TD S2 160293 (DISCUSSION) Discussion on ePDG selection. (Source: T-Mobile USA INC).
Abstract: This document discusses some concerns the author has with the existing proposals for ePDG selection.
Discussion and conclusion:
Noted in parallel sessions.
Co-existence with RAN WG2 WIs: LTE_WLAN_radio-Core (LWA) and LTE_WLAN_radio_legacy-Core (LWIP) ***Wed Q1***
TD S2 160017 LS from SA WG3: Reply LS on IPsec tunnelling mechanism for LTE WiFi aggregation. (SA WG3) (Revision of TD S2 154131).
Abstract: SA WG3 would like to thank TSG RAN and RAN WG2 for their LSs on LTE-WiFi aggregation and their request for providing a mechanism to establish an IPsec tunnel from UE to eNB.
SA WG3 appreciates that RAN was considering security issues, but would like to point out that it is SA WG3's responsibility to define the overall security architecture. Adding an IPsec tunnel from UE to eNB is a substantial change in the security architecture, the impact of which SA WG3 will need to study carefully. In order to do this, SA WG3 is requesting some clarifications:
Q1: What is the topology of the envisioned deployment, i.e. how is the WLAN AP connected to the eNB, both considering topology on physical as well as IP layer?
Q2: How and from where can the eNB and the IPsec termination point be reached?
Q3: Is it envisioned that the eNB can be accessed only from the known WLAN through a private network, or the eNB could be exposed to access from a public network?
Q4: It has been proposed that the IPsec tunnel should be terminated inside a security gateway on network side, does RAN see any issues with that?
Q5: What exactly does legacy WLAN mean, does that mean hardware is to be used unchanged, or also the current deployment?