The archive portrays the means needed to change Cisco Unified Communications Manager (CUCM) Security Mode from Mixed mode to Non-Secure mode. It additionally shows how the substance of a Certificate Trust List (CTL) record is changed when this move is finished.
There are three significant parts to change cmcu near me Security Mode:
1a. Run the CTL customer and select the ideal variation of Security Mode.
1b. Enter the CLI order to choose the ideal variation of Security Mode.
2. Restart Cisco CallManager and Cisco TFTP administrations on all CUCM workers that run these administrations.
3. Restart all the IP telephones so they can download the refreshed adaptation of the CTL record.
Note: If the group security mode is changed from Mixed mode to Non-Secure mode the CTL record actually exists on the server(s) and on the telephones, however the CTL document doesn't contain any CCM+TFTP (worker) authentications. Since CCM+TFTP (worker) authentications don't exist in the CTL record, this powers the telephone to enlist as Non-Secure with CUCM.
Essentials
Cisco suggests that you know about CUCM Version 10.0(1) or later. Furthermore, guarantee that:
The CTL Provider administration is up and runs on all dynamic TFTP workers in the bunch. As a matter of course the administration runs on TCP port 2444, however this can be changed in the CUCM Service Parameter design.
The Certificate Authority Proxy Function (CAPF) Services is up and runs on the Publisher hub.
Information base (DB) Replication in the group works effectively and the workers imitate information continuously.
Parts Used
The data in this archive depends on these product and equipment renditions:
CUCM Release 10.0.1.11900-2 bunch of two hubs
Cisco 7975 IP telephone (enrolled with Skinny Call Control Protocol (SCCP), firmware variant SCCP75.9-3-1SR3-1S)
Two Cisco Security Tokens are fundamental to set the group to Mixed mode
One of the Security Tokens recorded beforehand is important to set the group to Non-Secure mode
The data in this record was made from the gadgets in a particular lab climate. The entirety of the gadgets utilized in this archive began with a cleared (default) arrangement. On the off chance that your organization is live, ensure that you comprehend the expected effect of any order.
Foundation Information
To run the CTL Client module it is needed to approach in any event one security token that was embedded to make or refresh the most recent CTL document exists on the CUCM Publisher worker. All in all, in any event one of the eToken endorsements that exists in the current CTL record on CUCM should be on the security token that is utilized to change the Security mode.
Design
Change the CUCM Cluster Security from Mixed Mode to Non-Secure Mode with the CTL Client
Complete these means to change the CUCM bunch security from Mixed mode to Non-Secure mode with the CTL customer:
Get one security token that you embedded to design the most recent CTL document.
Run the CTL customer. Give the IP hostname/address of the CUCM Pub and the CCM Administrator accreditations. Snap Next.
No comments:
Post a Comment