Has anyone from you guys know the the HEX values to be encoded in DHCP to provide the ACS URL to ONU + the ACS credential, we were able to figure out to send the ACS url but not the username and password, thanks in advance
The full URL needs to be converted to hex so
68 74 74 70 3a 2f 2f 31 30 2e 31 30 2e 32 35 2e 36 3a 37 35 34 37
That’s 22 bytes and for Option 43 it’s Code 1, so I needed to add the hex for “1” (01) and “22” (16) in front of the string and add 0x to say it’s in HEX and now we’re working fine.
Full code is
what’s missing is how to provide ACS credential
Credentials should be stored in the CPE config. In case thats not possible for you, you would put the credentials in the URL in the form of https://username:password@ipaddress:7457/
Be aware that there are a few security issues here. First, you the traffic to the ACS isn’t being encrypted, you should switch to https. Second, putting the credentials in the url is a huge security risk. Remember that security is like an onion, with many, many layers.
Thanks Dan I never thought how straightforward it is, yes it’s impossible for us to store the credential in the device in case of hard reset, how about the cpe credential do i need that to pass along as well? Or this is enough to achieved my goal?
What do you mean by CPE credential? The credentials for the CPE to authenticate to the ACS, or the ACS to authenticate to the CPE? For the latter, the
default GenieACS provision script sets the username/password to a deterministic per-device value.
Yes from ACS to CPE ok i got it know thanks a ton, I’m very excited to lab this up now