Cisco Systems OL-4387-02 Network Router User Manual

Open as PDF

of 110

7-5

Cisco 10000 Series Router Service Selection Gateway Configuration Guide

OL-4387-02

Chapter 7 Service Profiles and Cached Service Profiles

Cached Service Profiles

• If the service profile exists and it is active, SSG uses the service profile to process the logon request.

• If the service profile exists, but it is inactive (for example, SSG is currently downloading the profile),

SSG queues the logon request and processes the request after the service profile is downloaded.

• If SSG does not find Service-Info attributes in the service profile, SSG creates an inactive service

profile and processes any logon requests after downloading the service profile.

• After the service profile is downloaded, the inactive service profile is updated with the Service-Info

attributes from RADIUS. SSG uses these attributes to process connections for incoming users and

any pending connection requests.

• The RADIUS packet has an MD5 signature that uniquely identifies the service profile. SSG stores

this service profile ID in the service profile.

If the profile changes on the RADIUS server, the SSG timer process periodically updates the cached

profile to ensure that the service information is current.

If the service profile fails to update, SSG retains the cached service profile. When a new user connects

to the SSG, SSG downloads the service profile again. If SSG cannot download the service profile, the

user is not allowed to log on to the service.

Configuration of Cached Service Profiles

To enable cached service profiles, use the ssg service-cache enable command in global configuration

mode. Cached service profiles are enabled by default.

To set the refresh-interval time, which sets the length of time after which all the existing service profiles

are downloaded, use the ssg service-cache refresh-interval command in global configuration mode.

The refresh time is two hours by default.

To refresh the service profile, even when the timer has not yet expired, use the ssg service-cache refresh

command in privileged EXEC mode. You can use this command to refresh a specific service name or to

refresh all services. If the service with that service name is not in use when you enter the ssg

service-cache command, the command does not attempt to download the service profile.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems OL-4387-02 Network Router User Manual