Cisco Cisco Prime Access Registrar 6.1
2
Cisco Prime Access Registrar 6.1 Release Notes
OL-29758-01
New and Enhanced Features in Cisco Prime Access Registrar 6.1
New and Enhanced Features in Cisco Prime Access Registrar
6.1
6.1
Prime Access Registrar introduces the following features for Version 6.1:
•
•
•
•
•
•
3GPP Compliance
Prime Access Registrar supports 3GPP compliance by implementing the following:
•
SWa reference point between an untrusted non-3GPP IP access and a 3GPP AAA server/proxy.
•
STa reference point between a trusted non-3GPP access and a 3GPP AAA server/proxy.
•
SWm reference point between an Evolved Packet Data Gateway (ePDG) and a 3GPP AAA
server/proxy.
server/proxy.
•
SWd reference point between a 3GPP AAA server and a 3GPP AAA proxy.
•
SWx reference point between a Home Subscriber Server (HSS) and a 3GPP AAA server.
•
S6b reference point between a Packet Data Network (PDN) GW and a 3GPP AAA server/proxy.
Diameter Enhancements
This topic contains the following sections:
•
•
•
Diameter with EAP Support
Prime Access Registrar supports Diameter Extensible Authentication Protocol (EAP) application that
carries EAP packets between a Network Access Server (NAS) working as an EAP Authenticator and a
back-end authentication server. In the Diameter EAP application, authentication occurs between the
EAP client and its home Diameter server. This end-to-end authentication reduces the possibility for
fraudulent authentication, such as replay and man-in-the-middle attacks. End-to-end authentication also
provides a possibility for mutual authentication, which is not possible with PAP and CHAP in a roaming
PPP environment.
carries EAP packets between a Network Access Server (NAS) working as an EAP Authenticator and a
back-end authentication server. In the Diameter EAP application, authentication occurs between the
EAP client and its home Diameter server. This end-to-end authentication reduces the possibility for
fraudulent authentication, such as replay and man-in-the-middle attacks. End-to-end authentication also
provides a possibility for mutual authentication, which is not possible with PAP and CHAP in a roaming
PPP environment.
The GUI is updated with new fields/options to support this functionality.