Cisco Cisco IOS Software Release 12.4(22)XR
162
Cisco Packet Data Serving Node Release 5.5 for Cisco IOS Release 12.4(22)XR9
OL-19026-02
Lawful Intercept Processing
c.
Creates an entry in the cmTapStreamTable and sets the cmTapStreamStatus to active (1).
d.
Sets cTap2StreamInterceptEnable to true(1) to start the intercept. The router intercepts traffic in the
stream until the intercept expires (cTap2MediationTimeout).
stream until the intercept expires (cTap2MediationTimeout).
Accessing the Lawful Intercept MIBs
Due to its sensitive nature, the Cisco lawful intercept MIBs are only available in software images that
support the lawful intercept feature. These MIBs are not accessible through the Network Management
Software MIBs Support page (
support the lawful intercept feature. These MIBs are not accessible through the Network Management
Software MIBs Support page (
).
Restricting Access to the Lawful Intercept MIBs
Only the mediation device and users who need to know about lawful intercepts should be allowed to
access the lawful intercept MIBs. To restrict access to these MIBs, you must:
access the lawful intercept MIBs. To restrict access to these MIBs, you must:
1.
Create a view that includes the Cisco lawful intercept MIBs.
2.
Create an SNMP user group that has read-and-write access to the view. Only users assigned to this
user group can access information in the MIBs.
user group can access information in the MIBs.
3.
Add users to the Cisco lawful intercept user groups to define who can access the MIBs and any
information related to lawful intercepts. Be sure to add the mediation device as a user in this group;
otherwise, the router cannot perform lawful intercepts.
information related to lawful intercepts. Be sure to add the mediation device as a user in this group;
otherwise, the router cannot perform lawful intercepts.
Note
Access to the Cisco lawful intercept MIB view should be restricted to the mediation device
and to system administrators who need to be aware of lawful intercepts on the router. To
access the MIB, users must have level-15 access rights on the router.
and to system administrators who need to be aware of lawful intercepts on the router. To
access the MIB, users must have level-15 access rights on the router.
Configuring SNMPv3
To perform the following procedures, SNMPv3 must be configured on the PDSN. For information about
how to configure SNMPv3, and for detailed information about the commands described in the sections
that follow, see the following Cisco documents:
how to configure SNMPv3, and for detailed information about the commands described in the sections
that follow, see the following Cisco documents:
•
Cisco IOS Configuration Fundamentals Configuration Guide, Part 3: System Management,
“Configuring SNMP Support” section, available at the following URL:
“Configuring SNMP Support” section, available at the following URL:
•
Cisco IOS Configuration Fundamentals and Network Management Command Reference, available
at the following URL:
at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/fun_r/cfr_1g11.htm
Feature Limitations:
•
The provisioning of TAP with taptype as NAI is not possible if either the CLID feature or the cdma
pdsn nai non-unique command is enabled.
pdsn nai non-unique command is enabled.