I have a problem on genieacs with a Fanvil X303G phone where
InternetGatewayDevice.ManagementServer.ConnectionRequestPassword is being deleted on phone inform.
On default provision I can see this notification
// Don’t refresh password field periodically because CPEs always report blank passwords for security reasons
Should’t then inform provision (by default) be setted to:
Please paste the entire contents of your inform script. Please use three backticks (```
) on a new line, then your script, then three more backticks so a code block is created, otherwise the autoformatting makes a mess of things.
I was using the default inform provision script, this is my modified script now:
// Device ID as username
const username = declare(“DeviceID.ID”, {value: 1}).value[0]
// Password will be fixed for a given device because Math.random() is seeded with device ID by default.
const password = Math.trunc(Math.random() * number.MAX_SAFE_INTEGER).toString(36);
const informInterval = 300;
// Refresh values daily
const daily = Date.now(86400000);
// Unique inform offset per device for better load distribution
const informTime = daily % 86400000;
declare(“InternetGatewayDevice.ManagementServer.ConnectionRequestUsername”, {value: daily}, {value: username});
//declare(“InternetGatewayDevice.ManagementServer.ConnectionRequestPassword”, {value: daily}, {value: password});
declare(“InternetGatewayDevice.ManagementServer.ConnectionRequestPassword”, {value: 1}, {value: password});
declare(“InternetGatewayDevice.ManagementServer.PeriodicInformEnable”, {value: daily}, {value: true});
declare(“InternetGatewayDevice.ManagementServer.PeriodicInformInterval”, {value: daily}, {value: informInterval});
declare(“InternetGatewayDevice.ManagementServer.PeriodicInformTime”, {value: daily}, {value: informTime});
declare(“Device.ManagementServer.ConnectionRequestUsername”, {value: daily}, {value: username});
//declare(“Device.ManagementServer.ConnectionRequestPassword”, {value: daily}, {value: password});
declare(“Device.ManagementServer.ConnectionRequestPassword”, {value: 1}, {value: password});
declare(“Device.ManagementServer.PeriodicInformEnable”, {value: daily}, {value: true});
declare(“Device.ManagementServer.PeriodicInformInterval”, {value: daily}, {value: informInterval});
declare(“Device.ManagementServer.PeriodicInformTime”, {value: daily}, {value: informTime});
That is why I was asking, if “CPEs always report blank passwords for security reasons”, then shouldn’t inform provision script by default report password once instead of daily?
I presume you meant by default *set the* password once. And honestly, no. To many CPEs lie. I’ve been bit many a times by a CPE acknowledging the changes to the ACS, but not actually applying the changes.
But this is the other way around. On inform (daily), the acs will execute the script and save a blank password on itself. You will loose manual access to the cpe (401 error) because it will still have the password stored.
If new CPEs always report blank password, then updating only on first bootstrap ensures the ACS keeps the correct password forever, while ignoring later blank reports from the CPE.
In my opinion this would be a better default behavior, at least for newer cpes.
I have been testing this on my Fanvil phones with ConnectionRequestPassword”, {value: 1} and now it is working correctly.
How would the password be blank? Its very clearly set in the script: const password = Math.trunc(Math.random() * number.MAX_SAFE_INTEGER).toString(36);
And then the set declare(“Device.ManagementServer.ConnectionRequestPassword”, {value: daily}, {value: password});