I have run into somewhat of a roadblock, and would appreciate guidance from anyone who may have implemented server side commissioning behavior.

I am working to get my device to join a comissioning network, which uses the zigbee alliance defined extended PAN id to differentiate it from operational networks.

To that end, I am setting the zgApsUseExtendedPANID value in zglobals.c to constrain my device to joining only networks with that specific extended pan.

Problem is that after the beacon exchange, the joining device is issuing a rejoin request and is encrypting that rejoin message with a nwk key (all zeroes).  The network key is not correct for the network it is attempting to join, and is therefore not able to join the network  (if I set a matching default nwk key on the coordinator, the node will join successfully). 

What should happen, as I understand it, is that the joining node should issue a MAC association request, get associated (an unsecure join) and then the TC should transmit the nwk key to the joining node using the predefined trust center link key ( and I do have the TCLINKKEYJOIN defined).    That is in fact exactly what does happen if I remove the zgApsUseExtendedPanID constraint from the build and let my device join any extendedpanid network.  But that is incorrect behavior for trying to find and join only a comissioning network.

My understanding of the proper procedure is based on the zigbee alliance documents describing joining procedures to a commissioning network under the ZBA public profile.

So, to summarize, the behavior I'm seeing when I attempt to constrain the network selection to only join a commissioning network seems to be contrary to the defined (and logical) process for joining a commissioning network.  It seems illogical that the joining node would already know the network key of the commissioning network, when that is the point of having the predefined trust center link key to use for passing (securely) the nwk key. 

Here are the parameters of my joining node:

zgApsUseExtendedPANID= [zigbee defined global commissioning epid]

zgApsUseInsecureJoin = TRUE;

zgPreConfigKeys = FALSE;

zgUseDefaultTCLK = TRUE;

-DTC_LINKKEY_JOIN

-DDEFAULT_TC_LINK_KEY= [ zigbee defined global commisioning tclink key]

-DDEFAULT_KEY=[ a default key]

DEFAULT_CHANLIST=  0x07FFF800