Cisco Cisco Packet Data Gateway (PDG) Documentation Roadmaps
Packet Data Interworking Function Overview
▀ Features and Functionality - Base Software
▄ Cisco ASR 5000 Series Product Overview
OL-22937-01
Figure 142. DoS Cookie-Challenge-Enabled IKEv2 Message Exchange
Table 79. DoS Cookie Challenge Enabled IKEv2 Message Exchange
Step
Description
1
The MS places a call to the WiFi AP.
2
The WiFi AP returns the IP address of the PDIF.
3
The MS sends an IKE_SA_INIT request. message.
4
The PDIF sends the Notify (cookie) payload to the MS to request retransmission of the IKE_SA_INIT request message to
include the Notify (cookie) payload in the message.
include the Notify (cookie) payload in the message.
5
Upon receipt of the retransmitted message, the PDIF verifies the cookie payload and ensures it is the same cookie as the
one it had sent.
one it had sent.
6
If the cookie challenge is met, setup continues as normal with an IKE_SA_INIT response message.
Cookie Challenge Statistics
Cookie challenge statistics appear in the outputs for the following commands:
: Shows the total number of invalid cookies per
manager instance.