Académique Documents
Professionnel Documents
Culture Documents
Draft A
Date
2015-01-15
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the
customer. All or part of the products, services and features described in this document may not be within the
purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,
and recommendations in this document are provided "AS IS" without warranties, guarantees or representations
of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied.
Website:
http://www.huawei.com
Email:
support@huawei.com
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
Contents
Contents
1 About This Document..................................................................................................................1
1.1 Scope..............................................................................................................................................................................1
1.2 Intended Audience..........................................................................................................................................................2
1.3 Change History...............................................................................................................................................................2
2 Overview.........................................................................................................................................4
3 Technical Description...................................................................................................................5
3.1 Operating Principle.........................................................................................................................................................5
3.2 Protocol Stacks...............................................................................................................................................................6
5 Related Features...........................................................................................................................14
6 Network Impact...........................................................................................................................15
7 Engineering Guidelines.............................................................................................................16
7.1 When to Use Access Control based on 802.1x.............................................................................................................17
7.2 Required Information...................................................................................................................................................17
7.3 Planning........................................................................................................................................................................17
7.4 Deployment on the NodeB/eNodeB/eGBTS Side........................................................................................................18
7.4.1 Requirements.............................................................................................................................................................18
7.4.2 Data Preparation........................................................................................................................................................19
7.4.3 Precautions.................................................................................................................................................................20
7.4.4 Activation..................................................................................................................................................................20
7.4.5 Activation Observation..............................................................................................................................................22
7.4.6 Deactivation...............................................................................................................................................................23
7.5 Performance Monitoring...............................................................................................................................................23
7.6 Parameter Optimization................................................................................................................................................23
7.7 Troubleshooting............................................................................................................................................................23
8 Parameters.....................................................................................................................................24
Issue Draft A (2015-01-15)
ii
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
Contents
9 Counters........................................................................................................................................26
10 Glossary.......................................................................................................................................27
11 Reference Documents...............................................................................................................28
iii
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
1.1 Scope
This document describes Access Control based on 802.1x, including its technical principles,
related features, network impact, and engineering guidelines.
This document covers the following features:
l
In this document, the following naming conventions apply for LTE terms.
Includes FDD and
TDD
LTE
LTE FDD
LTE TDD
eNodeB
eRAN
In addition, the "L" and "T" in RAT acronyms refer to LTE FDD and LTE TDD, respectively.
Any managed objects (MOs), parameters, alarms, or counters described herein correspond to
the software release delivered with this document. Any future updates will be described in the
product documentation delivered with future software releases.
Table 1-1 lists the definitions of all kinds of macro base stations.
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
Definition
GBTS
eGBTS
NodeB
eNodeB
Co-MPT multimode Co-MPT multimode base station refers to a base station deployed with
base station
UMPT_GU, UMDU_GU, UMPT_GL, UMDU_GL, UMPT_GT,
UMDU_GT, UMPT_UL, UMDU_UL, UMPT_UT, UMDU_UT,
UMPT_LT, UMDU_LT, UMPT_GUL, UMDU_GUL, UMPT_GUT,
UMDU_GUT, UMPT_ULT, UMDU_ULT, UMPT_GLT,
UMDU_GLT, UMPT_GULT, or UMDU_GULT, and it functionally
corresponds to any combination of eGBTS, NodeB, and eNodeB. For
example, Co-MPT multimode base station deployed with UMPT_GU
functionally corresponds to the combination of eGBTS and NodeB.
Separate-MPT
multimode base
station
NOTE
Unless otherwise specified, the descriptions and examples for the UMPT in a co-MPT base station are
applicable to the UMDU in a co-MPT base station.
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
Feature change
Changes in features of a specific product version
Editorial change
Changes in wording or addition of information that was not described in the earlier version
Change Description
Parameter
Change
Feature
change
None
None
l 1.1 Scope
l 7.4 Deployment on the NodeB/eNodeB/eGBTS
Side
Editorial
change
None
None
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
2 Overview
Overview
IEEE 802.1x is an IEEE standard for port-based network access control. It is part of the IEEE
802 group of networking protocols. With port-based network access control, the authentication
access equipment in the local area network (LAN) performs identity authentication and access
control on users or devices connected to its ports. Only the users or devices that can be
authenticated are allowed to access the LAN through the ports. Access Control based on 802.1x
prevents unauthorized users or devices from accessing the network, which ensures transport
network security.
Huawei base stations support Access Control based on 802.1x. The authentication is
unidirectional and is based on Extensible Authentication Protocol-Transport Layer Security
(EAP-TLS). That is, the authentication server performs unidirectional authentication on the
digital certificates of base stations. Figure 2-1shows the network topology for Access Control
based on 802.1x.
Figure 2-1 Network topology for Access Control based on 802.1x
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
3 Technical Description
Technical Description
Authentication access equipment (such as a LAN switch): receives and forwards EAP
authentication packets between the base station and authentication server at the Media
Access Control (MAC) layer. Authentication access equipment is also referred to as an
authenticator. The authentication access equipment also controls the status (authorized or
unauthorized) of controlled ports based on the authentication result at the authentication
server.
Authentication server: performs authentication on clients. The servers commonly used are
Remote Authentication Dial In User Service (RADIUS) and Authentication, Authorization
and Accounting (AAA) servers.
NOTE
The functions of RADIUS and AAA servers are similar. This document uses the RADIUS server as an
example to describe Access Control based on 802.1x.
Figure 3-1 shows the operating principle of Access Control based on 802.1x.
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
3 Technical Description
NOTE
Port access entity (PAE) is a port-related protocol entity that processes protocol packets during an
authentication procedure.
A physical Ethernet port of the authentication access equipment consists of two logical ports:
one controlled port and one uncontrolled port:
l
Controlled port: A controlled port can be in the unauthorized or authorized state, depending
on the authentication result at the authentication server.
A controlled port in the authorized state is in the bidirectional connectivity state and
data flow can pass through the port.
A controlled port in the unauthorized state does not allow any data to pass through.
During initial access, the base station is not authenticated, and therefore the controlled port is in
the unauthorized state. At this point, only EAPoL packets can pass through the uncontrolled port
and be sent to the authentication server. After the authentication server authenticates the base
station and the authentication access equipment authorizes the controlled port, the controlled
port becomes authorized and data from the base station can pass through the controlled port in
the authorized state. This process ensures that only authorized users and devices can access the
network.
Port-based access control can be based on a physical port (such as the MAC address) or a logical
port (such as the VLAN). Huawei base stations support only port-based access control based on
the MAC address. That is, the authentication message sent by a base station contains the MAC
address of the Ethernet port that connects the base station to the transport network. If
authentication succeeds, the authentication access equipment performs access control on data
flow based on this MAC address.
For details about IEEE 802.1x-based access control, see IEEE 802[1].1x-2004.
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
3 Technical Description
and the authentication access equipment, EAP data is encapsulated in EAPoL frames so that the
data can be transmitted in the LAN. Between the authentication access equipment and the
authentication server, EAPoL frames are re-encapsulated in EAP over RADIUS (EAPoR)
frames so that the data can be transmitted using the RADIUS protocol.
Figure 3-2 shows the protocol stacks for Access Control based on 802.1x.
Figure 3-2 Protocol stacks for Access Control based on 802.1x
Access Control based on 802.1x uses the EAP protocol for authentication. The EAP protocol
supports multiple authentication methods. Huawei base stations adopt unidirectional EAP-TLS
authentication, that is, the authentication server authenticates base stations using digital
certificates. The AM parameter specifies the authentication method used by IEEE 802.1x-based
access control.
In an IEEE 802.1x-based access control procedure, the base station sends its digital certificate
to the RADIUS server in an EAPoL frame. The RADIUS server authenticates the base station
by using the Huawei root certificate or the operator's root certificate.
For details about the EAP protocol, see RFC 3748.
For details about the EAP-TLS protocol, see RFC 2716.
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
IEEE 802.1x-based access control of Ethernet ports can be activated by using the ACT
DOT1X command and deactivated by using the DEA DOT1X command. By default, IEEE
802.1x-based access control is activated on Ethernet ports of base stations before delivery.
If the network supports IEEE 802.1x-based access control, and IEEE 802.1x-based access
control is activated on the Ethernet port that connects the base station to the transport
network:
The base station initiates an IEEE 802.1x-based access control procedure. After the IEEE
802.1x-based access control succeeds, the base station sends a Dynamic Host Configuration
Protocol (DHCP) Discover packet to the authentication access equipment to start the DHCP
procedure. After the DHCP procedure is complete, the automatic base station deployment
procedure starts.
If the network supports IEEE 802.1x-based access control, but IEEE 802.1x-based access
control is deactivated on the Ethernet port that connects the base station to the transport
network:
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
The base station does not initiate an IEEE 802.1x-based access control procedure. Instead,
the base station first sends a DHCP Discover packet and the DHCP module queries whether
IEEE 802.1x-based access control is activated on the Ethernet port that connects the base
station to the transport network. If IEEE 802.1x-based access control is deactivated and
authentication is not performed, the base station triggers an IEEE 802.1x-based access
control procedure. Because the network uses IEEE 802.1x-based access control, the DHCP
Discover packet cannot pass through the authentication access equipment, and therefore
the DHCP procedure fails. The base station waits for the authentication result. After the
IEEE 802.1x-based access control succeeds, the base station resends a DHCP Discover
packet. After the DHCP procedure is complete, the automatic base station deployment
procedure starts.
For example, the main control board of the base station has an incorrect configuration file,
in which IEEE 802.1x-based access control is deactivated on the Ethernet port that connects
the base station to the transport network. In this case, the DHCP procedure triggers the
IEEE 802.1x-based access control procedure during automatic base station deployment.
l
If the network does not support IEEE 802.1x-based access control, and IEEE 802.1x-based
access control is activated on the Ethernet port that connects the base station to the transport
network:
The base station initiates the IEEE 802.1x-based access control procedure for three times
at an interval of 25 seconds. If the base station does not receive any response from the
network, the base station determines that the network does not support IEEE 802.1x-based
access control. The base station then sends a DHCP Discover packet. The DHCP Discover
packet can pass through the authentication access equipment. After the DHCP procedure
is complete, the automatic base station deployment procedure starts.
The rest of this section describes automatic base station deployment by PnP in the preceding
three scenarios.
NOTE
During automatic base station deployment by PnP, the IEEE 802.1x-based access control procedure uses
the preconfigured Huawei-issued device certificate of the base station for authentication.
Scenario 1
Figure 4-2 shows automatic base station deployment when the network supports IEEE 802.1xbased access control and IEEE 802.1x-based access control is activated on the Ethernet port that
connects the base station to the transport network.
10
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
After the base station is powered on, it sends an EAPoL-Start packet to the authentication
access equipment, to initiate an IEEE 802.1x-based access control procedure.
2.
The base station, authentication access equipment, and authentication server perform the
IEEE 802.1x-based access control procedure. The base station can initiate the IEEE 802.1xbased access control procedure on the same Ethernet port a maximum of three times at an
interval of 25 seconds.
3.
If the IEEE 802.1x-based access control procedure succeeds, the base station initiates a
DHCP procedure. After the DHCP procedure is complete, the automatic base station
deployment procedure starts.
4.
If the IEEE 802.1x-based access control procedure fails, the base station initiates a DHCP
procedure. However, the base station does not receive any response to the DHCP procedure,
and therefore the DHCP procedure fails. The base station attempts to initiate IEEE 802.1xbased access control and DHCP procedures on the next Ethernet port.
NOTE
In the IEEE 802.1x-based access control procedure, the EAPoL-Start packet is a multicast packet and its
destination MAC address is 01-80-C2-00-00-03; other packets are unicast packets.
Scenario 2
Figure 4-3 shows automatic base station deployment when the network supports IEEE 802.1xbased access control but IEEE 802.1x-based access control is deactivated on the Ethernet port
that connects the base station to the transport network.
11
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
After a base station is powered on, it sends a DHCP Discover packet to the authentication
access equipment because IEEE 802.1x-based access control is deactivated on the Ethernet
port that connects the base station to the transport network.
2.
The DHCP module queries whether IEEE 802.1x-based access control is activated on the
Ethernet port that connects the base station to the transport network. If IEEE 802.1x-based
access control is deactivated and authentication is not performed, the base station triggers
an IEEE 802.1x-based access control procedure on this Ethernet port.
3.
Because the controlled port of the authentication access equipment is in the unauthorized
state, the base station does not receive any DHCP response. The DHCP procedure fails.
The base station waits for the authentication result.
4.
When the IEEE 802.1x-based access control procedure succeeds, the base station resends
a DHCP Discover packet through the Ethernet port. After the DHCP procedure is complete,
the automatic base station deployment procedure starts.
Scenario 3
Figure 4-4 shows automatic base station deployment when the network does not support IEEE
802.1x-based access control and IEEE 802.1x-based access control is activated on the Ethernet
port that connects the base station to the transport network.
12
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
After the base station is powered on, it initiates an IEEE 802.1x-based access control
procedure. The base station resends the EAPoL-Start packet three times at an interval of
25 seconds but does not receive any response. Therefore, the base station determines that
the network does not support IEEE 802.1x-based access control.
2.
The base station sends a DHCP Discover packet to the authentication access equipment.
3.
After the DHCP procedure is complete, the automatic base station deployment procedure
starts.
If the certificate used for SSL authentication in the configuration file is set to the operatorissued device certificate, the IEEE 802.1x-based access control procedure uses the operatorissued device certificate to authenticate the base station.
If the certificate used for SSL authentication in the configuration file is set to the Huaweiissued device certificate, the IEEE 802.1x-based access control procedure uses Huaweiissued device certificate to authenticate the base station.
If the SSL authentication method is cryptonym authentication, by default the IEEE 802.1xbased access control procedure uses the Huawei-issued device certificate to authenticate
the base station.
NOTE
During base station deployment using a USB flash drive, the certificate used in the IEEE 802.1x-based
access control procedure is specified in the configuration file. Because the base station is preconfigured
with the Huawei-issued device certificate, the certificate for SSL authentication can be set only to Huaweiissued device certificate in the configuration file. If the certificate for SSL authentication is set to the
operator-issued device certificate, the IEEE 802.1x-based access control procedure fails.
13
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
5 Related Features
Related Features
Prerequisite Features
l
Impacted Features
None
14
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
6 Network Impact
Network Impact
System Capacity
No impact.
Network Performance
When the Access Control based on 802.1x feature is enabled, the time for base station
deployment by PnP is prolonged by about 75 seconds.
15
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
7 Engineering Guidelines
Engineering Guidelines
This chapter describes how to deploy the Access Control based on 802.1x feature in a newly
deployed network.
16
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
7 Engineering Guidelines
If the customer requires that Access Control based on 802.1x use the Huawei-issued device
certificate to authenticate the base station, the PKI feature does not need to be deployed in
the network.
If the customer requires that Access Control based on 802.1x use the operator-issued device
certificate to authenticate the base station, the PKI feature needs to be deployed in the
network. For details about how to deploy the PKI feature, see PKI Feature Parameter
Description.
7.3 Planning
Hardware Planning
NE
Board Configuration
eGBTS
UMPT or UMDU
UMPT or UMDU
Ethernet port
UMPT+UTRPc
UTRPc
Ethernet port
UMPT or UMDU
UMPT or UMDU
Ethernet port
UMPT+UTRPc
UTRPc
Ethernet port
LMPT
LMPT
Ethernet port
UMPT or UMDU
UMPT or UMDU
Ethernet port
LMPT+UTRPc or
UMPT+UTRPc
UTRPc
Ethernet port
NodeB
eNodeB
17
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
7 Engineering Guidelines
NE
Board Configuration
Multimode
base station
UMPT or UMDUT
UMPT or UMDU
Ethernet port
LMPT
LMPT
Ethernet port
LMPT+UTRPc or
UMPT+UTRPc
UTRPc
Ethernet port
eGBTSs configured with GTMUb boards do not support the Access Control based on 802.1x feature.
eGBTSs described in this document are not configured with GTMUb boards.
Before you activate the Access Control based on 802.1x feature, configure the PKI feature as
well as the related managed objects (MOs). For details about how to configure the PKI feature,
see the "Engineering Guidelines" section in PKI Feature Parameter Description.
7.4.1 Requirements
l
Feature
ID
Feature Name
Model
License
Control Item
NE
Sales
Unit
LOFD-003
015
Access Control
based on 802.1x
LT1S0
00ACC
00
Access
Control based
on 802.1x
(FDD)
LTE FDD
eNodeB
per
eNodeB
18
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
7 Engineering Guidelines
Feature
ID
Feature Name
Model
License
Control Item
NE
Sales
Unit
TDLOFD003015
Access Control
based on 802.1x
LT1ST
00ACC
00
Access
Control based
on 802.1x
(TDD)
LTE TDD
eNodeB
per
eNodeB
"-" in Table 7-1 indicates that there is no special requirement for setting the parameter. Set the parameter
based on site requirements.
Table 7-1 Data to prepare before activating the Access Control based on 802.1x feature
MO
Paramete
r Name
Parameter ID
Setting Notes
Data
Sourc
e
DOT
1X
Cabinet
No.
CN
Netwo
rk plan
Subrack
No.
SRN
Slot No.
SN
Subboard
Type
SBT
Port No.
PN
Authentic
Method
AM
This parameter
indicates the
authentication method
used by the Access
Control based on
802.1x feature. The
feature supports EAPTLS authentication.
19
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
7 Engineering Guidelines
NOTE
l When you deploy this feature on a multimode base station, activate the feature only on the Ethernet
port that connects the base station to the transport network. The data preparation and initial
configuration of the multimode base station are the same as those of a single-mode base station.
l When a base station is working normally, the certificate used by IEEE 802.1x-based access control is
the same as that used by SSL authentication. For details about how to configure the certificate for SSL
authentication, see the "Engineering Guidelines" section in SSL Feature Parameter Description. If no
certificate is configured for SSL authentication, IEEE 802.1x-based access control uses the Huaweiissued device certificate by default.
7.4.3 Precautions
None
7.4.4 Activation
This section uses the eNodeB as an example to describe how to activate Access Control based
on 802.1x by using MML commands or the CME.
Using the CME to Perform Batch Configuration for Newly Deployed Base Stations
Enter the values of the parameters listed in Table 7-2 into a summary data file, which also
contains other data for the new base stations to be deployed. Then, import the summary data file
into the CME for batch configuration.
The summary data file may be a scenario-specific file provided by the CME or a customized
file, depending on the following conditions:
l
The MOs in Table 7-2 are contained in a scenario-specific summary data file. In this
situation, set the parameters in the MOs, and then verify and save the file.
Some MOs in Table 7-2 are not contained in a scenario-specific summary data file. In this
situation, customize a summary data file to include the MOs before you can set the
parameters.
20
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
7 Engineering Guidelines
Sheet in the
Summary Data File
Parameter Group
Remarks
DOT1X
Common Data
For instructions about performing batch configuration for each base station, see the following
sections in 3900 Series Base Station Initial Configuration Guide.
l
For an eGBTS or a co-MPT multimode base station: Creating Co-MPT Base Stations in
Batches
Using the CME to Perform Batch Configuration for Existing Base Stations
Batch reconfiguration using the CME is the recommended method to activate a feature on
existing base stations. This method reconfigures all data, except neighbor relationships, for
multiple base stations in a single procedure. The procedure is as follows:
Step 1 Choose CME > Advanced > Customize Summary Data File from the main menu of an U2000
client, or choose Advanced > Customize Summary Data File from the main menu of a CME
client, to customize a summary data file for batch reconfiguration.
NOTE
Step 2 Export the NE data stored on the CME into the customized summary data file.
l For co-MPT multimode base stations: Choose CME > SRAN Application > MBTS
Application > Export Data > Export Base Station Bulk Configuration Data from the
main menu of the U2000 client, or choose SRAN Application > MBTS Application >
Export Data > Export Base Station Bulk Configuration Data from the main menu of the
CME client.
l For separate-MPT GSM-involved multimode base stations or GO base stations: Choose
CME > GSM Application > Export Data > eGBTS Bulk Configuration Data from the
Issue Draft A (2015-01-15)
21
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
7 Engineering Guidelines
main menu of the U2000 client, or choose GSM Application > Export Data > Export
eGBTS Bulk Configuration Data from the main menu of the CME client.
l For separate-MPT UMTS-involved multimode base stations or UO base stations: Choose
CME > UMTS Application > Export Data > Export Base Station Bulk Configuration
Data from the main menu of the U2000 client, or choose UMTS Application > Export Data
> Export Base Station Bulk Configuration Data from the main menu of the CME client.
l For separate-MPT LTE-involved multimode base stations or LO base stations: Choose CME
> LTE Application > Export Data > Export Base Station Bulk Configuration Data from
the main menu of the U2000 client, or choose LTE Application > Export Data > Export
Base Station Bulk Configuration Data from the main menu of the CME client.
Step 3 In the summary data file, set the parameters in the MOs listed in Table 7-2 and close the file.
Step 4 Import the summary data file into the CME.
l For co-MPT multimode base stations: Choose CME > SRAN Application > MBTS
Application > Import Base Station Bulk Configuration Data from the main menu of the
U2000 client, or choose SRAN Application > MBTS Application > Import Data > Import
Base Station Bulk Configuration Data from the main menu of the CME client.
l For separate-MPT GSM-involved multimode base stations or GO base stations: Choose
CME > GSM Application > Import Data > Import eGBTS Bulk Configuration Data
from the main menu of the U2000 client, or choose GSM Application > Import Data >
Import eGBTS Bulk Configuration Data from the main menu of the CME client.
l For separate-MPT UMTS-involved multimode base stations or UO base stations: Choose
CME > UMTS Application > Import Data > Import Base Station Bulk Configuration
Data from the main menu of the U2000 client, or choose UMTS Application > Import
Data > Import Base Station Bulk Configuration Data from the main menu of the CME
client.
l For separate-MPT LTE-involved multimode base stations or LO base stations: Choose CME
> LTE Application > Import Data > Import Base Station Bulk Configuration Data from
the main menu of the U2000 client, or choose LTE Application > Import Data > Import
Base Station Bulk Configuration Data from the main menu of the CME client.
----End
22
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
Authentic State
Authentic Succeed Number
Fail Number
Fail Reason
Send EAP Packet Number
Receive EAP Packet Number
Abnormal Packet Number
(Number of results = 1)
7 Engineering Guidelines
=
=
=
=
=
=
=
Authenticate Succeed
1
0
0
7
7
0
7.4.6 Deactivation
Using MML Commands
Run the MML command DEA DOT1X to deactivate Access Control based on 802.1x on the
Ethernet port that connects the base station to the transport network.
7.7 Troubleshooting
After Access Control based on 802.1x is activated, the base station may report ALM-26831
802.1x Authentication Failure.
For details about how to clear these alarms for each type of base station, see the following sections
in 3900 Series Base Station Alarm Reference:
l
23
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
8 Parameters
Parameters
NE
MML
Comma
nd
Feature
ID
Feature
Name
Description
AM
BTS390
0,
BTS390
0
WCDM
A,
BTS390
0 LTE
ACT
DOT1X
None
None
DSP
DOT1X
LST
DOT1X
CN
SRN
BTS390
0,
BTS390
0
WCDM
A,
BTS390
0 LTE
ACT
DOT1X
BTS390
0,
BTS390
0
WCDM
A,
BTS390
0 LTE
ACT
DOT1X
None
None
DEA
DOT1X
DSP
DOT1X
Unit: None
LST
DOT1X
Default Value: 0
DEA
DOT1X
None
None
DSP
DOT1X
Unit: None
LST
DOT1X
Default Value: 0
24
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
8 Parameters
Parame
ter ID
NE
MML
Comma
nd
Feature
ID
Feature
Name
Description
SN
BTS390
0,
BTS390
0
WCDM
A,
BTS390
0 LTE
ACT
DOT1X
None
None
BTS390
0,
BTS390
0
WCDM
A,
BTS390
0 LTE
ACT
DOT1X
SBT
DEA
DOT1X
DSP
DOT1X
Unit: None
LST
DOT1X
None
None
DEA
DOT1X
DSP
DOT1X
Unit: None
LST
DOT1X
PN
BTS390
0,
BTS390
0
WCDM
A,
BTS390
0 LTE
ACT
DOT1X
None
None
DEA
DOT1X
DSP
DOT1X
LST
DOT1X
Unit: None
Default Value: None
25
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
9 Counters
Counters
26
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
10 Glossary
10
Glossary
27
SingleRAN
Access Control based on 802.1x Feature Parameter
Description
11
11 Reference Documents
Reference Documents
1.
2.
3.
4.
5.
28