Article Original Creation Date: 2010-08-26
Problem
Can you take statistics of modems that announce to the platform with a wrong service gateway password?
We are interested in two scenarios.
- A modem that announces with a password that does not match with the password stored in service gateway. So this means data exchange between the modem and service gateway has already occurred in the past.
- A modem announces to the platform but is no longer in service gateway and the modem does not use the default password.
Environment
ServiceGateway 4.0.6.
Solution
- You can get this information by running this query on the database
SPRT_NC_CPE.nc_cpe_acs_auth_fail_count
- The answer to this question depends on how the modem announces itself to the platform. In the Out-of-the-Box (OOTB) configuration, only a BOOTSTRAP or a BOOT Inform will result in the device being added to the platform and to be visible via the user interface (a device record may end up in the SPRT_NC_CPE table as an interim step, but unless it gets added to the SPRT_EC_DEVICE table, we do not consider the device to be available in Service Gateway).
There is a system preference, called ”Promote Periodic Informs from Unknown Devices to Bootstrap”, that will cause a PERIODIC Inform for a device that is no longer in the SPRT_EC_DEVICE table to be treated as if it were a BOOTSTRAP Inform, and the event will be processed as if it were a BOOTSTRAP. By default this option is not selected; you have to explicitly enable it via the system preferences screen.
The rest of this reply only applies if the device sends a BOOTSTRAP or a BOOT Inform, or if it sends a PERIODIC Inform AND the “Promote Periodic Informs from Unknown Devices to Bootstrap” preference is selected. For any other event, the device will NOT be re-added to Service Gateway (other than the interim step of adding it to SPRT_NC_CPE).
At this point, the scenario is no different than if the device was being added the first time to Service Gateway. Whatever happens in that scenario should also happen here. Assuming that the SPRT_NC_CPE table has not been altered to set a default value for the SPRT_NC_CPE.NC_CPE_ACS_PASSWORD column, then it will be NULL and the password will be reset on the device.
If the table has been altered and a default value *is* being set for the NC_CPE_ACS_PASSWORD column, and the event is a BOOT Inform, then the ACS will attempt to authenticate the device with the password that is set in the database. If the event is a BOOTSTRAP (or a PERIODIC that is being treated as a BOOTSTRAP), then the “CPE sends a BOOTSTRAP Inform” rule takes precedence, and the password will be reset on the device.
If the event is not one of those described above, then when the record gets added to the SPRT_NC_CPE table, the ACS may attempt to reset the password on the device provided the SPRT_NC_CPE table has not been altered to set a default value for the NC_CPE_ACS_PASSWORD column. But even if it does do that much, the device will not get added to the SPRT_EC_DEVICE table, and it will not be processed by any policies, or be visible to the application for any other management activities.