Cisco Cisco Packet Data Gateway (PDG)

 

▄  ePDG Administration Guide, StarOS Release 17  

    logging filter active facility epdg level <critical/error> 

    logging filter active facility aaamgr level<critical/error> 

    logging filter active facility diameter level<critical/error> 

    logging filter active facility egtpc level<critical/error> 

    logging filter active facility egtpmgr level<critical/error> 

    logging filter active facility gtpumgr level<critical/error> 

    logging filter active facility diameter-auth level<critical/error> 

    logging active 

    end 

List of authentication methods are defined and associated in Crypto Template. The basic sample configuration required 
for OCSP and Certificate based authentication is as follows. For backward compatibility, the configuration for auth 
method inside Crypto Template will be working.  

The following are the configuration considerations: 

1.  At max three sets of authentication methods in list can be associated. 
2.  Each set has only one local and one remote authentication method configuration. 
3.  The existing configuration inside the Crypto Template takes precedence over the new auth-method-set defined in 

case same auth method is configured at both places. 

configure 

#CA Certificate for device certificate authentication: 

    ca-certificate name <ca-name> pem url file: <ca certificate path> 

#ePDG Certificate: 

    ca-certificate name <epdg-name> pem url file: <epdg certificate path> private-key pem 
url file:<epdg private key path> 

eap-profile <profile name> 

    mode authenticator-pass-through 

  #exit 

    ikev2-ikesa auth-method-set <list-name-1> 

       authentication remote certificate 

       authentication local certificate 

#exit