Cisco SPA2102-AU Provisioning Guide - Page 44

Using Provisioning Parameters Chapter 2 Creating Provisioning Scripts If all alternatives have conditional expressions, and none evaluates to true (or if the whole profile rule is empty), then the entire Profile_Rule* parameter is skipped, and the next profile rule parameter in the sequence is evaluated. The following are some examples of valid programming for a single Profile_Rule* parameter. The following example resyncs unconditionally to the profile at the specified URL, performing an http GET request to the remote provisioning server. http://remote.server.com/Linksys/$MA.cfg In the following example, the SPA resyncs to two different URLs, depending on the registration state of Line 1. In case of lost registration, the SPA performs an HTTP POST to a CGI script, transmitting the contents of the macro expanded GPP_A (which may provide additional information on the state of the SPA). ($REGTMR1 eq 0)? http://p.tel.com/has-reg.cfg | [--post a] http://p.tel.com/lost-reg? In the following example, the SPA resyncs to the same server, but provides additional information if a certificate is not installed in the unit (for legacy pre-2.0 units). ("$CCERT" eq "Installed")? https://p.tel.com/config? | https://p.tel.com/config?Linksys$MAU In the following example, Line 1 is disabled until GPP_A is set equal to Provisioned through the first URL. Afterwards, it resyncs to the second URL. ("$A" ne "Provisioned")? (Line_Enable_1_ = "No";)! https://p.tel.com/init-prov | https://p.tel.com/configs In the following example, the profile returned by the server is assumed to contain XML element tags that need to be remapped to proper SPA parameter names by the aliases map stored in GPP_B. [--alias b] https://p.tel.com/account/spa$MA.xml A resync is typically considered unsuccessful if a requested profile is not received from the server. This default behavior can be overridden by the parameter Resync_Fails_On_FNF. If Resync_Fails_On_FNF is set to No, then the SPA accepts a file-not-found response from the server as a successful resync. The default value for Resync_Fails_On_FNF is Yes. Report Rule The SPA provides a mechanism for reporting its current internal configuration to the provisioning server. This is useful for development and debugging. The report syntax is similar to the XML profile. All provisionable parameters are included, except for the values of passwords, keys, and the GPP_SA to GPP_SD parameters, which are not shown. The Report_Rule parameter is evaluated like a profile rule parameter. In other words, it accepts a URL, optionally qualified with a bracketed expression. The URL specifies the target destination for the report and an encryption key can be included as an option. The URL scheme can be TFTP, HTTP, or HTTPS. When using TFTP, the operation performed is TFTP PUT. In the case of HTTP and HTTPS, the operation performed is HTTP POST. If an encryption key is specified, the report is encrypted using 256-bit AES in CBC mode. The encrypted report can be decrypted with the following OpenSSL (or equivalent) command: openssl enc -d -aes-256-cbc -k secretphrase -in rep.xml.enc -out rep.xml 2-18 Linksys SPA Provisioning Guide Version 3.0