Configuring Subscriptions
After you add subscribers, you configure service subscriptions for the subscribers. Residential or enterprise subscribers may also be able to configure subscriptions through the portal, and operators assigned to a subscriber object may be able to configure subscriptions for that object.
The following sections describe how to configure the different types of subscriptions:
- Configuring Subscriptions to Value-Added Services
- Configuring Subscriptions to Outsourced Services
- Configuring Access Subscriptions
- Configuring RADIUS Subscriptions
Configuring Subscriptions to Value-Added Services
You must add a value-added service to the directory before you can specify that service for subscribers. See SRC-PE Services and Policies Guide, Chapter 2, Managing Services on a Solaris Platform.
After you configure a subscription to a value-added service, the service is available to the subscriber through the portal. Depending on the configuration, the subscriber may need to activate the service. You can configure schedules to define when value-added services are available to subscribers. See SRC-PE Services and Policies Guide, Chapter 5, Scheduling Services on a Solaris Platform.
To configure a subscription to a value-added service:
- In the SDX Admin navigation pane, right-click the subscriber to which you want to add a subscription, and select New > SSP Subscription.
The New SSP Subscription dialog box appears.
- Select a service from the Service Name menu.
- To create multiple subscriptions to the same service, enter a subscription ID. (See Allowing Multiple Subscriptions per Subscriber.)
- Click OK.
An object for the new subscription appears in the navigation pane, and the SSP Subscription pane appears.
![]()
- Use the field descriptions in Value-Added Subscription Fields to configure the subscription, and then click Save.
- Enter information in the other tabs:
- Parameter tab— Enter substitutions in this tab. (See Configuring Substitutions for Subscriptions.)
- Transaction tab—Enter information used by the Workflow application to manage transactions involving this subscriber profile. (See Application Library Guide.)
Value-Added Subscription Fields
Use the fields in this section to configure value-added subscriptions.
Status
- active—Subscriber can activate this service.
- suspended—Subscriber cannot activate this service, although it may be visible through a portal. If you change the value of this field to suspended while the subscription is active, the service is deactivated.
- hidden—Service is not available through a portal and cannot be activated automatically when the subscriber logs in. If you change the value of this field to hidden while the subscription is active, the service is not deactivated.
Activation
- manual—Subscriber must activate the service; the service is not activated automatically on login.
- automatically on login—Service is activated automatically when the subscriber logs in.
The SRC software may modify this setting if the service appears in mutex groups. See SRC-PE Services and Policies Guide, Chapter 2, Managing Services on a Solaris Platform.
Activation Order
- Specifies when the SAE should activate this subscription relative to the subscriber's other subscriptions that are configured to activate on login.
- Value—Integer in the range 0-2147483647
- Guidelines—Review all subscriptions that are configured to activate on login for this subscriber, and review the activation order for subscriptions of the parent subscribers. Assign the lowest number to the subscription that you want to activate first. Assign higher numbers to the other subscriptions in the order you want the SAE to activate them. If you assign the same value to multiple subscriptions, the SAE activates them in an unspecified order.
- Default—10000
- Example—200
Deleted
- Specifies whether or not this entry is available to other SRC components connected to the directory.
- Value
- Blank—Other SRC components can access this entry in the directory.
- True—Other SRC components cannot use this entry in the directory, although the object still exists.
- False—Other SRC components can access this entry in the directory.
Allowing Multiple Subscriptions per Subscriber
To allow a subscriber to have a number of subscriptions to a service at the same time, each subscription:
An object for each subscription is created in the directory. The name of the object has the following format:
<ServiceName>%<SubscriptionId>Other than the naming convention, multiple subscriptions are identical to regular subscriptions.
Configuring Subscriptions to Outsourced Services
Create an outsource subscription for retailers to specify that a retailer will use outsourced services from wholesalers. You must add an outsourced service to the directory before you specify that service for subscribers. See SRC-PE Services and Policies Guide, Chapter 2, Managing Services on a Solaris Platform.
To configure a subscription to an outsourced service:
- In the SDX Admin navigation pane, right-click the subscriber to which you want to add the subscription, and select New > Outsource Service.
The New Outsource Service dialog box appears.
An object for the new outsource service subscription appears in the navigation pane, and the Outsource Service pane appears.
![]()
- Use the field descriptions in Outsource Service Subscription Fields to configure the outsource service subscription, and click Save.
- Enter information in the other tabs:
- Transaction tab—Enter information used by the Workflow application to manage transactions involving this subscriber profile. (See SDX Application Library Guide.)
Outsource Service Subscription Fields
Use the fields in this section to configure outsourced service subscriptions.
Description
- Information about this service.
- Value—Text
- Default—If a description exists for this outsourced service in the Services folder, the same description is visible in this pane.
Password
- Password for the outsourced service.
- Value—Enter a password, and select an encryption method that your directory supports (see Table 26).
Related Access Service
- Access service that allows the retailer to use this tunnel and password.
- Value—Select an access service from the drop-down menu, or enter an access service
- Default—No value
- Example—serviceName=BackupAccess, o=Services, o=umc
Tunnel Type
- PPTP—Point-to-Point Tunneling Protocol
- L2F—Layer 2 Forwarding Protocol
- L2TP—Layer 2 Tunneling Protocol
Tunnel Medium
Tunnel Server
- IP address of the tunnel server at the company that provides the outsourced service.
- Value—IP address
- Default—No value
Tunnel Password
Virtual Router Name
- Name of the virtual router on the router that provides access to this tunnel
- Value—Virtual router name
- Default—No value
Domain Name
Configuring Access Subscriptions
You must configure an access subscription for an enterprise or a site. An access subscription determines the way that the enterprise or site accesses Internet services, and specifies a set of value-added services that are available to the enterprise or site. You must add an access service to the directory before you create an access subscription. See SRC-PE Services and Policies Guide, Chapter 2, Managing Services on a Solaris Platform.
You can specify multiple access services; for example, you might want to specify primary and secondary services for Internet access.
To configure a subscription to an access service:
- In the SDX Admin navigation pane, right-click the enterprise or site for which you want to specify an access service, and select New > Access Subscription.
The New Access Subscription dialog box appears.
- Enter a name for the subscription that is unique for the enterprise or site, select a service from the Used Service menu, and click OK.
An object for the new access subscription appears in the navigation pane, and the Access Subscription pane appears.
![]()
- Use the field descriptions in Access Subscription Fields to configure the access subscriptions, and click Save.
- Enter information in the other tabs:
- AdmissionControl tab—If the ACP manages the subscription, you must configure bandwidths for the subscription in this tab. (See SDX Application Library Guide.)
- Parameter tab— Enter substitutions in this tab. (See Configuring Substitutions for Subscriptions.)
- Transaction tab—Enter information used by the Workflow application to manage transactions involving this subscriber profile. (See SDX Application Library Guide.)
Access Subscription Fields
Use the fields in this section to configure access subscriptions. Subscriber classification scripts can use access subscription properties to match the interface in the network with an access in the directory.
Display Name
- Name that is displayed in enterprise management portals, if different from the service name. IT managers can change this name through the portal, whereas the service name is fixed for the lifetime of the access.
- Value—Text
- Default—No value
Acct. User id
Routing Protocol
Interface Alias
- Description of a router interface.
- Value—Interface description that is configured on the router
- Default—No value
Interface Description
ip<slot>/<port>.<subinterface>On the JUNOS routing platform, ifDesc is the same as interfaceName. Interface Name
- Name of the interface in your router CLI syntax
- FORWARDING_INTERFACE for routing instance (used by traffic mirroring)
For JUNOS routing platforms: interfaceName="fe-0/1/0.0"
For forwarding interface: interfaceName="FORWARDING_INTERFACE"
Uniqueid
- Router's unique ID.
- Value—Index of the router in the SNMP table for all interfaces.
- Default—No value
Port ID
- NAS port ID reported by the JUNOSe router through COPS.
- Value—Includes interface name and additional layer 2 information
- Default—No value
- Example—nasPortId="fastEthernet 3/1" (There is a space between fastEthernet and slot number 3/1 in the NAS port ID.)
Router Name
- Name of the router to which this access connects.
- Value—Select a name from the menu.
- Default—No value
Deleted
- Specifies whether or not this entry is available to other SRC components connected to the directory.
- Value
- Blank—Other SRC components can access this entry in the directory.
- True—Other SRC components cannot use this entry in the directory, although the object still exists.
- False—Other SRC components can access this entry in the directory.
Configuring RADIUS Subscriptions
You must add a RADIUS service to the directory before you specify that service for subscribers. See SRC-PE Services and Policies Guide, Chapter 2, Managing Services on a Solaris Platform.
To configure a subscription to a RADIUS service:
- In the SDX Admin navigation pane, right-click the access subscription folder or residential subscription folder to which you want to add the new subscriber, and select New > Radius Subscription.
The New RADIUS Subscription dialog box appears.
An object for the new subscription appears in the navigation pane, and the RADIUS Subscription pane appears.
Some values for the RADIUS subscription are inherited from the RADIUS service. However, you can change these values to make them specific to the subscriber.
![]()
- Use the field descriptions in RADIUS Subscription Fields to configure the subscription, and click OK.
You can define RADIUS attributes in two formats:
- Generic schema, in which each RADIUS attribute corresponds to one LDAP attribute. These values are displayed in the Generic and ERX VSA tabs.
- Merit RADIUS schema, in which RADIUS attributes are entered as multiple values of a single LDAP attribute. These values are displayed in the Merit tab.
When you save the subscription object, values entered in one format are converted to the other format as well. This means that if you enter RADIUS attributes in the generic tab, the Merit RADIUS attributes are updated, and vice versa.
- ERX VSA tabs—For information about configuring in these tabs, see the information about configuring RADIUS services in SRC-PE Services and Policies Guide, Chapter 2, Managing Services on a Solaris Platform.
- Merit tab—If you are running an ordinary LDAP client, you must enter these attributes and click Save.
If you enter values in the Generic, ERX VSA(1), or ERX VSA(2) tabs and click Save, the values get populated in the Merit AAA Reply field. To set up AAA Check or AAA Deny policies, enter them in the appropriate Merit fields, and click Save.
See SRC-PE Integration Guide, Chapter 12, Integrating Merit RADIUS for more information.
- Transaction tab—Enter information used by the Workflow application to manage transactions involving this subscriber profile. (See SDX Application Library Guide.)
RADIUS Subscription Fields
Use the fields in this section to configure RADIUS subscriptions.
UserID
- Login ID that RADIUS uses to authenticate the subscriber.
- Value—Text
- Default—Inherited from the User ID attribute of the subscriber.
Password
- Password that the subscriber uses to access the RADIUS server.
- Value—Enter a password, and select an encryption method that your directory supports (see Table 26).
CHAP Password
- Password that the subscriber uses for CHAP authentication on the RADIUS server.
- Value—CHAP password
- Default—No value
Acct. Interim Interval (sec)
- Interval between interim accounting messages for this service.
- Value—Number of seconds in the range 0-2147483648
- No value—The globally configured accounting interim value is used.
- 0—Interim accounting is disabled for this service.
IP Address
IP Mask
Reply
- Text to be displayed to the subscriber. This is the RADIUS Reply-Message attribute.
- Value—Text string
- Default—No value; may be inherited from the RADIUS service
Route
- Route from the subscriber to the RADIUS server
- Value—Route in the format compatible with RFC 2865—Remote Authentication Dial In User Service (RADIUS) (June 2000): <ipAddress>/<ipLength> <gatewayAddress> <metric>
- ipAddress—IP address of the subnet
- ipLength—Optional value that specifies the number of high-order bits from the IP address of the subnet. Default values are:
- gatewayAddress—IP address of the router that forwards traffic to the RADIUS server; a value of 0.0.0.0 indicates that the gateway address is the subscriber's IP address
- metric—Number in the range 1-254 that specifies a precedence for the route; a lower number indicates a higher precedence
192.168.1.0/24 192.168.1.1 1 2 -1 3 400192.168.1.0 192.168.1.1 1Session Timeout (sec)
- Timeout for RADIUS session.
- Value—Number of seconds in the range 0-2147483647
- Guidelines—If this timeout is lower than the timeout defined for the subscriber session, the SRC software uses the RADIUS timeout for subscriber sessions.
- Default—No value; may be inherited from the RADIUS service
Idle Timeout (sec)
- Time at which the RADIUS session ends if there is no activity between the subscriber and the RADIUS server.
- Value—Number of seconds in the range 0-2147483647
- Default—No value; may be inherited from the RADIUS service
RADIUS Class
- Arbitrary value that, if the RADIUS server supplies it, the network access server (NAS) includes in all accounting packets for the subscriber.
- Value—Text
- Default—No value; may be inherited from the RADIUS service
Deleted
- Specifies whether or not this entry is available to other SRC components connected to the directory.
- Value