[c-nsp] IOS and Calea Feature Set

Daniel Chapman dkcctc at gmail.com
Fri Oct 31 15:07:57 EDT 2008

The Lawful Intercept feature uses SNMP V3 and MIBs like ciscoIpTapMIB and 
ciscoTap2MIB.  You setup a group and a view including these mibs and intiate 
the intercept from your mediation/sniffer device.  It can be tricky if you 
are doing PPP, because you specify the IP to tap.  Your configuration could 
include setting up a AAA group and allowing the mediation device to receive 
accounting records to determine end-user IP addresses.  The median device 
needs to be able to act as a RADIUS server so it isn't marked Dead by the 
AAA processes in the router.


----- Original Message ----- 
From: "Forrest W Christian" <fwc at mt.net>
To: <cisco-nsp at puck.nether.net>
Sent: Thursday, October 30, 2008 2:10 PM
Subject: [c-nsp] IOS and Calea Feature Set

> I'm working on improving my CALEA compliance here.   One of the big things 
> I need to handle is better extraction of frames out of several cisco 
> routers we have scattered around our network.
> Today, we handle our CALEA requests by using a span/mirroring port on a 
> switch plugged into a CALEA collection device which conforms to the WISPA 
> CALEA standard.   That way, we can capture all of the internet and most of 
> the on-network traffic, but not quite 100% since traffic which never 
> leaves the border router doesn't ever exit the border router so it can't 
> be captured for Law Enforcement.
> It looks like the IP Traffic Export would allow me to basically use the 
> tools we already have in place for this.   But, I also am looking at the 
> CALEA features in the later IOS'es.   Unfortunately, the documentation is 
> written in CALEA-speak, which makes for confusing reading, especially when 
> you are trying to figure out what pieces you need to make this work.
> I'm curious if someone on-list  has gotten the CALEA features to work in a 
> Broadband provider setting, and if so, if they could perhaps point me in 
> the right direction as far as what pieces we need (aka specific products 
> instead of "functions") other than the Cisco router w/CALEA features?
> -forrest
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/ 

More information about the cisco-nsp mailing list