Cisco Cisco Packet Data Gateway (PDG) Guia De Resolução De Problemas
PDG/TTG Overview
▀ Features and Functionality
▄ Cisco ASR 5000 Series Packet Data Gateway/Tunnel Termination Gateway Administration Guide
OL-22999-01
To support subscribers while they attempt to access multiple services, the PDG/TTG enables multiple subscriber
authorizations via multiple wireless APNs. Each time a UE attempts to access a service, the PDG/TTG receives a new
APN from the UE in the IDr payload of its first IKE_AUTH_REQ message, and the PDG/TTG initiates a new
authorization as a distinct session.
authorizations via multiple wireless APNs. Each time a UE attempts to access a service, the PDG/TTG receives a new
APN from the UE in the IDr payload of its first IKE_AUTH_REQ message, and the PDG/TTG initiates a new
authorization as a distinct session.
Lawful Intercept
The PDG/TTG supports lawful interception (LI) of subscriber session information to provide telecommunication service
providers (TSPs) with a mechanism to assist law enforcement agencies (LEAs) in the monitoring of suspicious
individuals (referred to as targets) for potential criminal activity.
providers (TSPs) with a mechanism to assist law enforcement agencies (LEAs) in the monitoring of suspicious
individuals (referred to as targets) for potential criminal activity.
Law Enforcement Agencies (LEAs) provide one or more Telecommunication Service Providers (TSPs) with court
orders or warrants requesting the monitoring of a particular target. The targets are identified by information such as their
Network Access Identifier (NAI), Mobile Station Integrated Services Digital Network (MSISDN) number, or
International Mobile Subscriber Identification (IMSI) number.
orders or warrants requesting the monitoring of a particular target. The targets are identified by information such as their
Network Access Identifier (NAI), Mobile Station Integrated Services Digital Network (MSISDN) number, or
International Mobile Subscriber Identification (IMSI) number.
Once the target has been identified, the PDG/TTG serves as an access function (AF) and performs monitoring for either
new PDP contexts (“camp-on”) or PDP contexts that are already in progress. While monitoring, the system intercepts
and duplicates Content of Communication (CC) and/or Intercept Related Information (IRI) and forwards it to a Delivery
Function (DF) over an extensible, proprietary interface.
new PDP contexts (“camp-on”) or PDP contexts that are already in progress. While monitoring, the system intercepts
and duplicates Content of Communication (CC) and/or Intercept Related Information (IRI) and forwards it to a Delivery
Function (DF) over an extensible, proprietary interface.
Note that when a target establishes multiple, simultaneous PDP contexts, the system intercepts CC and IRI for each of
them. The DF, in turn, delivers the intercepted content to one or more Collection Functions (CFs).
them. The DF, in turn, delivers the intercepted content to one or more Collection Functions (CFs).
For more information about the Lawful Intercept feature, see the Lawful Intercept Configuration Guide.
IMS Emergency Call Handling
The PDG/TTG supports IMS emergency call handling per 3GPP TS 33.234. This feature is enabled by configuring a
special WLAN access point name (W-APN), which includes a W-APN network identifier for emergency calls (sos, for
example), and can be configured with no authentication.
special WLAN access point name (W-APN), which includes a W-APN network identifier for emergency calls (sos, for
example), and can be configured with no authentication.
The DNSs in the network are configured to resolve the special W-APN to the IP address of the PDG/TTG. When a
WLAN UE initiates an IMS emergency call, the UE sends a W-APN that includes the same W-APN network identifier
(sos) as the one that is configured on the PDG/TTG. This W-APN network identifier is prefixed to the W-APN operator
identifier per 3GPP TS 23.003. The W-APN operator identifier sent by the UE must match the PLMN ID (MCC and
MNC) that is configured on the PDG/TTG (visited network). When the PDG/TTG receives the W-APN from the UE in
the IDr, the PDG/TTG marks the call as an emergency call and proceeds with call establishment, even in the event of an
authentication or EAP failure from the AAA/EAP server.
WLAN UE initiates an IMS emergency call, the UE sends a W-APN that includes the same W-APN network identifier
(sos) as the one that is configured on the PDG/TTG. This W-APN network identifier is prefixed to the W-APN operator
identifier per 3GPP TS 23.003. The W-APN operator identifier sent by the UE must match the PLMN ID (MCC and
MNC) that is configured on the PDG/TTG (visited network). When the PDG/TTG receives the W-APN from the UE in
the IDr, the PDG/TTG marks the call as an emergency call and proceeds with call establishment, even in the event of an
authentication or EAP failure from the AAA/EAP server.
If the PDG/TTG detects that an old IKE SA for the special W-APN already exists, it deletes the IKE SA and sends an
INFORMATIONAL message with a Delete payload to the WLAN UE to delete the old IKE SA on the UE.
INFORMATIONAL message with a Delete payload to the WLAN UE to delete the old IKE SA on the UE.
IPSec Session Recovery Support
The IPSec session recovery feature is a licensed feature. It provides seamless failover and nearly instantaneous
reconstruction of subscriber session information in the event of a hardware or software fault within the same chassis,
reconstruction of subscriber session information in the event of a hardware or software fault within the same chassis,