aboutsummaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
authorVadim Yanitskiy <axilirator@gmail.com>2019-05-27 05:39:06 +0700
committerlaforge <laforge@gnumonks.org>2019-06-06 19:45:34 +0000
commit794f446a284ed1ac6d31eb79a8f4c874d66fc34e (patch)
treea9fd8f5162c2450a58e9a665df2cfb9a30ac94e2 /doc
parentf7afd202000ccc7f59e059e3f5581507e3672af7 (diff)
osmo-sgsn: add VTY parameter to toggle authentication
It may be useful to have 'remote' authorization policy, but do not require authentication in GERAN at the same time, e.g. in combination with 'subscriber-create-on-demand' feature of OsmoHLR. This change introduces a new VTY parameter similar to the one that we already have in OsmoMSC: authentication (optional|required) Please note that 'required' only applies if 'auth-policy' is 'remote'. Change-Id: I9909145e7e0af587c28827e16301a61b13eedaa9
Diffstat (limited to 'doc')
-rw-r--r--doc/examples/osmo-sgsn/osmo-sgsn-accept-all.cfg1
-rw-r--r--doc/examples/osmo-sgsn/osmo-sgsn.cfg1
-rw-r--r--doc/manuals/vty/sgsn_vty_reference.xml7
3 files changed, 9 insertions, 0 deletions
diff --git a/doc/examples/osmo-sgsn/osmo-sgsn-accept-all.cfg b/doc/examples/osmo-sgsn/osmo-sgsn-accept-all.cfg
index b47878a..85112f4 100644
--- a/doc/examples/osmo-sgsn/osmo-sgsn-accept-all.cfg
+++ b/doc/examples/osmo-sgsn/osmo-sgsn-accept-all.cfg
@@ -10,6 +10,7 @@ sgsn
ggsn 0 remote-ip 127.0.0.2
ggsn 0 gtp-version 1
ggsn 0 echo-interval 60
+ authentication optional
auth-policy accept-all
!
ns
diff --git a/doc/examples/osmo-sgsn/osmo-sgsn.cfg b/doc/examples/osmo-sgsn/osmo-sgsn.cfg
index 263bd00..3be4d49 100644
--- a/doc/examples/osmo-sgsn/osmo-sgsn.cfg
+++ b/doc/examples/osmo-sgsn/osmo-sgsn.cfg
@@ -10,6 +10,7 @@ sgsn
ggsn 0 remote-ip 127.0.0.2
ggsn 0 gtp-version 1
ggsn 0 echo-interval 60
+ authentication required
auth-policy remote
gsup remote-ip 127.0.0.1
gsup remote-port 4222
diff --git a/doc/manuals/vty/sgsn_vty_reference.xml b/doc/manuals/vty/sgsn_vty_reference.xml
index 7619215..ed11777 100644
--- a/doc/manuals/vty/sgsn_vty_reference.xml
+++ b/doc/manuals/vty/sgsn_vty_reference.xml
@@ -2230,6 +2230,13 @@
<param name='remote' doc='Use remote subscription data only (HLR)' />
</params>
</command>
+ <command id='authentication (optional|required)'>
+ <params>
+ <param name='authentication' doc='Whether to enforce MS authentication in GERAN' />
+ <param name='optional' doc='Allow MS to attach via GERAN without authentication' />
+ <param name='required' doc='Always require authentication' />
+ </params>
+ </command>
<command id='encryption (GEA0|GEA1|GEA2|GEA3|GEA4)'>
<params>
<param name='encryption' doc='Set encryption algorithm for SGSN' />