3-16
Cisco ATA 186 and Cisco ATA 188 Analog Telephone Adaptor Administrator’s Guide for MGCP (version 3.0)
OL-4803-01
Chapter 3 Configuring the Cisco ATA for MGCP
Configuring the Cisco ATA Using a TFTP Server
Step 3 Set the value of the EncryptKeyEx parameter to the chosen encryption key with which you want the
output binary file to be encrypted. In the EncryptKeyEx parameter specified in the configuration file,
you can also restrict the EncryptKeyEx value to apply only to the Cisco ATA with a particular MAC
address. For example, if the chosen key value is 231e2a7f10bd7fe, you can specify EncryptKeyEx as:
EncryptKeyEx:231e2a7f10bd7fe/102030405060
This means that only the Cisco ATA with the MAC address 102030405060 will be allowed to apply this
EncryptKeyEx value to its internal configuration.
Step 4 Update the upgradecode parameter to instruct the Cisco ATA to upgrade to firmware version 3.0 by
means of TFTP configuration. The upgradecode parameter is described in Chapter 7, “Upgrading the
Cisco ATA Signaling Image.”
Step 5 Run the cfgfmt tool as follows:
cfgfmt -g ata102030405060.txt ata102030405060
This will generate the following two binary configuration files:
• ata102030405060
• ata102030405060.x
ata102030405060 is unencrypted.
ata102030405060.x is encrypted with EncryptKeyEx value.
Step 6 Place these two files on the TFTP server that the Cisco ATA will contact for its configuration files.
When the Cisco ATA powers up, it will obtain its IP address from the DHCP server. If the DHCP server
specifies the TFTP server address, the Cisco ATA will contact the TFTP server obtained from DHCP
because the Cisco ATA is not preconfigured with a TFTP server address. The boot process is as follows:
a. The Cisco ATA downloads the configuration file ata102030405060 from the TFTP server.
b. The Cisco ATA applies parameter values in the file ata102030405060 to its internal
configuration while ignoring the EncryptKeyEx parameter (because the older version of the
Cisco ATA does not yet recognize the EncryptKeyEx parameter).
c. The Cisco ATA upgrades to the 3.0 firmware load.
d. The Cisco ATA reboots.
e. The Cisco ATA again downloads the configuration file ata102030405060.
f. The Cisco ATA applies the value of the EncryptKeyEx parameter to its internal configuration.
g. The Cisco ATA reboots.
h. The Cisco ATA EncryptKeyEx value is in effect, so from this point forward the Cisco ATA will
download the ata102030405060.x file at each reboot and each time the value configured in the
CfgInterval parameter expires.
Note Although EncryptKeyEx is encrypted in the ata<macaddress> file, and the ata<macaddress> file does
not contain other sensitive information, Cisco recommends that for absolute security you
pre-configure the Cisco ATA as described in this example for a private network. Alternatively, you
should remove ata<macaddress> once EncryptKeyEx takes effect.