Release Change Reference, StarOS Release 21.27

Feature Summary and Revision History

Summary Data


Applicable Product(s) or Functional Area	ePDG
Applicable Platform(s)	ASR 5500 VPC-DI VPC-SI
Feature Default	Disabled - Configuration Required
Related Changes in This Release	Not Applicable
Related Documentation	Statistics and Counters Reference - Bulkstatistic Descriptions Statistics and Counters Reference

Revision History


Revision Details	Release
First introduced.	21.27

Feature Description

ePDG supports IKEv2 authentication failure counters for Voice over Wi-Fi sessions.

These counters can segregate IKEv2 authentication failure and can be used to identify and exclude failure scenarios from the IKEv2 Authentication Success Rate calculation criteria.

Monitoring and Troubleshooting

This section provides information on how to monitor and troubleshoot using show commands available in support of this feature.

Show Commands and Outputs

This section provides information regarding show commands and their outputs for this feature.

show crypto statistics ikev2

The output of this command is enhanced to display the following fields.

Table 1. show crypto statistics IKEv2 Command Output Descriptions
Field	Description
IKEv2 Authentication Failures
No DEA message	The total number of non DEA messages.
Missing AVP in DEA	The total number of missing AVPs in the DEA message.
Invalid APN	The total number of invalid APNs.
Key mismatch	The total number of key mismatches in the authentication vectors.
Invalid result code or AVP in DEA	The total number of invalid result code or AVP in the DEA message.
Invalid NAI format	The total number of invalid NAI formats.
APN validation failed	The total number of failed APN validations.
Misc. auth failures	The total number of miscellaneous authentication failures.

Similarly, you can view the IKEv2 authentication failure counters using the show crypto statistics ikev2 service-name command.

Bulk Statistics

The ePDG schema supports the following bulk statistics:

ePDG Schema

Table 2. Bulk Statistics Variables in the ePDG Schema
Variables	Description
ikev2-auth-failnodea	The total number of non DEA messages.
ikev2-auth-failinvresoravp	The total number of invalid result code or AVP in the DEA message.
ikev2-auth-failmissingavp	The total number of missing AVPs in the DEA message.
ikev2-auth-failinvnaiformat	The total number of invalid NAI formats.
ikev2-auth-failinvapn	The total number of invalid APNs.
ikev2-auth-failapnvalfailed	The total number of failed APN validations.
ikev2-auth-failkeymismatch	The total number of key mismatches in the authentication vectors.
ikev2-auth-failmiscauth	The total number of miscellaneous authentication failures.

Bias-Free Language

Book Title

Release Change Reference, StarOS Release 21.27

Chapter Title

IKEv2 Authentication Failure Counters

Results

Chapter: IKEv2 Authentication Failure Counters