Cisco Cisco ASR 5500 Administrator's Guide
AAA Interface Configuration
▀ Configuring Diameter AAA Functionality
▄ Cisco ASR 5x00 AAA Interface Administration and Reference
26
Optional. To support Diameter proxy server on per-PAC/PSC or per-system basis, in the Global Configuration
Mode, use the following command:
require diameter-proxy { master-slave | multiple | single }
<context_name>
must be the name of the system context designated for AAA configuration.
Optional. To enable Diameter proxy for the endpoint, in the Diameter Endpoint Configuration Mode, use the
following command:
use-proxy
Optional. To set the realm for the Diameter endpoint, in the Diameter Endpoint Configuration Mode, use the
following command:
origin realm <realm_name>
<realm_name>
is typically a company or service name. The realm is the Diameter identity and will be present
in all Diameter messages.
Optional. To create an entry in the route table for the Diameter peer, in the Diameter Endpoint Configuration
Mode, use the following command:
route-entry { [ host <host_name> ] [ peer <peer_id> ] [ realm <realm_name> ] } [
application credit-control ] [ weight <value>
application credit-control ] [ weight <value>
]
Optional. To specify the port for the Diameter endpoint, in the Diameter Endpoint Configuration Mode, use the
following command:
origin host host_name
address ipv4/ipv6_address [ port port_number ] [ accept-
incoming-connections ] [ address ipv4/ipv6_address_secondary ]
Port number in the origin host should be configured only when the chassis is running in server mode, i.e. when
accept-incoming-connections
is configured.
In this case it will open a listening socket on the specified port. For configurations where chassis is operating as
a client, port number should not be included. In this case, a random source port will be chosen for outgoing
connections. This is applicable for both with or without multi-homing.
a client, port number should not be included. In this case, a random source port will be chosen for outgoing
connections. This is applicable for both with or without multi-homing.
Important:
Currently if multi-homing is configured, then the specified port is used instead of
randomly chosen port. This is done so that application knows which port is used by the kernel as it
will have to use the same port while adding/removing IP address from the association. Nevertheless,
configuring port number in origin host for client mode is not supported.
will have to use the same port while adding/removing IP address from the association. Nevertheless,
configuring port number in origin host for client mode is not supported.
Optional. To set how the action after failure, or recovery after failure is performed for the route table, in the
Diameter Endpoint Configuration Mode, use the following command:
route-failure { deadtime <seconds> | recovery-threshold percent <percent> |
result-code <result_code> | threshold <counter> }
result-code <result_code> | threshold <counter> }
Optional. To enable/disable the Transport Layer Security (TLS) support between Diameter client and Diameter
server node, in the Diameter Endpoint Configuration Mode, use the following command:
tls { certificate <cert_string> | password <password> | privatekey <private_key> }
Optional. To set the connection timeout, in seconds, in the Diameter Endpoint Configuration Mode, use the
following command:
connection timeout <timeout>
Optional. To set the connection retry timeout, in seconds, in the Diameter Endpoint Configuration Mode, use the
following command: