cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1291
Views
0
Helpful
7
Replies

SPA 122 reboots at irregular intervals with reason code H0

gcornely
Level 1
Level 1

I have many SPA 122's that I have discovered are rebooting at irregular intervals with reason code H0.  I'm in a Metaswitch environment using the SIP Provisioning Server on the Meta.  It seems H0 implies that the time stamp of the config that the SIP PS generates on the fly when the file is requested is differing from the one on the SPA 122 (well of course it is, it is generated on the fly) so it reboots.  I have been weeding through posts and docs trying to find out why we are requesting a config on some irregular interval in the first place but am not being very successful.  

Gary

1 Accepted Solution

Accepted Solutions

Leo Laohoo
Hall of Fame
Hall of Fame

Do not, under any circumstances, upgrade the firmware of the SPA12X.  

If the SPA12X firmware gets upgraded, it will introduce FN - 72345 - SPA112 and SPA122: QuoVadis root CA 2 decommission may cause SIP and HTTPS handshake failure and turn the SPA12X into a brick because Cisco will not issue a fixed version (nor a patch) to fix the expired certificate.  

View solution in original post

7 Replies 7

gcornely
Level 1
Level 1

I turned down the syslog to just look at the requests.  

gcornely
Level 1
Level 1

Here is a snippit showing the Reboot Reason.  

Leo Laohoo
Hall of Fame
Hall of Fame

Do not, under any circumstances, upgrade the firmware of the SPA12X.  

If the SPA12X firmware gets upgraded, it will introduce FN - 72345 - SPA112 and SPA122: QuoVadis root CA 2 decommission may cause SIP and HTTPS handshake failure and turn the SPA12X into a brick because Cisco will not issue a fixed version (nor a patch) to fix the expired certificate.  

I am on 1.4.1 SR0 is this affected?

One of the symptoms of an expired QuoVadis certificate is inability to HTTPS into the SPA12x.

gcornely
Level 1
Level 1

I have seen this issue.  So is the recommendation short of replacing all of these 1.4.1 SPA 122's to down grade them to say 1.3.2?


@gcornely wrote:
So is the recommendation short of replacing all of these 1.4.1 SPA 122's to down grade them to say 1.3.2?

This question is going to get me into a lot of trouble if I respond.  

Downgrade is not an option because it will open up a number of security vulnerabilities.