Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Cisco>
  3. VOIP
Implementing 802.1x for IP Phones - issue with UCM timeout
SRiley at robinsonbradshaw
Sep 17, 2020, 3:00 PM
Post #1 of 2 (694 views)
Permalink
We are working on implementing 802.1x with our 8851 ip phones. We have installed the LSC cert and enabled 802.1x on a few phones for testing. We are using Cisco ISE and the switch is configured for host mode multi domain. Everything seemed to be working fine, until we noticed the phones were resetting about every 48 minutes. Looking at the logs on the phone it seems it is being reset due to a timeout with CUCM.

ReasonForOutOfService=10 followed by a ReasonForOutOfService=23

My Cisco ISE admin didn't see anything on that side that he thinks is causing the timeout, and we only seem to see this issue after registering the phone with 802.1x enabled.

Any thoughts before I start collecting traces and wireshark captures.

CUCM v 11.5(1) SU6
IP phones are on latest firmware 12.7 or 12.8

Thanks.

Sean.
Re: Implementing 802.1x for IP Phones - issue with UCM timeout [ In reply to ]
ajp26 at buffalo
Sep 18, 2020, 7:31 AM
Post #2 of 2 (694 views)
Permalink
I've not implemented this with the phones, but, I would check the phone log to see if it thinks a VLAN change is taking place, and the device is dropping off the network at a session renewal time. Depending on the volume of devices you may want session renewal times to be in the order of days, if ever, if it's set to 45 minutes or something.

Best,

Adam

From: cisco-voip <cisco-voip-bounces@puck.nether.net> On Behalf Of Riley, Sean
Sent: Thursday, September 17, 2020 6:00 PM
To: cisco-voip@puck.nether.net
Subject: [cisco-voip] Implementing 802.1x for IP Phones - issue with UCM timeout

We are working on implementing 802.1x with our 8851 ip phones. We have installed the LSC cert and enabled 802.1x on a few phones for testing. We are using Cisco ISE and the switch is configured for host mode multi domain. Everything seemed to be working fine, until we noticed the phones were resetting about every 48 minutes. Looking at the logs on the phone it seems it is being reset due to a timeout with CUCM.

ReasonForOutOfService=10 followed by a ReasonForOutOfService=23

My Cisco ISE admin didn't see anything on that side that he thinks is causing the timeout, and we only seem to see this issue after registering the phone with 802.1x enabled.

Any thoughts before I start collecting traces and wireshark captures.

CUCM v 11.5(1) SU6
IP phones are on latest firmware 12.7 or 12.8

Thanks.

Sean.

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal