ONT Security
The Security tab in the ONT Property dialog allows users to enable anchor certificates that encrypt communications at the ONT level. The EMS is configured to trust all Tellabs stock certificates. The stock certificate is used specifically to secure voice or to load a site-specific certificate onto the ONT729GP for use in a secured voice installation.
The certificate is generated by the TellabsCA1 Certificate Authority. The user can request the trust anchor certificate from the Tellabs Technical Assistance Center (TAC). Refer to “Contacting Technical Support” for assistance. Additionally, Tellabs provides a tool for the management of anchor certificates through the server directory of the EMS for importing and exporting certificates. Refer to the Panorama PON Element Management System (EMS) Installation and System Administrator Guide - Appendix A: Certificate Manager about importing device certificates.
Use the following procedure to download device and anchor certificates for the selected ONT (only available if the selected ONT is an ONT729GP):
- From the ONT Property dialog, select the Security tab. The Security dialog displays.
.png?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9kemY4dnF2MjRlcWhnLmNsb3VkZnJvbnQubmV0L3VzZXJmaWxlcy80MTcwMy81NDk1Mi9ja2ZpbmRlci9pbWFnZXMvcXUvMjAyNS9pbWFnZSgxNDcpLnBuZyIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTc2MjExNjk1Nn19fV19&Signature=adMG2isP617cIh1-99DaGPKbVk76iUwH0CxDAfUA0nzmg6FsV7NNgK9DSKfxpDVNubTQHubDUm3l1HvmcnBUB966adrt4rbVWCblswcpX~uZIsQ32lP-zZPZVRP9BjOY8jz4m9ZIFziQxK0visEsD0Q3tM-i5WowFnO0zFacVkCcdOTklYD5~nZHeV-j1CCuxReUwk6o8ViEg3QnscJ3dPPOjJS~uxQgEl-ETtDSE3SbRQfStMVOGWL83lkle1wQvPyv8ePqVBzJ71SSeuSSkDvkr2X~abOr6YVzoH1DoLbUUrt-lNiqMVgL5Dh4R-QgA86tozTFq-QFsNVD7sp8nw__&Key-Pair-Id=K2TK3EG287XSFC)
- In the Security dialog, click the Browse button. The Open dialog displays.
.png?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9kemY4dnF2MjRlcWhnLmNsb3VkZnJvbnQubmV0L3VzZXJmaWxlcy80MTcwMy81NDk1Mi9ja2ZpbmRlci9pbWFnZXMvcXUvMjAyNS9pbWFnZSgxNDgpLnBuZyIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTc2MjExNjk1Nn19fV19&Signature=lLnfEKT~lnoWikoAAPuAZhFwawNrGfmOCGwMd7i4uIhRi0X5uw2RnXK1aXy6eNh-GyfRrrmPX-o2Ep0GZyUNP-IEynLmWR7cQO7PiVuHf3tLqTwqHTiQxYVdZb-bwGEPl~JGFP13MJt1nlbM9e20c1mWqkFdWd0SrbEWR9oZSgf3-087OKl7IfSOQD2wEqvMjuTLtTXlpWOG49GAHnwdIXpFTXqh3P6UhgbvB~nfaR8ZTwgq3rfzEkEWuuRMpyLEN2PLFRxrTfEkiMdXWMw-yw7kxkDnNQM2UNPsLC8rGl3mNZp2Xs1kZGH~l6jbT2BYsJE7I2rUMzILUYCmfBB8TA__&Key-Pair-Id=K2TK3EG287XSFC)
- In the Open dialog, click the Up icon (
). The Open dialog displays the available device certificate files. - In the list of device certificate files, select the desired certificate file and click the Select button.
- Click the Cancel button. The Security dialog displays the selected certificate file shown in the Certificate File Name field.
Note: The Certificate File Path field is updated to reflect the location of the selected certificate file.
.png?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9kemY4dnF2MjRlcWhnLmNsb3VkZnJvbnQubmV0L3VzZXJmaWxlcy80MTcwMy81NDk1Mi9ja2ZpbmRlci9pbWFnZXMvcXUvMjAyNS9pbWFnZSgxNDkpLnBuZyIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTc2MjExNjk1Nn19fV19&Signature=AH1AYRFBnOS1dcLuhHJrLbAtM8Kwzj-cXir9f3sj885l3vITUHXvw7pRyM-e42wwqGqIMJ9cnzzvlhaTmOlN49QAfsusC1yyIUdK~DgRo0Gtb4OFl1rt2K0XMjR3yB5MAKIITIgaJs0xpr5ubkY20j~pulsQYEsLaKvsldHPrbvYzJvcudIbo6LK7BeJSCSqCLU5LK~Ernl0lsmbEDlw0cUE~no8wd9AYOBLfxtlMBUavuDF8xDCs-bU0GG9LMA-1Nm86x-qzK2Ar151FcGJtcU1a~fX2Dj-YAxfPtWih8XnOuwpm0q64qMnfXiroD~S0DQjtRHVKuUBBRio7H-UkQ__&Key-Pair-Id=K2TK3EG287XSFC)
- In the Certificate Password field, type the password that was created when this certificate file was created. Click Execute Download. A download confirmation screen displays. Click the OK button.
Note: This password is NOT the user password
.png?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9kemY4dnF2MjRlcWhnLmNsb3VkZnJvbnQubmV0L3VzZXJmaWxlcy80MTcwMy81NDk1Mi9ja2ZpbmRlci9pbWFnZXMvcXUvMjAyNS9pbWFnZSgxNTEpLnBuZyIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTc2MjExNjk1Nn19fV19&Signature=F39T~r4PgmxkZwdcvGoszILfiphtkzgH2GAPMYH1r1vwTZg2ALMoSmrU4tp9L-bmnKvjOGDC5lePhJlVzhAGGM-yMyIEdQ8uoUQ96d0kDkAdqTUNLSSvjc~yB6EtuM4fKO6PtmTvxeBuiMT48YfzjvjFQ9P5NWLhlLx9bwfObdqPBcBSfrMkhwFyVmJmeNxgteWJaLApU0MZogWXGo0zn4CCaecF8mvLBQ8tRQ-lX1wF-Atp2PQkyX7FhyFa7HXVVwGAnY1IrNrYNczZt3kE3r10Mogblp0y1h6A1z4fHyRZEfQ65ws0MyQoGOhMlCab-mF0RO-dwtQLWALJoeth7w__&Key-Pair-Id=K2TK3EG287XSFC)
- If an incorrect password was entered in Step 6, an error screen displays. Click Cancel and repeat Step 6 using the correct password.
- If the certificate download fails, an error message is displayed.
Note: To determine why the download failed, click Details. Possible errors are Invalid Passcode or Corrupted File.
- There is no indication of activity once OK is clicked in Step 6. Go to “Certificate Status” to view the status of the download. In addition, the Event Log (refer to “Using Events View”) contains information on the device and anchor certificate downloads.
- Click the Close button to close the Security dialog.