Cisco Cisco Packet Data Interworking Function (PDIF)
Security Gateway Overview
▀ Product Overview
▄ SecGW Administration Guide, StarOS Release 18
18
Reverse Route Injection
SecGW also supports Reverse Route Injection (RRI). RRI injects routes in the reverse direction onto the ASR 9000
VSM so that clear traffic can be routed to the correct interface on the target VPC-VSM. For additional information, see
the Reverse Route Injection chapter.
VSM so that clear traffic can be routed to the correct interface on the target VPC-VSM. For additional information, see
the Reverse Route Injection chapter.
SecGW Management
Each SecGW instance is configured individually via its Management port. However, the Cisco Prime network
management tool can be used to configure and manage individual SecGW instances.
management tool can be used to configure and manage individual SecGW instances.
A common or default configurations can be captured as “templates” in Cisco Prime which are then applied to each
SecGW instance or all SecGW instances in the network.
SecGW instance or all SecGW instances in the network.
For additional information on the Cisco Prime Mobility suite, contact your Cisco account representative.
Alternatively an operator can create a StarOS configuration file on the first gateway. The resulting configuration file can
then be copied and edited offline with different parameters. The edited configuration file is then copied to the flash drive
of the second SecGW. The process is repeated until all four SecGWs have been initially configured.
then be copied and edited offline with different parameters. The edited configuration file is then copied to the flash drive
of the second SecGW. The process is repeated until all four SecGWs have been initially configured.
Subsequent changes made to the configuration of each SecGW must be saved to the local configuration file. For security
and recovery the individual configuration files should then be saved off the VMS to a target network destination.
and recovery the individual configuration files should then be saved off the VMS to a target network destination.
For additional information, see the VPC-VSM System Administration Guide.
oneP Communication
Each SecGW creates a oneP session with the ASR 9000 for route insertions, policy creation and flow creation. For
additional information, refer to the oneP Communication chapter.
additional information, refer to the oneP Communication chapter.