No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.

Knowledge Base

Client Service Encryption can not be configured by using U2000 webLCT

Publication Date:  2018-07-24  |   Views:  1181  |   Downloads:  0  |   Author:  v84083177  |   Document ID:  EKB1001758239


Issue Description

The U2000 web LCT doesn't have this function. The L1 service encryption system consists of the OSN equipment with encryption boards, the security management tool (for example, SMT), and the network management system (for example, U2000).

Alarm Information

We need service encryption function activated.

Handling Process

Login on NE through Navigator.

1. check the version


2. check the user type


3. add a new sm user , mode operator

:sm-add-user: "NewEncryption","password", "oper", enable;

4. add the user policy

:sm-edit-userpolicy: "NewEncryption", 0X4

5. check the physical boards on the nE


6. bet the bid and port (as many as you need and allocate the payload)

set bit 4

set port 3

Eg. :secu-set-payload-encuser:$bid, 0xff, Sport,1,"NewEncryption", "line 1"





Login on OptiX SMT_en.bat

1. Add the involved NE's

2.  Create a service. On the main menu, you can choose P2P Management > Manual Create P2P, select information about the source end and sink end, and click Add > Apply.

3. set a unique password for each P2P connection.

4. Enable the encryption



Encryption Status Check

Login on NE through Navigator and run next command(changing the bit and the port)

**choose the set bid x and the set port x

As example:




Root Cause

The U2000 web LCT doesn't support this feature.


We set the encryption through Navigator and then we configured P2P encryption through Optix SMT tool.


The signals transmitted by the OSN equipment use the Optical Transport Network (OTN) frame structure specified in ITU-T Recommendation G.709/Y.1331. The OSN equipment in the encryption system adds an encryption algorithm to signal processing to encrypt the OPUk payload (excluding the overhead and FEC area). In this way, the customer data is encrypted. The security management information that the encryption function uses is transmitted using OPUk overheads, without affecting client services.