A a new trust list to the phone (ITL) was added on CUCM 8.0 even when the cluster is not secure. The behavior of this feature is really extrange: in some post i have read that the phone is not able to register if the ILT does not match but in a real life escenario that i have the phone was able to register (even make calls) but not upgrade it's firmware.
Any idea how this feature should REALLY work?
Here's some information about it: http://www.cisco.com/en/US/partner/docs/voice_ip_comm/cucmbe/security/8_0_2/secugd/secusbd.html. I've also need the same thing that the phone can register but not upgrade it's firmware. The ITL signs the TFTP so the phone can't upgrade if it does not trust the file, the CCM service doesn't have anything that needs to be trusted in the ITL. The only trick is if you want to move a phone from one 8.x cluster to another, the TFTP signature of the new cluster won't match the old cluster's ITL on the phone so the configuration won't take to register the phone to the new cluster.
Here's a link anyone can access: http://www.cisco.com/en/US/customer/docs/voice_ip_comm/cucmbe/security/8_0_2/secugd/secusbd.html
I went trough all that document and it does not explain exactly what should happend when a phone is moved to another cluster or for example TFTP address is changed:
- Does the phone register into the new cluster?
- Does the phone is able to download the config?
- Does the phone is able to upgrade?
- What is going to work and what's not?
I have seing mixed results.
If you moved to a different cluster but the TFTP address happened to be the same, the TFTP keys would not match the ITL so the phone would not be able to download it's new configuratin file. Now if the new cluster was restored from a backup from the original cluster the keys would be the same and it would work. The phone would still register to the new cluster if the CUCM address is the same as before since it would not upgrade or download the new configuration file.
Did you delete the ITL file when moving the phone? How was the new cluster built, completely from scratch, same different hostnames, IP address, etc?
Everything different (totally different customers). I did not delete the ITL File and the phone was able to register/make calls but not to upgrade or update the timezone. After erasing the ITL file the phone was able to upgrade and correct the timezone.
Did the two customers happen to use the same IP address for one of their CCMs?
I move phones between clusters all the time on my lab system and can confirm the expected behaviour is what I see - the phones won't download TFTP file, and therefore don't register.
If the CCM IP was the same, and the CCM services isn't something that gets into the ITL, then I imagine it would register.