Manual

Cisco Packet Data Serving Node (PDSN) Release 2.0
Resource Management
37
12.3(11)T
Step 14 The AR updates its own records and sends final usage report to PBS, who updates the user’s account and
replies to the AR.
Step 15 The AR finally sends the Accounting Response to PDSN.
Note This feature is a variant of the PDSN Release 2.0 software. Refer to the Feature Matrix to see which
features are available on a specific image of PDSN 2.0.
3 DES Encryption
The Cisco PDSN include 3DES encryption, which supports IPSec on PDSN. To accomplish this on the
7200 platform, Cisco supplies an SA-ISA card for hardware provided IPsec. IPSec on the MWAM
platform requires you to use a Cisco VPN Acceleration Module.
This feature allows VPDN traffic and Mobile IP traffic (between the PDSN Home Agent) to be
encrypted. In this release the PDSN requires you to configure the parameters for each HA before a
mobile ip data traffic tunnel is established between the PDSN and the HA.
Note This feature is only available with hardware support.
Note This feature is a variant of the PDSN software. Refer to the Feature Matrix to see which features are
available on a specific image of PDSN.
Mobile IP IPSec
The Internet Engineering Task Force (IETF) has developed a framework of open standards called IP
Security (IPSec) that provides data confidentiality, data integrity, and data authentication between
participating peers. IPSec provides these security services at the IP layer; it uses Internet Key Exchange
(IKE) to handle negotiation of protocols and algorithms based on local policy, and to generate the
encryption and authentication keys to be used by IPSec. IPSec can be used to protect one or more data
flows between a pair of hosts, between a pair of security gateways, or between a security gateway and a
host.
IS-835-B specifies three mechanisms for providing IPSec security:
Certificates
Dynamically distributed pre-shared secret
Statically configured pre-shared secret.
Note IS-835-B Statically configured pre-shared secret is not supported in PDSN Release 1.2. Only
CLI-configured, statically configured pre-shared-secret of IKE will be implemented and supported.