Cisco Cisco Packet Data Gateway (PDG)
HNB Gateway in Wireless Network
Features and Functionality - Base Software ▀
HNB-GW Administration Guide, StarOS Release 17 ▄
33
X.509 Certificate-based Authentication Support
HNB-GW supports X.509 Certificate-based authentication to HNB/UE for a public key infrastructure (PKI) for single
sign-on (SSO) and Privilege Management Infrastructure (PMI). X.509 specifies the standard formats for public key
certificates, certificate revocation lists, attribute certificates, and a certification path validation algorithm.
sign-on (SSO) and Privilege Management Infrastructure (PMI). X.509 specifies the standard formats for public key
certificates, certificate revocation lists, attribute certificates, and a certification path validation algorithm.
Open Access Mode Support
An Open HNB provides its services to any mobile subscriber in Femto network. This feature is intended to provide
Open access mode support on an UMTS HNB-GW. Open access HNBs can be deployed in public places like airports to
increase the indoor coverage or to offload the traffic from the macro cell.
Open access mode support on an UMTS HNB-GW. Open access HNBs can be deployed in public places like airports to
increase the indoor coverage or to offload the traffic from the macro cell.
This feature provides following procedure for Open Access HNB registration on HNB-GW:
OPEN HNB registration:
1. On receiving HNB-REGISTER-REQ from HNB, HNB-GW sends RADIUS-Access-Request to AAA-
server. HNB-GW will not care whether HNB has sent cell-access-mode in the register request or not.
2. AAA-server performs authentication and authorization. If this is successful AAA-server sends
RADIUS-Access-Accept to HNB-GW. Then AAA-server includes the Whitelist attribute in the
response. AAA-server prepare Whitelist attribute in the following manner:
response. AAA-server prepare Whitelist attribute in the following manner:
Cell-access-mode field in the Whitelist attribute will be set to “Open”.
Number-of-IMSIs field in the Whitelist attribute will be set to 0 (zero).
IMSIs will not be included in the Whitelist attribute.
3. HNB-GW overrides the cell-access-mode value received from HNB by the one received from AAA-
server.
4. HNB-GW discards “IMSI List” received for an Open Access-mode HNB from AAA-server in Access-
Accept or COA message.
5. AAA server sends access-mode as 0 (Closed mode) or 1 (Hybrid mode) or 2 (Open mode). If it sends
any other value in Access-Accept, then HNB-GW shall send HNB-REGISTER-REJECT with
Unauthorised-HNB cause.
Unauthorised-HNB cause.
Important:
HNB-GW support both “Open” mode and “Closed” mode HNBs simultaneously.
In case HNB registration is disabled the HNB-GW sends HNB-REGISTER-REJECT with O&M
Intervention cause.
Intervention cause.
UE registration:
1. HNB-GW does not perform access control check of any UE registration request received from an Open
Access-mode HNB.
2. HNB-GW also does not perform any check on the UE-identity received in the registration request from
an Open Access mode HNB.
RUA Connect: HNB-GW does not check IMSI received in RANAP-CommonId if the same was not received
from HNB in UE-REGISTER-REQ.
Paging: Paging process has been optimizaed release 15.0 onwards and has been described in the