Skip to end of metadata
Go to start of metadata

Download PDF Document

2018-08-16

v. 43.0.1125


1 Auto-Provisioning Mediatrix Units

This configuration describes how to use the Mediatrix unit's functionality that allows it to fetch the firmware and configuration files automatically from a provisioning server by using FTP, TFTP, HTTP or HTTPS.


2 Overview of the Server Configuration


2.1 Preparing Windows Server IIS

Before You Start

If using Windows, ensure that the HTTP Server functionality is activated and that the configuration files and binaries are located under (default location): C:\lnetpub\wwwroot

Context

Media5 recommends that the administrator creates a subdirectory for the firmware and another subdirectory for the configuration files under the Web Server root directory.

Steps

  1. Create a subdirectory for the firmware under the Web Server root directory.
  2. Create a subdirectory for the configuration files under the Web Server root directory.

Result

Next Step

3.6 Exporting a Configuration Script Using a File Server

2.2 Preparing the Pumpkin TFTP Server

Before You Start

If you are using the Pumpkin TFTP server, ensure that it allows proper permission. For the PumpKIN TFTP server, please make sure that the options are selected as shown in the figure below.

Context

Media5 recommends that the administrator creates a subdirectory for the firmware and another subdirectory for the configuration files under TFTP root.

Steps

  1. Create a subdirectory for the firmware under C:\PumpKIN\
  2. Create a subdirectory for configuration files under C:\PumpKIN\

Result

Next Step

3.6 Exporting a Configuration Script Using a File Server

3 Configuration Scripts


3.1 Configuration Scripts

Configuration scripts are files containing textual commands that are sent from the ACS over the network to a Mediatrix unit.

Configuration scripts support all configuration parameters and can be created for a group of units or for a specific unit of the Network.

The automated importation of configuration scripts can be performed with the use of a Customer Profile or using a DHCP server indicating the location of the file server with options 66 or 67. The automated importation to a unit is what is referred to as zero-touch, as the unit is automatically updated with the latest configuration without manual intervention.

When the configuration scripts are received, the unit executes each command line in sequence. Script commands can assign values to configuration parameters, or execute configuration commands. Scripts are written by the system administrator and can be used to accomplish various tasks, such as automating recurrent configuration tasks or batch-applying configuration settings to multiple devices. They can also be scheduled to be executed when the Mediatrix unit restarts.

They can update the value of parameters, initiate a firmware upgrade or. The scripts can be imported by the unit in different situations:

  • When the unit is restarted
  • According to a pre-determined schedule
  • Initiated by a DHCP server indicating where the script files are located using options 66 and 67

Scripts can be sent using the following protocols:

  • FTP
  • TFTP
  • HTTP
  • HTTPS

The configuration script download feature allows updating the Mediatrix unit configuration by transferring a configuration script from a remote server or from the local file system. The Mediatrix unit is the session initiator, which allows NAT traversal. You can also configure the Mediatrix unit to automatically update its configuration or you can generate a configuration script from the running configuration of the Mediatrix unit.


3.2 Configuring the FTP Server

Before You Start

If you are not familiar with the procedure on how to set the FTP root path, please refer to your FTP server's documentation.

Context

Perform this procedure if you plan to use the FTP transport protocol.

Steps

  1. Set an FTP service on the assigned server.
  2. Make sure the FTP server can be reached by the Mediatrix unit.

    Note

    If the file server is located behind a firewall, make sure that TCP port 21 is open.


3.3 Configuring the TFTP Server

Before You Start

If you are not familiar with the procedure on how to set the TFTP root path, please refer to your TFTP server's documentation.

Context

Perform this procedure if you plan to use the TFTP transport protocol.

Steps

  1. Set a TFTP service on the assigned server.
  2. Make sure the TFTP server can be reached by the Mediatrix unit.

    Note

    If the file server is located behind a firewall, make sure the UDP port 69 is open.


3.4 Configuring the HTTP Server

Before You Start

If you are not familiar with the procedure on how to set the HTTP root path, refer to your HTTP server's documentation.

Context

Perform this procedure if you plan to use the HTTP transport protocol.

Steps

  1. Set an HTTP service on the assigned server.
  2. Make sure the HTTP server can be reached by the Mediatrix unit.

    Note

    If the file server is located behind a firewall, make sure the TCP port 80 is open.


3.5 Configuring the HTTPS Server

Before You Start

If you are not familiar with the procedure on how to set the HTTPS root path, please refer to your HTTPS documentation.

Context

Perform this procedure if you plan to use the HTTPS transport protocol.

Steps

  1. Set an HTTPS service on the assigned server.
  2. Make sure the HTTPS server can be reached by the Mediatrix unit.

    Note

    If the file server is located behind a firewall, make sure the TCP port 443 is open.

  3. Make sure that in the Management/Certificates tab, in the Certificate Import Through Web Browser table, there is a certificate that authenticates the HTTPS server selected in the Path field, and that Other is selected in the Type field.
  4. Set the configuration parameters.

3.5.1 Parameters

Although the services can be configured in great part in the web browser, some aspects of the configuration can only be completed with the MIB parameters by:

  • using a MIB browser, such as the Mediatrix Unit Manager Network (UMN);
  • using the CLI;
  • creating a configuration script containing the configuration parameters.


3.6 Exporting a Configuration Script Using a File Server

Before You Start

Depending on the type of transport protocol used, one of the following procedures must be completed:

Context

If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.

Steps

  1. Go to Management/Configuration Scripts.
  2. In the Export Script table, from the Content selection list, choose if you wish to export only what is different from the factory configuration script or the complete configuration.
  3. From the Service Name selection list, choose if you wish to export the configuration script of a specific service or of all services.
  4. In the Send To URL field, enter the protocol://[user[:password]@]hostname[:port]/[path/]filename where to export the configuration file.

    Note

    This must be consistent with the file server you have configured. The file name may be replaced by a macro. For more details, refer to the Unit Macros section. As a best practice, add the *.cfg extension to the file name.

    Note

    Remember, if you have several units with several configurations and plan to reuse the configuration on another unit, the name must be explicit. Indicate the date of your script, the interfaces used, the device model, etc.

  5. If you wish to use encryption for transfer operations, enter a encryption key in the Privacy Key field.

    Note

    Media5 corp strongly recommends to use encryption to protect certificates and passwords.

  6. Make sure the file server is started.
  7. Click Apply and Export Now.

Result

The configuration script will be exported to the specified file server.

Next Step

4.3 Executing Configuration Scripts from a File Server Each Time the Unit is Started 4.4 Executing Configuration Scripts from the Unit File Management System Each Time the Unit is Started 4.1 Executing Configuration Scripts from a File Server Periodically 4.2 Executing Configuration Scripts from the Unit File Management System Periodically

3.7 Encryption

Media5 provides an encryption tool (MxCryptFile) to secure the configuration scripts on the server.

Once the file is encrypted, the transfer of the information over the network is secure. The encryption tool uses symmetric block cipher to encrypt data. The encryption key supported by the tool can be up to 128-bits with increment of 8-bits. This encryption key must be configured on the Mediatrix units in order to decipher the information. The tool provided by Media5, upon request, can be used on Windows, Linux, or Unix operating systems.

The following is an example of the tool running on Windows:

The following are some examples of MxCryptFile commands:

  • MxCryptFile.exe –in “Mediatrix 4102_unencrypted.cfg” –out “Mediatrix 4102.cfg” –k 12345678
  • MxCryptFile.exe –in 0090F8XXXXXX_unencrypted.cfg –out 0090F8XXXXXX .cfg –k 89bb6758ac895f56
Ensure that the Mediatrix unit is configured with the correct key in order to decipher the information. Without the proper key, the parameters in the encrypted script would not be applied to the Mediatrix unit.


4 Preparation of the Configuration Files and Firmware


4.1 Executing Configuration Scripts from a File Server Periodically

Before You Start

Depending on the type of transport protocol used, one of the following procedures must be completed:

Mediatrix units do not all include a real time clock allowing them to maintain accurate time when they are shutdown. You must have a time server SNTP that is accessible and properly configured or the automatic configuration update feature may not work properly. Refer to Configuring the Mediatrix Unit to Use an SNTP Server.

Context

If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.

Steps

  1. Go to Management/Configuration Scripts.
  2. In the Execute Scripts table, in the Generic File Name and/or Specific File Name field, indicate the name of the files you wish to import.

    Note

    The file name is case sensitive, and may be replaced by a macro. For more details, refer to the Unit Macros section. Make sure to add the *.cfg. file extension.

  3. From the Transfer Protocol selection list, select the type of protocol you wish to use to transfer your script.

    Note

    This must be consistent with the file server you have configured.

  4. In the Host Name field, enter the file server IP address or FQDN.
  5. In the Location field, enter the path relative to the root of the file server where the script is saved.
  6. If your server requires authentication, enter your username and password.
  7. If the files are encrypted, provide the privacy key in the Privacy Parameters section.

    Note

    The privacy key must match the privacy key used to encrypt the file.

  8. Make sure the file server is started.
  9. In the Automatic Script Execution table, from the Execute Periodically selection list, choose Enable.
  10. Complete the Time Unit, Period and Time Range fields according to your needs.

    Note

    The time range ( hh[:mm[:ss]] or hh[:mm[:ss]] - hh[:mm[:ss]]) is based on the Static Time Zone field, under the Network > Host page.

  11. As a best practice, enable the Allow Repeated Execution field.
  12. Click Apply.

Result

The configuration script will be imported from the file server at the specified time or at a random time within the specified interval and thereafter at the period defined by the Period field. Any change to the script will be applied to the running configuration. The unit configuration is only updated if at least one parameter value defined in the imported configuration scripts is different from the actual unit configuration. Keep in mind that if you import a generic and a specific file, the commands of the specific file will override the commands of the generic file.

Next Step

5.1 Importing a Configuration Script Using a File Server 5.3 Configuring the DHCP to Trigger Configuration Script Execution

4.2 Executing Configuration Scripts from the Unit File Management System Periodically

Before You Start

You must have a time server SNTP that is accessible and properly configured or the automatic configuration update feature may not work properly. Refer to Configuring the Mediatrix Unit to Use an SNTP Server. Configuration scripts files must be available in the unit's file management system. Refer to Importing a Configuration Script to the Unit File Management System.

A configuration script must have been imported to the unit's file management system. Refer to Importing a Configuration Script to the Unit File Management System.

Context

If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.

Steps

  1. Go to Management/Configuration Scripts.
  2. In the Execute Scripts table, in the Generic File Name and/or Specific File Name field, indicate the name of the files you wish to import or use the Suggestion selection list.

    Note

    The file name is case sensitive, and may be replaced by a macro. For more details, refer to the Unit Macros section. Make sure to add the *.cfg. file extension.

  3. From the Transfer Protocol selection list, select File.
  4. If the files are encrypted, provide the privacy key in the Privacy Key field.

    Note

    The privacy key must match the privacy key used to encrypt the files.

  5. In the Automatic Script Execution table, from the Execute Periodically selection list, choose Enable.
  6. Complete the Time Unit, Period and Time Range fields according to your needs.

    Note

    The time range ( hh[:mm[:ss]] or hh[:mm[:ss]] - hh[:mm[:ss]]) is based on the Static Time Zone field, under the Network > Host page.

  7. As a best practice, enable the Allow Repeated Execution field.
  8. Click Apply.

Result

The configuration script will be imported from the system's file management system at the specified time or at a random time within the specified interval and thereafter at the period defined by the Period field. Any change to the script will be applied to the running configuration. The unit configuration is only updated if at least one parameter value defined in the imported configuration scripts is different from the actual unit configuration. Keep in mind that if you import a generic and specific file, the commands of the specific file will override the commands of the generic file.

Next Step

5.1 Importing a Configuration Script Using a File Server 5.3 Configuring the DHCP to Trigger Configuration Script Execution

4.3 Executing Configuration Scripts from a File Server Each Time the Unit is Started

Before You Start

Depending on the type of transport protocol used, one of the following procedures must be completed:

Context

If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.

Steps

  1. Go to Management/Configuration Scripts.
  2. From the Execute Scripts table, in the Generic File Name and/or Specific File Name field, indicate the name of the files you wish to import.

    Note

    The file name is case sensitive, and may be replaced by a macro. For more details, refer to the Unit Macros section. Make sure to add the *.cfg. file extension.

  3. From the Transfer Protocol selection list, select the type of protocol you wish to use to transfer your script.

    Note

    This must be consistent with the file server you have configured.

  4. In the Host Name field, enter the file server IP address or FQDN.
  5. In the Location field, enter the path relative to the root of the file server where the script is saved.
  6. If your server requires authentication, enter your username and password.
  7. If the files are encrypted, provide the privacy key in the Privacy Parameters section.

    Note

    The privacy key must match the privacy key used to encrypt the files.

  8. Make sure the file server is started.
  9. In the Automatic Script Execution table, from the Execute on Startup selection list, choose Enable.
  10. As a best practice, enable the Allow Repeated Execution field.
  11. Click Apply.

Result

When the unit is restarted, the configuration script will be imported from the file server, and any changes to the script will be applied to the running configuration. Keep in mind that if you import a generic and a specific file, the commands of the specific file will override the commands of the generic file.

Next Step

5.1 Importing a Configuration Script Using a File Server 5.3 Configuring the DHCP to Trigger Configuration Script Execution

4.4 Executing Configuration Scripts from the Unit File Management System Each Time the Unit is Started

Before You Start

A configuration script must have been imported to the unit's file management system. Refer to Importing a Configuration Script to the Unit File Management System.

Context

If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.

Steps

  1. Go to Management/Configuration Scripts.
  2. From the Execute Scripts table, in the Generic File Name and/or Specific File Name field, indicate the name of the files you wish to import or use the Suggestion selection list.

    Note

    The file name is case sensitive, and may be replaced by a macro. For more details, refer to the Unit Macros section. Make sure to add the *.cfg. file extension.

  3. From the Transfer Protocol selection list, select File.
  4. If the files are encrypted, provide the privacy key in the Privacy Parameters section.
  5. In the Automatic Script Execution table, from the Execute on Startup selection list, choose Enable.
  6. As a best practice, enable the Allow Repeated Execution field.
  7. Click Apply.

Result

When the unit is restarted, the configuration script will be imported from the system's file management system, and any changes to the script will be applied to the running configuration. Keep in mind that if you import a generic and specific file, the commands of the specific file will override the commands of the generic file.

Next Step

5.1 Importing a Configuration Script Using a File Server 5.3 Configuring the DHCP to Trigger Configuration Script Execution

4.5 Configuring the Mediatrix Unit to Use an SNTP Server

Before You Start

Make sure there is an SNTP server available.

Context

If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.

Steps

  1. Go to Network/Host.
  2. In the SNTP Configuration table, from the Configuration Source selection list, select the connection type from which you wish to obtain the SNTP parameters.

    Note

    Complete Step 3 only if you are using static SNTP server(s), otherwise go to Step 4.

  3. Provide an IP address or domain name and port numbers for each SNTP server you are using.
  4. If necessary, change the displayed default value of the Synchronisation Period.
  5. If necessary, change the displayed default value of the Synchronisation Period on Error.
  6. Click Apply.

Result

The SNTP host name and port will be displayed in the Host Status table under Network/Status.

5 Configuration of the Mediatrix Unit


5.1 Importing a Configuration Script Using a File Server

Before You Start

Depending on the type of transport protocol used, one of the following procedures must be completed:

Context

If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.

Steps

  1. Go to Management/Configuration Scripts.
  2. In the Execute Scripts table, in the Generic File Name and/or Specific File Name field, indicate the name of the files you wish to import.

    Note

    The file name is case sensitive and may be replaced by a macro. For more details on macros, refer to the Unit Macros section. Make sure to add the *.cfg. file extension.

  3. From the Transfer Protocol selection list, select the type of protocol you wish to use to transfer your configuration script.

    Note

    This must be consistent with the file server you have configured.

  4. In the Host Name field, enter the file server IP address or FQDN.
  5. In the Location field, enter the path relative to the root of the file server where the configuration script is saved.
  6. If your server requires authentication, enter your username and password.
  7. If the files are encrypted, provide the privacy key in the Privacy Key field.

    Note

    The privacy key must match the privacy key used to encrypt the file.

  8. Make sure the file server is started.
  9. Depending on your use case, set the Allow Repeated Execution field to Enable or Disable. This parameter defines if the Mediatrix unit will execute a script or not, when it is the same as the last executed script.",
  10. Click Apply and Execute Now.

Result

The configuration script will be imported from the file server, and any changes to the script will be applied to the running configuration. Keep in mind that if you import a generic and a specific file, the commands of the specific file will override the commands of the generic file.

5.2 Importing a Configuration Script to the Unit File Management System

Before You Start

This option is not available on the Mediatrix 4102 running a firmware version more recent than DGW 2.0.26.451

Context

If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed.

Steps

  1. Go to Management/File.
  2. If you are not using HTTPS, click Activate unsecure file transfer through web browser located at the top of the page.
  3. In the Import File Through Web Browser table, from the Path selection list, select Conf/.
  4. Browse to the location of the configuration file.
  5. Click Import.

    Note

    A factory reset will remove the file from the Internal file.

Result

The imported configuration file will appear in the Internal files table, under Management/File .

5.3 Configuring the DHCP to Trigger Configuration Script Execution

The Mediatrix unit can be configured to automatically import new configuration scripts upon receiving options 66 (tftp-server) or 67 (bootfile), or vendor-specific option 43 using sub-options 66 and 67 in a DHCPv4 answer. A DHCP answer includes both Bound and Renew.

Before You Start

Depending on the type of transport protocol used, one of the following procedures must be completed:

Mediatrix units do not all include a real time clock allowing them to maintain accurate time when they are shutdown. If you are using HTTPS, you must have an SNTP server that is accessible and properly configured or the automatic configuration update feature may not work properly. Refer to Configuring the Mediatrix Unit to Use an SNTP Server.

Context

If you are not familiar with the meaning of the fields and buttons, click Show Help, located at the upper right corner of the Web page. When activated, the fields and buttons that offer online help will change to green and if you hover over them, the description will be displayed. For more details on DHCPv4 Auto-Provisionning, refer to DHCPv4 Auto-Provisioning

Steps

  1. Go to Management/Configuration Scripts.
  2. In the Automatic Script Execution table, from the Allow DHCP to Trigger Scripts Execution selection list, choose Enable.
  3. Click Apply.

Result

The instructions sent FROM the DHCP server can be in different formats and will be understood by the Mediatrix unit according to what was chosen for the ScriptsDhcpOptionsFormat MIB parameter (not accessible via Web page). Possible values with their respective formats are:

  • Fully Qualified: Script=[protocol]://[username] :[password]@[server]/[path]/[file]. (default value)
  • Url: [protocol]:// [username] :[password]@[server]/[path]/[file]
  • ServerHost: Allow one DHCP option to specify the IP address or FQDN of a file server. Uses the path and filename specified in the ScriptLocation and ScriptGenericFileName parameters, use the transfer protocol, username and password specified in ScriptTransferProtocol, ScriptTransferUsername and ScriptTransferPassword parameters.
  • AutoDetect: A value beginning with "Script=" is considered as "FullyQualified", A value beginning with "[protocol]://" is considered as a URL. A value that looks like an IPv4/IPv6 address or domain name is considered as a "ServerHost".

When the unit starts, it will receive the location of the config script from the DHCP response, as per the format defined by the ScriptsDhcpOptionsFormat parameter. The unit will then import and execute the configuration scripts from the specified location. Any changes to the script will be applied to the running configuration. The unit configuration is only updated if at least one parameter value defined in the imported configuration scripts is different from the actual unit configuration.


5.4 DHCPv4 Auto-Provisioning

The Mediatrix unit can be configured to automatically download new configuration scripts upon receiving options 66 (tftp-server) or 67 (bootfile), or vendor-specific option 43 using sub-options 66 and 67 in a DHCPv4 answer

A DHCP server answer includes both Bound and Renew. The contents of option 66, 67 or 43 defines which script to download. The unit's configuration is not used to download the script. This allows the unit, for instance, to download a script from a server after a factory reset and to reconfigure itself without a specific profile. If the imported configuration script is identical to the last executed script, it will not be run again. The script retry mechanism is not enabled for the DHCPv4 triggered scripts. If options 66, 67 and 43 are received, all scripts are executed independently. The script defined by the tftp-server (option 66) option is executed first. If you are using HTTPS to transfer scripts, you must have a time server SNTP that is accessible and properly configured.


6 Available Documentation

For more details, refer to the Mediatrix Documentation .

7 Unit Macros

Macro Description
%mac% the MAC address of the unit
%version% the MFP version of the unit (firmware version)
%product% the Product name of the unit
%productseries% the Product series name of the unit.

8 Copyright Notice

Copyright © 2018 Media5 Corporation.

This document contains information that is proprietary to Media5 Corporation.

Media5 Corporation reserves all rights to this document as well as to the Intellectual Property of the document and the technology and know-how that it includes and represents.

This publication cannot be reproduced, neither in whole nor in part, in any form whatsoever, without written prior approval by Media5 Corporation.

Media5 Corporation reserves the right to revise this publication and make changes at any time and without the obligation to notify any person and/or entity of such revisions and/or changes.