Table of Contents
- About This Guide
- Product Overview
- Steel-Belted Radius Carrier Overview
- Introduction to Steel-Belted Radius Carrier
- SBR Carrier Core Features
- Management Interfaces
- Optional SIM Authentication Module
- Optional WiMAX Mobility Module Features
- Optional Session Control Module
- Optional Scripting Module
- Optional Session State Register (High Availability) Module
- Optional Concurrency Module
- Optional 3GPP AAA Module
- Licensing
- Web GUI Overview
- RADIUS Operations
- RADIUS Basics
- RADIUS Overview
- Attributes
- Centralized Configuration Management
- Proxy RADIUS
- Authentication
- Password Protocols
- Accounting
- Request Routing
- Radius Client Groups
- IP Address Assignment
- Resource Management
- IPv6 Support
- Administering RADIUS Clients and Client Groups
- Administering RADIUS Location Groups
- Administering Users
- Administering Profiles
- Administering Proxy RADIUS
- Administering RADIUS Tunnels
- Administering Address Pools
- Address Pools for Standalone Servers versus Servers in a SSR Cluster
- Address Pool Files
- Adding an IPv4 Address Pool
- Editing an IPv4 Address Pool
- Deleting an IPv4 Address Pool
- Specifying an IP Address Pool for User/Profile Records
- NAD-Specific IP Address Pools
- Service-Level IP Address Pools
- Specifying IP Address Assignment from a DHCP Server
- Setting Up Administrator Accounts
- Configuring Realm Support
- Setting Up Filters
- Setting Up Authentication Policies
- Setting Up EAP Methods
- About the Extensible Authentication Protocol
- EAP-TLS Authentication Protocol
- EAP-TTLS Authentication Protocol
- EAP-PEAP Authentication Protocol
- EAP-MD5-Challenge Authentication Protocol
- EAP-MS-CHAP-V2 Authentication Protocol
- EAP-SIM and EAP-AKA Authentication Protocols
- Configuring Replication
- Overview of Replication
- Replication Requirements
- Adding a Replica Server
- Enabling a Replica Server
- Editing a Replica Server
- Deleting a Replica Server
- Publishing Server Configuration Information
- Notifying Replica RADIUS Servers
- Designating a New Primary Server
- Making a Standalone Server the Primary Server
- Making a Standalone Server a Replica Server
- Verifying the Primary and Replica Servers Are Enabled
- Demote a Primary or Replica Server to a Standalone Server
- Recovering a Replica After a Failed Configuration Package Download
- Changing the Name or IP Address of a Server
- Replication Error Messages
- 3GPP Support
- Diameter Operations
- Diameter Basics
- Administering the Local Network Element
- Administering Diameter Remote Network Elements
- Administering the Diameter Policy
- Policy Overview
- Configuring a Local Profile
- Creating a Local Profile
- Editing a Local Profile
- Deleting a Local Profile
- Configuring Local Profile Selection
- Administering Request Routing Rules
- Displaying Diameter Statistics
- Back-End Authentication and Accounting Methods
- Configuring SQL Authentication
- Configuring SQL Accounting
- Configuring LDAP Authentication
- Signalware SIGTRAN Gateway Support
- Proxy RADIUS Authentication and Accounting
- HSS-Subscriber Database
- Management Interfaces
- Simple Network Management Protocol
- Using the LDAP Configuration Interface
- Optional Authentication Modules
- SIM Authentication Module
- SIM Authentication Module Component Overview
- Operation Overview
- SIM Authentication Module Configuration
- Special Attribute Handling Features
- Kineto S1 Support
- Summary of Configuration Tasks for the SIM Authentication Module
- SIM Authentication Module Configuration with a SIGHUP (1) Signal
- Overview of the WiMAX Mobility Module
- Supported Features of the WiMAX Mobility Module
- WiMAX Network Reference Model
- AAA-Generated Cryptographic Keys
- EAP Authentication Methods and EAP-Derived Cryptographic Keys
- WiMAX Vendor Specific Attribute (VSA) Format
- WiMAX Capabilities Negotiation
- Home Agent and DHCP Server Assignment
- WiMAX Post-Paid (Offline) Accounting
- WiMAX Prepaid Accounting
- Categorizing Access-Requests from Different Devices
- Configuring the WiMAX Mobility Module
- Before You Begin
- Configuring the radius.ini File for WiMAX
- Configuring the Home Agent and DHCP Server Assignment
- Define the List of Home Agents and DHCP Servers
- Configuring Return List Attributes to Assign the Home Agent and DHCP Server
- Configuring Statically Weighted Round-Robin Groups to Assign the Home Agent and DHCP Server
- Configuring the Smart Dynamic Home Agent Assignment Feature
- Configuring WiMAX Clients
- Configuring WiMAX Users and Profiles
- Configuring the EAP Methods for WiMAX
- Optional Session State Register (High Availability) Module for a Clustered Environment
- Session State Register Overview
- Session State Register Administration
- SSR Administration Overview
- Overview of Starting and Stopping a Session State Register Cluster
- Administration Scripts Overview
- SSR Database Management Scripts
- Steel-Belted Radius Carrier Node Administration Scripts
- SSR Session Management
- Administration Script Control Files
- Optional Concurrency Module
- Managing and Controlling Sessions
- Introduction to Managing and Controlling Sessions in SBR Carrier
- Overview of the Optional Session Control Module
- Change of Authorization/Disconnect Messages Overview
- How Steel-Belted Radius Carrier Processes CoA/DM Messages
- Sequence and Flow of CoA/DM Requests Through Steel-Belted Radius Carrier
- Implementing CoA/DM Support
- Processing Dynamic Authorization (CoA/DM) Messages as a Proxy Server
- Processing Dynamic Authorization (CoA/DM) Messages as a Proxy Target
- Settings to Support the Proxy CoA/DM Functionality
- Using Web GUI to Manage and Control Sessions
- Using the Command Line Utility to Manage and Control Sessions
- Configuring the deviceModels.xml File
- Summary of Allowed Elements in the deviceModels.xml File
- Element: action
- Element: actions
- Element: attributes
- Element: controlledDeviceModel
- Element: controlledDeviceModels
- Element: defaultAttribute
- Element: localSessionQuery
- Element: onFailure
- Element: onSuccess
- Element: onTimeout
- Element: overrideAttribute
- Element: radiusPort
- Element: radiusPorts
- Element: radiusRequest
- Element: requiredAttribute
- Element: sessionStop
- XML over HTTPS Interface
- XML over HTTPS Interface Overview
- XML Statement Construction
- Client Request Schema Example
- Client Request Elements
- Client Request Examples
- Client Response Schema Example
- Client Response Elements
- Element: attribute
- Element: attributes
- Element: body
- Element: clientRequest
- Element: clientResponse
- Element: clientResult
- Element: clientResults
- Element: defaultAttribute
- Element: deviceRequest
- Element: deviceRequestSpec
- Element: deviceResponse
- Element: deviceResult
- Element: deviceResults
- Element: envelope
- Element: header
- Element: optionalAttribute
- Element: overrideAttribute
- Element: requiredAttribute
- Element: sessionData
- Element: sessionRequest
- Element: sessionResponse
- Element: sessionResult
- Element: sessionResults
- Client Response Examples
- Example: Client Response to Query for Username ‘bob’
- Example: Client Response to Query for Any Username Using Wildcard
- Example: Client Response to Request for Action Called “foo” on Username TestUser9
- Example: Client Response to Request for Action Called “foo” on Username TestUser99
- Example: Client Response to RADIUS Disconnect
- Example: Client Response to Action Intercept
- Example: Client Response to Action Intercept
- Example: Client Response to Action Intercept
- Example CoA/DM Configuration
- Statistics and Reporting
- Displaying Statistics
- Logging and Reporting
- Logging Files
- Displaying Authentication Log Files
- Using the Locked Accounts List
- Configuring the Log Retention Period
- Using the Server Log File
- Using the Authentication Log File
- Using the Accounting Log File
- Optional Scripting Module
- Introduction to Scripting
- Creating Scripts
- Debugging Scripts
- Creating LDAP Scripts
- Creating Realm Selection Scripts
- Creating Attribute Filter Scripts
- Working with Data Accessors
- Script Reference
- JavaScript Types
- API Method Support by Script Type
- Local and Global Variable Declarations
- Global Object
- Ldap Object
- LdapVariables Object
- RealmSelector Object
- SessionControl Object
- AttributeFilter Object
- DataAccessor Object
- Appendixes