Cisco ATA188-I2-A Administration Guide - Page 51

Chapter 3 Configuring the Cisco ATA for H.323 Configuring the Cisco ATA Using a TFTP Server Syntax examples The cfgfmt.exe syntax affects how the EncryptKeyEx or EncryptKey parameters are used, as shown in the following examples. In these examples, input-text-file is the ata.txt file that you will convert to binary to create the ata configuration file(s) for the Cisco ATA; output-binary-file is that binary ata file, and Secret is the encryption key. • cfgfmt -h323 -tptag.dat input-text-file output-binary-file If input-text-file sets the Cisco ATA EncryptKey parameter to 0, then output-binary-file is not encrypted. If the input-text-file sets EncryptKey to a non-zero value, then output-binary-file is encrypted with that value. • cfgfmt -X -h323 -tptag.dat input-text-file output-binary-file This is an example of how you might perform encryption on a first-time Cisco ATA. The -X (uppercase) option means that any value specified for the Cisco ATA EncryptKeyEx parameter in input-text-file is ignored. However, because Secret is not specified in this example, output-binary-file is not encrypted. Nevertheless, the EncryptKeyEx parameter and its value, if specified in input-file-text, will be included in output-binary-file for possible encryption at a later time. The next time the Cisco ATA fetches the configuration file from the TFTP server, the file will be encrypted with Secret. • cfgfmt -X -xSecret -h323 -tptag.dat input-text-file output-binary-file This is an example of changing the encryption key from one key to another key. The -X (uppercase) option means that any value specified for the Cisco ATA EncryptKeyEx parameter in input-text-file is ignored and the output-binary-file is encrypted with the Secret key. However, the EncryptKeyEx parameter and its value, if specified in input-text-file, will be included in output-binary-file. Examples of Upgrading to Stronger Encryption Key This section contains two examples of how you would upgrade your Cisco ATA configuration to use the stronger encyrption method if the current Cisco ATA firmware version was a version earlier than version 2.16.2. Versions earlier than 2.16.2 do not support the stronger EncryptKeyEx parameter. Example 1 In this example, the Cisco ATA has not yet been deployed, but its firmware version is earlier than 2.16.2. Therefore, the Cisco ATA will upgrade to to firmware version 3.0 to use the EncryptKeyEx parameter as its encryption key. The Cisco ATA in this example has a MAC address of 102030405060. Perform the following steps: Procedure Step 1 Step 2 Create a file called ata102030405060.txt by using the applicable example.txt file provided with the Cisco ATA software. (For example, for H.323, the example.txt file is called h323_example.txt.) Modify the ata102030405060.txt file with desired parameter values. The value of the EncryptKey parameter should be 0. OL-4804-01 Cisco ATA 186 and Cisco ATA 188 Analog Telephone Adaptor Administrator's Guide for H.323 (version 3.0) 3-15