01-17-2024 08:35 AM - edited 02-08-2024 03:19 AM
Greetings everyone,
Strange one I got here.
I have a CME gateway (Cisco 3850 15.2(4)M2) connected to my CUCM cluster through a SIP trunk. Withing my CME I have the telephony-service configured:
telephony-service
ssh userid xxxxxx password xxxxxxxxx
max-ephones 250
max-dn 250
ip source-address xxxxxxxxxxxxxxxx port 2000
service phone sshAccess 1
service phone webAccess 1
service directed-pickup gpickup
service dnis dir-lookup
timeouts interdigit 3
cnf-file location flash:
cnf-file perphone
user-locale PT load CME-locale-pt_PT-Portuguese-8.8.2.5.tar
network-locale PT
load 7911 SCCP11.9-2-1S
load 7942 SCCP42.9-2-1S
load 7962 term62.default.loads
load 6921 SCCP69xx.9-4-1-3SR3
load 6901 SCCP6901.9-2-1-a
time-zone 21
time-format 24
date-format dd-mm-yy
max-conferences 12 gain -6
web admin system name xxxx secret 5 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
web admin customer name xxxxxxxxxxxxx password xxxxxxxxxxxxxxx
web customize load CustomGUI.xml
dn-webedit
time-webedit
transfer-system full-consult
transfer-pattern .T
directory last-name-first
fac custom pickup local 79
I had all different models registred and working until now. I noticed that several phones, different models, lost the register and stopped being able to register again.
Since they were working and nothing was touched, I tried already:
1. Delete a recreate the configuration files;
2. Disable telephony-service, reload, and re-enable;
I have the cnf-files up to date, I have the alias created, I have phones registered.
I decided to check tftp events, and I have non ending loops of requests for files that doesnt exist:
190633: Jan 17 16:23:19.268: TFTP: Server request for port 59365, socket_id 0x1C44CBE4 for process 272
190634: Jan 17 16:23:19.268: TFTP: read request from host xx.xxx.xx.95(59365) via GigabitEthernet0/0
190635: Jan 17 16:23:19.268: TFTP: Looking for ITLSEPD867D9XXXXXX.tlv
190636: Jan 17 16:23:19.268: TFTP: Sending error 1 No such file
190637: Jan 17 16:23:19.308: TFTP: Server request for port 59367, socket_id 0x10C37290 for process 272
190638: Jan 17 16:23:19.308: TFTP: read request from host xx.xxx.xx.95(59367) via GigabitEthernet0/0
190639: Jan 17 16:23:19.308: TFTP: Looking for ITLFile.tlv
190640: Jan 17 16:23:19.308: TFTP: Sending error 1 No such file
190641: Jan 17 16:23:19.348: TFTP: Server request for port 59369, socket_id 0x1C44CBE4 for process 272
190642: Jan 17 16:23:19.348: TFTP: read request from host xx.xxx.xx.95(59369) via GigabitEthernet0/0
190643: Jan 17 16:23:19.348: TFTP: Looking for SEPD867D9XXXXXX.cnf.xml.sgn
190644: Jan 17 16:23:19.348: TFTP: Sending error 1 No such file
190645: Jan 17 16:23:19.384: TFTP: Server request for port 59371, socket_id 0x10C37290 for process 272
190646: Jan 17 16:23:19.384: TFTP: read request from host xx.xxx.xx.95(59371) via GigabitEthernet0/0
190647: Jan 17 16:23:19.384: TFTP: Looking for XMLDefault.cnf.xml.sgn
190648: Jan 17 16:23:19.384: TFTP: Sending error 1 No such file
190649: Jan 17 16:23:19.420: TFTP: Server request for port 59373, socket_id 0x1C44CBE4 for process 272
190650: Jan 17 16:23:19.420: TFTP: read request from host xx.xxx.xx.95(59373) via GigabitEthernet0/0
190651: Jan 17 16:23:19.420: TFTP: Looking for XMLDefault.cnf.xml.sgn
190652: Jan 17 16:23:19.420: TFTP: Sending error 1 No such file
190653: Jan 17 16:23:19.888: TFTP: Server request for port 62221, socket_id 0x10C37290 for process 272
190654: Jan 17 16:23:19.888: TFTP: read request from host xx.xxx.xx.48(62221) via GigabitEthernet0/0
190655: Jan 17 16:23:19.888: TFTP: Looking for CTLSEPD867DYYYYYY.tlv
190656: Jan 17 16:23:19.888: TFTP: Sending error 1 No such file
CME-R3925-VGW#sh flash | i SEPD867D9XXXXXX.cnf.xml
474 1683 Jan 17 2024 15:18:08 +00:00 its/vrf1/SEPD867D9XXXXXX.cnf.xml
The thing is that the configuration files, do exist (not the itl, just the cnf.xml), but not signed.
I have more CME gateway and the tftp requests are similar with exception for the config file. There, they request the not signed one, everything as expected.
So my question:
Why all of sudden did so many phones went into this process requesting signed configuration files in a non-secure deployment of CME? How can I fix it? Phones have IP connectivity but I cant factory reset them all. Going one by one is a hard to accept solution.
Best regards.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide