?
Solved

Cisco IP phones unable to reach DHCP server from a particular subnet/vlan.

Posted on 2015-02-17
6
Medium Priority
?
254 Views
Last Modified: 2015-02-24
DHCP server is normally responding to the request made by IP phones residing in all vlans, but when a DHCP request is coming from one particular block of subnets let suppose 192.168.208.1/22 and 192.168.216.1/22 and 192.168.224.1/22, the DHCP is unable to respond or IP phones are failing to reach the dhcp sever.

For reachability we did some pinging from those troubled subnets, pings are reaching easily the DHCP server, placed a laptop in those troubled subnets to check if it was getting an IP address and the laptop did get an IP, but why only phones are are unable to get an IP address and is stuck in "Registering" mode .

Any clue ?
0
Comment
Question by:md5auth
6 Comments
 
LVL 37

Expert Comment

by:bbao
ID: 40615919
> the DHCP is unable to response
> or IP phones are failing to reach the dhcp sever.

ever tried to use a sniffer to listen the incoming and outgoing traffic on the DHCP server's subnet in order to determine what's going on there underneath?
0
 
LVL 20

Expert Comment

by:José Méndez
ID: 40616639
If the phones display "Registering" on screen, they are definitely not having DHCP issues. They have gotten an IP already, and are effectively trying to register.

Grab one of those and:

- Open the Settings menu > Go to Network Settings > IPv4 > check the IP/subnet/gateway values received, and most important, check the TFTP value provided, this is the IP from which they obtain their configuration files

- If everything is good, then open the Settings menu > Status > Status messages and try to make sense about the entries the phone is logging

- If the phone has an IP, and if the phone has its Web Access enabled (something you tell the phone to have from the Callmanager config page, and through the XML configuration file), then try opening the phone IP on your web browser. If you can reach it, then go to the left menu, and click on Console logs. Download the  last 2 or 3 logs and try to make sense out of the entires, or put them here so I can take a look.

Remember that "Registering" means that the phone is using a specific type of traffic now, pinging is not going to prove if SCCP traffic or SIP traffic are effectively allowed between the phones and the callamanager.
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 

Author Comment

by:md5auth
ID: 40618288
OK, i have managed to get access to one of the phones web page and downloaded the logs, kindly if you can have a check.
log147
log146
0
 
LVL 20

Accepted Solution

by:
José Méndez earned 2000 total points
ID: 40618901
Go to the Setting menu and make sure the lock icon on the top right corner shows the lock opened. If it is not opened, press **#, and when it opens go to  Security > Trust List > More > Erase

The phone has an IP alright, and it is trying to authenticate the TFTP servers provided but the ITL certificate is not matching. Erase it so it can download a new one from your CM servers and let it reboot.
0
 

Author Comment

by:md5auth
ID: 40627608
yeah i did, and this problem is with multiple phones, is there any working utility that can perform a batch erase on all faulty ITLs ?
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A Cisco router can be configured as a DHCP Server. There are advantages and disadvantages in making your Cisco router work as DHCP Server. Almost all the features for windows DHCP can be configured on Cisco-based DHCP server. Some of the features me…
Hey there Heard about jingle, the add on for XMPP that enables point to point audio between two XMPP clients. No server config necessary. Actually quite a cool feature. However, how good is it if you can not use those voice capabilities to do a P…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question