Question about ISG

seducer666 · ‎02-18-2008

I have 7204NPE-G2 and 4 stacks of 3750.I need to shape/rate-limit about 400 users to in/out(Internet) directions.I don`t want to use PPP because I have hight rate local traffic.

I read few docs about ISG but i don`t understand,can I use ISG only for IP SESSION without RADIUS and DHCP.

Thanks

amritpatek · ‎02-22-2008

It is not possible to rate-limit some number users to in/out(Internet) directions using ISG. Following links may help you

http://www.cisco.com/en/US/docs/ios/isg/configuration/guide/cfg_isg_acctng.html

http://www.cisco.com/en/US/docs/ios/isg/configuration/guide/isg_cntrl_policies.html

seducer666 · ‎03-06-2008

Hm...Why it is not possible?

Maybe my question is incorrect.I have scheme:

ISP

|

7204-G2---(Radius server)

| |

3725 3725

Can I police in/out traffic on "IP" sessions using ISG?

I read this document and find examples of what I need,if I right understand functionality of ISG.

Can someone help me with understanding ISG.

http://www.cisco.com/en/US/docs/ios/isg/configuration/guide/isg_subscriber_svcs.html#wp1054587

class-map type traffic match-any BOD1M_TC

match access-group input name BOD1M_IN_ACL_IN

match access-group output name BOD1M_ACL_OUT

!

policy-map type service BOD1M

10 class type traffic BOD1M_TC

accounting aaa list CAR_ACCNT_LIST

police input 512000 256000 5000

police output 1024000 512000 5000

class type traffic default in-out

drop

AAA Server Configuration

Attributes/

Cisco-AVPair = "ip:traffic-class=in access-group name BOD1M_IN_ACL priority 10"

Cisco-AVPair = "ip:traffic-class=in default drop"

Cisco-AVPair = "ip:traffic-class=out access-group name BOD1M _OUT_ACL priority 10"

Cisco-AVPair = "ip:traffic-class=out default drop"

Cisco-AVPair = subscriber:accounting-list=CAR_ACCNT_LIST

Cisco-SSG-Service-Info = IBOD1M

Cisco-SSG-Service-Info = QU;512000;256000;5000;D;1024000;512000;5000