X
NMS Prime
Stay informed. No spam. Just content. This is our promise.
I agree to the privacy terms. I can unsubscribe at any time.
X
Thank You!
X
NMS PRIME - Konferenz
Anzahl der Teilnehmer:
Datenschutz gelesen und akzeptiert
X
Vielen Dank!
X Sign up to comment and create new topics

m not sure how the nmsprime reads the genieacs json data but in its standerd form its not compatible with mikrotik .

Here is a simple fix .

in /genieacs/config/summary_parameters.yml  and /genieacs/config/index_parameters.yml replace the code with this


IDENT : Device.DeviceInfo.X_MIKROTIK_SystemIdentity
Serial number: Device.DeviceInfo.SerialNumber
Product class: Device.DeviceInfo.ProductClass
Software version: Device.DeviceInfo.SoftwareVersion
UPTIME : Device.DeviceInfo.UpTime
E1 MAC: Device.Ethernet.Interface.1.MACAddress
IP : Device.IP.Interface.1.IPv4Address.1.IPAddress
MASK : Device.IP.Interface.1.IPv4Address.1.SubnetMask
E2 MAC: Device.Ethernet.Interface.2.MACAddress
IP 2 : Device.IP.Interface.2.IPv4Address.2.IPAddress
MASK 2 : Device.IP.Interface.2.IPv4Address.2.SubnetMask
DHCP CLNT IP : Device.DHCPv4.Client.1.IPAddress
DHCP CLNT MASK : Device.DHCPv4.Client.1.SubnetMask
SSID : Device.WiFi.SSID.1.SSID
PASS : Device.WiFi.AccessPoint.1.Security.KeyPassphrase
WIFI Clients SSID 1 : Device.WiFi.AccessPoint.1.AssociatedDeviceNumberOfEntries
SSID 2 : Device.WiFi.SSID.2.SSID
PASS 2 : Device.WiFi.AccessPoint.2.Security.KeyPassphrase
Wifi Clients : Device.WiFi.AccessPoint.2.AssociatedDeviceNumberOfEntries


and here is the default config according to mikrotik best practises


# Install certificate
:global acsCaCertTxt "-----BEGIN CERTIFICATE-----
MIIDCDCCAfCgAwIBAgIIBQ68Phid9+owDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE
AwwEbXlDYTAeFw03MDAxMDIwMDM0MDZaFw03MTAxMDIwMDM0MDZaMA8xDTALBgNV
BAMMBG15Q2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDILvvnEc/8
53jevX3MW4qjn9CNdHLexUZSL8qSXzE5sik1kaNOdckOXC8/Ku0qO95elaBaXmLe
QsIQbVtZ768SBQc7q4RaG3AEauLfNl0BS3kl91/nSvYKp20Nvn7LP7CVZj8D81S+
z4lYgab00X6hT65r8cOI4idaJNWkB9+vFujiPpg0H4IEthgslvCu0i2C7VMrZps/
lTI4xD7kUU4ySzpMUDD3SiA1cEtR8SC5gspYFqtUB2Chk4DTeqWzPCT9eIKclIKM
eh/5w7eLCKyjqIBDwWixuHGW7uFffHjmkgtmzG35W/qmgXGXG+BC8NomxmKxdxCT
ZpQCbisMKieTAgMBAAGjaDBmMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
AgEGMB0GA1UdDgQWBBR5poVfi8tXHrD3sEidlLLzm1k3xzAkBglghkgBhvhCAQ0E
FxYVR2VuZXJhdGVkIGJ5IFJvdXRlck9TMA0GCSqGSIb3DQEBCwUAA4IBAQChVt7s
YNL+U7p0OoxdKgCqP3JyrVOAYDs51243IR83BM3WQybWaDcEv50/R668icnnNHgN
GKQ6OjgQbia7ZW38JWlD/n59WDjk9T63lHh5RHmrhPlIDUN8Wh89v6N2q8YQy+rj
o2lOcbZOJTSIirSBcokMRw45yJNO9HU02E9Bl5nb1hq6/xP4pbTS3t8bL+Xpg0eJ
herz/Ap62k/ToRP+yFYN90z8sDHHvKWnq1W60xreLQ95D5IOego0dIWDC8J/a551
Z2AklvEhKfJTQ6zylrhPDy5bySadxy8lAV82+gEZ1AQyS2UXzRAUgCCCzdEmgiWE
6Du6ubASPAEmYfhC
-----END CERTIFICATE-----";

/file print file=tmp_acs_ca_cert.txt;
:delay 2;
/file set tmp_acs_ca_cert.txt contents=$acsCaCertTxt;
/certificate import file-name=tmp_acs_ca_cert.txt passphrase="";
/file remove tmp_acs_ca_cert.txt; 

 
# Wait while ehter ifaces show up
:local count 0;
:while ([/interface ethernet find] = "") do={
    :if ($count = 30) do={
        /quit;
    }
    :delay 1s; :set count ($count +1);
};


# Set as secure settings as possible for tr069-client to workip firewall {
    filter add chain=input action=accept connection-state=established,related \
comment="defconf: accept established,related"
    filter add chain=input action=drop in-interface=ether1 \
comment="defconf: drop all from WAN"
}
/ip neighbor discovery-settings set discover-interface-list=none


# Cofigure IP level, so that tr069-client can work
/ip dhcp-client add interface=ether1 disabled=no comment="defconf";
/tr069-client set acs-url="https://example.com:7777/" enabled=yes \
username=exampleusername password=examplesecurepassword







Most Popular Post
There are no posts marked as being answered (liked) on this topic yet!!

1 Comment

  1. As far as I can see it you are referring to the GenieACS GUI (summary_parameters.yml). However, we are not shipping the GenieACS GUI since everything is managed by NMS Prime and we only communicate to GenieACS via its API. Have you tried provisioning Mikrotik devices via TR-069 using NMS Prime?