Filter
Top Products
1-2
Cisco 10000 Series Router Service Selection Gateway Configuration Guide
OL-4387-02
Chapter 1 Service Selection Gateway Overview
Service Selection Gateway
Figure 1-1 SSG Topology Example
Note The Cisco 10000 series router does not support tunneling of SSG users.
The Cisco 10000 series router adds the Open Garden and default networks to all SSG VRFs, providing
reachability information to the Open Garden and default networks for all services both public and
private. However, access is restricted for the following conditions:
• If the Open Garden and default network addresses overlap within the service definition, the traffic
destined for either network is subject to the rules of the default network.
• If the Open Garden network is bound to a specific interface and a VRF is also applied to the
interface, the Open Garden network is accessible to users whose sessions are established using the
applied VRF.
The SSG feature communicates with the authentication, authorization, and accounting (AAA)
management network that includes RADIUS and Dynamic Host Configuration Protocol (DHCP) servers.
SSG connects to the service provider network, which can connect to the Internet service provider (ISP)
network and corporate networks.
The Cisco 10000 series router supports the Cisco Subscriber Edge Services Manager (SESM), which
provides subscriber authentication, service selection, and service connection capabilities to subscribers
of Internet services. Subscribers interact with the SESM web application using a standard Internet
browser. The SESM functionality provides a flexible and convenient graphical user interface (GUI) for
subscribers and enables service providers to bill subscribers for connection time and services used,
rather than charging a flat rate.
87907
Cisco 10000
router
RADIUS
AAA
PPP/RBE/IP
RADIUS
IP Data
Tunnel
RADIUS
AAA
RADIUS
AAA
Default
Network
Open
Garden
SSG
Web
Dashboard
ISP/Service A
ISP/Service B
Extranet
ISP/Service C
Cisco
Secure