Avatar of Tercestisi
Tercestisi
Flag for United States of America asked on

Mitel 5330 TFTP Error 4 at Remote Site over IPSec VPN

Single user at remote site with Cisco ASA 5505 connecting to our corporate ASA 5510 over an IPSec site-to-site tunnel.

This user, about once a week, has the phone reboot and display this error. Today, the phone has not booted all day and continually reboots after this error.

IP is statically assigned, no vlan or PRI options set, and ICP/TFTP address set to the 3300 controller.

I've read about everything I could on this, from inspection maps on the ASA for SIP traffic, to potential packet sizes for the TFTP from the 3300 coming in at 1522 which would fragment on the 1500 MTU ASA.

Any ideas? I'm now exploring setting up the Teleworker portion of the phone, though we don't have the module, as I understand it has longer timeout and "jitter" periods.
CiscoIP TelephonyTelecommunications

Avatar of undefined
Last Comment
tillie arend

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
ArneLovius

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
atrevido

If you have an ipsec tunnel then you don't need to use Teleworker.  Your error means that the phone is having trouble locating the MBG server (aka teleworker server).  If you don't have a MBG server then you should be just pointing it to the 3300 ip and NOT using the 7 key to program the phone.  using the 7 key upon boot allows you to program/set the phone in teleworker mode.
Tercestisi

ASKER
Thanks.

I only did teleworker as last resort, as I read others used that as a hack of sorts to extend the timeout period for the phone contacting the ICP; the initial problem was before applying teleworker settings.

Anyhow, the phone came up on Saturday, and we've all been away out of state since so I don't have any updates or have tried anything else since.

I will look into using DHCP options instead of a static IP.
Tercestisi

ASKER
Didn't find a bonafide answer yet so will keep digging; closing question, and thanks for the responses.
Your help has saved me hundreds of hours of internet surfing.
fblack61
tillie arend

Fantastic comments ! my colleague recently located <code>https://goo.gl/tJ1Zvd</code> to share pdf - It's quite convenient to navigate and it's superb . I know they are giving a 30 day trial now