This will help you resolve the error "Host not Found" in CallManager 8.x where the ITL files are causing that the phones losses trust with the servers.
Please keep in mind that so far there is no way to know why the ITL files change in most of the scenarios due to CSCtx26418
We have been seeing these issues basically in the following situations:
Certificate regeneration without the proper follow up procedure(restarting CUCM, TVS, TFTP, resetting phones). Certificates can be regenerated explicitly by users through CLI or UI or the regeneration can be triggered by a change in the server network configuration (hostname, ip or domain name changes). In 8.6, we have implemented a more automatic handling of certificates regeneration. TFTP automatically detects the change and phones are also automatically reset so user intervention is not required.
DRS restore sometimes causes sync problems between the file system and the database. Normally, certificates are stored both in the file system and the database and they should be in sync. If they are not, problems as the one observed here would occur.
Not as frequent but we have seen problems with particular sequences of upgrade due to the delay in sync'ing up different copies of the database in the cluster. After upgrading a subscriber, it takes some delay for its copy to sync up with the Pub's. As a result, different copies of the database might not have all the current certificates thus causing problems in the generation of the ITL File. This can be a problem in deployments where the TFTP runs on a sub.
We are low on extensions and licenses so if some one has not used their 7925g or 8821 in 90 days we will take that extension. Is there a better way to find out how many days an endpoint is inactive for than entering in the MAC one by one in ISE and then f...
For CUCM the document below has a list of "Recommended Ciphers" that can be set up From Cisco Unified OS Administration, choose Security > Cipher Management.https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/security/12_5_1SU3/cucm_b_security_gui...
Sometimes you want to use Wireshark to capture packets On Cisco Meeting Server to troubleshoot and investigate video call issues, quality issues, or may be Expressway integration, WebRTC Connections, or why not, understand how the communication and the ca...
When we talk about Stun Protocol used for NAT traversal in voip environment, the common term used when talking about the Type of NAT that is compatible with Stun is “Full Cone NAT”, then when we explain why Turn Protocol is developped to replace Stun Prot...