TR069/CWMP packages?

Hi all,

I'm going to try TR069/CWMP on OpenWRT. Right now I'm building my first image with easycwmp. And I guess I will try genieacs for acs server. But I'd like to know:

a) if there are any completely free implementations, i.e; not a commercial offering striped down
I have heard about freeacs, what you think of it and possibly other alternatives?

b) if there are other alternatives, some pointers to download code and get any doc about compiling it on openwrt would be helpful

c) are those things safe? Or is it a security hell like IoT seems to be?


TR069 typically runs over the carrier's infrastructure, not over the open Internet. Not something I personally trust, but more based on my lack of trust on someone like Comcast having control over my devices. See for some opinions and references for further research.

What are you trying to accomplish that can't be done with, for example, SSH with a pre-shared, potentially command-restricted key?

Well, we are a small, grassroots, not-for-profit organization sharing FTTH via WiFi links, between some 50 partners, mostly rural dwellers owning quite isolated farms about ten kilometers away from urban zone.

Our partners don't want to have any tech struggles, just to have it working, period, so it's up to the (trusted) staff to configure partner's router. Staff actually works over SHH, but sometimes, routers get back to factory defaults; then some of us has to go to that farm, driving off-road, to get it working again. And being a not-for-profit, making all as cheap as possible is paramount.

So, if cwnp works fine and can save us that driving, would be useful.

Thanks for the link. However, it does seem that not so many openwrt people is working with that.
I hoped somebody could say something like "freeacs is safer" or so.

Well, thank you again anyway

If you build and provide images, you could "burn in" the appropriate bootstrap setting and keys into the image. This would be the case for either an SSH-based approach or use of TR069 or the like.


You also participated in a thread about it: TR-069 client for LEDE: EasyCwmp (CPE WAN Management Protocol daemon)

You could also flash the routers with the defaults.

I understand your point. We could burn an image for each partner, but we hoped to find something
easier. We could burn a "factory image" for each subnet so we could look if router has reverted to,
say,, that will be easier and would escalate better... however, we are just exploring the landscape and cwmp looks as a possible solution... so we will do some test and then decide about it.

Best wishes


Yeah, but that thread looks like really really dead :slight_smile:

Time to say it builds by adding
to both easycwmp and libmicroxml Makefiles

and that libmicroxml has to be not only downloaded but untarrgzipped and Makefile- edited


I did various remote support functions for openwrt-routers, using VPN for remote access, remote firmware upgrade etc. Needs custom openwrt image, though. In case of interest send me PM.

Hi, no need to use it, we have decided it's better for us to customize images with imagebuilder.

Thank you anyway

Best wishes

No problem. Will suffice for small amount of routers. But not in case of many of these, as in case for hotspot service providers etc. I.e. I did this one:

1 Like

Got asked two weeks ago about about easycwmp hash error. I just found ny notes so I'm going to have it here, too:

openwrt directory is build_dir

cd /path/to/openwrt/package/
tar -xzvf /path/to/easycwmp-openwrt-1.8.0.tar.gz
cd easycwmp
vi Makefile

Look for this line: PKG_SOURCE_URL:=
Add this just under it: PKG_HASH:=skip
Save change
Get back to build_dir

cd ../..
cd package
tar zxvf ../libmicroxml.tar.gz
cd libmicroxml
vi Makefile

Look for the line: PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
Add this just under it: PKG_HASH:=skip
Save change
Get back to build_dir

cd ../..
make menuconfig

Select easycwmp (*)
Libmicroxml is in "Libaries" and should have been automatically selected sinde easycwmp depends on it

make V=s

Hope this helps