LI Support for IPoE Sessions
The LI Support for IPoE Sessions feature extends support for provisioning lawful intercept (LI) to IP over Ethernet (IPoE) sessions in accordance with RFC 2866. This document describes RADIUS-based LI for IPoE. See the “Lawful Intercept Architecture” module for information on LI architecture and components and for configuration tasks and examples.
- Finding Feature Information
- Restrictions for LI Support for IPoE Sessions
- Additional References for LI Support for IPoE Sessions
- Feature Information for LI Support for IPoE Sessions
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Restrictions for LI Support for IPoE Sessions
The following restrictions apply to RADIUS-based LI for IPoE sessions:
You cannot use Access-Accept packets to start TAP for a RADIUS proxy session when the LI parameters are encrypted.
The aaa intercept command must be configured to accept attribute value pairs (AVPs) associated with RADIUS-based LI. The frequency of change of authentication (CoA) requests to start, stop, or no-action, should not exceed a rate of 1 per 10 minutes.
Intercepted traffic from different users is sent to the same mediation device (MD). You must use a unique stream ID (made up of the first four digits of the eight-digit intercept ID) for each MD.
The format of intercepted packets captured using RADIUS-based LI include the L2 header; this is different from the format of SNMP-based LI.
Per-flow tapping is not supported through RADIUS-based LI; it is supported with SNMP-based LI.
Additional References for LI Support for IPoE Sessions
Related Documents
Related Topic |
Document Title |
---|---|
Cisco IOS commands |
|
Configuring SNMP support |
Configuring SNMP Support |
Security commands |
Cisco IOS Security Command Reference |
Standards
Standard |
Title |
---|---|
PacketCable™ Control Point Discovery Interface Specification |
PacketCable ™ Control Point Discovery Interface Specification (PKT-SP-CPD-I02-061013) |
MIBs
MIB |
MIBs Link |
---|---|
To locate and download MIBs for selected platforms, Cisco software releases, and feature sets, use Cisco MIB Locator found at the following URL: |
RFCs
RFC |
Title |
---|---|
RFC 2866 |
RADIUS Accounting |
Technical Assistance
Description | Link |
---|---|
The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. |
Feature Information for LI Support for IPoE Sessions
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to . An account on Cisco.com is not required.
Feature Name |
Releases |
Feature Information |
---|---|---|
LI Support for IPoE Sessions |
Cisco IOS XE Release 3.10S |
Extends support for provisioning LI to IPoE sessions in accordance with RFC 2866. |