Cisco CP-7940G-CH1 Administration Guide - Page 117
Troubleshooting Cisco Unified IP Phone Security
View all Cisco CP-7940G-CH1 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 117 highlights
Chapter 8 Troubleshooting and Maintenance Troubleshooting Cisco Unified IP Phone Security Troubleshooting Cisco Unified IP Phone Security Table 8-1 provides troubleshooting information for the security features on the Cisco Unified IP Phone. For information relating to the solutions for any of these issues, and for additional troubleshooting information about security and encryption, refer to Cisco Unified Communications Manager Security Guide. Because third-party troubleshooting tools that sniff media and TCP packets do not work after you enable encryption, you must use Cisco Unified Communications Manager Administration to perform the following tasks if a problem occurs: • Analyze TCP packets for SCCP messages that are exchanged between Cisco Unified Communications Manager and the device • Extract the media encryption key material from SCCP messages and decrypt the media between the devices Table 8-1 Cisco Unified IP Phone Security Troubleshooting Problem Possible Cause LSC fails on the phone. CAPF configuration error. Device authentication error. CTL file does not have a Cisco Unified Communications Manager certificate or has an incorrect certificate. Phone cannot authenticate CTL file. The security token that signed the updated CTL file does not exist in the CTL file on the phone. Phone cannot authenticate any of the Bad TFTP record. configuration files other than the CTL file. Phone reports TFTP authorization failure. • The TFTP address for the phone does not exist in the CTL file. • If you created a new CTL file with a new TFTP record, the existing CTL file on the phone may not contain a record for the new TFTP server. Phone does not register with Cisco The CTL file does not contain the correct information for the Cisco Unified Communications Manager. Unified Communications Manager server. Phone does not interact with the correct CAPF server to obtain the locally-significant certificate. • The CAPF utility runs on a different workstation/server than is specified in the CTL file. • The CAPF certificate has changed since the last update of the CTL file. Phone does not request signed configuration files. • The CTL file does not contain any TFTP server entry. • The CTL file does not contain any TFTP entries with certificates OL-15498-01 Cisco Unified IP Phone 7960G/7940G Administration Guide for Cisco Unified Communications Manager 7.0 (SCCP) 8-9