Chapter 46: Command Line Descriptions
STANDARD Revision 1.0 C4® CMTS Release 8.3 User Guide
© 2016 ARRIS Enterprises LLC. All Rights Reserved. 1525
configure interface cable-mac * cable dynamic-secret
Enables the C4 CMTS to dynamically create a shared secret at the time the cable modem is registering.
configure interface cable-mac <mac> cable dynamic-secret <lock | block | mark | reject>
configure interface cable-mac <mac> cable dynamic-secret [<lock | block | mark | reject>] no
This shared secret is valid only for that particular session with that particular cable modem. A new dynamically generated share
secret will be used each time each cable modem registers.
The outputs of the show cable modem and show cable modem detail commands print a pound sign "#" before the modem state if
the modem failed TFTP Enforce checks during modem registration and an exclamation point "!" before the modem state if the
modem failed the Dynamic Shared Secret checks during modem registration. A "#" supersedes an "!". Those modems that fail these
security checks are marked in the show commands whether the mark-only (TFTP enforce command) or mark-only (Dynamic
Shared Secret command) parameters are used or not.
To disable the cable-mac Dynamic Shared Secret feature, use the no option. The default value is disabled (no cable Dynamic Shared
Secret).
Parameters
The MAC identifier. Valid numbers are 0-415.
Allows cable modems that do not pass MIC verification based on the Dynamic Shared Secret to come online but with restrictive
quality of service (QoS).
Blocks modems violating dynamic secret from learning any CPEs.
Allows cable modems that do not pass MIC verification based on the Dynamic Shared Secret to come online but prints a warning
message on the console and marks the cable modem in show cable modem [detail] commands with an exclamation point (!).
Rejects registration of cable modems with DOCSIS configuration files that do not pass the Dynamic Shared Secret MIC verification.
To Next Page
Loading...
