The server configuration
must include all the peers (agents, servers, and other
Diameter peers) that can communicate with the Mobile AAA
server. If a peer is not included in the configuration, the server
will not handle requests from or send requests to the peer. Select
the Peers link in the navigation tree in the left side of
the Server Manager to configure peers.
The Define Peer screen allows you to add a new client to or
modify or delete an existing client in the server configuration.
 |
| |
|
 | NOTE: Configuration changes made through the Peer link are
reflected in: /etc/opt/aaa/diameter/clients. |
|
| |
|
Creating or Modifying a Peer |
|
When
adding a new peer entry to the server configuration or modifying
an existing entry, you supply values for the peer attributes through
a form’s fields.
- FQDN
A fully qualified domain name (FQDN) that must match
the FQDN portion of the peer’s Diameter Identity string.
- Identity Port
Port number the peer sends as part of its Diameter
Identity string. Defaults to 1812. When TLS is not enabled, it must
match Connection Port.
- Connection Port
The (non-TLS or TLS) TCP port on which the peer
is listening and that the Mobile AAA server will attempt to connect
to. Defaults to 1812.
If the Security drop-down list in this form is set to None,
Connection Port must match the Diameter Port specified in Server
Start Options.
If the Security drop-down list in this form is set to TLS,
Connection Port must match the Diameter TLS Port specified in Server
Start Options.
- Shared Secret
Used to authenticate peers that are establishing
a TLS connection with an anonymous cipher suite. This field is not
used for non-TLS connections or TLS connections that use certificates.
- Type
Network hardware that the peer entry defines, specified
as a Diameter Server (PROXY), Mobile IP Foreign Agent,
Mobile IP Home Agent, or both Home and Foreign Agent.
- Dynamic Allocation
Used to designate
a peer and can be allocated to a mobile node that requests a home
agent.
- Connection
Indicates whether the Mobile AAA server can receive
or initiate the TCP call(Call) or can only wait for a call
from the peer (Listen Only). Listen Only may
be used to reduce unnecessary connection attempts if the peer is
only up and running intermittently.
- Security
Security Indicates whether the Mobile AAA server
establishes a TLS connection with the peer for exchanging Diameter
messages.
- IP Address
One or more ipaddr=ddd.ddd.ddd.ddd parameter values
may be listed to configure the IP address(es) of a multihomed client
that may not have all of its IP addresses available from the network’s
DNS. The first address listed is used when initiating a call to
the peer. If IP addresses are specified in this field, the DNS will
not be consulted for this peer.
When adding a new peer entry, you select the
Create button to submit the new peer to the Server Manager. When
modifying an existing entry, you select the Modify button to submit
changes to the peer entry. In either case if each field contains
a valid value, the client will be created or modified; otherwise,
an error message is displayed. You can always select the Cancel
button and return to the Define Clients screen without making any
changes to your server configuration.
Deleting a Peer |
|
The Peer Deletion screen allows you to preview a peer entry
before you confirm deletion. Select the Delete button to delete
the displayed peer
entry. You can select the Cancel button and return to the Define
Peer screen without deleting the entry.
Make sure that your DNS
is configured correctly (with both forward and reverse entries)
for your Mobile AAA server(s). The Mobile AAA server determines
the name of the machine that it’s running on. If this name
does not match your local DNS server’s database, you will
not be able to correctly configure the peer and will experience
problems with some server operations.
Printable version
