Cisco Cisco Packet Data Gateway (PDG) Fehlerbehebungsanleitung
Simple IP and Mobile IP in a Single System Configuration Example
▀ Using the System as Both a PDSN/FA and an HA
▄ Cisco ASR 5000 Series Home Agent Administration
OL-22980-01
Required Information
Description
Secret(s):
Specifies the shared SPI secret between the HA service and the mobile node. The secret can be
between 1 and 127 characters (alpha and/or numeric).
An SPI secret is required for each SPI configured.
Specifies the shared SPI secret between the HA service and the mobile node. The secret can be
between 1 and 127 characters (alpha and/or numeric).
An SPI secret is required for each SPI configured.
Hash-algorithm:
Specifies the algorithm used to hash the SPI and SPI secret. The possible algorithms that can be
configured are MD5 per RFC 1321 and keyed-MD5 per RFC 2002. The default algorithm is hmac-
md5.
A hash-algorithm is required for each SPI configured.
Specifies the algorithm used to hash the SPI and SPI secret. The possible algorithms that can be
configured are MD5 per RFC 1321 and keyed-MD5 per RFC 2002. The default algorithm is hmac-
md5.
A hash-algorithm is required for each SPI configured.
Replay-protection process:
Specifies how protection against replay-attacks is implemented. The possible processes are nonce
and timestamp. The default is timestamp with a tolerance of 60 seconds.
A replay-protection process is required for each mobile node-to-HA SPI configured.
Specifies how protection against replay-attacks is implemented. The possible processes are nonce
and timestamp. The default is timestamp with a tolerance of 60 seconds.
A replay-protection process is required for each mobile node-to-HA SPI configured.
Maximum registration
lifetime
lifetime
Specifies the longest registration lifetime that the HA service will allow in any Registration Request
message from the mobile node.
The time is measured in seconds and can be configured to any integer value between 1 and 65535.
An infinite registration lifetime can also be configured by disabling the timer. The default is 600.
message from the mobile node.
The time is measured in seconds and can be configured to any integer value between 1 and 65535.
An infinite registration lifetime can also be configured by disabling the timer. The default is 600.
Maximum number of
simultaneous bindings
simultaneous bindings
Specifies the maximum number of “care-of” addresses that can simultaneously be bound for the
same user as identified by NAI and Home address.
The number can be configured to any integer value between 1 and 5. The default is 3.
same user as identified by NAI and Home address.
The number can be configured to any integer value between 1 and 5. The default is 3.
Default Subscriber Configuration
“Default” subscriber’s IP
context name
context name
Specifies the name of the egress context on the system that facilitates the PDN ports.
NOTE: For this configuration, the IP context name should be identical to the name of the
destination context.
NOTE: For this configuration, the IP context name should be identical to the name of the
destination context.
Simple IP Destination Context
The following table lists the information that is required to configure the optional destination context. As discussed
previously, This context is only required if Reverse Tunneling is disabled in the FA service.
previously, This context is only required if Reverse Tunneling is disabled in the FA service.
Table 10.
Required Information for Destination Context Configuration
Required
Information
Description
Destination
context name
context name
This is an identification string between 1 and 79 characters (alpha and/or numeric) by which the destination
context will be recognized by the system.
NOTE: For this configuration, the destination context name should not match the domain name of a specific
domain.
context will be recognized by the system.
NOTE: For this configuration, the destination context name should not match the domain name of a specific
domain.
PDN Interface Configuration