cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
426
Views
0
Helpful
1
Replies

Encryption fails between UC520 and Cisco IP Phone 7942

martijndyna
Level 1
Level 1

I am trying to get encryption set up for all the phones.

The whole setup for encryption on the UC520 itself appears to go fine, no errors and all the cert chains appear to be created.

However, it falls just short of registering the phone; a phone which has been fully registered and is functional without encryption.

It gets the locale and IP but then it fails with:

027676: Sep 18 19:08:12.498 EDT: New Skinny socket accepted [2] from 1, sub 1 (26 active)

027677: Sep 18 19:08:12.498 EDT: sin_family 2, sin_port 51395, in_addr x.x.x.x

027678: Sep 18 19:08:12.502 EDT: add_skinny_secure_socket: pid =337, new_sock=0, ip address = x.x.x.x

027679: Sep 18 19:08:12.502 EDT: skinny_secure_handshake: pid =337, sock=0, args->pid=337, ip address = x.x.x.x

027680: Sep 18 19:08:12.502 EDT: Start TLS Handshake 0 x.x.x.x 51395

027681: Sep 18 19:08:12.502 EDT: TLS Handshake retcode OPSSLReadWouldBlockErr

027682: Sep 18 19:08:13.502 EDT: TLS Handshake error -6992

027683: Sep 18 19:08:13.502 EDT: TLS context configuration FAILED for 0 x.x.x.x 51395

This is the basic test phone setup:

ephone  36

device-security-mode encrypted

capf-auth-str xxxx

cert-oper upgrade auth-mode auth-string

mac-address x.x.x

ephone-template 16

username "x" password x

type 7942

button  1:130

I've tried using the MIC as well, but no luck.

Any suggestions or directoins to look in?

1 Reply 1

Jorge Armijo
Level 4
Level 4

Perhaps following link will help:

https://supportforums.cisco.com/docs/DOC-21867

HTH

--
Jorge Armijo

Please remember to rate helpful responses and identify helpful or correct answers.

-- Jorge Armijo Please remember to rate helpful responses and identify helpful or correct answers.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: