GenieACS info

Dan Morphis dan at
Tue Feb 24 14:19:25 EST 2015

I can't speak to the specs required right now because I haven't done any
load testing.

Right now you can do ACS -> CPE authentication. This can be configured in
the /config/auth.js file.

Zaid said that support for CPE -> ACS will be added soon. You can enable
CPE -> ACS authentication on your CPE, but currently GenieACS will not send
back a 401 (Unauthorized) response. At least on the SmartRG CPE I have on
my desk, it will continue talking to the ACS without doing authentication
because it doesn't get the 401.

Because I know a little bit about your implementation Richard, I would
highly recommend you enable ACS -> CPE authentication. This will prevent
outsiders from causing your CPE to DOS your ACS. In my environment, we have
the TR069 client on the CPE bound to a separate, non-public interface we
can get away with not doing ACS -> CPE authentication.

As for SSL, the SmartRG, BEC, Zhone and ComTrend (all Broadcom based) CPE's
I have tested don't care if you are using a self-signed certificate.

I hope this helps!


On Tue, Feb 24, 2015 at 8:51 AM, Richard Verbrugge <
richard.verbrugge at> wrote:

> I’m trying to get a sense of details for GenieACS.
> I’m currently running GenieACS on a 1 process, 2GB mem, 20GB vm.
> What hardware is advised?
> What is the capacity that GenieACS can handle?
> What sort of security is in place? (I’ve seen SSL?)
> Thanks!
> /RV
> _______________________________________________
> Users mailing list
> Users at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Users mailing list