04-01-2016 05:13 AM
Hi,
I have a question about Authentication and Private GSM/UMTS/4G systems via Radius.
A customer has a private Cloud environment for Mobile systems based on SIM cards connecting to GSM/UMTS/4G.
The customer has all the devices deployed with a Certificate from their Private CA Server.
Is it possible to do some kind of Certificate Based Authentication on this Private GSM/UMTS/4G network with ISE or ACS based on Radius?
I am not a specialist on Mobile Networks and the Protocols being used, so hopefully anyone can provide me with information so that we can go further with this solution based on ISE / ACS. Otherwise, if we cannot use this certificate, we can stop investing time to further pursue this and start looking at another solution.
For your information, I read the information in this URL:
A note from this:
Possibility to interface to a AAA server to perform an IMSI- or MSISDN-based authentication or RADIUS-based IP address assignment
Thanks in advance and best regards,
Martin
Solved! Go to Solution.
04-01-2016 12:23 PM
I've not heard of using cert auth with cellular data network. EAP-SIM, which is not supported by ISE/ACS, seems to what commonly employed there.
04-01-2016 12:23 PM
I've not heard of using cert auth with cellular data network. EAP-SIM, which is not supported by ISE/ACS, seems to what commonly employed there.
04-08-2016 12:57 AM
Hi,
Your colleague Gerard van Bon directed me to another cisco product that can do more regarding this, for your information:
Cisco Prime Access Registrar - Products & Services - Cisco
Did some more research last week, and it seems that the Devices cannot use EAP-SIM as well.
So, its a dead end.
The only solution in using ISE or ACS, is to use User Based Radius Authentication with PAP/MSCHAP.
As an alternative, the GGSN can replace the User-name attribute with the MSISDN as user-name.
But that is basically the SIM number.
So that is what we are going to now, based on either ISE of ACS.
Best regards, Martin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide