Home » Cisco Manuals » Telephony » Cisco CP-7975G » Manual Viewer

Cisco CP-7975G Administration Guide - Page 211

Problem, Possible Cause, 1X Enabled on Phone but Not Authenticating, 1X Not Enabled

Add to My Manuals
Save this manual to your list of manuals

Page 211 highlights

Chapter 9 Troubleshooting and Maintenance Troubleshooting Cisco Unified IP Phone Security Table 9-1 Cisco Unified IP Phone Security Troubleshooting (continued) Problem Possible Cause Phone cannot authenticate CTL file. The security token that signed the updated CTL file does not exist in the CTL file on the phone. Phone cannot authenticate any of the configuration The configuration file may not be signed by the files other than ITL file. corresponding certificate in the phone's Trust List. Phone does not register with Cisco Unified Communications Manager. The CTL file does not contain the correct information for the Cisco Unified Communications Manager server. Phone does not request signed configuration files. The CTL file does not contain any TFTP entries with certificates. 802.1X Enabled on Phone but Not Authenticating Phone cannot obtain a DHCP-assigned IP address. These errors typically indicate that 802.1X Phone does not register with Cisco Unified Communications Manager. authentication is enabled on the phone, but the phone is unable to authenticate. Phone status display as "Configuring IP" or "Registering". 802.1X Authentication Status displays as "Held" (see 802.1X Authentication and Status, page 4-42 for more details). Status menu displays 802.1X status as "Failed" (see Status Menu, page 7-3 for more details). 1. Verify that you have properly configured the required components (see Supporting 802.1X Authentication on Cisco Unified IP Phones, page 1-19 for more information). 2. Confirm that the shared secret is configured on the phone (see 802.1X Authentication and Status, page 4-42 for more information). - If the shared secret is configured, verify that you have the same shared secret entered on the authentication server. - If the shared secret is not configured, enter it, and ensure that it matches the one on the authentication server. 802.1X Not Enabled Phone cannot obtain a DHCP-assigned IP address These errors typically indicate that 802.1X Phone does not register with Cisco Unified Communications Manager Phone status display as "Configuring IP" or authentication is not enabled on the phone. To enable it, see 802.1X Authentication and Status, page 4-42. "Registering" 802.1X Authentication Status displays as "Disabled" Status menu displays DHCP status as timing out OL-23092-01 Cisco Unified IP Phone Administration Guide for Cisco Unified Communications Manager 8.5 9-9

Section	Page
Cisco Unified IP Phone Administration Guide for Cisco Unified CM 8.5 (SCCP and SIP)	1
Contents	3
Preface	11
An Overview of the Cisco Unified IP Phone	15
Understanding the Cisco Unified IP Phones 7975G, 7971G-GE, 7970G, 7965G, and 7945G	16
What Networking Protocols are Used?	20
IPv6 Support on Cisco Unified IP Phones	23
What Features are Supported on the Cisco Unified IP Phone 7975G, 7971G-GE, 7970G, 7965G, and 7945G?	25
Feature Overview	25
Configuring Telephony Features	26
Configuring Network Parameters Using the Cisco Unified IP Phone	26
Providing Users with Feature Information	26
Understanding Security Features for Cisco Unified IP Phones	27
Overview of Supported Security Features	28
Understanding Security Profiles	30
Identifying Authenticated, Encrypted, and Protected Phone Calls	31
Establishing and Identifying Secure Conference Calls	31
Establishing and Identifying Protected Calls	32
Call Security Interactions and Restrictions	32
Supporting 802.1X Authentication on Cisco Unified IP Phones	33
Overview	34
Required Network Components	34
Best Practices-Requirements and Recommendations	34
Security Restrictions	35
Overview of Configuring and Installing Cisco Unified IP Phones	36
Configuring Cisco Unified IP Phones in Cisco Unified Communications Manager	36
Checklist for Configuring the Cisco Unified IP Phone 7975G, 7971G-GE, 7970G, 7965G, and 7945G in Cisco Unified Communications Manager Administration	36
Installing Cisco Unified IP Phones	39
Checklist for Installing the Cisco Unified IP Phone 7975G, 7971G-GE, 7970G, 7965G, and 7945G	39
Preparing to Install the Cisco Unified IP Phone on Your Network	45
Understanding Interactions with Other Cisco Unified IP Communications Products	46
Understanding How the Cisco Unified IP Phone Interacts with Cisco Unified Communications Manager	46
Understanding How the Cisco Unified IP Phone Interacts with the VLAN	47
Providing Power to the Phone	48
Power Guidelines	48
Phone Power Consumption and Display Brightness	49
Power Outage	50
Obtaining Additional Information about Power	50
Understanding Phone Configuration Files	51
Understanding the Phone Startup Process	53
Adding Phones to the Cisco Unified Communications Manager Database	55
Adding Phones with Auto-Registration	55
Adding Phones with Auto-Registration and TAPS	56
Adding Phones with Cisco Unified Communications Manager Administration	57
Adding Phones with BAT	57
Using Cisco Unified IP Phones with Different Protocols	58
Converting a New Phone from SCCP to SIP	58
Converting an In-Use Phone from One Protocol to the Other Protocol	59
Deploying a Phone in an SCCP and SIP Environment	59
Determining the MAC Address of a Cisco Unified IP Phone	59
Setting Up the Cisco Unified IP Phone	61
Before You Begin	61
Network Requirements	61
Cisco Unified Communications Manager Configuration	62
Understanding the Cisco Unified IP Phone Components	62
Network and Access Ports	62
Handset	63
Speakerphone	63
Headset	63
Audio Quality Subjective to the User	64
Connecting a Headset	64
Disabling a Headset	64
Enabling a Wireless Headset	65
Using External Devices	65
Installing the Cisco Unified IP Phone	65
Attaching a Cisco Unified IP Phone Expansion Module	69
Feature Key Capacity Increase for Cisco Unified IP Phones	70
Adjusting the Placement of the Cisco Unified IP Phone	71
Adjusting Cisco Unified IP Phone Footstand and Phone Height	71
Securing the Phone with a Cable Lock	72
Mounting the Phone to the Wall	73
Verifying the Phone Startup Process	74
Configuring Startup Network Settings	75
Configuring Security on the Cisco Unified IP Phone	76
Configuring Settings on the Cisco Unified IP Phone	79
Configuration Menus on the Cisco Unified IP Phone	79
Displaying a Configuration Menu	80
Unlocking and Locking Options	81
Editing Values	81
Overview of Options Configurable from a Phone	82
Network Configuration Menu	83
Understanding DHCPv6 and Autoconfiguration	94
Device Configuration Menu	95
Unified CM Configuration	96
SIP Configuration Menu for SIP Phones	97
SIP General Configuration Menu	97
Line Settings Menu for SIP Phones	98
Call Preferences Menu for SIP Phones	98
HTTP Configuration Menu	99
Locale Configuration Menu	101
NTP Configuration Menu for SIP Phones	101
UI Configuration Menu	102
Media Configuration Menu	104
Power Save Configuration Menu	107
Ethernet Configuration Menu	108
Security Configuration Menu	108
QoS Configuration Menu	109
Network Configuration	110
Security Configuration Menu	114
CTL File Submenu	116
ITL File Submenu	117
Trust List Menu	119
802.1X Authentication and Status	120
VPN Configuration	122
Connecting to VPN	122
VPN Configuration Settings	123
Configuring Features, Templates, Services, and Users	125
Telephony Features Available for the Phone	125
Configuring Product Specific Configuration Parameters	146
Configuring Corporate and Personal Directories	148
Configuring Corporate Directories	148
Configuring Personal Directory	148
Modifying Phone Button Templates	149
Modifying a Phone Button Template for Personal Address Book or Fast Dials	150
Configuring Softkey Templates	151
Setting Up Services	152
Adding Users to Cisco Unified Communications Manager	152
Managing the User Options Web Pages	153
Giving Users Access to the User Options Web Pages	153
Specifying Options that Appear on the User Options Web Pages	154
Customizing the Cisco Unified IP Phone	157
Customizing and Modifying Configuration Files	157
Creating Custom Phone Rings	158
Ringlist.xml File Format Requirements	158
PCM File Requirements for Custom Ring Types	159
Configuring a Custom Phone Ring	159
Creating Custom Background Images	159
List.xml File Format Requirements	160
PNG File Requirements for Custom Background Images	161
Configuring a Custom Background Image	162
Configuring Wideband Codec	163
Configuring the Idle Display	163
Automatically Disabling the Cisco Unified IP Phone Screen	164
Viewing Model Information, Status, and Statistics on the Cisco Unified IP Phone	167
Model Information Screen	168
Status Menu	169
Status Messages Screen	169
Network Statistics Screen	176
Firmware Versions Screen	179
Expansion Module(s) Screen	180
Call Statistics Screen	181
Using Test Tone	184
Monitoring the Cisco Unified IP Phone Remotely	187
Accessing the Web Page for a Phone	188
Disabling and Enabling Web Page Access	189
Configuring the Cisco Unified IP Phone to use HTTP/HTTPS Protocols	190
Device Information	190
Network Configuration	191
Network Statistics	195
Device Logs	197
Streaming Statistics	198
Troubleshooting and Maintenance	203
Resolving Startup Problems	203
Symptom: The Cisco Unified IP Phone Does Not Go Through its Normal Startup Process	204
Symptom: The Cisco Unified IP Phone Does Not Register with Cisco Unified Communications Manager	204
Identifying Error Messages	205
Checking Network Connectivity	205
Verifying TFTP Server Settings	205
Verifying IP Addressing and Routing	205
Verifying DNS Settings	206
Verifying Cisco Unified Communications Manager Settings	206
Cisco CallManager and TFTP Services Are Not Running	206
Creating a New Configuration File	207
Registering the Phone with Cisco Unified Communications Manager	207
Symptom: Cisco Unified IP Phone Unable to Obtain IP Address	208
Cisco Unified IP Phone Resets Unexpectedly	208
Verifying Physical Connection	208
Identifying Intermittent Network Outages	208
Verifying DHCP Settings	209
Checking Static IP Address Settings	209
Verifying Voice VLAN Configuration	209
Verifying that the Phones Have Not Been Intentionally Reset	209
Eliminating DNS or Other Connectivity Errors	210
Checking Power Connection	210
Troubleshooting Cisco Unified IP Phone Security	210
General Troubleshooting Tips	212
General Troubleshooting Tips for the Cisco Unified IP Phone Expansion Module	216
Resetting or Restoring the Cisco Unified IP Phone	216
Performing a Basic Reset	216
Performing a Factory Reset	217
Using the Quality Report Tool	219
Monitoring the Voice Quality of Calls	219
Using Voice Quality Metrics	220
Troubleshooting Tips	220
Where to Go for More Troubleshooting Information	221
Cleaning the Cisco Unified IP Phone	222
Providing Information to Users Via a Website	223
How Users Obtain Support for the Cisco Unified IP Phone	223
Giving Users Access to the User Options Web Pages	223
How Users Access the Online Help System on the Phone	224
How Users Get Copies of Cisco Unified IP Phone Manuals	224
Accessing Cisco 7900 Series Unified IP Phone eLearning Tutorials (SCCP Phones Only)	224
How Users Subscribe to Services and Configure Phone Features	225
How Users Access a Voice-Messaging System	225
How Users Configure Personal Directory Entries	226
Installing and Configuring the Cisco Unified IP Phone Address Book Synchronizer	226
Feature Support by Protocol for the Cisco Unified IP Phone 7975G, 7971G-GE, 7970G, 7965G, and 7945G	229
Supporting International Users	237
Adding Language Overlays to Phone Buttons	237
Installing the Cisco Unified Communications Manager Locale Installer	237
Support for International Call Logging	238
Technical Specifications	239
Physical and Operating Environment Specifications	239
Cable Specifications	240
Network and Access Port Pinouts	241
Basic Phone Administration Steps	243
Example User Information for these Procedures	243
Adding a User to Cisco Unified Communications Manager	244
Adding a User From an External LDAP Directory	244
Adding a User Directly to Cisco Unified Communications Manager	245
Configuring the Phone	245
Performing Final End User Configuration Steps	249

Match case Limit results 1 per page

9-9

Cisco Unified IP Phone Administration Guide for Cisco Unified Communications Manager 8.5

OL-23092-01

Chapter 9

Troubleshooting and Maintenance

Troubleshooting Cisco Unified IP Phone Security

Phone cannot authenticate CTL file.

The security token that signed the updated CTL

file does not exist in the CTL file on the phone.

Phone cannot authenticate any of the configuration

files other than ITL file.

The configuration file may not be signed by the

corresponding certificate in the phone’s Trust List.

Phone does not register with

Cisco Unified Communications Manager.

The CTL file does not contain the correct

information for the

Cisco Unified Communications Manager server.

Phone does not request signed configuration files.

The CTL file does not contain any TFTP entries

with certificates.

802.1X Enabled on Phone but Not Authenticating

Phone cannot obtain a DHCP-assigned IP address.

These errors typically indicate that 802.1X

authentication is enabled on the phone, but the

phone is unable to authenticate.

Verify that you have properly configured the

required components (see

Supporting 802.1X

Authentication on Cisco Unified IP Phones,

page 1-19

for more information).

Confirm that the shared secret is configured

on the phone (see

802.1X Authentication and

Status, page 4-42

for more information).

–

If the shared secret is configured, verify

that you have the same shared secret

entered on the authentication server.

–

If the shared secret is not configured,

enter it, and ensure that it matches the one

on the authentication server.

Phone does not register with

Cisco Unified Communications Manager.

Phone status display as “Configuring IP” or

“Registering”.

802.1X Authentication Status displays as “Held”

(see

802.1X Authentication and Status, page 4-42

for more details).

Status menu displays 802.1X status as “Failed”

(see

Status Menu, page 7-3

for more details).

802.1X Not Enabled

Phone cannot obtain a DHCP-assigned IP address

These errors typically indicate that 802.1X

authentication is not enabled on the phone. To

enable it, see

802.1X Authentication and Status,

page 4-42.

Phone does not register with

Cisco Unified Communications Manager

Phone status display as “Configuring IP” or

“Registering”

802.1X Authentication Status displays as

“Disabled”

Status menu displays DHCP status as timing out

Table 9-1

Cisco Unified IP Phone Security Troubleshooting (continued)

Problem

Possible Cause