Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Panel

...

borderColorgreen
bgColortransparent
borderWidth2

...

Noprint

Back to Table of Contents

Back to Configuring Various Features on SBC

Back to Configuring SBC For Lawful Interception

In this section:

Table of Contents
maxLevel4

...

width40%

...

...

...

Code Block
### create and configure IKE and IPsec protection profiles
   
set profiles security ipsecProtectionProfile PRGGSX2_IPSEC_PROT_PROF saLifetimeTime 28800
set profiles security ipsecProtectionProfile PRGGSX2_IPSEC_PROT_PROF espAlgorithms inte hmacSha1,hmacMd5
set profiles security ipsecProtectionProfile PRGGSX2_IPSEC_PROT_PROF espAlgorithms encryption aesCbc128,3DesCbc
  
set profiles security ikeProtectionProfile PRGGSX2_IKE_PROT_PROF saLifetimeTime 28800
set profiles security ikeProtectionProfile PRGGSX2_IKE_PROT_PROF algorithms encryption aesCbc128,3DesCbc
set profiles security ikeProtectionProfile PRGGSX2_IKE_PROT_PROF algorithms integ hmacSha1,hmacMd5
set profiles security ikeProtectionProfile PRGGSX2_IKE_PROT_PROF dpdInterval noDpd
commit

 ### create IKE peer
  
set addressContext default ipsec peer PRGGSX2 ipAddress 10.220.11.8 preShared 00000000000000000000000000000000
set addressContext default ipsec peer PRGGSX2 localIdentity type ipV4Addr ipAddress 10.220.41.161
set addressContext default ipsec peer PRGGSX2 remoteIdentity type ipV4Addr ipAddress 10.220.11.22
set addressContext default ipsec peer PRGGSX2 protectionProfile PRGGSX2_IKE_PROT_PROF
commit
  
### create an SPD rule for this IKE peer
  
set addressContext default ipsec spd PRGGSX2_SPD state enabled precedence 1001
set addressContext default ipsec spd PRGGSX2_SPD localIpAddr 10.220.41.161 localIpPrefixLen 32 remoteIpAddr 10.220.11.22 remoteIpPrefixLen 32
set addressContext default ipsec spd PRGGSX2_SPD action protect
set addressContext default ipsec spd PRGGSX2_SPD protocol 17
set addressContext default ipsec spd PRGGSX2_SPD protectionProfile PRGGSX2_IPSEC_PROT_PROF
set addressContext default ipsec spd PRGGSX2_SPD mode transport
set addressContext default ipsec spd PRGGSX2_SPD peer PRGGSX2
commit

 ### enable IPsec on the IP interface group
  
set addressContext default ipInterfaceGroup LIG1 enabled
commit

...

Note

To create CDC, refer to the section Configuring SBC For Lawful Interception.

To configure the IP Interface Group, execute the following command:

Code Block
languagenone
set addressContext default intercept callDataChannel CDC ipInterfaceGroupName LIG1
commit

...

For other options of configuring the intercept flavor as IMS LI, refer to the section Configuring SBC For Lawful Interception.

Code Block
set addressContext default intercept callDataChannel CDC interceptStandard packetCable vendorId ss8
commit

...

Configuring the Call Data Channel

This section outlines how to configure the node number and CDC IP interface group for the PCSI LI.

Info
titleNote

Only the D-SBC (cloud S-SBC and M-SBC) and I-SBC support the PCSI LI configuration.

For information about configuring the PCSI LI on the S-SBC, M-SBC, or I-SBC, refer to the following pages:

For information about the PCSI intercept call flow, refer to PCSI Intercept Call Flow.

Anchor
Configuring the Node Number
Configuring the Node Number
Configuring the Node Number

As the Calea user, use the following command to configure the LI

...

.

Code Block
languagenone
% set addressContext 

...

<default> intercept 

...

 
 

...

 

...

 

...

Code Block
languagenone
set addressContext default intercept callDataChannel CDC mediationServer MS1 media tcp ipAddress fc22:3200::230:7 portNumber 8765 dscpValue 0
commit
set addressContext default intercept callDataChannel CDC mediationServer MS1 media tcp mode inService state enabled
commit

...

nodeNumber 

...

<integer>

Include Page
CDC_Configured_through_EMS
CDC_Configured_through_EMS

Anchor
Configuring IP Interface Group
Configuring IP Interface Group
Configuring CDC with IP Interface Group

Use the following command to configure the IP interface group.

Code Block
languagenone
set addressContext default intercept callDataChannel CDC 

...

ipInterfaceGroupName 

...

LIG1
commit

Viewing PCSI LI Configuration

Enter the show commands to view the configurations.

Anchor
View the Intercept Details
View the Intercept Details
Viewing the Intercept Details

...

Use the following command to view the intercept details

...

.

Code Block
> show status addressContext default intercept callDataChannel
callDataChannel CDC {
    mediationServerMediaStatus MS1 {
        tcpChannelstatus inService;
        tcpPacketsSent   0;
        tcpPacketsLost   0;
        udpPacketsSent   0;
        udpPacketsLost   0;
    }
}
[ok]

Anchor
Viewing the CDC Configuration
Viewing the CDC Configuration
Viewing the CDC Configuration

...

Use the following command to view the CDC configuration

...

.

Code Block
show addressContext default intercept callDataChannel CDC
interceptStandard    packetcable;
vendorId             ss8;
ipInterfaceGroupName LIG1;
mediationServer MS1 {
    media {
        tcp {
            ipAddress  10.54.6.1;
            portNumber 8765;
            dscpValue  0;
            mode       inService;
            state      enabled;
        }
    }
}
[ok]

Pagebreak