|
A Cisco Device Provisioning Engine caches provisioning information and handles all configuration requests including downloading configuration files to devices. It is integrated with the Cisco Network Registrar DHCP server to control the assignment of IP addresses. Multiple DPEs can communicate with a single DHCP server. DPEs come with factory installed software that enables provisioning, but you must perform some initial configuration.
You need to set up at least one DPE for every 500,000 devices on your network. This chapter describes the set up procedure.
Table 5-1 identifies the sequence of events for setting up a DPE.
|
Each DPE comes with a console cable. To begin setting up the DPE, complete these steps:
Step 2 Attach the other end of the cable to the serial port on the computer that you want to use to configure the DPE.
Step 3 Proceed to the "Configuring and Running a Terminal Emulation Program" section.
You must configure and then run a terminal emulation program on the computer that you have connected to the DPE.
To configure and run a terminal emulation program, complete these steps:
At the command line, enter the name of a terminal emulator. Choose a terminal emulation program that enables communication with the DPE through the serial port on the host computer.
Step 2 Configure these settings on the terminal emulator:
When you have correctly configured the terminal emulation program, you are prompted to log in to the DPE.
Step 3 Proceed to the "Logging In" section.
To log in to the DPE, complete these steps:
The system displays this user mode prompt:
Step 2 Run the enable command to enter privileged mode. You must be working in privileged mode to configure the DPE. For example:
The system prompts you for the enable password.
Step 3 At the prompt, enter the enable password. The default is changeme.
The system displays this privileged mode prompt:
Step 4 To change the login and enable password, as Cisco Systems recommends:
The system prompts you for the new password.
b. Enter the new password. The system prompts you to enter the new password again.
c. Re-enter the new password. The system displays a message that you successfully changed the password.
Remember that this is your new log in password. If you want to change the privileged mode password, use the enable password command.
Step 5 Proceed to the "Configuring a Device Provisioning Engine for Data" section.
To configure a DPE, have this information available:
Tip You can use the show run command to view the running configuration. A complete list of show commands is available through the use of the show commands command. Refer to the BAC for Cable Administrator's Guide for additional information. |
Note The commands pertaining to security are only enabled when connected to the DPE serial port. Refer to the Refer to the BAC for Cable Administrator's Guide for additional information. |
To configure a DPE, complete these steps:
Step 2 Enter the IP address for the RDU or its domain name if you are implementing DNS. Also, identify the port on which the RDU is listening. The default listening port is 49187. For example:
Step 3 Specify the provisioning group or groups of which the DPE is part. Where appropriate, specify the secondary provisioning group of which it is part. For example:
Step 4 If your network topology has a default gateway IP address, enter that information. For example:
Step 5 To set up DNS for the DPE, enter the IP address of the DNS server. For example:
Step 6 Provide the DNS hostname and domain name for the DPE. For example:
Step 7 Configure the current time on the DPE. For example:
Step 8 Set the shared secret password to be the same as that on the RDU.
Note This is one of the security related commands mentioned earlier in this chapter. This command can only be run if the console is connected to the DPE serial port. |
Step 9 For the configuration to take effect, you must reload the DPE. For example:
After you reload the DPE, you can establish a Telnet session using the IP address of the DPE. Remember to use the new login and enable password that you created in the "Logging In" section.
This section describes those configuration activities that must be performed to properly set up a DPE to support voice technology.
Caution In the dpe.properties file, there should only be a single instance of each property described in these tips. |
Complete these steps to set up voice technology on your DPEs.
Tip dpe.properties: /server/provFQDNs=FQDN[IP address]:port. This could translate, for example, into c3po.pcnet.cisco.com[10.10.10.5]:49186. |
Step 2 Enter these commands to configure voice technology at DPE:
Note This is a protected mode security command, accessible only on the local console. The contents of this property are only visible when logged into the local console. |
Caution The DPE password entered using this CLI command must match the corresponding password used in Keygen utility when generating Service Keys for KDC. |
For a lab installation, the KDC and DPE are installed on the same host, and the installation program automatically generates a random KDC service key for both the KDC and the DPE.
Step 3 Enter this command to control the choice of encryption algorithm for use during SNMPv3:
Note If you enter a value of zero (which is the default value) for this policy privacy, the MTA will choose a privacy option for SNMPv3. Entering any non-zero value means Provisioning Server will set its privacy option in SNMPv3 to a specific protocol. Although, at publication, DES is the only privacy option supported by voice technology. |
Tip dpe.properties: /pktcbl/regsvr/policyPrivacy=1 - This enables DES privacy. |
Step 4 Enter this command to set the SNMP service key used for SNMPv3 cloning to the RDU.
Note This is a protected mode security command, accessible only on the local console. The contents of this property are only visible when logged into the local console. |
The default value for this command is <null>. Enter this default to turn SNMPv3 cloning off at this DPE.
Caution Set this property, to the same 46 hexadecimal bytes that are used at the RDU (rdu.properties file located in the <BPR_HOME>/rdu/conf directory) to enable SNMP cloning. |
Step 5 Enter this command to enable the PacketCable voice technology.
Note PacketCable provisioning is disabled at the DPE by default. If you change this property, you must reboot the DPE for the new setting to take effect. Also, you can turn voice technology on or off by entering either packetcable enable or no packetcable respectively. |
Tip dpe.properties: /pktcbl/enable=enabled |
Step 6 Run the dpe reload command.
These commands described in this section, provide additional configuration settings. Changing these properties on the DPE-590 causes the change to take effect immediately, without a DPE restart. If you are working with a lab install, and modify any DPE property, you must restart the DPE for the change to take effect.
Tip dpe.properties: /pktcbl/regsvr/configEncrypt=1 |
Tip dpe.properties: /pktcbl/regsvr/configEncrypt=0 |
Tip dpe.properties: /pktcbl/snmp/timeout=1 and /pktcbl/snmp/timeout=10 |
Complete these steps to verify that your DPEs are operating properly before configuring them for operation with voice technology.
This command places the collected log files in the /outgoing directory. From there, the bundle is accessible using FTP.
Step 2 Enter this command to check the status of both the DPE and voice technology settings:
This command also checks if voice technology provisioning is running, and displays the current health of the SNMPv3 service.
Posted: Thu Jan 15 06:58:40 PST 2004
All contents are Copyright © 1992--2004 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.