May 22, 2024

Device Authentication Configure GPON (H.248-based)

Device Authentication Configure GPON (H.248-based):

This topic describes how to configure the H.248-based device authentication to prevent illegal MGs from registering with the MGC. [boxads]

Prerequisite:

  • The MG interface must be configured successfully.
  • The parameters, including the encryption type, the initial key and the DH authentication, and the MG ID, must be configured on the MGC. These parameters must be the same as the parameters configured on the MA5600T/MA5603T/MA5608T.

Precautions:

If Huawei products such as the SoftX3000 is used as the MGC, the authentication MG ID must be a character string with more than eight bits.

Procedure:

  • Step 1: In the global config mode, run the interface h248 command to enter the MG interface mode.
  • Step 2: Run the mg-software parameter 4 command to configure the registration mode.
  • Step 3: Run the mg-software parameter 6 0 command to configure the device authentication function on the MG interface.
  • Step 4: Run the auth command to configure the authentication MG ID and the initial key.
  • Step 5: Run the display auth command to query the authentication parameters.
  • Step 6: Run the reset coldstart command to reset the MG interface. Reset the MG interface to make the MG interface register with the MGC (and to make the modified attributes of the MG interface take effect) so that the MG interface can work in the normal state. The MG interface can be enabled in different ways (see Parameters of the reset command). For a newly configured MG interface, enable the MG interface through cold start.

Example of Device Authentication Configure:

[adsense]

Huawei-OLT(config)#interface h248 0
Huawei-OLT(config-if-h248-0)#mg-software parameter 4 0
Huawei-OLT(config-if-h248-0)#display mg-software parameter 4

------------------------------------------------- 
Interface Id:0 para index:4 value:0 
------------------------------------------------- 
APPENDIX: 
------------------------------------------------- 
Interface software parameter name: 
4: Whether MG register to MGC with wildcard 
0: Yes 
1: No 

Huawei-OLT(config-if-h248-0)#mg-software parameter 6 0
Huawei-OLT(config-if-h248-0)#display mg-software parameter 6

------------------------------------------------- 
Interface Id:0 para index:6 value:0 
------------------------------------------------- 
APPENDIX: 
------------------------------------------------- 
Interface software parameter name: 
6: Whether MG support authentication 
0: Yes 
1: No

Huawei-OLT(config-if-h248-0)#auth auth_mgid MA5600T/MA5603T/MA5608T initial_key
0123456789ABCDEF

Huawei-OLT(config-if-h248-0)#display auth

[AUTH_PARA config] 
Initial Key : 0123456789ABCDEF 
Auth MGid : MA5600T/MA5603T/MA5608T 
Algorithm : MD5 [bodyads]

Huawei-OLT(config-if-h248-0)#reset coldstart
Are you sure to reset MG interface?(y/n)[n]:y

GPON Device Authentication Configure (H.248-based)
GPON Device Authentication Configure (H.248-based)

Shahed

Hi! I am Shahed Israr. I try to help GPON Technology users with their queries and provide them with relevant and accurate information to the best of my ability. My main goal is to assist and enhance GPON Technology user and help people find the answers they're looking for quickly and easily.

Follow Me:
TwitterFacebookLinkedInPinterestGoogle PlusDiggYouTubeRedditDelicious

Visited 78 times, 1 visit(s) today

Comments

comments

Shahed

Hi! I am Shahed Israr. I try to help GPON Technology users with their queries and provide them with relevant and accurate information to the best of my ability. My main goal is to assist and enhance GPON Technology user and help people find the answers they're looking for quickly and easily.

View all posts by Shahed →

2 thoughts on “Device Authentication Configure GPON (H.248-based)

  1. Dear sir,
    Our company having Huawei MA5680T olt,At present we are using HG8240F,HG8346M onu's.I want to know reaming which onu's in Huawei will support to our olt,Can you tell me the difference between them.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

error: Content is protected !!