Use this parameter to configure NASS-IMS-Bundled-Authentication (NBA) for providing access to the IMS (IP Multimedia Subsystem) network for legacy equipment that cannot support IMS access security (IMS AKA).
To support NASS IMS Auth, you must configure the accessClass as tispan-NASS.
See SIP TG - Signaling - NASS IMS Auth - CLI for details.
Example:
admin@BIMOTA1% set addressContext default zone ACCESS sipTrunkGroup S1372_ACCESS_TG signaling accessClass
Possible completions:
ac-3GPP none tispan-NASS
admin@BIMOTA1% set addressContext default zone ACCESS sipTrunkGroup S1372_ACCESS_TG signaling accessClass tispan-NASS
To support NBA, you must configure a diameter Peer (pointing to the CLF node)/realmRoute and select the application ID (appId) as e2.
See Diameter Node - CLI for details.
Example:
admin@BIMOTA1% show addressContext default diamNode DIAM_NODE realmRoute
realmRoute route1 {
peer PEER_CLF;
realm e2.clf.com;
appId e2;
state enabled;
}
For additional NASS-IMS-Bundled-Authentication feature details, refer to P-CSCF Security Mechanisms.
All tispan-NASS configurations should be made at the sipTrunkGroup pointing towards the UE (Access side).
% set addressContext <addressContext name> zone <zone name> sipTrunkGroup <sipTrunkGroup name> signaling nassImsAuth accessType <ethernet | fiber | none | xdsl> clfRealm ueDefaultLocation
% set addressContext <addressContext name> zone <zone name> sipTrunkGroup <sipTrunkGroup name> signaling nassImsAuth accessType ethernet ethernet <ieee-802-3 | ieee-802-3a | ieee-802-3ab | ieee-802-3ae | ieee-802-3ak | ieee-802-3an | ieee-802-3aq | ieee-802-3e | ieee-802-3i | ieee-802-3j | ieee-802-3u | ieee-802-3y | ieee-802-3z> fiber fiber <g-pon | ieee-802-3ah | xgpon1> none xdsl xDSL <adsl | adsl2 | adsl2Plus | g-hdsl | hdsl | hdsl2 | idsl | radsl | sdsl | vdsl>
% set addressContext <addressContext name> zone <zone name> sipTrunkGroup <sipTrunkGroup name> signaling nassImsAuth clfRealm <1-128 chars>
% set addressContext <addressContext name> zone <zone name> sipTrunkGroup <sipTrunkGroup name> signaling nassImsAuth ueDefaultLocation <1-64 chars>
Parameter | Length/Range | Description |
---|---|---|
nassImsAuth | N/A | The NASS-IMS-Bundled-Authentication (NBA) configuration object for providing access to the IMS (IP Multimedia Subsystem) network for legacy equipment that cannot support IMS access security (IMS AKA). |
accessType | N/A | The location type of the Access network this trunk group represents (default values are in square brackets []).
|
clfRealm | 1-128 characters | The DIAMETER domain of a Policy and Charging Rule Function for this NBA configuration. |
ueDefaultLocation | 1-64 characters | The UE default location name. |
For ueDefaultLocation:
dmin@BIMOTA1% set addressContext default zone ACCESS sipTrunkGroup S1372_ACCESS_TG signaling nassImsAuth ueDefaultLocation Possible completions: <string, min: 1 chars, max: 64 chars>[noc=XYZABC345;lac=EFGH;line-code=IJKL]