Cisco Cisco Prime Access Registrar 7.1
4
Cisco Prime Access Registrar 7.1 Release Notes
Enhanced Features in Cisco Prime Access Registrar 7.1
Location-Based Attributes
Prime Access Registrar enables location-based attributes within RADIUS and Diameter that can be used
to convey location-related information for authentication and accounting services.
to convey location-related information for authentication and accounting services.
The GUI and CLI are updated with new fields/options to support this functionality.
Voice over Wi-Fi (VoWiFi) Location Based Authentication
Prime Access Registrar allows or blocks access to voice over Wi-Fi (VoWiFi) based on location
information of the user equipment (UE). Prime Access Registrar uses Sh interface for fetching the
location information of the UE.
information of the user equipment (UE). Prime Access Registrar uses Sh interface for fetching the
location information of the UE.
Prime Access Registrar can be configured to run a script at 3GPP authorization service outgoing script
to check the user location and reject/accept the UE based on the location information.
to check the user location and reject/accept the UE based on the location information.
The GUI and CLI are updated with new fields/options to support this functionality. For more information
about location-based authentication, refer to the “Wireless” chapter of the
about location-based authentication, refer to the “Wireless” chapter of the
SCTP Multihoming Support for Diameter
Prime Access Registrar provides Stream Control Transmission Protocol (SCTP) multihoming support
for Diameter client and remote server. With this feature, you can configure two source and destination
addresses on the Diameter client and remote server.
for Diameter client and remote server. With this feature, you can configure two source and destination
addresses on the Diameter client and remote server.
Note
When you use Prime Access Registrar with CentOS, ensure that you configure the Diameter SCTP client
and remote servers with different source/destination ports.
and remote servers with different source/destination ports.
The GUI and CLI are updated with new fields/options to support this functionality. For more information
about SCTP support for Diameter, refer to the “Diameter” chapter of the
about SCTP support for Diameter, refer to the “Diameter” chapter of the
OCSP Support for EAP-TLS
Prime Access Registrar allows you to configure Extensible Authentication Protocol - Transport Level
Security (EAP-TLS) service to support Online Certificate Status Protocol (OCSP), which is used to
check the status of X.509 digital certificates. This protocol can be used as an alternate to the certificate
revocation list (CRL).
Security (EAP-TLS) service to support Online Certificate Status Protocol (OCSP), which is used to
check the status of X.509 digital certificates. This protocol can be used as an alternate to the certificate
revocation list (CRL).
For more information about OCSP support, refer to the “Extensible Authentication Protocols” chapter
of the
of the
.
Enhancements with IMSI-Based and IP-Based Blacklisting
Prime Access Registrar supports blacklisting based on IMSI or IP address values for the following:
•
Diameter remote server—You can choose to configure blacklisting as part of the outgoing script of
the remote server.
the remote server.