Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Requirements of the CoA/DM Requests

 

This example configuration is for a WiMAX deployment using two different dynamic authorization requests: a Disconnect-Request and a CoA-Request. Both requests are executed against all sessions that match a particular Acct-Multi-Session-Id attribute value specified in the CoA/DM client requests.

Requirements for the Disconnect Message Request

Requirements for the Disconnect Message Request

The first client request requirement in this example is for a RADIUS Disconnect Message (DM) request. You execute the Disconnect-Request when you want to disconnect a user from the network. The attribute packing list for the Disconnect-Request is determined by the WiMAX equipment used to gain access to the network. In this example, the RADIUS attributes listed in Table 114 must be contained in the Disconnect-Request message:

Table 114: Required Attributes for the Disconnect-Request

Attribute

Description

User-Name

The User-Name specified in the Accounting-Start message, which in this example is a pseudonym such as a fast re-authentication identity if EAP-SIM or EAP-AKA authentication is used, or an anonymous outer username if EAP-TTLS is used.

Note: This username is different from the username normally found in the current session table (CST), which is always the real (inner) identity of the user.

Calling-Station-Id

The Calling-Station-Id AVP from the Access-Request. Because this is a WiMAX deployment, this AVP may contain bytes with the value=0 (Null). Conventional RADIUS devices do not use null in the Calling-Station-Id attribute, so it is usually interpreted as a null-terminated string. In this example, the Calling-Station-Id contains the MAC address of the WiMAX network access device in binary form, so it may contain nulls.

WiMAX-AAA-Session-Id

The WiMAX-AAA-Session-Id from the Access-Accept response.

WiMAX-DM-Action-Code

Set to the 4 byte integer value=0.

Requirements for the CoA (Hotline) Request

Requirements for the CoA (Hotline) Request

The second client request requirement in this example is for a RADIUS Change of Authorization (CoA) request. The CoA-Request is executed when a user needs be redirected to a hotlining or lawful intercept device. The attribute packing list for the CoA-Request is determined by the WiMAX equipment used to access the network. In this example, the following RADIUS attributes must be contained in the CoA-Request:

Table 115: Required Attributes for the CoA-Request

Attribute

Description

User-Name

The User-Name specified in the Accounting-Start message, which in this example is a pseudonym such as the fast re-authentication identity if EAP-SIM or EAP-AKA authentication is used, or an anonymous outer username if EAP-TTLS is used.

Note: This username is different from the username normally found in the current session table (CST) which is always the real (inner) identity of the user.

Calling-Station-Id

The Calling-Station-Id AVP from the Access-Request. Because this is a WiMAX deployment, this AVP may contain bytes with the value=0 (Null). Conventional RADIUS devices do not use null in the Calling-Station-Id attribute, so it is usually interpreted as a null-terminated string. In this example, the Calling-Station-Id contains the MAC address of the WiMAX network access device in binary form, so it may contain nulls.

WiMAX-AAA-Session-Id

The WiMAX-AAA-Session-Id from the Access Accept response.

WiMAX-Hotline-Profile-ID

Set to the string value=1.