Patent Number: 6,298,383

Title: Integration of authentication authorization and accounting service and proxy service

Abstract: A single database maintained centrally hosts both proxy service data and authentication, authorization and accounting (AAA) data. Data is then copied to storage used locally by each system when both systems are instantiated. Therefore the ISP/Telco need not maintain two different data bases. A protocol gateway (PGW) is used to determine if the incoming user is a wholesale or retail user. The PGW filters the domain portion of the access request to locate a remote AAA service. If one such service is found, the PGW routes the communication via the proxy service to proxy it to the remote AAA service. The returned packet from the remote AAA service is then searched for an IP address to be assigned to the incoming user. If one is not found the PGW obtains a dynamically allocated IP address from a DHCP server (using an IP-Pool-ID if supplied in the returned packet from the remote AAA service). The same mechanism is used to forward accounting event packets from the NAS to the remote AAA server. The PGW may monitor more than one proxy and/or AAA service and load balance among them.

Inventors: Gutman; Andrew Mark (Foothill Ranch, CA), Sitaraman; Aravind (Santa Clara, CA), Sthothra Bhasham; Sampath Kumar (Santa Clara, CA), Suryanarayanan; Kalpathi S. (Cupertino, CA)

Assignee: Cisco Technology, Inc.

International Classification: H04L 29/06 (20060101); G06F 013/00 ()

Expiration Date: 10/02/2018