Cisco Systems 7940G IP Phone User Manual

Open as PDF

of 162

8-9

Cisco Unified IP Phone 7960G/7940G Administration Guide for Cisco Unified Communications Manager 7.0 (SCCP)

OL-15498-01

Chapter 8 Troubleshooting and Maintenance

Troubleshooting Cisco Unified IP Phone Security

Table 8-1 provides troubleshooting information for the security features on the Cisco Unified IP Phone.

For information relating to the solutions for any of these issues, and for additional troubleshooting

information about security and encryption, refer to Cisco Unified Communications Manager Security

Guide.

Because third-party troubleshooting tools that sniff media and TCP packets do not work after you enable

encryption, you must use Cisco

Unified Communications Manager Administration to perform the

following tasks if a problem occurs:

• Analyze TCP packets for SCCP messages that are exchanged between

Cisco

Unified Communications Manager and the device

• Extract the media encryption key material from SCCP messages and decrypt the media between the

devices

Ta b l e 8-1 Cisco Unified IP Phone Security Troubleshooting

Problem Possible Cause

LSC fails on the phone. CAPF configuration error.

Device authentication error. CTL file does not have a Cisco Unified Communications Manager certificate or has an

incorrect certificate.

Phone cannot authenticate CTL file. The security token that signed the updated CTL file does not exist in the CTL file on

the phone.

Phone cannot authenticate any of the

configuration files other than the

CTL file.

Bad TFTP record.

Phone reports TFTP authorization

failure.

• The TFTP address for the phone does not exist in the CTL file.

• If you created a new CTL file with a new TFTP record, the existing CTL file on the

phone may not contain a record for the new TFTP server.

Phone does not register with Cisco

Unified

Communications Manager.

The CTL file does not contain the correct information for the Cisco

Unified

Communications Manager server.

Phone does not interact with the

correct CAPF server to obtain the

locally-significant certificate.

• The CAPF utility runs on a different workstation/server than is specified in the CTL

file.

• The CAPF certificate has changed since the last update of the CTL file.

Phone does not request signed

configuration files.

• The CTL file does not contain any TFTP server entry.

• The CTL file does not contain any TFTP entries with certificates

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems 7940G IP Phone User Manual