Cisco IP phones unable to reach DHCP server from a particular subnet/vlan.

DHCP server is normally responding to the request made by IP phones residing in all vlans, but when a DHCP request is coming from one particular block of subnets let suppose and and, the DHCP is unable to respond or IP phones are failing to reach the dhcp sever.

For reachability we did some pinging from those troubled subnets, pings are reaching easily the DHCP server, placed a laptop in those troubled subnets to check if it was getting an IP address and the laptop did get an IP, but why only phones are are unable to get an IP address and is stuck in "Registering" mode .

Any clue ?
Who is Participating?
José MéndezConnect With a Mentor Commented:
Go to the Setting menu and make sure the lock icon on the top right corner shows the lock opened. If it is not opened, press **#, and when it opens go to  Security > Trust List > More > Erase

The phone has an IP alright, and it is trying to authenticate the TFTP servers provided but the ITL certificate is not matching. Erase it so it can download a new one from your CM servers and let it reboot.
bbaoIT ConsultantCommented:
> the DHCP is unable to response
> or IP phones are failing to reach the dhcp sever.

ever tried to use a sniffer to listen the incoming and outgoing traffic on the DHCP server's subnet in order to determine what's going on there underneath?
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

José MéndezCommented:
If the phones display "Registering" on screen, they are definitely not having DHCP issues. They have gotten an IP already, and are effectively trying to register.

Grab one of those and:

- Open the Settings menu > Go to Network Settings > IPv4 > check the IP/subnet/gateway values received, and most important, check the TFTP value provided, this is the IP from which they obtain their configuration files

- If everything is good, then open the Settings menu > Status > Status messages and try to make sense about the entries the phone is logging

- If the phone has an IP, and if the phone has its Web Access enabled (something you tell the phone to have from the Callmanager config page, and through the XML configuration file), then try opening the phone IP on your web browser. If you can reach it, then go to the left menu, and click on Console logs. Download the  last 2 or 3 logs and try to make sense out of the entires, or put them here so I can take a look.

Remember that "Registering" means that the phone is using a specific type of traffic now, pinging is not going to prove if SCCP traffic or SIP traffic are effectively allowed between the phones and the callamanager.
md5authAuthor Commented:
OK, i have managed to get access to one of the phones web page and downloaded the logs, kindly if you can have a check.
md5authAuthor Commented:
yeah i did, and this problem is with multiple phones, is there any working utility that can perform a batch erase on all faulty ITLs ?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.