Cisco Cisco ASR 5000
APN Configuration Mode Commands
▀ authentication
▄ Command Line Interface Reference, StarOS Release 18
1304
username-strip-apn
Default: Disabled.
This keyword if enabled, either with
This keyword if enabled, either with
msisdn-auth
or
imsi-auth
strips the APN name from the user name
msisdn
@
apn
or
imsi
@
apn
received from AAA and makes the user name as
msisdn
or
imsi
respectively.
username-append-apn
Default: Disabled.
This keyword if enabled, works only with pap and chap options. If username-append-apn option enabled in
authentication CLI, then apn name will be appended to the pco received username and same username will be
used across all interfaces.
This keyword if enabled, works only with pap and chap options. If username-append-apn option enabled in
authentication CLI, then apn name will be appended to the pco received username and same username will be
used across all interfaces.
password-use-pco
Default: Disabled.
This keyword, if enabled, uses the password received through Protocol Configuration Options (PCO) from
AAA for authentication.
This keyword, if enabled, uses the password received through Protocol Configuration Options (PCO) from
AAA for authentication.
prefer-chap-pco
Default: Disabled.
If this keyword along with msisdn-auth/imsi-auth is enabled, GGSN performs Challenge Handshake
Authentication Protocol (CHAP) authentication, if CHAP parameters are received in Protocol Configuration
Options (PCO). However, chap username would be constructed as
If this keyword along with msisdn-auth/imsi-auth is enabled, GGSN performs Challenge Handshake
Authentication Protocol (CHAP) authentication, if CHAP parameters are received in Protocol Configuration
Options (PCO). However, chap username would be constructed as
msisdn
@
apn
/
imsi
@
apn
and chap
challenge, chap response parameters should be used as it is from CHAP parameters received in the PCO IE. If
CHAP parameters are not received in the PCO IE of the CPC Request, GGSN does normal Password
Authentication Protocol (PAP) authentication with PAP username as
CHAP parameters are not received in the PCO IE of the CPC Request, GGSN does normal Password
Authentication Protocol (PAP) authentication with PAP username as
msisdn
@
apn
/
imsi
@
apn
(ignoring
any PAP username if received).
eap initial-access-request
Default: Enabled
Configures the type of initial access request to be used in Diameter EAP (Extensible Authentication Protocol)
request. This feature is applicable to only Diameter-based AAA interface and not applicable to RADIUS or
any other type of AAA interface.
Configures the type of initial access request to be used in Diameter EAP (Extensible Authentication Protocol)
request. This feature is applicable to only Diameter-based AAA interface and not applicable to RADIUS or
any other type of AAA interface.
authenticate-authorize
Default: Enabled
Configures the “authenticate and authorize” type of initial access request to be used in a Diameter EAP
request.
Configures the “authenticate and authorize” type of initial access request to be used in a Diameter EAP
request.
authenticate-only
Default: Disabled
Configures the “authenticate only” type of initial access request to be used in a Diameter EAP request.
Configures the “authenticate only” type of initial access request to be used in a Diameter EAP request.
allow-noauth
Default: Enabled
Configures the APN to not perform authentication for PDP contexts as described in the Usage section.
Configures the APN to not perform authentication for PDP contexts as described in the Usage section.
pco-username
Default: Disabled