Searching...

Matching results

    CSV Import | Export

    This functionality is only available for oMG devices.

    In order to minimize intrusion opportunities when using pre-shared keys, it’s common for fleet operators to change or “rotate” login credentials on a regular basis. The CSV Import | Export menu allows fleet operators to perform this rotation by exporting credentials and other information such as a custom host name, static IP address, gateway, and network mask, to user-friendly CSV files, which can then be updated with new information using spreadsheet software, and then re-imported back into the gateway(s).

    WLAN WiFi Settings

    WLAN WiFi Settings

    oMM 2.11 and above in combination with oMG 3.8 and above, allows fleet operators to provision LAN access point configurations and perform PSK rotation for WLAN’s. The WLAN WiFi Settings menus under the Configuration > CSV Import | Export tab allows fleet operators to easily deploy PSK rotation changes to a fleet of configured gateways. WEP encryption is not supported for credential rotation.

    oMG PSK Rotation Requirements and Assumptions

    Unlike WAN WiFi PSK rotation, WLAN WiFi PSK rotation doesn’t have a similar, dual-access point requirement, in part because there is only a single access point per LAN device on the gateway and because WLAN access should be interrupted when credentials change (i.e. to increase security by preventing devices which previously had access from being able to connect to the WLAN). This means that all devices currently connected to the gateway will be immediately disconnected, and users will need to be provided with new login credentials either prior to the rotation, or very soon thereafter.

    Deploying PSK Rotation through the AMM

    Rotation deployment is accomplished by exporting the configuration of one or more gateways to a CSV file, modifying the settings in that CSV file using third party spreadsheet software (e.g. Microsoft Excel), re-importing the CSV file back into the AMM and deploying the settings to the fleet of gateways. Information about the CSV file is available in WLAN CSV .

    The detailed steps to accomplish this PSK rotation deployment are as follows:

    1 Select the gateways in the Gateway Tree whose credentials are to be updated.

    2 Navigate to Configuration > CSV Import | Export > WLAN WiFi Settings > Export to access the export screen for the respective PSK credentials.

    3 Click Export and then save the CSV file when prompted.

    4 Modify the credentials in the CSV file using spreadsheet software and then save the CSV (see WLAN CSV for information about the CSV file format).

    5 Navigate to Configuration > CSV Import | Export > WLAN WiFi Settings > Import to access the import screen for the respective PSK credentials.

    6 Click Browse, locate the modified CSV file and click Import. The credentials will be imported to the AMM and checked for any errors which will be displayed. If no errors were found, proceed to the next step.

    Note: configuration settings will be deployed to all gateways which are both selected in the Gateway Tree and are listed in the CSV file. Be sure to verify which gateways will be updated before moving onto the next step, by checking that each gateway listed in the CSV is also selected in the Gateway Tree.

    7 Enter a descriptive comment in the Deploy Comment field if desired. Attaching a comment to a deployment allows for gateways participating in deployments to be easily identified on the Config > Configuration Control page via the Search revision comments field (as described in Configuration Control).

    8 Click Show Gateways (optional) to show the gateways that will be affected by the import operation.

    9 Click Deploy Configuration. The configuration deployment screen will be shown and all units targeted for deployment will transition to a File generating state and then a File pending state.

    10 Click Apply to perform the deployment. Once the sync cycle completes the state will change to In Sync for each affected gateway, assuming that the gateway is online during the sync cycle.

    When exporting a long PSK containing all numerics (e.g. 77667766776677667766776677) using Excel 2010, Excel will automatically convert the value to the “General” format (e.g., “7.76678E+25”). When saving back to csv, the value will be saved as “7.76678E+25” instead of the original number. To properly edit a file with these kinds of values you must use a text editor. This ensures that the PSK values remain in their proper numeric format.

    WAN WiFi Security

    WAN WiFi Security

    oMM 2.9 and above in combination with oMG 3.8 and above, support the “rotation” of PSK credentials for WAN WiFi access points. WAN WiFi PSK rotation works by switching between access point profiles, each of which contains different PSK credentials. The WAN WiFi Security menus under the Configuration > CSV Import | Export tab allow fleet operators to easily deploy PSK rotation changes to a fleet of configured gateways.

    Note: all gateways must have same number of WiFi networks defined in the CSV file.

    AMM 2.16.2+ allows fleet operators to export the host name, or the static IP of WAN Wi-Fi network configurations, which can then be updated with new settings using spreadsheet software, and then re-imported back into the gateway(s).

    Note: This feature cannot be used to switch WAN Wi-Fi network settings between DHCP and Static IP.

    Note: In AMM 2.16.2+, the WAN WiFi Security function requires oMG software 3.14.5+.

    oMG PSK Rotation Requirements and Assumptions

    For WAN WiFi PSK rotation, at least two WiFi access point profiles need to exist on the gateways for which rotation is to be used, and those profiles must be assigned to at least one WAN link. The use of two access points ensures that WAN access remains uninterrupted during latency or other delays that may occur when transitioning gateways to the new PSK credentials.

    This is accomplished by allowing gateways to gradually transition to using the new access point while still allowing access through the old access point. Once all gateways have transitioned to the new access point, the credentials of the old access point can then be changed thereby leaving WAN service uninterrupted. Access points are configured through the gateway’s LCI screen as described in the oMG Operation and Configuration Guide.

    Deploying PSK Rotation through the AMM

    Rotation deployment is accomplished by exporting the configuration of one or more gateways to a CSV file, modifying the settings in that CSV file using third party spreadsheet software (e.g. Microsoft Excel), re-importing the CSV file back into the AMM and deploying the settings to the fleet of gateways. Information about the CSV file is available in WAN CSV .

    The detailed steps to accomplish this PSK rotation deployment are as follows:

    1 Select the gateways in the Gateway Tree whose credentials are to be updated.

    2 Navigate to Configuration > CSV Import| Export > WAN WiFi Security >Export to access the export screen for the respective PSK credentials.

    3 Click Export and then save the CSV file when prompted.

    4 Modify the credentials in the CSV file using spreadsheet software and then save the CSV (see WAN CSV for information about the CSV file format). In the case of WAN rotation, be sure to also update WiFi Network Name to rotate the gateways to use the new access point.

    5 Navigate to Configuration > CSV Import|Export > WAN WiFi Security > Import to access the import screen for the respective PSK credentials.

    6 Click Browse, locate the modified CSV file and click Import. The credentials will be imported to the AMM and checked for any errors which will be displayed. If no errors were found, proceed to the next step.

    Note: configuration settings will be deployed to all gateways which are both selected in the Gateway Tree and are listed in the CSV file. Be sure to verify which gateways will be updated before moving onto the next step, by checking that each gateway listed in the CSV is also selected in the Gateway Tree.

    7 Enter a descriptive comment in the Deploy Comment field if desired. Attaching a comment to a deployment allows for gateways participating in deployments to be easily identified on the Configuration > Deploy page via the Search revision comments field (as described in Configuration Control).

    8 Click Show Gateways (optional) to show the gateways that will be affected by the import operation.

    9 Click Deploy Configuration. The configuration deployment screen will be shown and all units targeted for deployment will transition to a File generating state and then a File pending state.

    10 Click Apply to perform the deployment. Once the sync cycle completes the state will change to In Sync for each affected gateway, assuming that the gateway is online during the sync cycle.

    11 For WAN WiFi PSK rotation: after all gateways have transitioned to the new access point, repeat the above steps to change the credentials of the old access point. This will prevent WAN access via the old access point which will eventually become the new access point on the next PSK rotation.

    When exporting a long PSK containing all numerics (e.g., 77667766776677667766776677) using Excel 2010, Excel will automatically convert the value to the “General” format (e.g., “7.76678E+25”). When saving back to csv, the value will be saved as “7.76678E+25” instead of the original number.

    To properly edit a file with these kinds of values you must use a text editor. This ensures that the PSK values remain in their proper numeric format.

    TOP