AESkey on Chirpstack and Cisco LoRaWAN

Dear,
someone can help me to configure the communication between the Cisco LoRaWAN and Chirpstack server.
We receive a lot of join request and no joinaccept, maybe this issue is related to AESkey.
We configure the AESkey on both sides, using OpenSSL to generate this parameter. (We used a merge of LSB and MSB, obtained inside the Cisco LoRa with “show inventory”).
Following documentations (Chirpstack and Cisco), AESkey should be provided from vendor. I asked to Cisco if it was to tell me.
But Cisco Engineer but the Cisco engineer told me that the AESkey is inside the server and that it must be found or Chirpstack (as a vendor) must communicate it.

Could you please help to me with these settings?

Regards

If you onboard a LoRaWAN device, then this device either comes with a pre-set AppKey (or AppKey & NwkKey for LoRaWAN 1.1), or an option to configure this key. In the first case make sure that you configure the same key in ChirpStack, in the latter case you can use the web-interface to generate a random key and configure this at the device side.

There is no need to configure this key in your (Cisco) LoRa gateway.

Dear Brocaar,

thank you for the answer.

We cannot find the preset AppKey related to our Cisco LoRaWAN. It was never provided after payment.

I performed a call with Cisco a few days ago, engineer suggested me to contact the vendor of Chips (Semtech). I opened a ticket and the Semtech support, first of all:

  1. Provided me a solution (GatewayKeyGeneration), but this solution is useful for Semtech devices only.
    Parameter requested to GatewayKeyGeneration:
    SX1388-B11’,‘SX1388-A11’,‘SX1388-C11’, ‘SX1388-F11’, ‘SX1388-L11’, ‘SX1388-R11’, ‘SX1388-W11’, ‘SX1388-X11’, ‘SX1388-TEST1’

Searching on the LoRaWAN gateway, we founded a different parameters:
SX1301 #0 version: 103
SX1301 #0 chip ID: 1
SX1301 #1 version: 103
SX1301 #1 chip ID: 1

So, we are unable to create the AESkey…

Semtech (after my alert) are still checking internally and suggested us to contact Cisco Support because the AESkey should be provide from Cisco (again)…

During a new call with Cisco Support performed this morning, engineer suggested us to contact the Chirpstack teams/community to ask:

  1. Where can we find the aeskey inside the ChirpStack server?

Could you kindly support me when searching for this key?

Best Regards

As I mentioned in my previous post, usually a LoRaWAN device (not gateway!) comes with a AppKey, or the option to configure its AppKey.

Dear Brocaar,

thank you for the support.

So, following your suggestions the AppKey refers to the devices contained in the first box of this image (Data sender).

If I get a device and its key (provided by the vendor itself), do I have to configure it in the application server Chirpstack and not on the device (gateway)?

In this case I should insert the AppKey in this section:

immagine

This appkey (of the device and not the gateway) must not be entered on the Cisco gateway aeskey. Correct?

Correct?

If I get a device and its key (provided by the vendor itself), do I have to configure it in the application server Chirpstack and not on the device (gateway)?

If the key is provided by the vendor, then it is already configured on the device and you only need to configure it in the ChirpStack Application Server.

This appkey (of the device and not the gateway) must not be entered on the Cisco gateway aeskey. Correct?

Correct.

Dear Brocaar,

thank you for the answer.

Just to be clear:
If I perform the command “show common-packet-forwarder info” on Cisco LoRaWAN Gateway, I can find an AESkey, this key isn’t the Appkey you were referring to.
Correct?

DeviceEUI: ################
Country : IT
Channel Plan : EU868
IPAddress : ###.###.###.###
Port : 3001
GPS : Enabled
AESKey : ################################

If I have the AppKey [to which you were referring and which must be provided to me by the vendor that sells me the device (not the gateway)] I insert it inside the application server and not inside the LoRaWAN gateway, the server will be able to “understand” the data it receives.

What exactly does this AESkey refer to?

That key is probably for geolocation (decrypting the fine-timestamp).