Home » Cisco Manuals » Telephony » Cisco CP-7961G » Manual Viewer

Cisco CP-7961G Administration Guide - Page 193

Problem, Possible Cause, 1X Enabled on Phone but Not Authenticating, 1X Not Enabled

Add to My Manuals
Save this manual to your list of manuals

Page 193 highlights

Chapter 9 Troubleshooting and Maintenance Troubleshooting Cisco Unified IP Phone Security Table 9-1 Cisco Unified IP Phone Security Troubleshooting (continued) Problem Possible Cause Phone does not register with Cisco Unified The CTL file does not contain the correct information for the Cisco Communications Manager. Unified Communications Manager server. Phone does not request signed configuration The CTL file does not contain any TFTP entries with certificates. files. 802.1X Enabled on Phone but Not Authenticating Phone cannot obtain a DHCP-assigned IP These errors typically indicate that 802.1X is enabled on the phone, but the address phone is unable to authenticate. Phone does not register with Cisco Unified 1. Verify that you have properly configured the required components Communications Manager Supporting 802.1X Authentication on Cisco Unified IP Phones, page 1-18. Phone status display as "Configuring IP" or 2. Confirm that the shared secret is configured on the phone (see Security "Registering" Configuration Menu, page 4-30 for more information). 802.1X Authentication Status displays as "Held" (see 802.1X Authentication and Status, page 4-43). Status menu displays 802.1x status as "Failed" (see Call Statistics Screen, page 7-13). - If the shared secret is configured, verify that you have the same shared secret entered on the authentication server. - If the shared secret is not configured, enter it, and ensure that it matches the one on the authentication server. 802.1X Not Enabled Phone cannot obtain a DHCP-assigned IP address Phone does not register with Cisco Unified Communications Manager These errors typically indicate that 802.1X is not enabled on the phone. To enable it, see Security Configuration Menu, page 4-30 for information on enabling 802.1X on the phone. Phone status display as "Configuring IP" or "Registering" 802.1X Authentication Status displays as "Disabled" (see 802.1X Authentication and Status, page 4-43). Status menu displays DHCP status as timing out (see Call Statistics Screen, page 7-13). Factory Reset Deleted 802.1X Shared Secret Phone cannot obtain a DHCP-assigned IP address Phone does not register with Cisco Unified Communications Manager Phone status display as "Configuring IP" or "Registering" Cannot access phone menus to verify 802.1X status These errors typically indicate that the phone has completed a factory reset while 802.1X was enabled. A factory reset deletes the shared secret, which is required for 802.1X authentication and network access. To resolve this, you have two options: • Temporarily disable 802.1X on the switch. • Temporarily move the phone to a network environment that is not using 802.1X authentication. Once the phone starts up normally in one of these conditions, you can access the 802.1X configuration menus and re-enter the shared secret. OL-21011-01 Cisco Unified IP Phone Administration Guide for Cisco Unified Communications Manager 8.0 (SCCP and SIP) 9-9

Section	Page
Cisco Unified IP Phone Administration Guide for Cisco Unified CM 8.0 (SCCP and SIP)	1
Contents	3
Preface	11
Overview	11
Audience	11
Organization	11
Related Documentation	12
Obtaining Documentation, Obtaining Support, and Security Guidelines	13
Cisco Product Security Overview	13
Document Conventions	13
An Overview of the Cisco Unified IP Phone	15
Understanding the Cisco Unified IP Phone 7962G and 7942G	16
What Networking Protocols are Used?	19
IPv6 Support on Cisco Unified IP Phones	22
What Features are Supported on the Cisco Unified IP Phone 7962G and 7942G?	23
Feature Overview	23
Configuring Telephony Features	24
Configuring Network Parameters Using the Cisco Unified IP Phone	24
Providing Users with Feature Information	25
Understanding Security Features for Cisco Unified IP Phones	25
Overview of Supported Security Features	27
Understanding Security Profiles	29
Identifying Authenticated, Encrypted, and Protected Phone Calls	29
Establishing and Identifying Secure Conference Calls	30
Establishing and Identifying Protected Calls	30
Call Security Interactions and Restrictions	31
Supporting 802.1X Authentication on Cisco Unified IP Phones	32
Overview	32
Required Network Components	33
Best Practices-Requirements and Recommendations	33
Security Restrictions	34
Overview of Configuring and Installing Cisco Unified IP Phones	34
Configuring Cisco Unified IP Phones in Cisco Unified Communications Manager	34
Checklist for Configuring the Cisco Unified IP Phone 7962G and 7942G in Cisco Unified Communications Manager Administrations	35
Installing Cisco Unified IP Phones	37
Checklist for Installing the Cisco Unified IP Phone 7962G and 7942G	38
Preparing to Install the Cisco Unified IP Phone on Your Network	43
Understanding Interactions with Other Cisco Unified IP Telephony Products	43
Understanding How the Cisco Unified IP Phone Interacts with Cisco Unified Communications Manager	44
Understanding How the Cisco Unified IP Phone Interacts with the VLAN	44
Providing Power to the Cisco Unified IP Phone	45
Power Guidelines	46
Power Outage	46
Obtaining Additional Information about Power	47
Understanding Phone Configuration Files	47
Understanding the Phone Startup Process	49
Adding Phones to the Cisco Unified Communications Manager Database	50
Adding Phones with Auto-Registration	51
Adding Phones with Auto-Registration and TAPS	52
Adding Phones with Cisco Unified Communications Manager Administration	53
Adding Phones with BAT	53
Using Cisco Unified IP Phones with Different Protocols	54
Converting a New Phone from SCCP to SIP	54
Converting an In-Use Phone from One Protocol to the Other	54
Deploying a Phone in an SCCP and SIP Environment	55
Determining the MAC Address for a Cisco Unified IP Phone	55
Setting Up the Cisco Unified IP Phone	57
Before You Begin	57
Network Requirements	57
Cisco Unified Communications Manager Configuration	58
Understanding the Cisco Unified IP Phone Components	58
Network and Access Ports	58
Handset	59
Speakerphone	59
Headset	60
Audio Quality Subjective to the User	60
Connecting a Headset	60
Disabling a Headset	61
Enabling a Wireless Headset on the Cisco Unified IP Phones 7962G and 7942G	61
Using External Devices	61
Installing the Cisco Unified IP Phone	61
Attaching a Cisco Unified IP Phone Expansion Module	64
Feature Key Capacity Increase for Cisco Unified IP Phones	65
Adjusting the Placement of the Cisco Unified IP Phone	66
Adjusting Cisco Unified IP Phone Placement on the Desktop	66
Securing the Phone with a Cable Lock	66
Mounting the Phone to the Wall	67
Verifying the Phone Startup Process	69
Configuring Startup Network Settings	70
Configuring Security on the Cisco Unified IP Phone	70
Configuring Settings on the Cisco Unified IP Phone	73
Configuration Menus on the Cisco Unified IP Phone	73
Displaying a Configuration Menu	74
Unlocking and Locking Options	74
Editing Values	75
Overview of Options Configurable from a Phone	76
Network Configuration Menu	77
Understanding DHCPv6 and Autoconfiguration	88
Device Configuration Menu	89
Unified CM Configuration Menu	90
SIP Configuration Menu for SIP Phones Only	91
SIP General Configuration Menu	91
Line Settings Menu for SIP Phones	92
Call Preferences Menu for SIP Phones	93
HTTP Configuration Menu	94
Locale Configuration Menu	95
NTP Configuration Menu for SIP Phones	96
UI Configuration Menu	97
Media Configuration Menu	99
Ethernet Configuration Menu	102
Security Configuration Menu	102
QoS Configuration Menu	104
Network Configuration Menu	105
Security Configuration Menu	110
CTL File Submenu	111
ITL File Submenu	112
Trust List Menu	114
802.1X Authentication and Status	115
VPN Configuration	116
Configuring Features, Templates, Services, and Users	119
Telephony Features Available for the Cisco Unified IP Phone	119
Configuring Product Specific Configuration Parameters	137
Configuring Corporate and Personal Directories	138
Configuring Corporate Directories	139
Configuring Personal Directory	139
Modifying Phone Button Templates	140
Modifying a Phone Button Template for Personal Address Book or Fast Dials	141
Configuring Softkey Templates	142
Setting Up Services	143
Adding Users to Cisco Unified Communications Manager	143
Managing the User Options Web Pages	144
Giving Users Access to the User Options Web Pages	144
Specifying Options that Appear on the User Options Web Pages	145
Customizing the Cisco Unified IP Phone	147
Customizing and Modifying Configuration Files	147
Creating Custom Phone Rings	148
Ringlist.xml File Format Requirements	148
PCM File Requirements for Custom Ring Types	149
Configuring a Custom Phone Ring	149
Creating Custom Background Images	149
List.xml File Format Requirements	150
PNG File Requirements for Custom Background Images	150
Configuring a Custom Background Image	151
Configuring Wideband Codec	152
Viewing Model Information, Status, and Statistics on the Cisco Unified IP Phone	153
Model Information Screen	154
Status Menu	154
Status Messages Screen	155
Network Statistics Screen	161
Firmware Versions Screen	163
Expansion Module Status Screen	164
Call Statistics Screen	165
Using Test Tone	167
Monitoring the Cisco Unified IP Phone Remotely	171
Accessing the Web Page for a Phone	172
Disabling and Enabling Web Page Access	173
Configuring the Cisco Unified IP Phone to use HTTP/HTTPS Protocols	174
Device Information	174
Network Configuration	175
Network Statistics	178
Device Logs	180
Streaming Statistics	181
Troubleshooting and Maintenance	185
Resolving Startup Problems	185
Symptom: The Cisco Unified IP Phone Does Not Go Through its Normal Startup Process	186
Symptom: The Cisco Unified IP Phone Does Not Register with Cisco Unified Communications Manager	186
Identifying Error Messages	187
Checking Network Connectivity	187
Verifying TFTP Server Settings	187
Verifying IP Addressing and Routing	187
Verifying DNS Settings	188
Verifying Cisco Unified Communications Manager Settings	188
Cisco CallManager and TFTP Services Are Not Running	188
Creating a New Configuration File	189
Registering the Phone with Cisco Unified Communications Manager	189
Symptom: Cisco Unified IP Phone Unable to Obtain IP Address	190
Cisco Unified IP Phone Resets Unexpectedly	190
Verifying the Physical Connection	190
Identifying Intermittent Network Outages	190
Verifying DHCP Settings	191
Checking Static IP Address Settings	191
Verifying the Voice VLAN Configuration	191
Verifying that the Phones Have Not Been Intentionally Reset	191
Eliminating DNS or Other Connectivity Errors	191
Checking Power Connection	192
Troubleshooting Cisco Unified IP Phone Security	192
General Troubleshooting Tips	194
General Troubleshooting Tips for the Cisco Unified IP Phone Expansion Module	196
Resetting or Restoring the Cisco Unified IP Phone	197
Performing a Basic Reset	197
Performing a Factory Reset	197
Using the Quality Report Tool	198
Monitoring the Voice Quality of Calls	199
Using Voice Quality Metrics	199
Troubleshooting Tips	200
Where to Go for More Troubleshooting Information	201
Cleaning the Cisco Unified IP Phone	201
Providing Information to Users Via a Website	203
How Users Obtain Support for the Cisco Unified IP Phone	203
Giving Users Access to the User Options Web Pages	203
How Users Access the Online Help System on the Cisco Unified IP Phone	204
How Users Get Copies of Cisco Unified IP Phone Manuals	204
Accessing Cisco 7900 Series Unified IP Phone eLearning Tutorials for SCCP Phones Only	204
How Users Subscribe to Services and Configure Phone Features	205
How Users Access a Voice Messaging System	205
How Users Configure Personal Directory Entries	206
Installing and Configuring the Cisco Unified IP Phone Address Book Synchronizer	206
Feature Support by Protocol for Cisco Unified IP Phone 7962G and 7942G	209
Supporting International Users	215
Adding Language Overlays to Phone Buttons	215
Installing the Cisco Unified Communications Manager Locale Installer	215
Support for International Call Logging	216
Technical Specifications	217
Physical and Operating Environment Specifications	217
Cable Specifications	218
Network and Access Port Pinouts	218
Basic Phone Administration Steps	221
Example User Information for these Procedures	221
Adding a User to Cisco Unified Communications Manager	222
Adding a User From an External LDAP Directory	222
Adding a User Directly to Cisco Unified Communications Manager	222
Configuring the Phone	223
Performing Final End User Configuration Steps	227
Index	228
Symbols	228
Numerics	228
A	228
B	229
C	229
D	230
E	231
F	231
G	232
H	232
I	233
J	233
K	233
L	233
M	234
N	234
O	235
P	235
Q	236
R	236
S	236
T	238
U	239
V	240

Match case Limit results 1 per page

9-9

Cisco Unified IP Phone Administration Guide for Cisco Unified Communications Manager 8.0 (SCCP and SIP)

OL-21011-01

Chapter 9

Troubleshooting and Maintenance

Troubleshooting Cisco Unified IP Phone Security

Phone does not register with Cisco Unified

Communications Manager.

The CTL file does not contain the correct information for the Cisco

Unified Communications Manager server.

Phone does not request signed configuration

files.

The CTL file does not contain any TFTP entries with certificates.

802.1X Enabled on Phone but Not Authenticating

Phone cannot obtain a DHCP-assigned IP

address

These errors typically indicate that 802.1X is enabled on the phone, but the

phone is unable to authenticate.

Verify that you have properly configured the required components

Supporting 802.1X Authentication on Cisco Unified IP Phones, page 1-18

Confirm that the shared secret is configured on the phone (see

Security

Configuration Menu, page 4-30

for more information).

–

If the shared secret is configured, verify that you have the same shared

secret entered on the authentication server.

–

If the shared secret is not configured, enter it, and ensure that it

matches the one on the authentication server.

Phone does not register with Cisco Unified

Communications Manager

Phone status display as “Configuring IP” or

“Registering”

802.1X Authentication Status displays as

“Held” (see

802.1X Authentication and

Status, page 4-43

Status menu displays 802.1x status as

“Failed” (see

Call Statistics Screen,

page 7-13

802.1X Not Enabled

Phone cannot obtain a DHCP-assigned IP

address

These errors typically indicate that 802.1X is not enabled on the phone. To

enable it, see

Security Configuration Menu, page 4-30

for information on

enabling 802.1X on the phone.

Phone does not register with Cisco Unified

Communications Manager

Phone status display as “Configuring IP” or

“Registering”

802.1X Authentication Status displays as

“Disabled” (see

802.1X Authentication and

Status, page 4-43

Status menu displays DHCP status as timing

out (see

Call Statistics Screen, page 7-13

Factory Reset Deleted 802.1X Shared Secret

Phone cannot obtain a DHCP-assigned IP

address

These errors typically indicate that the phone has completed a factory reset

while 802.1X was enabled. A factory reset deletes the shared secret, which is

required for 802.1X authentication and network access. To resolve this, you

have two options:

•

Temporarily disable 802.1X on the switch.

•

Temporarily move the phone to a network environment that is not using

802.1X authentication.

Once the phone starts up normally in one of these conditions, you can access

the 802.1X configuration menus and re-enter the shared secret.

Phone does not register with Cisco Unified

Communications Manager

Phone status display as “Configuring IP” or

“Registering”

Cannot access phone menus to verify

802.1X status

Table 9-1

Cisco Unified IP Phone Security Troubleshooting (continued)

Problem

Possible Cause