diff options
Diffstat (limited to 'doc/manuals/chapters/configuration.adoc')
-rw-r--r-- | doc/manuals/chapters/configuration.adoc | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/doc/manuals/chapters/configuration.adoc b/doc/manuals/chapters/configuration.adoc index 8b259ed0d..a933d1bb2 100644 --- a/doc/manuals/chapters/configuration.adoc +++ b/doc/manuals/chapters/configuration.adoc @@ -67,6 +67,43 @@ OsmoSGSN(config-sgsn)# grx-dns-add 1.2.3.4 <3> <2> Enable the dynamic GGSN resolving mode <3> Specify the IP address of a DNS server for APN resolution +[[auth-pol]] +=== Authorization Policy + +Authorization determines whether a particular subscriber can access +your network or not. + +The following 4 authorization policy options are available: + +`accept-all`: All IMSIs will be accepted. + +`acl-only`: Accept only IMSIs, which are explicitly white-listed +by the Access Control List (ACL), and the rest will be rejected. + +`closed`: Accept only home network subscribers. +The combination of MCC and MNC fully identifies a subscriber's +home network, also known as a Home Network Identity (HNI, i.e. +MCC and MNC found at the start of the IMSI, e.g. MCC 901 and +MNC 700 with IMSI 901700000003080). The ACL is also heeded. + +`remote`: GSUP protocol is used to remotely access a HLR. +Only remote subscription data will be used. + +.Example: Assign or change authorization policy: +---- +OsmoSGSN> enable +OsmoSGSN# configure terminal +OsmoSGSN(config)# sgsn +OsmoSGSN(config-sgsn)# auth-policy acl-only <1> +OsmoSGSN(config-sgsn)# write <2> +Configuration saved to sgsn.cfg +OsmoSGSN(config-sgsn)# end +OsmoSGSN# disable +OsmoSGSN> +---- +<1> 'acl-only' is selected as authorization policy +<2> Saves current changes to cofiguration to make this policy +persistent === Subscriber Configuration |