Solved: Re: Cisco 8800s not registering with CUCM

Bitcoin · ‎02-16-2023

Ladies and Gents,

So I have a very interesting problem. I manage quite large organization where users can buy their own devices. We tell them to buy the appropriate TAA devices and models.

We got a shipment of 200 8800s a year ago. Everyone of these devices can register without issue.

My team has tried to do 2 separate installs with 8841s/8811s to find they do not register. These devices have been sourced from Mexico with a manufacturing date of the last couple months.

The common denominator we have is older manufacturing dated phones register with no problem. Newer manufacturing dated phones dont.

Both have the "Use 12.7 or later" stickers.

What RTMT report can I look at for this?

Or has anyone ran across a similar issue?

Jonathan Schulenberg · ‎04-17-2023

LSC and MIC are two different things. The former is issued by CAPF while the latter is burned in at the factory. If you have mixed mode enabled with TFTP encryption that would explain why the config file is incomplete; the unencrypted portion of it is just a stub file with the bare minimum info. Please mention that you are running mixed mode with CAPF on future posts; very few customers use that feature.

I'd seriously consider RMAing the phones if they do not have MIC. That's a serious miss, if that is what actually happened. It seems more likely that their MIC was issued by a newer CA that is missing from your CAPF-trust store. They won't be able to get their LSC without a MIC unless you use an auth string (difficult to scale, but safe if handled out of band properly) or null string (super insecure).

View solution in original post