Cisco Cisco Packet Data Gateway (PDG)
SaMOG Gateway Overview
SaMOG Features and Functionality - License Enhanced Feature Software ▀
SaMOG Administration Guide, StarOS Release 18 ▄
65
Planned card migration: The system administrator can migrate the sessions from one PSC/DPC card
to a standby card using the CLI. Planned migration can be performed by transferring the entire
memory contents from the source card to the destination card, re-opening the sockets, and updating
the NPU flows.
memory contents from the source card to the destination card, re-opening the sockets, and updating
the NPU flows.
Important:
In this release, card level recovery and npusim recovery are not supported on the virtualized platform
(VPC).
When the Session Recovery feature is enabled for the SaMOG Gateway using the CLI, the Session Manager maintains a
backup of the session critical information with the AAA Manager that has the same instance number. A paired AAA
Manager with the same instance number as the Session Manager is started on a different PSC/DPC card. When a failure
is detected, the Call Recovery Record (CRR) that contains the backed up information is fetched from the AAA
Manager, and the sessions are re-created on the recovered Session Manager.
backup of the session critical information with the AAA Manager that has the same instance number. A paired AAA
Manager with the same instance number as the Session Manager is started on a different PSC/DPC card. When a failure
is detected, the Call Recovery Record (CRR) that contains the backed up information is fetched from the AAA
Manager, and the sessions are re-created on the recovered Session Manager.
As the SaMOG session recovery feature makes use of the existing StarOS IPSG framework, new fields are added to the
IPSG session recovery record to recover attributes specific to the SaMOG session (For example: GRE end point
address, SaMOG EGTPC information, etc).
IPSG session recovery record to recover attributes specific to the SaMOG session (For example: GRE end point
address, SaMOG EGTPC information, etc).
The Session Recovery feature requires a minimum of four PSC/DPC cards (3 active and 1 standby). One PSC/DPC card
will be used the DEMUX managers and VPN manager, two PSC/DPC cards will be used by the Session manager and
AAA manager, and one PSC/DPC card will be used for standby.
will be used the DEMUX managers and VPN manager, two PSC/DPC cards will be used by the Session manager and
AAA manager, and one PSC/DPC card will be used for standby.
Important:
For more information on session recovery, refer to the Session Recovery chapter in the System
Administration Guide.
Web Authorization
The Web Authorization feature enables the SaMOG Gateway to authenticate a subscriber’s user equipment (UE) over a
web portal, based on a user ID and password combination, a one-time password, or a voucher. On successful
authentication, the AAA server stores the subscriber profile (APN, IMSI, QoS) from the HLR/HSS for the subscriber’s
device, and SaMOG establishes the network connection for the UE.
web portal, based on a user ID and password combination, a one-time password, or a voucher. On successful
authentication, the AAA server stores the subscriber profile (APN, IMSI, QoS) from the HLR/HSS for the subscriber’s
device, and SaMOG establishes the network connection for the UE.
Web-based authorization can be performed in the following scenarios:
The UE with the Universal Integrated Circuit Card (UICC) does not support EAP-AKA, EAP-SIM, or EAP-
AKA’ based authentication.
The UE with the UICC uses a prepaid voucher.
The UE does not have a UICC (laptop, tablet, etc).
The SaMOG web-based authorization and session establishment for a non-EAP or non-UICC device occurs in two
phases:
phases:
Pre-Authentication Phase
During the pre-authentication phase, SaMOG supports local IP address assignment and redirects the UE traffic to a web
portal where the subscriber authenticates with a username and password combination, a one-time password, or a
portal where the subscriber authenticates with a username and password combination, a one-time password, or a