Linksys ATA Administration Guide
36
Provisioning Your Linksys ATA Device
Basic Administration and Configuration of Your Linksys ATA
Provisioning Capabilities
The ATA device provides for secure provisioning and remote upgrade. Provisioning is achieved
through configuration profiles transferred to the device via TFTP, HTTP, or HTTPS. To configure
Provisioning, go to Provisioning tab in the administration web server.
The ATA device can be configured to automatically resync its internal configuration state to a
remote profile periodically and on power up. The automatic resyncs are controlled by
configuring the desired profile URL into the device.
The ATA device accepts profiles in XML format, or alternatively in a proprietary binary format,
which is generated by a profile compiler tool available from Linksys. The ATA device supports
up to 256-bit symmetric key encryption of profiles. For the initial transfer of the profile
encryption key (initial provisioning stage), the ATA device can receive a profile from an
encrypted channel (HTTPS), or it can resync to a binary profile generated by the Linksys-
supplied profile compiler. In the latter case, the profile compiler can encrypt the profile
specifically for the target ATA device, without requiring an explicit key exchange.
Remote firmware upgrade is achieved via TFTP or HTTP (firmware upgrades using HTTPS are
not supported). Remote upgrades are controlled by configuring the desired firmware image
URL into the ATA device via a remote profile resync.
For further information about remote provisioning refer to the
Linksys SPA Provisioning Guide
.
Configuration Profile
The ATA configuration profile can be either an XML file or a binary file with a proprietary format.
The XML file consists of a series of elements (one per configuration parameter), encapsulated
within the element tags <flat-profile> … </flat-profile>. The encapsulated elements specify
values for individual parameters. Here is an example of a valid XML profile:
<flat-profile>
<Admin_Passwd>some secret</Admin_Passwd>
<Upgrade_Enable>Yes</Upgrade_Enable>
</flat-profile>
Binary format profiles contain ATA parameter values and user access permissions for the
parameters. By convention, the profile uses the extension .cfg (for example, spa2102.cfg). The
Linksys Profile Compiler (SPC) tool compiles a plain-text file containing parameter-value pairs
into a properly formatted and encrypted .cfg file. The SPC tool is available from Linksys for the
Win32 environment and Linux-i386-elf environment. Requests for SPC tools compiled on other
platforms are evaluated on a case-by-case basis. Please contact your Linksys sales
representative for further information about obtaining the SPC tool.
The syntax of the plain-text file accepted by the profile compiler is a series of parameter-value
pairs, with the value in double quotes. Each parameter-value pair is followed by a semicolon.
Here is an example of a valid text source profile for input to the SPC tool:
Admin_Passwd “some secret”;
Upgrade_Enable “Yes”;
Refer to the
Linksys SPA Provisioning Guide
for further details.