Service providers commonly implement a policy at the start of IP sessions that redirects all subscriber packets to a logon
portal for authentication. Following successful authentication, per-subscriber authorization data is typically returned from
a AAA server. For some deployments, usually in subscriber networks that are well protected against spoofing and denial-of-service
(DoS) attacks, service providers are willing to forgo authentication and trust subscriber identity. ISG automatic subscriber
logon allows service providers to grant certain subscribers access to services without requiring the subscribers to log on.
ISG automatic subscriber logon enables a specified identifier to be used in place of the username in authorization requests.
Enabling the AAA server to authorize subscribers on the basis of a specified identifier allows subscriber profiles to be downloaded
from the AAA server as soon as packets are received from subscribers.
The event that triggers automatic subscriber logon is session-start. For IP sessions, session-start occurs when a DHCP DISCOVER
request is received or when an unrecognized source IP address is detected. For PPPoE sessions, session-start occurs when a
client attempts to initiate a session by sending a PPPoE Active Discovery Initiation (PADI) packet.