02-03-2011 07:28 AM - edited 03-16-2019 03:15 AM
Hi,
I have the following setup:
CUCM: 7.1.3
CIPC: 7.0.5
In non secure mode my CICP register fine with CUCM.
If I associate a secure profile to these phones I get "Registration Rejected: Security Error".
Mind you that I have other models (7945/7965, 7911) and they all work as expected. Only CIPC are not registering when the secure profile is applied.
I already took some troubleshooting steps, namely:
1) Tried using other CIPC versions;
2) Deleted the CTL on the phone;
3) Put the PC where CIPC is installed in the Voice VLAN (to guarentee that no firewall was in the way);
4) Followed this procedure:
http://www.cisco.com/en/US/docs/voice_ip_comm/cipc/7_0/english/administration/guide/cag70ts.html#wp1045102
I see no LSC Certificate installed on the PC where the CIPC is installed;
Still, no matter what, CIPC doesn't register.
Included is also the SEPxxxxxxxxxxxx.cnf.xml regarding the CICP installed on my machine.
Hope someone can shade some light on this one.
Thanks,
Pedro Marques
02-03-2011 01:45 PM
Can you goto
Security>LSC>Update
This has to be done after the following
++ Correct TFTP Server
++ Erase Previous CTL File
++ Get rid of all security config on the CIPC.
Could you send a screen-shot of the "Status Messages"
02-08-2011 04:07 AM
Hi,
I managed to solve this issue.
Since CIPC has no MIC nor LSC I had to manually install the LSC and then apply the secure profile.
Thanks for all the help.
Pedro Marques
10-30-2012 08:40 AM
Hi,
I have the same issue, but I don't know which LSC-File I have to install manually and where I have to install it.
Can you help me, please?
Thanks!
Regards
Matthias
02-10-2017 06:00 PM
Hi,
I know its been a while but here is how you can do this, on CUCM go to:
system > security > phone security profile
Then create a new security profile for your CIPC and under "Authentication Mode" select 'by authentication string' and make sure you use sip port 5061 then save it.
Go to the CIPC admin page on CUCM, and use the phone security profile you just created to your CIPC.
Then navigate to "Certification Authority Proxy Function (CAPF) Information", and under 'Certificate Operation' select 'install / update' then under 'Authentication Mode' select 'by authentication string' and click on generate string, then copy the string and paste it on a notepad, save the configuration changes and click on 'apply config'
Open your CIPC and click on the 'settings' button then go to security configuration > LSC
then click on update (you may need to use the **# to unlock the settings), then copy and paste the authentication string you pasted on a notepad.
The CIPC resets and now it should come up with the authentication profile.
HTH
Christian.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide