Radius accounting inspection, Radius accounting inspection overview – Cisco ASA 5505 User Manual

Page 955

Advertising
background image

46-9

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 46 Configuring Inspection for Management Application Protocols

RADIUS Accounting Inspection

hostname# show service-policy inspect gtp statistics gsn 9.9.9.9

1 in use, 1 most used, timeout 0:00:00

GTP GSN Statistics for 9.9.9.9, Idle 0:00:00, restart counter 0

Tunnels Active 0Tunnels Created 0

Tunnels Destroyed 0

Total Messages Received 2

Signaling Messages Data Messages

total received 2 0

dropped 0 0

forwarded 2 0

Use the show service-policy inspect gtp pdp-context command to display PDP context-related
information. The following is sample output from the show service-policy inspect gtp pdp-context
command:

hostname# show service-policy inspect gtp pdp-context detail

1 in use, 1 most used, timeout 0:00:00

Version TID MS Addr SGSN Addr Idle APN

v1 1234567890123425 10.0.1.1 10.0.0.2 0:00:13 gprs.cisco.com

user_name (IMSI): 214365870921435 MS address: 1.1.1.1

primary pdp: Y nsapi: 2

sgsn_addr_signal: 10.0.0.2 sgsn_addr_data: 10.0.0.2

ggsn_addr_signal: 10.1.1.1 ggsn_addr_data: 10.1.1.1

sgsn control teid: 0x000001d1 sgsn data teid: 0x000001d3

ggsn control teid: 0x6306ffa0 ggsn data teid: 0x6305f9fc

seq_tpdu_up: 0 seq_tpdu_down: 0

signal_sequence: 0

upstream_signal_flow: 0 upstream_data_flow: 0

downstream_signal_flow: 0 downstream_data_flow: 0

RAupdate_flow: 0

The PDP context is identified by the tunnel ID, which is a combination of the values for IMSI and
NSAPI. A GTP tunnel is defined by two associated PDP contexts in different GSN nodes and is
identified with a Tunnel ID. A GTP tunnel is necessary to forward packets between an external packet
data network and a MS user.

You can use the vertical bar (|) to filter the display, as in the following example:

hostname# show service-policy gtp statistics | grep gsn

RADIUS Accounting Inspection

This section describes the IM inspection engine. This section includes the following topics:

RADIUS Accounting Inspection Overview, page 46-9

Configuring a RADIUS Inspection Policy Map for Additional Inspection Control, page 46-10

RADIUS Accounting Inspection Overview

One of the well known problems is the over-billing attack in GPRS networks. The over-billing attack
can cause consumers anger and frustration by being billed for services that they have not used. In this
case, a malicious attacker sets up a connection to a server and obtains an IP address from the SGSN.
When the attacker ends the call, the malicious server will still send packets to it, which gets dropped by

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals