cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
833
Views
0
Helpful
4
Replies

More 525 VPN phone issues.

jadavies.jr
Level 1
Level 1

So I have a VPN setup on a customers UC560 that has been working just fine for close to a year.  The 525 phone worked well at a remote location for 6 months and has been nothing but problems since.

I have wiped it to factory defaults, updated the firmware to 7.5.5, re-configured it via the wizard in CCA, increased the VPN DHCP pool to 10 from 3, and it tests out fine on our shop network here at work.  After that it is 50/50 whether it wants to sync up and work properly off-site.  The client brings it to his house where he has cable internet and a basic Linksys router and it boots up, shows the VPN icon on the top bar as connected but just sits at downloading some .xml file.  Bypasses the router and same thing so it can't be a weird firewall issue.

I was under the impression that if this phone finds an internet connection it would work.  Don't understand all the hit and miss whether it's going to sync up or not.

4 Replies 4

Dennis Bigelow
Cisco Employee
Cisco Employee

Hi James,

There were a number of issues with the older IOS's regarding SSLVPN. If you are not on 15.1(4)M6, then you will need to upgrade. The version of  Anyconnect should be 2.5.6005 web with DART. Also check and make sure that the subnet for the VPN is not the same as any of the other subnets. I hope that helps.

Regards,

Chris

Thanks for the response.

I have verified we're on the latest IOS...

Cisco IOS Software, UC500 Software (UC500-ADVIPSERVICESK9-M), Version 15.1(4)M6, RELEASE SOFTWARE (fc2)

And I always use the 2.5.6005 version of Anyconnect.  Not sure about the DART thing.

Thanks for reminding me about the subnet.  The client is taking the phone home with him for testing and keeps reporting that the vpn connects but doesn't fully sync up with the phone system.  I bet he is on the same subnet of the system.  The data VLAN is 192.168.0.X which is common with home routers.

Thanks again,

Jim

jadavies.jr
Level 1
Level 1

Well I wiped the phone clean again, ran the wizard, had the client test the phone at home again with the same result.  VPN icon shows as connected but it still just loops between downloading those 2 .xml files.  So I assumed his home network was just the same subnet as the work 192.168.0.x so I had him send it to the "real" location and it did the same thing.  Not sure what's going on but I have no issues here at work on our network testing the phone.  If they aren't on the same subnet as the VPN connection what else could be the problem?

James,

At the remote verify these settings listed below on the 525.

1 username

2 password

3 public IP address of UC500 gateway

4 enable alternate TFTP server

5 set alternate TFTP server to be 10.1.10.2

6 disable CDP and LLDP autodetect

7 set call control to be SCCP

Regards,

Christopher

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: