I have a uBR7246VXR with MC-16S Cards (Running D1.1) and cant find good documentation for apply security on this system.
I heard that BPI and Pre-Shared Key are the best options using this CMTS.
Does anyone know how to implement them in the CM files and CMTS?
How and where I create those Certificate?
I could use some help...
Regards.-
Make sure you have an IOS with k1, k8 or k9 in the image name
BPI+ will then be enabled by default (unless you disable it in the cm config file)
Oh, and you also might want to check you have "root-cert" (or "euro-root-cert") in the bootflash. I'm not 100% sure about this as some of our (new ubr10k) CMTS here do not have the file yet BPI stuff still works. But if you read the Cisco doco it says you are meant to have this certificate to enable BPI...
There's doco on the Cisco website on this topic, just google for : root-cert cmts bootflash
and you should get some good hits for DOCSIS 1.1
Once you have BPI+ running, you can then tweak your system to enforce security with "cable privacy mandatory"
And adding a key to your cm config files is a good idea too. Activate enforcement of this on the CMTS with "cable shared-secret xxxx"