This command allows you to control the range of EAP-payload size, or restrict the Framed-MTU AVP from being forwarded in the Auth-Request message to the AAA server.

no

Disables SaMOG from forwarding Framed-MTU AVP in the Auth-Request message to the AAA server.

eap_payload_size

Specifies the EAP payload limit for the AAA server to use during the Auth-Response on the link between the NAS and the peer.

twan_profile_name must be an integer from 64 through 1500.

This command associates one or more TWAN profile with this MRME service.

no

Removes the association of the TWAN profile with the MRME service.

twan_profile_name

Specifies the twan profile to associate with the MRME service.

twan_profile_name must be an integer from 1 through 64.

This command allows you to include SSID and Calling-Stationd-Id AVP values as part of DER messages over STa Interfaces.

default

Sets the configuration to its default value.

Default calling-station-id: imsi

Default anid: wlan-string

anid { called-station-id | ssid | ssid-wlan-prefix | wlan-string }

Specifies to include the information from the ANID AVP in the DER message.

called-station-id: Include the called station ID from the WLC/AP in the ANID AVP.

ssid: Include the SSID information from the ANID AVP.

ssid-wlan-prefix: Include the SSID WLAN prefix information from the ANID AVP.

wlan-string: Include the WLAN string information from the ANID AVP.

calling-station-id { imsi | ue-mac }

Specifies to include the calling station ID in the DER message.

imsi: Include the IMSI information.

ue-mac: Include the UE MAC information.

This command allows you to configure an IPv4 and/or IPv6 address to be used as the connection point for establishing SaMOG sessions to handle authentication and accounting messages.

no

Removes a previously configured binding.

address ipv4_address

Important

This option is obsolete from Release 19 onwards.

Specifies the IP address of an interface to be used as the connection point for establishing SaMOG sessions.

ipv4_address must be an IPv4 address expressed in dotted-decimal notation.

Important

To define more than one NAS IP address per context, in Global Configuration Mode, use the aaa large-configuration command.

ipv4-address ipv4_address [ ipv6-address ipv6_address ] | ipv6-address ipv6_address [ ipv4-address ipv4_address ]

Important

In this release, the configuration of the IPv6 bind address is supported as lab quality only.

Specifies the IPv4 or IPv6 address to be used as the connection point between the WLC and the SaMOG gateway for the RADIUS interface. You can optionally bind a secondary IPv4 address (if the primary bind address is an IPv6 address) or IPv6 address (if the primary bind address is an IPv4 address) to the MRME service.

The second bind address can be bond in the same command or separate commands. When the second bind address is provided, the MRME service restarts and existing sessions are lost for the other bind address.

ipv4_address must be an IPv4 address expressed in dotted-decimal notation.

ipv6_address must be an IPv6 address expressed in colon (or double-colon) notation.

auth-port auth_port_number

Specifies the authentication port number of the interface where authentication requests are received. The system binds the default authentication port to 1812.

In addition to the authentication port, the accounting port and maximum subscriber limit can also be configured optionally.

auth_port_number must be an integer from 1 through 65535.

acct-port acct_port_number

Specified the accounting port number of the interface where accounting requests are received. The system binds the default accounting port to 1813.

In addition to the accounting port, the maximum subscriber limit can also be configured optionally.

acct_port_number must be an integer from 1 through 65535.

max-subscribers max_subscriber_number

Specifies the maximum number of subscriber sessions allowed.

max_subscriber_number must be an integer from 0 through 4,000,000.

This command allows you to specify the delay duration before which the call is disconnected.

default

Configures this command to its default setting.

delay-time default: 30 seconds

preauth-wait-time default: 5 minutes

wait-time default: 10 seconds

delay-time seconds

Specifies to configure the timer to retain the session on receiving an Accounting Stop, and for roaming scenarios, session continuity on receiving an Accounting Start.

seconds must be an integer from 1 through 60.

preauth-wait-time minutes

Specifies the maximum time (in minutes) to wait in the web authorization pre-authorization phase after which the subscriber's session is cleared, if the post-authorization trigger is not received.

minutes must be an integer from 1 through 60.

wait-time seconds

Specifies to configure the timer to wait for accounting start message from the new WLC after processing the accounting stop message from the old WLC.

seconds must be an integer of 10 through 300.

This command allows you to configure the source context in which the DNS client is configured, or enable/disable P-GW selection based on topology and load-balancing of P-GWs, based on weights from DNS.

default

Returns the command to its default value.

default dns-pgw context : MRME will fetch the dns-client configuration from the current context.

default dns-pgw selection topology : MRME will perform P-GW selection based on the topology.

no

If previously configured, removes the dns-pgw configuration.

context context_name

Specifies to configure the source context in which the DNS client is configured.

context_name must be an alphanumeric string of 1 through 79 characters.

selection { topology [ weight ] | weight }

Specifies to enable/disable P-GW selection based on topology and load-balancing of P-GWs based on weights from DNS.

This command allows you to configure the MRME fully qualified domain name (FQDN) to match the longest suffix during dynamic allocation.

default

Returns the command to the default setting of "null".

no

Removes the configured FQDN from the MRME service configuration.

fqdn_name

Specifies the MRME FQDN name that will be used for the longest suffix match during dynamic allocation.

fqdn_name must be an alphanumeric string of 1 to 255 characters.

This command provides P-GW selection related parameters for this MRME service.

no

Removes the configuration.

local-configuration-preferred

Specifies the SaMOG Gateway to perform P-GW selection based on local configuration.

When this keyword is enabled,

• In the case of dynamic P-GW selection from the AAA server (APN FQDN based selection), the SaMOG Gateway first tries to establish session with the locally configured P-GWs. If the locally configured P-GWs are not reachable, APN FQDN resolution is performed, and SaMOG Gateway tries to establish session with the resolved IP addresses.

• In the case of static P-GW selection from the AAA server (IP address or P-GW FQDN ), SaMOG tries to establish session with the AAA server provided P-GW address (IP address or resolved P-GW FQDN). If the AAA server provided P-GW addresses are not reachable, session setup fails.

fallback pgw-id

Specifies the SaMOG Gateway to trigger fall back to locally configured P-GW addresses (or DNS resolved P-GW addresses using APN FQDN) when session establishment with AAA provided P-GW address or DNS provided P-GW address for P-GW FQDN fails.

This command allows you to specify the IP address and shared secret of the RADIUS accounting and authentication client from which RADIUS accounting and authentication requests are received.

no

Removes a previously configured RADIUS client.

ipv4_address[/mask]

Specifies the IP address, and optional subnet mask of the RADIUS client from which RADIUS accounting and authentication requests are received.

ipv4_address[/mask] must be an IPv4 address expressed in dotted-decimal notation.

[ encrypted ] key key

disconnect-message [ dest-port port_number ]

Specifies to send RADIUS disconnect messages to the configured RADIUS accounting client in call failure scenarios.

acct-onoff { [ aaa-context context_name ] [ aaa-group group_name ] [ clear-sessions ] }

Important

The acct-onff keyword is currently not supported in this release.

This command is currently not supported in this release.