для Cisco Cisco Packet Data Gateway (PDG)
Configuring the Evolved Packet Data Gateway
▀ Configuring the System to Perform as an Evolved Packet Data Gateway
▄ ePDG Administration Guide, StarOS Release 17
84
exit
end
The
server
command configures remote server access protocols for the current context. The system automatically
creates a default subscriber, a default AAA group, and a default GTTP group whenever a context is created. The
ip
route
command in this example creates a default route for the management interface.
ePDG Context and Service Configuration
Step 1
Create the context in which the ePDG service will reside by following the configuration example in the section
Step 2
Creating the ePDG Context
Use the following configuration example to create the ePDG context, the EAP profile, the IPSec and IKEv2 transform
sets, the crypto template, the SWu, SWm, and DNS interfaces, the SWm and IPSec loopback interfaces, and the AAA
group for Diameter authentication:
sets, the crypto template, the SWu, SWm, and DNS interfaces, the SWm and IPSec loopback interfaces, and the AAA
group for Diameter authentication:
configure
context <epdg_context_name>
eap-profile <eap_profile_name>
mode authenticator-pass-through
exit
ipsec transform-set <ipsec_tset_name>
hmac aes-xcbc-96
exit
ikev2-ikesa transform-set <ikev2_ikesa_tset_name>
hmac aes-xcbc-96
prf aes-scbc-128
exit
crypto template <crypto_template_name> ikev2-dynamic
authentication remote eap-profile <eap_profile_name>
exit
ikev2-ikesa retransmission-timeout <milliseconds>
ikev2-ikesa transform-set list <ikev2_ikesa_tset_name>