Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5239
Views
15
Helpful
4
Replies

Missing TLV file when using Cisco IP communicator from the internet

jacob6000
Level 1
Level 1

‎06-12-2012 05:36 PM - edited ‎03-16-2019 11:38 AM

When I attempt to use Cisco IP Communicator straight from the Internet, I get a failure when

attempting to register. I am doing NAT at our Cisco Router (IOS Firewall). After looking at  a packet

trace using wireshark, I see this call being made and failing.
http://x.x.x.x:6970/CTLSEPAC81129D66FB.tlv

Keep in mind that IP Communicator works fine internally. We are using CUCM v7.1.3. What is the TLV

file? Why wouldn't it be in the same location as for internal users? How do I fix this issue?

Any assistance would be greatly appreciated.

Thank you,

2 people had this problem
Labels:
0 Helpful
4 Replies 4

testeven
Cisco Employee
Cisco Employee

‎06-12-2012 05:58 PM

Hi Jacob,

Seems like you have security enabled on the CUCM. The TLV is a security CTLFile.tlv file. Even though your device is non-secured, it will still need to have a valid certificate from CUCM when it's configured in mixed-mode.  Since it is not registering it's probably because the download of this file is failing or timing out, it's possible that the server is not routable via HTTP.

Regards,

Tere.

If you find this post helpful, please rate!

Regards, Tere. If you find this post helpful, please rate! :)

jacob6000
Level 1
Level 1
In response to testeven

‎06-13-2012 02:27 PM

Thank you for the response. As noted above, the file transfer is failing. I verified that the request for the TLV file is making it to the CUCM server and the server is saying the file does not exist. What do I need to create/configure? It just seems odd that the same machine using IP Communicator works fine when on VPN (internal network).

0 Helpful

Joseph Martini
Cisco Employee
Cisco Employee
In response to jacob6000

‎06-13-2012 05:21 PM

If the file doesn't exist when trying to manually download the CTLSEP.tlv file you may not have security enabled on your CUCM cluster.  In that case you've mentioned that you do see TFTP over HTTP requrest (port 6970) reaching CUCM from the phone when it's on the Internet.  The next thing to check would be the SCCP (port 2000/TCP) traffic from CIPC to CUCM.  Is it making it to the call manager through the IOS NAT device as well as back from CUCM?  The SCCP version CIPC is using might not be understood by the NAT device since there has to be fix up at the SCCP level not just TCP/IP for the phone to work remotely.  If the SCCP traffic does not travel through the IOS NAT device when it's internal I bet that is the cause of the problem.

jacob6000
Level 1
Level 1
In response to Joseph Martini

‎06-13-2012 07:01 PM

Thanks Joe. Interesting info. I don't believe we have security enabled on our single CUCM server since I don't see any Security Profiles configured. I also don't see the CICP software asking for anything on port 2000yet  but he is looking for several files during the hunt. They all appear to be missing. I have attached a screenshot from a wireshark capture so you can see what is being requested by the CIPC client. Once again, it seems odd that it works through VPN but not externally. I would assume it is the same configuration files so what is different???

0 Helpful
Customers Also Viewed These Support Documents