Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
448
Views
0
Helpful
0
Replies

ATA 192 OpenProfile(XML) Encryption not working

ymar
Level 1
Level 1

‎06-09-2021 08:17 AM

H, anyone succeeded in encrypting the provisioning profile?

 

I have been working on this for the last few days and the AT 192 is not accepting any form of it.

My provisioning profile is working as long as it is not encrypted. gzip file is working fine

Each time the ATA is rejecting it with the following messages.

 

Jun 9 11:04:07 ATA192-MPP local1.warning vsock: fprv_eval_profile_rule(3127) FSTR_CFG_RULE: [--key 123QWEASDZXC] tftp://XXXXXXXXX/defaultata192.cfg
Jun 9 11:04:07 ATA192-MPP local1.warning vsock: fprv_eval_profile_rule(3132) FSTR_000: [--key 123QWEASDZXC] tftp://XXXXXXXXXXX/defaultata192.cfg
Jun 9 11:04:07 ATA192-MPP local1.err vsock: fprv_eval_profile_rule(3199) parse_profile_rule done, must_resync=1
Jun 9 11:04:07 ATA192-MPP local1.warning vsock: fprv_eval_profile_rule(3308) FSTR_SERVER_IP[0]: XXXXXXXXXXX
Jun 9 11:04:07 ATA192-MPP local1.warning vsock: fprv_eval_profile_rule(3338) FSTR_SERVER_IP[0]: XXXXXXXXXXX, download fail, try next server
Jun 9 11:04:07 ATA192-MPP local1.warning vsock: fprv_update_profile_download_status(3004) download profile: tftp://XXXXXXXXXXX:69/defaultata192.cfg
Jun 9 11:04:07 ATA192-MPP local1.warning vsock: fprv_update_profile_download_status(3009) download status: Failed
Jun 9 11:04:07 ATA192-MPP local1.warning vsock: fprv_update_profile_download_status(3013) download fail reasons: corrupted file

 

OpenSSL cmd used:
openssl enc -e -aes-256-cbc -k 123QWEASDZXC -in defaultata192.xml -out defaultata192.cfg

 

Profile url : [--key 123QWEASDZXC] tftp://XXXXXXXXXXX/defaultata192.cfg


content of defaultata192.xml

<flat-profile>
<Proxy_1_ ua="na">123.123.123.321</Proxy_1_>
<Outbound_Proxy_1_ ua="na">123.123.123.321</Outbound_Proxy_1_>
<Use_Outbound_Proxy_1_ ua="na">Yes</Use_Outbound_Proxy_1_>
<Proxy_2_ ua="na">123.123.123.321</Proxy_2_>
<Outbound_Proxy_2_ ua="na">123.123.123.321</Outbound_Proxy_2_>
<Use_Outbound_Proxy_2_ ua="na">Yes</Use_Outbound_Proxy_2_>
</flat-profile>

 

Documentation about it: https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cata/19x/3PCC/english/provguide/at1x_b_ata191-ata192-mpp-prov/at1x_b_ata191-ata192-mpp-prov_chapter_01.html#ID-3825-000000ed

 

PS: Tried using openssl on windows and linux, tftp or http from windows or linux. Always the same error

 

 

Any help, tips is welcome.

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents