Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
527
Views
0
Helpful
3
Replies

2901 doesn't create signed phone files (sgn files)

jim.sorensen1
Level 1
Level 1

‎10-08-2015 03:35 PM - edited ‎03-17-2019 04:32 AM

I have a new 2901 router on the bench and configured it for secure operation.  Technical support has verified the configuration is correct.  The symptom when I do create cnf command on a single file I get the error message:

 

“Error: Required feature is not enabled” 

 and the "sgn" files are not created.

 

Has anyone seen this message or problem?

 

running-config:

 

version 15.4
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
service internal
service sequence-numbers
!
hostname VOIP
!
boot-start-marker
boot-end-marker
!
!
logging queue-limit 10000
logging buffered 10000000
logging rate-limit 10000
no logging console
no logging monitor
!
no aaa new-model
clock timezone PST -8 0
clock summer-time PDT recurring
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
ip dhcp excluded-address 172.23.1.1 172.23.1.10
ip dhcp excluded-address 172.23.0.1 172.23.1.10
ip dhcp excluded-address 172.23.1.100 172.23.255.255
!
ip dhcp pool PHONES
 network 172.23.0.0 255.255.0.0
 default-router 172.23.1.1 
 option 150 ip 172.23.1.1 
!
!
!
no ip domain lookup
ip domain name voip.com
ip inspect WAAS flush-timeout 10
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
capf-server
 cert-enroll-trustpoint ca_company_system password 1 050513032D015D1D0B0C1915
 trustpoint-label cucme_capf_tftp_sast1
 source-addr 172.23.1.1
!
ctl-client
 server capf 172.23.1.1 trustpoint cucme_capf_tftp_sast1
 server cme 172.23.1.1 trustpoint cucme_capf_tftp_sast1
 server tftp 172.23.1.1 trustpoint cucme_capf_tftp_sast1
 sast1 trustpoint cucme_capf_tftp_sast1
 sast2 trustpoint sast2
!
cts logging verbose
!
crypto pki server ca_company_system
 database level complete
 no database archive
 grant auto
 database url flash:
!
crypto pki trustpoint TP-self-signed-978007948
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-978007948
 revocation-check none
 rsakeypair TP-self-signed-978007948
!
crypto pki trustpoint ca_company_system
 enrollment url http://172.23.1.1:80
 revocation-check none
 rsakeypair ca_company_system
!
crypto pki trustpoint cucme_capf_tftp_sast1
 enrollment url http://172.23.1.1:80
 serial-number
 revocation-check none
 rsakeypair cucme_capf_tftp_sast1 1024 1024
!
crypto pki trustpoint sast2
 enrollment url http://172.23.1.1:80
 serial-number
 revocation-check none
 rsakeypair sast2 1024 1024
!
!
crypto pki certificate chain TP-self-signed-978007948
 certificate self-signed 01
  30820229 30820192 A0030201 02020101 300D0609 2A864886 F70D0101 05050030 
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 39373830 30373934 38301E17 0D313431 31323831 34353131 
  365A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F 
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3937 38303037 
  39343830 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100 
  B99072E6 CC350A76 D6FDCF93 AC0685CE CAC164F2 F25A64A0 D7D7343E B318CC97 
  1BE4F372 3496AEBA 99E01AAA F393D326 86FD7927 FAED9568 298B4F48 A8688AA9 
  847E817E CD9625E4 402B969F DDBBC22C 6B7A6F30 4C15ED9F 61EE4849 A882EEA7 
  C25637B8 EB85E3CB 58EDD1A7 659AF9D3 49ACEDB4 D442CDAF DCCDA891 246C115F 
  02030100 01A35330 51300F06 03551D13 0101FF04 05300301 01FF301F 0603551D 
  23041830 1680146D 0A529869 C16A71AB 95FF7859 DD7860D6 54975030 1D060355 
  1D0E0416 04146D0A 529869C1 6A71AB95 FF7859DD 7860D654 9750300D 06092A86 
  4886F70D 01010505 00038181 0047A54A 15C5FFF7 0FA64677 B37B76B6 378F2106 
  7567F1AD 4CFEC208 3B271F82 9B0B95CA B7F7FFC9 B088B23F A79B2AB1 13F0FE64 
  42807C7A 0DC4D859 85E4A3D2 7AAC717B 4CDEB78E DC95D151 77B06620 CF09F154 
  EB4D9D69 5D3D1F2B B9CF9EC7 2D83D2C8 19D529DC 5B309C71 9D1C76D9 BBC086BE 
  523B2E47 80C1AD1C F9B8F982 3A
  quit
crypto pki certificate chain ca_company_system
 certificate ca 01
  3082020D 30820176 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  1A311830 16060355 04030C0F 63615F70 616C6F6D 61725F63 64637330 1E170D31 
  35303932 39313931 3634305A 170D3138 30393238 31393136 34305A30 1A311830 
  16060355 04030C0F 63615F70 616C6F6D 61725F63 64637330 819F300D 06092A86 
  4886F70D 01010105 0003818D 00308189 02818100 A100D2E7 F6D514C3 36BE02CE 
  B259655C 4593F6B0 59C0B98C 48151FAE A0B8DC60 873C3EB0 8F6BF68E 72592068 
  A103A03F 818DDB3E BB9BDA81 16734C08 BB774670 816CF00D B15274C1 91928D66 
  C8D5621C BC86A1A1 62A43D15 2CF9CB26 172DFB5E BFD6661A 8311CD97 5C9B4045 
  C48BF049 60F422CE A3A7B052 D5A33CB6 EEA0A46D 02030100 01A36330 61300F06 
  03551D13 0101FF04 05300301 01FF300E 0603551D 0F0101FF 04040302 0186301F 
  0603551D 23041830 16801446 128424A4 C3FE9E98 F82A11A3 368EFEE9 BFBFC830 
  1D060355 1D0E0416 04144612 8424A4C3 FE9E98F8 2A11A336 8EFEE9BF BFC8300D 
  06092A86 4886F70D 01010405 00038181 00779F65 A57DE157 A24FD303 55DCAA4B 
  58E90E52 2C4BD4AA 53B26D82 2DEFD90C 9B2FB66F 349B4FF0 EC474EE8 A927D025 
  37D3AA3D 38F6FADD 2B829D30 F08B2842 BAFE0384 9ED99D2B 3431DC87 31219291 
  5EDF3226 19F1EFCB 4698DB9C 899650E2 181440A3 A7C2394A D8D1D7BB F8036AFB 
  F9798DEC 94A76B8E D41ACE8A 72794F51 76
  quit
crypto pki certificate chain cucme_capf_tftp_sast1
 certificate 03
  30820220 30820189 A0030201 02020103 300D0609 2A864886 F70D0101 05050030 
  1A311830 16060355 04030C0F 63615F70 616C6F6D 61725F63 64637330 1E170D31 
  35303932 39313931 3830335A 170D3136 30393238 31393138 30335A30 41313F30 
  12060355 0405130B 464A4331 38343841 31364E30 2906092A 864886F7 0D010902 
  161C4553 5445524C 494E455F 564F4950 2E657374 65726C69 6E652E63 6F6D3081 
  9F300D06 092A8648 86F70D01 01010500 03818D00 30818902 818100BA BD9A1DB8 
  BEC7EF84 C4035778 354214B4 F51E4D2D B55F1FA1 11F089FF 487F4626 59E79BA4 
  521BAEE9 C99295EB 6C843A44 4FBB36D1 C8067243 F2E35464 A9A31584 40562D43 
  4E45C910 B0202FA7 94F144EF A8B8EE58 6E9B3268 BB8C144A 2FD6E21C EA194725 
  B7927546 9A891952 A3564DBE C7FC71C5 ABB2A18E 38125AE9 A0704702 03010001 
  A34F304D 300B0603 551D0F04 04030205 20301F06 03551D23 04183016 80144612 
  8424A4C3 FE9E98F8 2A11A336 8EFEE9BF BFC8301D 0603551D 0E041604 142EA085 
  A916F716 EAE22F75 C26C866E 87040050 47300D06 092A8648 86F70D01 01050500 
  03818100 0EE1A054 86D50A12 D6F1A588 6925DFC8 37212D8C 22A35229 0D3AE30B 
  79D34218 30FAB519 7FDFD0B9 E1BBBA49 1902C50E 6266ECF9 F8B84EB2 3CA650D1 
  8AEA9F28 420A7E69 DA826514 DA008AA1 9A0963D7 F60C98E6 0C613257 77987929 
  53296E5A 1A011F9D 1BE79301 CC0A675F 0616281C E02BEB88 ABA00A3E 36330C7C EAB55949
  quit
 certificate 02
  30820220 30820189 A0030201 02020102 300D0609 2A864886 F70D0101 05050030 
  1A311830 16060355 04030C0F 63615F70 616C6F6D 61725F63 64637330 1E170D31 
  35303932 39313931 3735315A 170D3136 30393238 31393137 35315A30 41313F30 
  12060355 0405130B 464A4331 38343841 31364E30 2906092A 864886F7 0D010902 
  161C4553 5445524C 494E455F 564F4950 2E657374 65726C69 6E652E63 6F6D3081 
  9F300D06 092A8648 86F70D01 01010500 03818D00 30818902 818100A7 99E39BFE 
  7A1C5E33 3F67A3C9 8276A693 B6B62DA8 1565EC9D 6E3C361E 690F751D 4D28BB81 
  F4663487 449D2CA8 35749D6C 3503CCB7 637307EF 45820DE0 C2566228 CA7B2B53 
  E603CDAE 623360A0 FB4B0DA6 E34F720A 76212245 0A078388 02715C00 DD3BA9D6 
  AD720B0B 71DC2E55 50D008C0 853438BB 812A4F38 14E11BCE 0950B702 03010001 
  A34F304D 300B0603 551D0F04 04030207 80301F06 03551D23 04183016 80144612 
  8424A4C3 FE9E98F8 2A11A336 8EFEE9BF BFC8301D 0603551D 0E041604 14464AB9 
  A6CD1822 6401CB01 AD7234D3 C5DD5693 99300D06 092A8648 86F70D01 01050500 
  03818100 40F5B19D 8DEF540A 228BE50A 556CC74C C34BE80E 1FA164C3 8AADD6FA 
  F02F7843 B55B4FB5 E6B8A292 803455B7 013C3459 1F274B5E 17EBE894 DA2F7EE7 
  F1FC8B99 32197B00 2B460550 1C682874 52376C41 8AAB53EC 2F850B3F 93DB94C8 
  E27993CB 04B4A1FF B1FD8DDF BE9E8443 0E322CBC 18FAA8B3 BFA4A595 5FF352CF C13B78E0
  quit
 certificate ca 01
  3082020D 30820176 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  1A311830 16060355 04030C0F 63615F70 616C6F6D 61725F63 64637330 1E170D31 
  35303932 39313931 3634305A 170D3138 30393238 31393136 34305A30 1A311830 
  16060355 04030C0F 63615F70 616C6F6D 61725F63 64637330 819F300D 06092A86 
  4886F70D 01010105 0003818D 00308189 02818100 A100D2E7 F6D514C3 36BE02CE 
  B259655C 4593F6B0 59C0B98C 48151FAE A0B8DC60 873C3EB0 8F6BF68E 72592068 
  A103A03F 818DDB3E BB9BDA81 16734C08 BB774670 816CF00D B15274C1 91928D66 
  C8D5621C BC86A1A1 62A43D15 2CF9CB26 172DFB5E BFD6661A 8311CD97 5C9B4045 
  C48BF049 60F422CE A3A7B052 D5A33CB6 EEA0A46D 02030100 01A36330 61300F06 
  03551D13 0101FF04 05300301 01FF300E 0603551D 0F0101FF 04040302 0186301F 
  0603551D 23041830 16801446 128424A4 C3FE9E98 F82A11A3 368EFEE9 BFBFC830 
  1D060355 1D0E0416 04144612 8424A4C3 FE9E98F8 2A11A336 8EFEE9BF BFC8300D 
  06092A86 4886F70D 01010405 00038181 00779F65 A57DE157 A24FD303 55DCAA4B 
  58E90E52 2C4BD4AA 53B26D82 2DEFD90C 9B2FB66F 349B4FF0 EC474EE8 A927D025 
  37D3AA3D 38F6FADD 2B829D30 F08B2842 BAFE0384 9ED99D2B 3431DC87 31219291 
  5EDF3226 19F1EFCB 4698DB9C 899650E2 181440A3 A7C2394A D8D1D7BB F8036AFB 
  F9798DEC 94A76B8E D41ACE8A 72794F51 76
  quit
crypto pki certificate chain sast2
 certificate 05
  30820220 30820189 A0030201 02020105 300D0609 2A864886 F70D0101 05050030 
  1A311830 16060355 04030C0F 63615F70 616C6F6D 61725F63 64637330 1E170D31 
  35303932 39313931 3934365A 170D3136 30393238 31393139 34365A30 41313F30 
  12060355 0405130B 464A4331 38343841 31364E30 2906092A 864886F7 0D010902 
  161C4553 5445524C 494E455F 564F4950 2E657374 65726C69 6E652E63 6F6D3081 
  9F300D06 092A8648 86F70D01 01010500 03818D00 30818902 8181009C 70C00A04 
  DA4ED32B 924BF977 B9688556 B3108F8B CEA69060 28E43393 BD2CA45C 3B1BA39B 
  A0713BDE 31F5EC6E 2A2F92CB E6A2B6B0 AD8C78FA AE81F530 12BF1BF7 462F0FB9 
  889E54DC F19BA261 A499920F D334A525 B31AB265 CB0E4600 833E16A2 8050CC6E 
  7C5C1F15 74C10DB8 F56A70D5 1E720A1D CFD33B4B 144B9004 10FC2D02 03010001 
  A34F304D 300B0603 551D0F04 04030205 20301F06 03551D23 04183016 80144612 
  8424A4C3 FE9E98F8 2A11A336 8EFEE9BF BFC8301D 0603551D 0E041604 142AF8DB 
  5AF2206E 4E819C02 3A6EF581 83E9B946 D3300D06 092A8648 86F70D01 01050500 
  03818100 89FEC10E 2951CD7B 131888F0 9381BBBA 4C056609 DF700F39 0D6097EA 
  1D83EA5E 06609464 7F3AE59C AB5FC1CA 1F8D86EA EC97B26B DF439E8C B9888ADF 
  A92E8F7B 3E54BFB2 0B5D7304 026B2F7C 0EE33181 CAF1368C D9E01D9D 1316AE7D 
  62B45214 8D86B9B3 C633ED42 1ED07FC4 80285D0C 99A5F2D9 DC14F1C7 E5643BA7 29C4E0ED
  quit
 certificate 04
  30820220 30820189 A0030201 02020104 300D0609 2A864886 F70D0101 05050030 
  1A311830 16060355 04030C0F 63615F70 616C6F6D 61725F63 64637330 1E170D31 
  35303932 39313931 3933345A 170D3136 30393238 31393139 33345A30 41313F30 
  12060355 0405130B 464A4331 38343841 31364E30 2906092A 864886F7 0D010902 
  161C4553 5445524C 494E455F 564F4950 2E657374 65726C69 6E652E63 6F6D3081 
  9F300D06 092A8648 86F70D01 01010500 03818D00 30818902 818100E8 1C8765C5 
  CC287F4D 38663F2B 93B090B7 CB08682C 31E36DD3 B31D8C0A 602B4025 5630F059 
  B3A0510B 7CE8B389 B6FFFCAD C4A2AD2C 82795B4A B9282354 0F589F5D BAD842B6 
  AC4FE2EE A6E5F182 1BB6CFC5 9FC7C5CA E90EABCD 131F7562 23000583 D37BFEC9 
  DB3ADA19 268C6EC4 28E899A2 41E5E708 4E1879E1 60B13AE0 48921B02 03010001 
  A34F304D 300B0603 551D0F04 04030207 80301F06 03551D23 04183016 80144612 
  8424A4C3 FE9E98F8 2A11A336 8EFEE9BF BFC8301D 0603551D 0E041604 14644785 
  A0D4AB40 370B02DB 76891BE0 F6BA53C4 31300D06 092A8648 86F70D01 01050500 
  03818100 401E39D8 949E88AF 5FB68F63 E85D1B54 1DF0A585 77A26363 CE1A447B 
  0CEDC28E AE25780C 2A1D7446 C8FAF2E1 AA1E8977 2189785E 7685A7BE 683CD7EC 
  3F8A8787 1B1EA9CE 4B851711 C365A57A 11792F1E D14D6716 9B774285 7BFFFC73 
  D735B757 517E523D 9D3B82A9 E8FAEBE4 D522FD58 A5CFB3AF 2C78DAE5 38912D1E 10E2D114
  quit
 certificate ca 01
  3082020D 30820176 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  1A311830 16060355 04030C0F 63615F70 616C6F6D 61725F63 64637330 1E170D31 
  35303932 39313931 3634305A 170D3138 30393238 31393136 34305A30 1A311830 
  16060355 04030C0F 63615F70 616C6F6D 61725F63 64637330 819F300D 06092A86 
  4886F70D 01010105 0003818D 00308189 02818100 A100D2E7 F6D514C3 36BE02CE 
  B259655C 4593F6B0 59C0B98C 48151FAE A0B8DC60 873C3EB0 8F6BF68E 72592068 
  A103A03F 818DDB3E BB9BDA81 16734C08 BB774670 816CF00D B15274C1 91928D66 
  C8D5621C BC86A1A1 62A43D15 2CF9CB26 172DFB5E BFD6661A 8311CD97 5C9B4045 
  C48BF049 60F422CE A3A7B052 D5A33CB6 EEA0A46D 02030100 01A36330 61300F06 
  03551D13 0101FF04 05300301 01FF300E 0603551D 0F0101FF 04040302 0186301F 
  0603551D 23041830 16801446 128424A4 C3FE9E98 F82A11A3 368EFEE9 BFBFC830 
  1D060355 1D0E0416 04144612 8424A4C3 FE9E98F8 2A11A336 8EFEE9BF BFC8300D 
  06092A86 4886F70D 01010405 00038181 00779F65 A57DE157 A24FD303 55DCAA4B 
  58E90E52 2C4BD4AA 53B26D82 2DEFD90C 9B2FB66F 349B4FF0 EC474EE8 A927D025 
  37D3AA3D 38F6FADD 2B829D30 F08B2842 BAFE0384 9ED99D2B 3431DC87 31219291 
  5EDF3226 19F1EFCB 4698DB9C 899650E2 181440A3 A7C2394A D8D1D7BB F8036AFB 
  F9798DEC 94A76B8E D41ACE8A 72794F51 76
  quit
voice-card 0
!
!
!
voice service voip
 allow-connections h323 to h323
 allow-connections h323 to sip
 allow-connections sip to h323
 allow-connections sip to sip
 supplementary-service h450.12
 no supplementary-service sip moved-temporarily
 no supplementary-service sip refer
 fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none
 h323
  call start slow
 sip
  bind control source-interface GigabitEthernet0/0
  bind media source-interface GigabitEthernet0/0
  registrar server expires max 600 min 60
!
voice class codec 1
 codec preference 1 g711ulaw
 codec preference 2 g729r8
!
!
!
!
voice iec syslog
voice register global
 mode  cme
 source-address 172.23.1.1 port 5060
 max-dn 200
 max-pool 42
 load 7821 sip78xx.10-3-1-12
 load 7841 sip78xx.10-3-1-12
 authenticate register
 authenticate realm voip.com
 tftp-path flash:
 create profile sync 0006443631505042
!
voice register dn  1
 number 1001
 pickup-call any-group
 name Phone 1
 label Phone 1 - 1001
!
voice register dn  2
 number 1002
 pickup-call any-group
 name Phone 2
 label Phone 2 - 1002
!
voice register dn  3
 number 1003
 pickup-call any-group
 name Phone 3
 label Phone 3 - 1003
!
voice register dn  4
 number 1004
 pickup-call any-group
 name Phone 4
 label Phone 4 - 1004
!
voice register dn  5
 number 3001
 pickup-call any-group
 name MicroSIP 1
 label MicroSIP 1 - 3001
!
voice register dn  6
 number 3002
 pickup-call any-group
 name MicroSIP 2
 label MicroSIP 2 - 3002
!
voice register pool  1
 busy-trigger-per-button 1
 id mac 204C.9EB3.BB6C
 type 7821
 number 1 dn 1
 dtmf-relay rtp-nte
 username phone1 password phone1
 description Phone 1
 codec g711ulaw
!
voice register pool  2
 busy-trigger-per-button 1
 id mac 204C.9EB3.BB26
 type 7821
 number 1 dn 2
 dtmf-relay rtp-nte
 username phone2 password phone2
 description Phone 2
 codec g711ulaw
!
voice register pool  3
 busy-trigger-per-button 1
 id mac 204C.9EB3.BB1A
 type 7821
 number 1 dn 3
 dtmf-relay rtp-nte
 username phone3 password phone3
 description Phone 3
 codec g711ulaw
!
voice register pool  4
 busy-trigger-per-button 1
 id mac 204C.9EB3.BF9B
 type 7821
 number 1 dn 4
 dtmf-relay rtp-nte
 username phone4 password phone4
 description Phone 4
 codec g711ulaw
!
voice register pool  5
 busy-trigger-per-button 1
 id mac CCCC.CCCC.CCCC
 number 1 dn 5
 dtmf-relay sip-notify
 username microsip1 password microsip1
 description MicroSIP 1
 codec g711ulaw
!
voice register pool  6
 busy-trigger-per-button 1
 id mac DDDD.DDDD.DDDD
 number 1 dn 6
 dtmf-relay sip-notify
 username microsip2 password microsip2
 description MicroSIP 2
 codec g711ulaw
!
!
!
!
!
license udi pid CISCO2901/K9 sn FJC1848A16N
license accept end user agreement
hw-module pvdm 0/0
!
hw-module pvdm 0/1
!
!
!
username bcsadmin privilege 15 password 7 143C0706032609187D716265
username cisco privilege 15 password 7 1511021F07252A20253A3B
!
redundancy
 notification-timer 60000
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 description **ETH-LAN**
 ip address 172.23.1.1 255.255.0.0
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
ip forward-protocol nd
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
logging trap debugging
!
!
tftp-server flash:/78xx/kern78xx.10-3-1-12.sbn alias kern78xx.10-3-1-12.sbn
tftp-server flash:/78xx/kern2.78xx.10-3-1-12.sbn alias kern2.78xx.10-3-1-12.sbn
tftp-server flash:/78xx/rootfs2.78xx.10-3-1-12.sbn alias rootfs2.78xx.10-3-1-12.sbn
tftp-server flash:/78xx/sboot78xx.10-3-1-12.sbn alias sboot78xx.10-3-1-12.sbn
tftp-server flash:/78xx/sip78xx.10-3-1-12.loads alias sip78xx.10-3-1-12.loads
tftp-server flash:/78xx/sboot2.78xx.10-3-1-12.sbn alias sboot2.78xx.10-3-1-12.sbn
!
control-plane
!
 !
 !
 !
 !
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
sccp local GigabitEthernet0/0
!
!
!
!
sip-ua 
!
!
!
gatekeeper
 shutdown
!
!
telephony-service
 secure-signaling trustpoint ca_company_system
 tftp-server-credentials trustpoint tftp
 server-security-mode non-secure
 device-security-mode encrypted
 max-ephones 42
 max-dn 200
 ip source-address 172.23.1.1 port 2000
 calling-number initiator
 timeouts interdigit 3
 system message Voip
 cnf-file location flash:
 cnf-file perphone
 time-zone 5
 max-conferences 8 gain -6
 call-forward pattern .T
 web admin system name ciscoadmin password cisco
 dn-webedit 
 time-webedit 
 transfer-system full-consult dss
 transfer-pattern 9.T
 secondary-dialtone 9
 create cnf-files version-stamp Jan 01 2002 00:00:00
!
!
ephone-dn  1
 number 2001 no-reg primary
 label Cisco Softphone - 2001
 name Cisco Softphone
!
!
ephone-dn  2
 number 2002 no-reg primary
 label Cisco Softphone - 2002
 name Cisco Softphone
!
!
ephone  1
 device-security-mode encrypted
 mac-address AAAA.AAAA.AAAA
 type CIPC
 button  1:1
!
!
!
ephone  2
 device-security-mode encrypted
 mac-address BBBB.BBBB.BBBB
 type CIPC
 button  1:2
!
!
!
!
line con 0
 login local
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
line vty 5 15
 privilege level 15
 login local
 transport input telnet ssh
!
scheduler allocate 20000 1000
!
end

 

 

Labels:
0 Helpful
3 Replies 3

Terry Cheema
VIP Alumni
VIP Alumni

‎10-08-2015 05:07 PM

Check and compare the config with this document here:

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucme/admin/configuration/guide/cmeadm/cmeauth.html#pgfId-1080079

You may need load-cfg command

Also review the phone authentication process and configuration file maintenance

here: http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucme/admin/configuration/guide/cmeadm/cmeauth.html#pgfId-1010498

Terry

Please rate all helpful posts

0 Helpful

jim.sorensen1
Level 1
Level 1
In response to Terry Cheema

‎10-09-2015 07:37 AM

Thanks, Terry.  The load-cfg file is for individual file signing.  That test case generates the "“Error: Required feature is not enabled”  message.  When I do the "create cfg-files" which should create all the signed files the files are not created, i.e., the router is not creating the ".sgn" files. The CTLFile.tlv file is OK because the CIPC phones attempt to load the ".sgn" files which do not exist.

0 Helpful

jim.sorensen1
Level 1
Level 1
In response to Terry Cheema

‎10-20-2015 07:59 AM

The above running config has two incorrect lines:

telephony-s

 secure-signaling trustpoint ca_company_system cucme_capf_tftp_sast1
 tftp-server-credentials trustpoint tftp cucme_capf_tftp_sast1
 
Also you need the following line in the ephone configuration which is not well documented:

ephone  1

device-security-mode encrypted

mac-address AAAA.AAAA.AAAA

type CIPC

capf-ip-in-cnf

button  1:1

 

  1. Delete all cert files in flash, flash/its/vrf1, nvram, nvram/its/vrf1 (ser, crt, cnm, crl, tlv).
  2. Erase CTL files/security data on phones and connect non-secure.

after setup:

!To reset the phone, execute these commands to load the LSCs:
end
conf t
ephone 1
reset
ephone 2
reset
end

 

 

0 Helpful
Customers Also Viewed These Support Documents