Filter
Top Products
CHAPTER
7-1
Cisco 10000 Series Router Service Selection Gateway Configuration Guide
OL-4387-02
7
Service Profiles and Cached Service Profiles
The RADIUS server or the SESM downloads service profiles to the Cisco 10000 series router (SSG
node) as needed. Typically, the SSG removes the service profile from memory after the user logs off.
Therefore, each time the user attempts to access services, RADIUS or the SESM downloads the service
profile, creating unnecessary traffic. The Cached Service Profiles feature is designed to eliminate this
inefficient overhead.
This chapter describes the service profiles and cached service profiles supported by the Cisco 10000
series router:
• Service Profiles, page 7-1
• Cached Service Profiles, page 7-4
Service Profiles
Service profiles define the services that subscribers can select. Each service that is accessible has a
profile that defines the attributes of the service. Service profiles are configured on the RADIUS server
or directly on the Cisco 10000 series router. The RADIUS server or SESM downloads the service
profiles to the router as needed.
Service profiles include the following information: password, service type (outbound), type of service
(passthrough or proxy), service access mode (sequential or concurrent), DNS server IP address,
networks that exist in the service domain, access control lists, and timeouts. The following sections
describe the attributes included in RADIUS service profiles. For more information, refer to the
”Service Selection Gateway” chapter in the Cisco 6400 Feature Guide, Release 12.2(2)B.
Downstream Access Control List
Specifies either an IOS standard access control list or an extended access control list to be applied to
downstream traffic going to the user.
Cisco-AVpair = “ip:outacl [#
number
]={
standard-access-control-list
|
extended-access-control-list
}”