cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1408
Views
0
Helpful
8
Replies

SPA525G SSL VPN

aapexisinc
Level 1
Level 1

I'm trying to coneect a 535G to a UC540 via ssl vpn.  I used the CCA 2.2.1 wizard to configure the phone and it claimed to be successful, setting the user name and password into the ssl vpn.  However, when I connect the phone to an exernal network, it does not appear to try to connect to the UC540 to establish the VPN.  I noticed that the wizard said that the phone should restart after the config, but it did not.  What could be the problem?  I can succesfully connect using https from a browser on a computer connected to the same external network as the phone.  Is there a minimum software version for this to work?  The phone is at 7.1.9..

8 Replies 8

aapexisinc
Level 1
Level 1

sorry, I mis-typed 535... it is a SPA525G

7.1.9? That doesn't sound right. Latest version is 7.4.3. Also, you have the SSL VPN Server configured on the UC540, right?

Marcos

7.1.9 is what is on the UC540, and the phones loaded to that version.   I tried using CCA to update the phone load to the current version, but it doesn't work.

Yes, the server is configured and working; I can connect usig https with a browser on a PC.

What version of CCA are you running?  If it is 2.2.1, you should be able to drag the .bin file for the 525 phones on to the UC500 in the topology view to upgrade the 525 phones.

Note this process only works currently for the SPA5XX phones.

I've tried that, but it doesn't work; I just get a circle with a line through it when I try to drag it onto the topology view.

I manually updated the phoneloads on the UC540; now the SPA525G is at 7-4-3, and was successfully configured by the ssl vpn wizard.   However, when the phone tries to connect, the following error is being generated on the UC540:

%CRYPTO-4-RECVD_PRT_MAC_ERR: decrypt: mac verify failed for connection id=1 local=173.200.132.42 remote 68.72.138.178 spi=A2D0BFFF segno=0000149C

Any idea what the problem is?

I found the problem.  Somehow the SPA525G had been set to VLAN 100 in Network Settings.  Disabling the VLAN fixed it.

Great! Thanks for posting your solution

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: