Manualshelf

Mobile IPv4 White Paper

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1 Networking Software
78910111213141516
HP-UX Mobile IPv4 White Paper 8
In a Mobile IPv4 environment, remote nodes and users may visit
networks outside their home domain. Administrators in the
networks being visited may want to use AAA (Authentication,
Authorization, and Accounting) to restrict or grant access to
local resources.
AAA SUPPORT
HP-UX Mobile IPv4 is designed for wide-ranging commercial
deployment of Mobile IP that requires AAA services and
support. This version supports the use of AAA servers using the
Diameter protocol to authenticate Mobile Nodes and authorize
access.
The HP-UX Mobile AAA Server (T1428BA) is an Authentication,
Authorization, and Accounting (AAA) server based on the
Diameter Base Protocol and Diameter Mobile IPv4 Application
IETF specifications. These protocols define a standard for
information exchange that allows Diameter servers to deliver
AAA services to Mobile IP agents.
More information on HP-UX Mobile AAA Server (T1428BA) can
be found at: http://docs.hp.com/hpux/pdf/T1428-
90008.pdf.
HP-UX Mobile IPv4 supports the following basic features when
used with AAA Diameter servers:
Mobile Node Authentication
Mobile IPv4 AAA authentication is based on user authentication.
A Mobile Node is identified using a Network Access Identifier
and this information along with AAA user authentication
information is included in the registration requests. There are
different types of AAA user authentication. Many of them are
based on a security key or password that is shared between both
the AAA server and the Mobile Node.
The AAA server that authorizes and authenticates a Mobile
Node is known as the Node’s AAA Home server (AAAH). The
AAAH authenticates and authorizes users. When a Mobile Node
uses a Foreign Agent Care-of Address, the Foreign Agent must
also have a relationship configured with an AAA server in the
foreign network. This AAA server is known as the AAA Foreign
Agent server (AAAF). The AAAF receives AAA requests from
Foreign Agents and forwards them to the appropriate AAAH
based on the Mobile Node user NAI [RFC 2794]. Fig 1-2 shows
how Mobile Node authentication takes place in an AAA
environment.