the call control profile.

default

Restores the default value assigned.

ue-val value

Assign the UE value for the RAT frequency selection priority.

value: Enter an integer from 1 to 256.

new-val value

Assign a new RFSP Index value.

value: Enter an integer from 1 to 256.

Multiple UE value/new value combinations can be configured in a single command.


Usage:

Use this command to configure the RAT frequency selection priority override parameter.

Multiple UE value/new value combinations can be configured.


Example:
The following command resets the specified RFSP Index value (1) to its default value, thereby removing the RFSP Index override value previously configured:
rfsp-override default 1
rfsp-override ue-settings

Configures the override of the RAT Frequency Selection Priority (RFSP) of matching subscribers.

Platform:

ASR 5000

Product:

MME


Privilege:

Security Administrator, Administrator


Syntax
[ remove ] rfsp-override
ue-settings { data-centric ue-voice-domain-preference { cs-voice-only | cs-voice-preferred-ims-ps-voice-secondary | ims-ps-voice-only | ims-ps-voice-preferred-cs-voice-secondary } | voice-centric
ue-voice-domain-preference { cs-voice-only | cs-voice-preferred-ims-ps-voice-secondary | ims-ps-voice-only | ims-ps-voice-preferred-cs-voice-secondary } new-val value }
remove

Deletes the rfsp-override configuration from the call control profile.

ue-settings value

Assign the UE value for the RAT frequency selection priority.

data-centric ue-voice-domain-preference

Assign the UE value for the RAT frequency selection priority for data-centric calls.

  • cs-voice-only: Circuit switched voice only.
  • cs-voice-preferred-ims-ps-voice-secondary: Circuit switched voice preferred.
  • ims-ps-voice-only: IMS Packet switched voice only.
  • ims-ps-voice-preferred-cs-voice-secondary: IMS Packet switched voice preferred.
voice-centric ue-voice-domain-preference

Assign the UE value for the RAT frequency selection priority for voice-centric calls.

  • cs-voice-only: Circuit switched voice only.
  • cs-voice-preferred-ims-ps-voice-secondary: Circuit switched voice preferred.
  • ims-ps-voice-only: IMS Packet switched voice only.
  • ims-ps-voice-preferred-cs-voice-secondary: IMS Packet switched voice preferred.
new-val value

Assign a new RFSP Index value.

value: Enter an integer from 1 to 256.

Multiple UE value/new value combinations can be configured in a single command.


Usage:

Use this command to assign an RFSP Index for a UE based on the following factors:

  • Operator policy (where IMSI range or PLMN can influence the selected RFSP)
  • UE usage setting (voice centric, data centric)
  • Voice domain preference (CS voice only, CS voice preferred, IMS PS voice preferred, IMS PS voice only).

To support Radio Resource Management (RRM) in E-UTRAN, the MME provides the parameter RFSP Index to an eNodeB across S1. The RFSP Index is used by the eNodeB to apply specific RRM strategies.

The MME receives the subscribed RFSP Index from the HSS, then overrides the RFSP Index for the UE based on the settings defined in this command.

Multiple UE value/new value combinations can be configured.


Example:
The following command overrides the RFSP Index value for voice-centric circuit switched calls to an RFSP Index of 10:
rfsp-override ue-setting
voice-centric voice-domain-pref cs-voice_only new-val 10
s1-reset

Configures the behavior of user equipment (UE) on S1-reset.

Platform:

ASR 5000

Product:

MME


Privilege:

Security Administrator, Administrator


Syntax
s1-reset { detach-ue | idle-mode-entry } default s1-reset
default

Reset the profile configuration to the system default of idle-mode-entry.

detach-ue

Upon S1-reset the MME will detach the UE.

idle-mode-entry

Upon S1-reset the MME will move the UE to idle-mode. This is the default setting for this command.


Usage:

Use this command to set the MME’s reactions to an S1-reset.


Example:
Configure the MME to put the UE into idle-mode upon receipt of S1-reset:
s1-reset idle-mode-entry
sctp-down

Configures the behavior towards UE (user equipment) when Stream Control Transmission Protocol (SCTP) goes down.

Platform:

ASR 5000

Product:

MME


Privilege:

Security Administrator, Administrator


Syntax
sctp-down { detach-ue | idle-mode-entry } default sctp-down
default

Reset the profile configuration to the system default when SCTP layer goes down. The default for this command is idle-mode-entry.

detach-ue

When SCTP goes down, the MME will detach the UE.

idle-mode-entry

When the SCTP goes down, the MME will move the UE to idle-mode. This is the default for this command.


Usage:

Use this command to set the MME’s reactions when the SCTP goes down.


Example:
Configure the MME to put the UE into idle-mode when the SCTP layer goes down:
sctp-down idle-mode-entry
sgs-cause-code-mapping

Configures the EMM reject cause code to send to a UE when an SGs cause code is received.

Platform:

ASR 5000

Product:

MME


Privilege:

Administrator


Syntax
sgs-cause-code-mapping  sgs-cause emm-cause-code   emm_cause_coderemove sgs-cause-code-mapping sgs-cause
remove sgs-cause-code-mapping sgs-cause

Removes the configured cause code mapping and returns it to its default value.

sgs-cause-code

Specifies the SGs cause code received on the SGs interface to which the new cause code should be mapped.

  • congestion - Default
  • illegal-me
  • illegal-ms
  • imei-not-accepted
  • imsi-unknown-in-hlr
  • imsi-unknown-in-vlr
  • la-not-allowed
  • network-failure
  • no-suitable-cells-in-la
  • plmn-not-allowed
  • protocol-error
  • roaming-not-allowed-in-la
  • service-not-subscribed
  • service-not-supported
  • service-out-of-order
emm-cause-code emm_cause_code

Specifies the EPS Mobility Management (EMM) cause code to return to the UE for the given SGs cause code.

  • congestion
  • cs-domain-unavailable - Default
  • imsi-unknown-in-hlr
  • msc-temp-unreachable
  • network-failure

The default EMM cause code for all SGs error conditions is cs-domain-unavailable.


Usage:

Use this command to configure the EMM cause code returned to a UE when an error is reported via the SGs inteface when attachment to the VLR has failed.

If a condition is specified in both the call control profile associated with a call and also the MME service, the cause configured on the call control profile is signalled to the UE.

Related Commands

To set the cause codes for situations where a call control profile cannot be attached to a call (for example new-call restrictions, congestion during new call attempt, etc.), use the local-cause-code-mapping command in the mme-service configuration mode. This command is described in the MME Service Configuration Mode Commands chapter.


Example:
The following command maps the “congestion” EMM cause code to the “network-failure” SGs cause code:
sgs-cause-code-mapping
network-failure emm-cause-code congestion
sgsn-address

Defines the IP addresses for peer SGSNs in a static SGSN address table. These configured addresses can be used rather than using DNS.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
sgsn-address rac rac-id lac lac_id [  nri nri ]  prefer { fallback-for-dns | local } address { ipv4 ip_address | ipv6 ip_address } interface { gn | s16 }no sgsn-address { ipv4 ip_address | ipv6  ip_address } rac  rac_id lac lac_id [  nri nri ] [ interface { gn | s16 } ]
no

Disables the specified peer-SGSN address configuration.

rac rac_id

Identifies the foreign routing area code (RAC) of the peer-SGSN address to be configured in the static peer-SGSN address table. rac_id must be an integer from 1 to 255.

lac lac_id

Identifies the foreign location area code (LAC) ID of the peer-SGSN address to be configured in the static peer-SGSN address table. lac_id must be an integer from 1 to 65535.

nri nri

Identifies the network resource identifier stored in the P-TMSI (bit 17 to bit 23). nri must be an integer from 0 to 63.

IMPORTANT:

Typically, use of this keyword is optional. However, it must be included in the command when Flex (SGSN-Pooling) is implemented.

prefer { fallback-for-dns | local }

Indicates the preferred source of the address to be used.

  • fallback-for-dns - Instructs the SGSN to perform a DNS query to get the IP address of the peer-SGSN. If the DNS query fails, then the IP address configured with this command is used.
  • local - instructs the system to use the local IP address configured with this command.

IMPORTANT:

If the prefer command is used to change an existing sgsn-address configuration (with the same LAC and RAC) from fallback-for-dns to local or from local to fallback-for-dns, the new setting overwrites the previously configured setting for all interfaces.

address { ipv4 ip_address | ipv6 ip_address }

Specifies the IP address of the peer SGSN. Currently, the IPv6 address option is not supported on the S4-SGSN.

  • ipv4 ip_address - specifies a valid address in IPv4 dotted-decimal notation.
  • ipv6 ip_address - specifies a valid address in IPv6 colon-separated notation.

IMPORTANT:

The ipv6 option is under development for future use and is not supported in this release.

interface { gn | s16 }

interface - optional. Specifies the interface type used for communicating with the peer SGSN. Must be one of the following:

  • gn specifies that communication will occur over the Gn interface with a peer SGSN configured for 2.5G, 3G, or dual access SGSN services.
  • s16 specifies that communication will occur over the S16 interface with a peer S4-SGSN.

Usage:

Use this command to save time by avoiding DNS. This command enables a local mapping by setting the peer-SGSN IP address to be used for inter-SGSN Attach and inter-SGSN-RAU. When configured, if the SGSN receives a RAU or an Attach Request with a P-TMSI and an old-RAI that is not local, the SGSN consults this table and uses the configured IP address instead of resolving via DNS. If this table is not configured, then IP address resolution is done using DNS.

The MCC and MNC of the RAI are taken from the IMSI range configured in the operator policy and the LAC and RAC are configured here in the call control profile configuration mode.

The sgsn-address command differs from other Call Control Profile configuration mode commands in the following ways:

  • Within the SGSN’s call logic, all other configuration elements defined with the other commands in this mode are used after the IMSI is learnt. The configuration defined with this command is part of the decision logic prior to the IMSI being known.
  • With the peer-SGSN address configured using this sgsn-address command, the peer-SGSN-RAI’s MCC/MNC is used as a 5 or 6-digit IMSI and the operator policy and call control profile selection are completed.

IMPORTANT:

Typically, use of this command is optional. However, it must be included in the configuration when Flex (SGSN-Pooling) is implemented if (1) the SGSN functions as a default SGSN, then configure the local-NRI of other SGSN with this command; or if (2) another SGSN is offloading, then configure the NB-RAI/null-NRI of the peer-SGSN with this command.


Example:
Create a local peer-SGSN address mapping of an RAI with RAC of 123 and LAC of 4444 and an IPv4 address of 123.11.313.11 for the peer-SGSN:
sgsn-address rac 123
lac 4444 local address ipv4 123.11.313.11
sgsn-core-nw-interface

This command enables operators to forcefully select the Gn interface for EPC capable UEs on the S4-SGSN.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
sgsn-core-nw-interface { gn | s4 }
sgsn-core-nw-interface { gn | s4 }

Specifies the interface that EPC-capable UEs will use to communicate wit the packet core gateways (GGSN/SGW). Selection must be one of:

  • gn: Forces the SGSN to forcefully select the Gn interface for EPC-capable UEs.
  • s4: Specifies that the SGSN will use the S4 interface between the S4-SGSN and packet core gateways (GGSN/SGW). This is the default setting for EPC-capable UEs.

Usage:

Use this command to forcefully select the interface that the SGSN will use for EPC-capable UEs.

This command is available only if the SGSN S4 Interface license is enabled on the SGSN.


Example:

sgsn-core-nw-interface gn

sgsn-number

Defines the SGSN’s E.164 number to be used for interactions via the Mobile Application Part (MAP) protocol. E.164 is an ITU-T recommendation that defines the international public telecommunication numbering plan used in public switched telephone networks (PSTN) and some other data networks.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
sgsn-number E164_numberno sgsn-number
no

Disables the use of this configuration definition.

E164_number

Specifies a string of 1 to 16 digits that serve as the SGSN’s E.164 identification.


Usage:

This command configures the current SGSN E164 contact number.

The SGSN number configured for a call control profile is related to the SGSN number configured in the SGSN service configuration and/or in the GPRS service configuration. If the SGSN number is not configured as part of the call control profile configuration, then the SGSN number defined as part of the SGSN service or GPRS service configuration is used.

When the 3G SGSN supports multiple PLMNs configured through different IuPS services or when network sharing is implemented, then it may be required to use different SGSN numbers for each PLMN. In such cases, configure the per-PLMN SGSN number in a call control profile. SGSN number definition for a call control profile allows emulation of a different SGSN to each HLR per PLMN. SGSN number definitions in the call control profile also enable the SGSN to use a different SGSN number per operator when network sharing is implemented.


Example:
Map the E.164 number 198765432123456 for the SGSN to this call control profile configuration:
sgsn-number 198765432123456 
sgtp-service

Identifies the SGTP service configuration to be used according to this call control profile.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
sgtp-service context ctxt_name service sgtp_service_nameno sgtp-service context
context ctxt_name

Specifies the SGTP context as an alphanumeric string of 1 through 64 characters.

service sgtp_service_name

Specifies the SGTP service name as an alphanumeric string of 1 through 64 characters.

no

Disables use of SGTP service.


Usage:

Use this command to configure enabling or disabling of SGTP service for this call control profile.


Example:
sgtp-service context
sgtp1 service sgtp-srvc1
sms-mo

Configures how mobile-originated (MO) short message service (SMS) messages are handled.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ remove ] sms-mo { { access-type { gprs | umts } { all-location-areas | 
location-area-list } | allow access-type { gprs | umts } | restrict
access-type { gprs | umts } }
remove

Deletes the specified configuration.

access-type type

Access by SMS will be limited to SMS coming from this network type:

  • gprs
  • umts
allow

Allow either GPRS or UMTS type access for SMS.

restrict

Restrict either GPRS or UMTS type access for SMS.

location-area-list instance instance

instance must be an integer between 1 and 5. The value must identify an already defined location area code (LAC) list created with the location-area-list command.

failure-code code

code: Must be an integer from 2 to 111.


Usage:

Configure filtering for SMS-MO messaging.


Example:
sms-mo access-type
gprs all-location-areas failure-code 100
sms-mt

This command configures how mobile-terminated (MT) short message service (SMS) messages are handled.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ remove ] sms-mt { { access-type { gprs | umts } { all-location-areas | 
location-area-list } | allow access-type { gprs | umts } | restrict
access-type { gprs | umts } }
remove

Deletes the specified configuration.

access-type type

Access by SMS will be limited to SMS coming from this network type:

  • gprs
  • umts
allow

Allow either GPRS or UMTS type access for SMS.

restrict

Restrict either GPRS or UMTS type access for SMS.

location-area-list instance instance

instance must be an integer between 1 and 5. The value must identify an already defined LAC list created with the location-area-list command.

failure-code code

code: Must be an integer from 2 to 111.


Usage:

Configure filtering for SMS-MT messaging.


Example:
sms-mt access-type
gprs all-location-areas failure-code 100
srns-inter

Defines handling parameters for Inter-SRNS (Serving Radio Network Subsystem) relocation.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
srns-inter ( all failure-code | allow
location-area-list instance instance | location-area-list
instance instance  failure-code code | restrict
location-area-list instance instance }no srns-inter { allowlocation-area-list
instance instance | restrictlocation-area-list
instance instance }default srns-inter { all | location-area-list-instance instance }
no

Deletes the inter-SRNS relocation configuration.

default

Resets the configuration to default values.

all failure-code code

Define the failure code that will apply to all inter-SRNS relocations.

code: Must be an integer from 2 to 111.

allow location-area-list instance instance

Identify the location area list Id (LAC Id) that will allow services in the defined location area.

location-area-list instance instance

instance: Must be an integer between 1 and 5 that identifies the previously defined location area list created with the location-area-list command.

restrict location-area-list instance instance

Identify the location area list Id (LAC Id) that indicates the location areas where services will be restricted.


Usage:

This command defines the operational parameters for inter-SRNS relocation.


Example:
The following command allows services in areas listed in LAC list #3:
srns-inter allow location-area-list
instance 3
srns-intra

Defines handling parameters for intra-SRNS (Serving Radio Network Subsystem) relocation.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
srns-intra ( all failure-code | allow
location-area-list instance instance | location-area-list
instance instance failure-code code | restrict location-area-list
instance instance }no srns-intra { allow
location-area-list instance instance | restrictlocation-area-list
instance instance }default srns-intra { all | location-area-list-instance instance }
no

Deletes the intra-SRNS relocation configuration.

default

Resets the configuration to default values.

all failure-code code

Define the failure code that will apply to all intra-SRNS relocations.

code: Must be an integer from 2 to 111.

allow location-area-list instance instance

Identify the location area list Id (LAC Id) that will allow services in the defined location area.

location-area-list instance instance

instance: Must be an integer between 1 and 5 that identifies the previously defined location area list created with the location-area-list command.

restrict location-area-list instance instance

Identify the location area list Id (LAC Id) of the target RNC to determine the location areas where services will be restricted.


Usage:

This command defines the operational parameters for intra-SRNS relocation.


Example:
The following command restricts service in areas listed in the LAC list 1:
srns-intra restrict
location-area-list instance 1
subscriber-control-inactivity

Configures \the subscriber-control inactivity timer. The system detects inactivity when no PDP context is activated and starts the timer.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
subscriber-control-inactivity
timeout minutes time detach { immediate | next-connection | reattach-time-period }{ no | default } subscriber-control-inactivity
no

Deletes the timer configuration.

default

Resets the timer configuration to the default value of 7 days (10080 minutes).

timeout minutes time[ detach ]

Sets the number of minutes the SGSN monitors the connection after inactivity has been detected. When the timer expires, the subscribe will be detached.

time: Enter an integer from 1 to 20160 (two weeks).

detach [ immediate | next-connection | reattach-time-period ]

Instructs the SGSN to detach and can be configured to specify when the detach will occur after inactivity is detected. To fine-tune the detach instruction, include one of the following with the command:

  • immediate - Instructs the SGSN to detach immediately after inactivity is detected. May combine with reattach-time-period.
  • next-connection - instructs the SGSN to detach after the next Iu connection after inactivity is detected.

    IMPORTANT:

    Supported for 3G SGSNs only.

  • reattach-time-period period[ action ] - Specify the number of seconds the SGSN will monitor a new re-attach after the previous detach was due to inactivity. Also, you can define the action to be taken regarding new attaches.period: Enter an integer from 60 to 3600.action - Select an action:
    • deny
    • permit-and-stop-monitoring

Usage:

Use this command to configure the timeout timer. After this timer times out the subscriber is detached from the SGSN.


Example:
The following command instructs the SGSN to monitor the connection for up to 360 minutes after inactivity is detected, or detach immediately after inactivity is detected:
subscriber-control-inactivity
timeout minutes 360 detach immediate
super-charger

Enables or disables the SGSN to work with a super-charged network.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ remove ] super-charger
remove

Disables the super-charger functionality.


Usage:

By enabling the super charger functionality for 2G or 3G connections controlled by an operator policy, the SGSN changes the hand-off and location update procedures to reduce signalling traffic management.


Example:
The following command enables the super charger feature:
super-charger
tau

Configure parameters for the tracking area update (TAU) procedure.

Platform:

ASR 5000

Product:

MME


Privilege:

Security Administrator, Administrator


Syntax
tau { imei-query-type { imei | imei-sv | none } [ verify-equipment-identity [ allow-on-eca-timeout | deny-greylisted | deny-unknown | verify-emergency ] ] | inter-rat
security-ctxt { allow-mapped | native } }remove tau { imei-query-type | inter-rat
security-ctxt }
remove

Deletes this TAU configuration from the call control profile.

imei-query-type { imei | imei-sv | none }

This keyword set is specific to the MME.

Sets the IMEI query-type if an IMEI (International Mobile Equipment Identity) is not already present.

  • imei: Specifies that the MME is required to query the UE for its International Mobile Equipment Identity (IMEI).
  • imei-sv: Specifies that the MME is required to query the UE for its International Mobile Equipment Identity - Software Version (IMEI-SV).
  • none: Specifies that the MME does not need to query for IMEI or IMEI-SV.
verify-equipment-identity [ allow-on-eca-timeout | deny-greylisted | deny-unknown | verify-emergency ]

Specifies that the identification (IMEI or IMEI-SV) of the UE is to be performed by the Equipment Identity Register (EIR) over the S13 interface.

  • allow-on-eca-timeout: Configures the MME to allow equipment that has timed-out on ECA during the attach procedure.
  • deny-greylisted: Configures the MME to deny grey-listed equipment during the attach procedure.
  • deny-unknown: Configures the MME to deny unknown equipment during the attach procedure.
  • verify-emergency: Configures the MME to ignore the IMEI validation of the equipment during the attach procedure in emergency cases. This keyword is only supported in release 12.2 and higher.
inter-rat security-ctxt { allow-mapped | native }

Configure inter-RAT parameters for TAU. This keyword provides the operator with the option of continuing with the mapped context or creating a new native context after an inter-RAT handover.

  • allow-mapped: Configures inter-RAT security-context type as mapped. Mapped security context is allowed after inter-RAT handover. This is the default value.
  • native: Configures inter-RAT security-context type as native only. Inter-RAT handover will always result in a native security context.

Usage:

Use this command to define tracking area update procedures such as inter-RAT security context and IMEI query-type.


Example:
The following command sets the IMEI query type to IMEI-SV:
tau imei-query-type imei-sv
verify-equipment- identity
treat-as-hplmn

Enables or disables the MME or SGSN to treat an IMSI series as coming from the home PLMN.

Platform:

ASR 5000

Product:

MME, SGSN


Privilege:

Security Administrator, Administrator


Syntax
[ remove ] treat-as-hplmn
remove

Deletes this configuration from the profile. This would disable this function and is the default.


Usage:

Use this command to enable or disable the MME/SGSN to treat an IMSI series as coming from the home PLMN.


Example:
The following command disables previously configured feature:
remove treat-as-hplmn
vplmn-address

Enables/disables the SGSN to override the VPLMN address-allowed flag.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
vplmn-address { allowed | not-allowed } 
remove vplmn-address
remove

Using remove disables the override behavior and the VPLMN-Address-Allowed flag is interpreted as it is in the subscription data.

allowed

Using allowed instructs the SGSN to set the VPLMN-Address-Allowed flag during GGSN seletion - even if the flag was not received in the subscription data from the HLR.

not-allowed

Using not-allowed instructs the SGSN not to set the VPLMN-Address-Allowed flag during GGSN seletion - even if the flag is received in the subscription data from the HLR.


Usage:

Use this command to override the VPLMN-Address-Allowed flag received in subscription data from HLR during GGSN selection. This flag is used to decide whether to use the VPLMN-OI received from a roaming subscriber to form the full-APN. The full-APN is then used in a DNS query to select a GGSN. This override enables the operator to control selection of a different GGSN for a roaming subscriber by using/not-using VPLMN-OI in full-APN.


Example:
The following command instructs the SGSN to set the VPLMN-Address-Allowed flag during GGSN selection, even if the flag was not received in subscription data from the HLR:
vplmn-address allowed
The following command instructs the SGSN not to set the VPLMN-Address-Allowed flag during GGSN selection, even if the flag was received in subscription data from the HLR:
vplmn-address not-allowed
The following command instructs the SGSN not to override standard behavior regarding the VPLMN-Address-Allowed flag:
remove vplmn-address 
zone-code

Configures a zone code listing of one or more location area code (LACs) included in the zone.

Platform:

ASR 5000

Product:

SGSN


Privilege:

Security Administrator, Administrator


Syntax
zone-code zc_id location-area-code lac 
no zone-code zc_id [ location-area-code lac ]
no

Removes either a specific LAC from the zone code list. If the location-area-code parameter is not included in the command, then the entire zone code list definition is removed from configuration.

zc_id

Identifies an instance of a zone code list as an integer from 1 to 65535.

An unlimited number of zone code lists can be configured per call control profile as the zone code lists are allocated dynamically. A maximum of 10 zone code lists can be configured per Call Control Profile.

location-area-code lac

Prompts for the location area-code(s), where the subscribers can roam, that are part of the zone. lac is an integer from 1 to 65535.

Repeat the command with this parameter to include up to 100 LACs in the zone code list.


Usage:

IMPORTANT:

While there is no limit to the number of zone codes that can be created, only 10 LACs per zone code can be defined.

Use this command to define zone code restrictions. Regional subscription data at the home location register (HLR) is used to determine the regional subscription area in which the subscriber is allowed to roam. The regional subscription data consists of a list of zone codes. A zone code is comprised of one or more location areas (identified by a LAC) into which the subscriber is allowed to roam. Regional subscription data, if present in the insert subscriber data (ISD) request from the HLR, defines the subscriber's subscription area for the addressed SGSN. It contains the complete list (up to 10 zone codes) that apply to a subscriber in the currently visited PLMN.

During the GPRS Location Update procedure, the zone code list is received in the ISD request from the HLR. The zone code list from the HLR is validated against the configured values in the operator policy. If matched, then the ISD is allowed to proceed. If not matched, then the ISD response is that the Network Node Area is Restricted and the GPRS Location Update procedure fails. If no zone codes are included in the ISD (whether or not the zone codes are defined in the SGSN configuration), then checking is not done.


Example:
The following command defines multiple LACs for zone code 1:
zone-code 1 lac 413
212 113