Specifications

ManualsBrandsCisco ManualsComputer equipment7911G - IP Phone VoIP

171

172

173

174

175

176

177

178

179

180

9-9

Cisco Unified IP Phone 7906G and 7911G for Cisco Unified Communications Manager 8.0

OL-21033-01

Chapter 9 Troubleshooting and Maintenance

Troubleshooting Cisco Unified IP Phone Security

Table 9-1 Cisco Unified IP Phone Security Troubleshooting

Problem Possible Cause

Device authentication error. CTL file does not have a Cisco Unified Communications Manager certificate or has an

incorrect certificate.

Phone cannot authenticate CTL file. The security token that signed the updated CTL file does not exist in the CTL file on

the phone.

Phone cannot authenticate any of

the configuration files other than the

CTL file.

Invalid TFTP record.

Phone cannot authenticate any of

the configuration file other than ITL

file.

The configuration file may not be signed by the corresponding certificate in the phone’s

Trust List.

Phone does not register with

Cisco Unified Communications

Manager.

The CTL file does not contain the correct information for the

Cisco Unified Communications Manager server.

Phone does not request signed

configuration files.

The CTL file does not contain any TFTP entries with certificates.

802.1X Enabled on Phone but Not Authenticating

Phone cannot obtain a

DHCP-assigned IP address.

These errors typically indicate that 802.1X authentication is enabled on the phone, but

the phone is unable to authenticate.

1. Verify that you have properly configured the required components (see Supporting

802.1X Authentication on Cisco Unified IP Phones, page 1-16 for more

information).

2. Confirm that the shared secret is configured on the phone (see 802.1X

Authentication and Status, page 4-37 for more information).

–

If the shared secret is configured, verify that you have the same shared secret

entered on the authentication server.

–

If the shared secret is not configured, enter it, and ensure that it matches the

one on the authentication server.

Phone does not register with

Cisco Unified Communications

Manager.

802.1X Authentication Status

displays as “Held” (see 802.1X

Authentication and Status,

page 4-37).

Status menu displays 802.1X status

as “Failed” (see Status Menu,

page 7-2).

802.1X Not Enabled

Phone cannot obtain a

DHCP-assigned IP address.

These errors typically indicate that 802.1X is not enabled on the phone. To enable it,

see Security Configuration Menu, page 4-27.

Phone does not register with

Cisco Unified Communications

Manager.

Phone status display as

“Configuring IP” or “Registering”.

802.1X Authentication Status

displays as “Disabled”.

Status menu displays DHCP status

as timing out.

Factory Reset Deleted 802.1X Shared Secret