manualshive.com logo in svg

Cisco 8865, Administration Manual

Share
Download
Cisco 8865 Administration Manual Download Page 103

Table 16: Overview of Security Features

Description

Feature

Signed binary files (with the extension .sbn) prevent tampering with the firmware image
before the image is loaded on a phone.

Tampering with the image causes a phone to fail the authentication process and reject the
new image.

Image authentication

Encrypted binary files (with the extension .sebn) prevent tampering with the firmware image
before the image is loaded on a phone.

Tampering with the image causes a phone to fail the authentication process and reject the
new image.

Image encryption

Each Cisco IP Phone requires a unique certificate for device authentication. Phones include
a manufacturing installed certificate (MIC), but for additional security, you can specify
certificate installation in Cisco Unified Communications Manager Administration using the
Certificate Authority Proxy Function (CAPF). Alternatively, you can install a Locally
Significant Certificate (LSC) from the Security Configuration menu on the phone.

Customer site certificate installation

Occurs between the Cisco Unified Communications Manager server and the phone when
each entity accepts the certificate of the other entity. Determines whether a secure connection
between the phone and a Cisco Unified Communications Manager should occur; and, if
necessary, creates a secure signaling path between the entities by using TLS protocol. Cisco
Unified Communications Manager does not register phones unless it can authenticate them.

Device authentication

Validates digitally signed files that the phone downloads. The phone validates the signature
to make sure that file tampering did not occur after file creation. Files that fail authentication
are not written to Flash memory on the phone. The phone rejects such files without further
processing.

File authentication

Encryption prevents sensitive information from being revealed while the file is in transit to
the phone. In addition, the phone validates the signature to make sure that file tampering did
not occur after file creation. Files that fail authentication are not written to Flash memory
on the phone. The phone rejects such files without further processing.

File encryption

Uses the TLS protocol to validate that no tampering to signaling packets has occurred during
transmission.

Signaling authentication

Each Cisco IP Phone contains a unique manufacturing installed certificate (MIC), which is
used for device authentication. The MIC provides permanent unique proof of identity for
the phone and allows Cisco Unified Communications Manager to authenticate the phone.

Manufacturing installed certificate

Uses SRTP to ensure that media streams between supported devices prove secure and that
only the intended device receives and reads the data. Includes creating a media master key
pair for the devices, delivering the keys to the devices, and securing the delivery of the keys
while the keys are in transport.

Media encryption

Cisco IP Phone 8800 Series Administration Guide for Cisco Unified Communications Manager    

85

Supported Security Features

Summary of Contents for 8865

Page 1: ...or Cisco Unified Communications Manager First Published 2015 07 13 Last Modified 2017 09 01 Americas Headquarters Cisco Systems Inc 170 West Tasman Drive San Jose CA 95134 1706 USA http www cisco com Tel 408 526 4000 800 553 NETS 6387 Fax 408 527 0883 ...

Page 2: ...e encouraged to try to correct the interference by using one or more of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help Modifications to this product no...

Page 3: ...ion 1 New Information for Firmware Release 12 0 1 1 New Information for Firmware Release 11 7 1 1 New Information for Firmware Release 11 5 1 SR1 1 New Information for Firmware Release 11 5 1 3 New Information for Firmware Release 11 0 3 P A R T I About the Cisco IP Phone 5 C H A P T E R 2 Technical Details 7 Physical and Operating Environment Specifications 7 Cable Specifications 8 Network and Co...

Page 4: ...ters 22 C H A P T E R 3 Cisco IP Phone Hardware 23 Phone Overview 23 Cisco IP Phone 8811 25 Phone Connections 25 Cisco IP Phones 8841 and 8845 26 Phone Connections 27 Cisco IP Phones 8851 and 8851NR 27 Phone Connections 28 Cisco IP Phones 8861 8865 and 8865NR 29 Phone Connections 29 Buttons and Hardware 30 Softkey Line and Feature Buttons 32 P A R T I I Cisco IP Phone Installation 35 C H A P T E R...

Page 5: ...VLAN Field 59 Set SW Port Setup Field 60 Set PC Port Setup Field 60 Set Wireless Field 60 Set WLAN Sign In Access Field 60 Set SSID Field 61 Set Security Mode Field 61 Set 802 11 Mode Field 62 Set DHCP Enabled Field 62 Set IP Address Field 63 Set Subnet Mask Field 63 Set Default Router Field 63 Set DNS Server Fields 63 Set Alternate TFTP Field 64 Set TFTP Server 1 Field 64 Set TFTP Server 2 Field ...

Page 6: ...lication Dial Rules 78 Configure Application Dial Rules 78 C H A P T E R 6 Self Care Portal Management 79 Self Care Portal Overview 79 Set Up User Access to the Self Care Portal 80 Customize the Self Care Portal Display 80 P A R T I I I Cisco IP Phone Administration 81 C H A P T E R 7 Cisco IP Phone Security 83 Security Enhancements for Your Phone Network 83 Supported Security Features 84 Set Up a...

Page 7: ...lled Certificate 102 Install Authentication Server Root Certificate 103 Set Up ACS User Account and Install Certificate 103 PEAP Setup 104 Before You Begin 104 Enable PEAP Authentication 104 Wireless LAN Security 104 Cisco IP Phone Administration Page 105 Configure the Administration Page for Phone 105 Access Phone Administration Web Page 105 Install a User Certificate from the Phone Administratio...

Page 8: ...4 Phone Feature Configuration 136 Set Up Phone Features for all Phones 137 Set Up Phone Features for a Group of Phones 137 Set Up Phone Features for a Single Phone 138 Product Specific Configuration 138 Feature Configuration Best Practices 154 High Call Volume Environments 154 Multiline Environments 154 Enhanced Line Mode and Session Line Mode Environments 155 Field Always Use Prime Line 155 Sched...

Page 9: ...Lists 175 Set Up the Audio and Video Port Range 176 Set up Cisco IP Manager Assistant 177 Set up Visual Voicemail 179 Set Up Visual Voicemail for a Specific User 180 Visual Voicemail Setup for a User Group 181 Set up AS SIP 181 Set Up Softkey Template 183 Phone Button Templates 185 Modify Phone Button Template 185 Assign Phone Button Template for All Calls 186 Set Up PAB or Speed Dial as IP Phone ...

Page 10: ...Fields 203 Display Network Information Screen 208 Display Network Statistics Screen 208 Ethernet Statistics Information 208 Display Wireless Statistics Screen 212 WLAN Statistics 212 Display Call Statistics Window 213 Call Statistics Fields 214 Display Current Access Point Window 215 Current Access Points Fields 215 Cisco IP Phone Web Page 217 Access Web Page for Phone 217 Device Information 218 N...

Page 11: ... Manager Phone Registration 242 Cisco IP Phone Cannot Obtain IP Address 242 Phone Not Registering 242 Phone Reset Problems 243 Phone Resets Due to Intermittent Network Outages 243 Phone Resets Due to DHCP Setting Errors 243 Phone Resets Due to Incorrect Static IP Address 243 Phone Resets During Heavy Network Usage 244 Phone Resets Due to Intentional Reset 244 Phone Resets Due to DNS or Other Conne...

Page 12: ...onfiguration File 251 Identify 802 1X Authentication Problems 251 Verify DNS Settings 252 Start Service 252 Control Debug Information from Cisco Unified Communications Manager 252 Additional Troubleshooting Information 254 C H A P T E R 1 3 Maintenance 255 Basic Reset 255 Reset the Phone to the Factory Settings from the Phone Keypad 256 Perform Reset All Settings from Phone Menu 256 Perform Networ...

Page 13: ...nications Manager Endpoints Locale Installer 261 International Call Logging Support 261 Language Limitation 262 Cisco IP Phone 8800 Series Administration Guide for Cisco Unified Communications Manager xiii Contents ...

Page 14: ...Cisco IP Phone 8800 Series Administration Guide for Cisco Unified Communications Manager xiv Contents ...

Page 15: ...for procedures that you need to perform in Cisco Unified Communications Manager or other network devices Audience Network engineers system administrators and telecom engineers should review this guide to learn the steps that are required to set up Cisco IP Phones The tasks described in this document involve configuring network settings that are not intended for phone users The tasks in this manual...

Page 16: ...ontrol key while you press the D key Nonprinting characters such as passwords are in angle brackets Means reader take note Notes contain helpful suggestions or references to material not covered in the publication Note Means reader be careful In this situation you might do something that could result in equipment damage or loss of data Caution Warnings use the following convention IMPORTANT SAFETY...

Page 17: ...ries home html Cisco Business Edition 6000 Documentation Refer to the Cisco Business Edition 6000 Documentation Guide and other publications that are specific to your Cisco Business Edition 6000 release Navigate from the following URL https www cisco com c en us support unified communications business edition 6000 tsd products support series home html Documentation Support and Security Guidelines ...

Page 18: ...distributors and users are responsible for compliance with U S and local country laws By using this product you agree to comply with applicable laws and regulations If you are unable to comply with U S and local laws return this product immediately Further information regarding U S export regulations can be found at https www bis doc gov policiesandregulations ear index htm Cisco IP Phone 8800 Ser...

Page 19: ...mentation have been updated to support all Cisco Unified Communications Manager releases Table 1 Cisco IP Phone 8800 Administration Guide Revisions for Firmware Release 12 0 1 Updated Section Revision Features Available in Enhanced Line Mode on page 190 Updated for Call Park Call Park Line Status Group Pickup and Hunt Groups support on Enhanced Line Mode New Information for Firmware Release 11 7 1...

Page 20: ...ge 43 Updated for WLAN Scan List support Set Up Wireless LAN from Phone on page 44 Set SSID Field on page 61 Set Security Mode Field on page 61 Set 802 11 Mode Field on page 62 Set Up Do Not Disturb on page 161 Updated for Do not disturb with MLPP support Set up AS SIP on page 181 Product Specific Configuration on page 138 Updated for Configurable Ringer support Security Enhancements for Your Phon...

Page 21: ...1 and 8865 is supported Set Up a Wi Fi Group on page 49 Set WLAN Authentication Attempts on page 47 Set WLAN Authentication Attempts is supported Enable WLAN Prompt Mode on page 47 Enable WLAN Prompt Mode is supported Customize the Dial Tone on page 115 Customize Dial Tone is supported Display Network Information Screen on page 208 Display Network Info Screen is supported New Information for Firmw...

Page 22: ...on support WLAN Security on page 93 Set Up Authentication Mode on page 96 Wireless Security Credentials on page 96 Updated for improved EAP TLS SCEP PEAP GTC and X 509 digital certificates support Problem Report Tool on page 171 Configure a Customer Support Upload URL on page 171 Updated for improved Problem Report Tool PRT support View All Calls on Primary Line Added for View All Calls on Primary...

Page 23: ...P A R T I About the Cisco IP Phone Technical Details page 7 Cisco IP Phone Hardware page 23 ...

Page 24: ......

Page 25: ...w page 19 External Devices page 20 USB Port Information page 21 Phone Configuration Files page 21 Phone Behavior During Times of Network Congestion page 22 Phone Behavior on a Network with Two Network Routers page 22 Physical and Operating Environment Specifications The following table shows the physical and operating environment specifications for the Cisco IP Phone 8800 Series Table 5 Physical a...

Page 26: ...he maximum cable length between each Cisco IP Phone and the switch is assumed to be 330 feet 100 meters Distance requirements Cable Specifications The following information lists the cable specifications RJ 9 jack 4 conductor for handset and headset connection RJ 45 jack for the LAN 10 100 1000BaseT connection 10 100 1000 Network port on the phone RJ 45 jack for a second 10 100 1000BaseT compliant...

Page 27: ...scribes the network port connector pinouts Table 6 Network Port Connector Pinouts Function Pin Number BI_DA 1 BI_DA 2 BI_DB 3 BI_DC 4 BI_DC 5 BI_DB 6 BI_DD 7 BI_DD 8 BI stands for bidirectional while DA DB DC and DD stand for Data A Data B Data C and Data D respectively Note Computer Port Connector The following table describes the computer port connector pinouts Table 7 Computer Access Port Conne...

Page 28: ...wered with external power disconnect the Ethernet cable from the phone before you disconnect the power supply Table 8 Guidelines for Cisco IP Phone Power Guidelines Power type The Cisco IP Phone uses the CP PWR CUBE 4 power supply External power Provided through the CP PWR CUBE 4 external power supply Cisco IP Phones 8851 8851NR 8861 8865 and 8865NR support 802 3at PoE for accessory use For more i...

Page 29: ...cess to emergency service through the phone requires that the phone receive power If a power interruption occurs service or emergency calling service dialing does not function until power is restored If a power failure or disruption occurs you may need to reset or reconfigure the equipment before you can use service or emergency calling service dialing Power Reduction You can reduce the amount of ...

Page 30: ...e other protocol Cisco recommends that Power Negotiation always be enabled default when connecting to a switch that supports power negotiation If Power Negotiation is disabled the switch may disconnect power to the phone If the switch does not support power negotiation disable the Power Negotiation feature before you power up accessories over PoE When the Power Negotiation feature is disabled the ...

Page 31: ...CPPDP DHCP is enabled by default If disabled you must manually configure the IP address subnet mask gateway and a TFTP server on each phone locally We recommend that you use DHCP custom option 150 With this method you configure the TFTP server IP address as the option value For more information see the documentation for your particular Cisco Unified Communications Manager release If you cannot use...

Page 32: ... standard specifies how devices communication over a wireless local area network WLAN 802 11n operates at the 2 4 GHz and 5 GHz band and 802 11ac operates at the 5 GHz band IEEE 802 11n 802 11ac To communicate using IP network devices must have an assigned IP address subnet and gateway IP addresses subnets and gateway identifications are automatically assigned if you are using the Cisco IP Phone w...

Page 33: ...uch as interactive voice over data networks Real Time Transport Protocol RTP RTCP is enabled by default RTCP works in conjunction with RTP to provide QoS data such as jitter latency and round trip delay on RTP streams Real Time Control Protocol RTCP SDP capabilities such as codec types DTMF detection and comfort noise are normally configured on a global basis by Cisco Unified Communications Manage...

Page 34: ...mentation Cisco IP Phones use the TLS protocol when securely registering with Cisco Unified Communications Manager TLS is a standard protocol for securing and authenticating communications Transport Layer Security TLS TFTP requires a TFTP server in your network that the DHCP server can automatically identify If you want a phone to use a TFTP server other than the one that the DHCP server specifies...

Page 35: ...h the phone connects would be configured for separate VLANs for carrying Voice traffic to and from the IP phone auxiliary VLAN on the Cisco Catalyst 6000 series for example Data traffic to and from the PC that connects to the switch through the computer access port of the IP phone native VLAN Isolating the phones on a separate auxiliary VLAN increases the quality of the voice traffic and allows a ...

Page 36: ...etwork hardware conference bridge The Cisco IP Phones do not support the following actions Transfer Only supported in the connected call transfer scenario Conference Only supported in the connected call transfer scenario Join Supported using the Conference button or hookflash access Hold Supported using the Hold button Barge Not supported Direct Transfer Not supported Select Not supported The user...

Page 37: ...entication process The following table describes the authentication process Description Key management options Authentication type Any device can authenticate to the access point For added security static WEP encryption might optionally be used None Open The phone encrypts the challenge text by using the WEP key and the access point must verify the WEP key that was used to encrypt the challenge te...

Page 38: ...Communications Manager and provides a phone with the load ID After it obtains the file from the TFTP server the phone attempts to make a connection to the highest priority Cisco Unified Communications Manager on the list If the security profile of the phone is configured for secure signaling encrypted or authenticated and the Cisco Unified Communications Manager is set to secure mode the phone mak...

Page 39: ... a USB hub are not supported Each key expansion module connects to the phone counts as a USB device If three key expansion modules are connected to the phone these count as three USB devices Phone Configuration Files Configuration files for a phone are stored on the TFTP server and define parameters for connecting to Cisco Unified Communications Manager In general any time you make a change in Cis...

Page 40: ...op traffic on a phone if you configure your network with two network routers in the same subnet and with IP redirect The phone firewall stops traffic because this network setup is similar to a man in the middle attack The phone receives redirect packets for different destination IPs in a different subnet from the phone The phone is on a network with more than one router and the default router send...

Page 41: ...Cisco IP Phone 8811 has a grayscale LCD screen The Cisco IP Phones 8841 8845 8851 8851NR 8861 8865 and 8865NR have a 24 bit color LCD screen When adding features to the phone line keys you are limited by the number of line keys available You cannot add more features than the number of line keys on your phone The Cisco IP Phones have the following features Programmable feature buttons that support ...

Page 42: ...ser Guide for Cisco Unified Communications Manager and the documentation for your particular Cisco Unified Communications Manager release Like other devices a Cisco IP Phone must be configured and managed These phones encode and decode the following codecs G 711 a law G 711 mu law G 722 G 729a G 729ab G 726 iLBC L16 Opus iSAC Using a cell mobile or GSM phone or two way radio in close proximity to ...

Page 43: ...tain detailed status information from it directly This information can assist you with troubleshooting any problems users might encounter when using their IP phones You can also obtain statistics about an active call or firmware versions on the phone To function in the IP telephony network the Cisco IP Phone must connect to a network device such as a Cisco Catalyst switch You must also register th...

Page 44: ...tion optional 8 Network port 10 100 1000 SW connection IEEE 802 3at power enabled 4 The Cisco IP Phone 8811 does not support a key expansion module Note Cisco IP Phones 8841 and 8845 The following section describe the attributes of the Cisco IP Phones 8841 and 8845 Cisco IP Phone 8800 Series Administration Guide for Cisco Unified Communications Manager 26 Cisco IP Phones 8841 and 8845 ...

Page 45: ...r wall plug optional 3 Analog headset connection optional 8 Network port 10 100 1000 SW connection IEEE 802 3at power enabled 4 The Cisco IP Phone 8841 and 8845 does not support a key expansion module Note Cisco IP Phones 8851 and 8851NR The following section describe the attributes of the Cisco IP Phones 8851 and 8851NR Cisco IP Phone 8800 Series Administration Guide for Cisco Unified Communicati...

Page 46: ...in the following diagram Auxiliary port 6 DC adaptor port DC48V 1 Handset connection 7 AC to DC power supply optional 2 Analog headset connection optional 8 AC power wall plug optional 3 USB port 9 Network port 10 100 1000 SW connection IEEE 802 3at power enabled 4 Access port 10 100 1000 PC connection 5 Cisco IP Phone 8800 Series Administration Guide for Cisco Unified Communications Manager 28 Ci...

Page 47: ...e containing USB hub and headset can count as two USB devices For more information see the USB device documentation Note Cisco IP Phones 8861 8865 and 8865NR The following section describe the attributes of the Cisco IP Phones 8861 8865 and 8865NR Phone Connections Connect your phone to the corporate IP telephony network as shown in the following diagram Handset connection 7 DC adaptor port DC48V ...

Page 48: ...ules one hub and one other standard USB device on the side port and five additional standard USB devices on the back port Many third party USB products count as multiple USB devices for example a device containing USB hub and headset can count as two USB devices For more information see the USB device documentation Note Buttons and Hardware The Cisco IP Phone 8800 Series has two distinct hardware ...

Page 49: ...s to the phone line keys you are limited by the number of line keys available You cannot add more features than the number of line keys on your phone For more information see the Softkey Line and Feature Buttons section in the Cisco IP Phone Hardware chapter Programmable feature buttons and line buttons 3 Access to functions and services For more information see the Softkey Line and Feature Button...

Page 50: ...todial your voice messaging system Contacts Applications and Messages 8 Adjust the handset headset and speakerphone volume off hook and the ringer volume on hook Volume button 9 Softkey Line and Feature Buttons You can interact with the features on your phone in several ways Softkeys located below the screen give you access to the function displayed on the screen above the softkey The softkeys cha...

Page 51: ...g Incoming call or reverting call Red steady Remote line in use shared line or Line Status Red flashing Remote line on hold Your administrator can set up some functions as softkeys or as feature buttons You can also access some functions with softkeys or the associated hard button Cisco IP Phone 8800 Series Administration Guide for Cisco Unified Communications Manager 33 Buttons and Hardware ...

Page 52: ...Cisco IP Phone 8800 Series Administration Guide for Cisco Unified Communications Manager 34 Buttons and Hardware ...

Page 53: ...P A R T II Cisco IP Phone Installation Cisco IP Phone Installation page 37 Cisco Unified Communications Manager Phone Setup page 67 Self Care Portal Management page 79 ...

Page 54: ......

Page 55: ...lephony service For information and a checklist for setting up and configuring a Cisco IP telephony network see the documentation for your particular Cisco Unified Communications Manager release For the phone to operate successfully as an endpoint in your network your network must meet specific requirements The phone displays the date and time from Cisco Unified Communications Manager The time dis...

Page 56: ...ber to the phone Quickly enter phones into the Cisco Unified Communications Manager database and modify any settings such as the directory numbers from Cisco Unified Communications Manager Move autoregistered phones to new locations and assign them to different device pools without affecting their directory numbers Autoregistration is disabled by default In some cases you might not want to use aut...

Page 57: ...ed CM Step 2 Click Find and select the required server Step 3 In Auto registration Information configure these fields Universal Device Template Universal Line Template Starting Directory Number Ending Directory Number Step 4 Disable Auto registration Disabled on this Cisco Unified Communications Manager Step 5 Click Save Step 6 Click Apply Config Related Topics Phone Addition Methods on page 70 In...

Page 58: ...a desktop computer to the computer port on the Cisco IP Phone You can connect another network device later if you do not connect one now Use Category 3 5 5e or 6 cabling for 10 Mbps connections Category 5 5e or 6 for 100 Mbps connections and Category 5e or 6 for 1000 Mbps connections For more information see Network and Computer Port Pinouts on page 9 for guidelines Step 6 If the phone is on a des...

Page 59: ...nfiguring security settings such as security mode the trust list and 802 1X authentication Before you can change option settings on the Network Setup menu you must unlock options for editing You can control whether a phone has access to the Settings menu or to options on this menu by using the Settings Access field in the Cisco Unified Communications Manager Administration Phone Configuration wind...

Page 60: ...wish to edit then press Select in the navigation pad to activate the field After the field is activated you can enter values Use the keys on the keypad to enter numbers and letters To enter letters by using the keypad use a corresponding number key Press the key one or more times to display a particular letter For example press the 2 key once for a twice quickly for b and three times quickly for c...

Page 61: ... users For complete configuration information see the Cisco IP Phone 8800 Wireless LAN Deployment Guide at this location http www cisco com c en us support collaboration endpoints unified ip phone 8800 series products implementation design guides list html The Cisco IP Phone 8800 Wireless LAN Deployment Guide includes the following configuration information Wireless network configuration Wireless ...

Page 62: ... of phones a Select Device Device Settings Common Phone Profile b Select the enable setting for the Wi Fi parameter c Check the Override Common Settings check box d Associate the phones with that common phone profile using Device Phone Step 3 To enable wireless LAN for all WLAN capable phones in your network a Select System Enterprise Phone Configuration b Select the enable setting for the Wi Fi p...

Page 63: ...guration as described in the following table Table 11 WiFi Client Setup Menu Options To change Description Option See Set Wireless Field on page 60 Turns the wireless radio on the Cisco IP Phone on or off Wireless See Set WLAN Sign In Access Field on page 60 Enables the display of the Wireless Sign in Access window in the main Applications menu Wireless sign in Access Scroll to IPv4 setup and pres...

Page 64: ...SID field only if the phone is configured without wireless LAN profile or the profile with allowed profile Specifies the Service Set Identifier a unique identifier for accessing wireless access points The User Modifiable field controls access to this field SSID See Set Security Mode Field on page 61 The type of authentication that the phone uses to access the WLAN If the User Modifiable field is s...

Page 65: ...n area and set the WLAN Authentication Attempts field Step 3 Select Save Step 4 Select Apply Config Step 5 Restart the phone Enable WLAN Prompt Mode Enable WLAN Profile 1 Prompt Mode if you want a user to sign in to the Wi Fi network when their phone powers up or resets Procedure Step 1 In Cisco Unified Communications Manager Administration select Device Phone Step 2 Locate the phone that you need...

Page 66: ...phone But users are not allowed to make changes to other Wi Fi settings on the phone Step 4 In the Wireless Settings section set the parameters SSID Network Name Enter the network name available in the user environment to which the phone can be connected This name is displayed under the available network list on the phone and the phone can connect to this wireless network Frequency Band Available ...

Page 67: ...ce Pool or directly to the phone Device Phone Set Up a Wi Fi Group You can create a wireless LAN profile group and add any wireless LAN profile to this group The profile group can then be assigned to the phone when you set up the phone Procedure Step 1 In Cisco Unified Communications Administration select Device Device Settings Wireless LAN Profile Group You can also define a wireless LAN profile ...

Page 68: ...nd press Select See Set Up IPv4 on page 53 In the IPv4 Setup configuration submenu you can do the following Enable or disable the phone to use the IP address that the DHCP server assigns Manually set the IP Address Subnet Mask Default Routers DNS Server and Alternate TFTP servers This option displays only when the phone is configured in IPv4 only mode or in dual stack mode IPv4 Setup Scroll to IPv...

Page 69: ...uxiliary VLAN from the switch otherwise this value is ignored Admin VLAN ID See Set PC VLAN Field on page 59 Allows the phone to interoperate with third party switches that do not support a voice VLAN The Admin VLAN ID option must be set before you can change this option PC VLAN See Set SW Port Setup Field on page 60 Speed and duplex of the network port Valid values specify Auto Negotiate 1000 Ful...

Page 70: ...he same setting PC Port Setup Procedure Step 1 Press Applications Step 2 To access the Network Settings menu select Admin settings Network setup Load Server Load Server is used to optimize installation time for phone firmware upgrades and offload the WAN by storing images locally which negates the need to traverse the WAN link for each phone upgrade You can set the Load Server to another TFTP serv...

Page 71: ...age 65 DHCP Enabled See Set IP Address Field on page 63 Internet Protocol IP address of the phone If you assign an IP address with this option you must also assign a subnet mask and default router See the Subnet Mask and Default Router options in this table IP Address See Set Subnet Mask Field on page 63 Subnet mask used by the phone Subnet Mask See Set Default Router Field on page 63 Default rout...

Page 72: ... A new CTL or ITL file downloads from the new TFTP Server 1 address When the phone looks for the TFTP server the phone gives precedence to manually assigned TFTP servers regardless of the protocol If your configuration includes both IPv6 and IPv4 TFTP servers the phone prioritizes the order that it looks for the TFTP server by giving priority to manually assigned IPv6 TFTP servers and IPv4 TFTP se...

Page 73: ...TFTP servers regardless of the protocol If your configuration includes both IPv6 and IPv4 TFTP servers the phone prioritizes the order that it looks for the TFTP server by giving priority to manually assigned IPv6 TFTP servers and IPv4 TFTP servers The phone looks for the TFTP server in the following order 1 Any manually assigned IPv4 TFTP servers 2 Any manually assigned IPv6 servers 3 DHCP assign...

Page 74: ...vice configuration fields apply to IPv6 configuration IP Addressing Mode IP Addressing Mode Preference for Signalling If IPv6 is enabled in the Unified cluster the default setting for IP addressing mode is IPv4 and IPv6 In this addressing mode the phone will acquire and use one IPv4 address and one IPv6 address It can use the IPv4 and the IPv6 address as required for media The phone uses either th...

Page 75: ... the subnet or allows the user to enter a new prefix length The subnet prefix length is a decimal value from 1 128 0 IPv6 Prefix Length Displays the default router used by the phone or allows the user to enter a new IPv6 only default router IPv6 Default Router Displays the primary DNSv6 server used by the phone or allows the user to enter a new server IPv6 DNS Server 1 Displays the secondary DNSv6...

Page 76: ...p may be omitted Example 2001 db8 0 0 0 52 0 1 X X X X X X X X Collapse a single run of consecutive zero groups into a single group represented by a double colon Example 2001 db8 52 0 1 Compressed To enter a colon in the address press the asterisk on the keypad To enter hexadecimal digits a b and c press 2 on the keypad scroll to select the required digit and press Enter To enter hexadecimal digit...

Page 77: ... Admin VLAN ID option and press Edit Step 2 Enter a new VLAN ID setting Step 3 Press Apply Step 4 Press Save Set PC VLAN Field Procedure Step 1 Ensure that the Admin VLAN ID option is set Step 2 Scroll to the PC VLAN option and press Edit Step 3 Enter a new PC VLAN setting Step 4 Press Apply Step 5 Press Save Cisco IP Phone 8800 Series Administration Guide for Cisco Unified Communications Manager ...

Page 78: ...you want and press Select Set Wireless Field Procedure Step 1 Scroll to the Wireless option and use the toggle switch to change the setting between on and off Valid values specify On Turns the wireless radio on the phone on Off Turns the wireless radio on the phone off Default On Step 2 Press Apply Set WLAN Sign In Access Field Procedure Step 1 Scroll to the Wireless Sign In option and use the tog...

Page 79: ...SK Shared key authentication uses AES or TKIP encryption EAP FAST Extensible Authentication Protocol Flexible Authentication via Secure Tunneling exchanges a username and cryptographically secure password with a RADIUS server in the network where a PAC Protected Access Credential establishes a secure tunnel for authentication EAP FAST supports WPA and WPA2 EAP TLS Extensible Authentication Protoco...

Page 80: ...tion and select the desired value Valid values specify Auto Default value 2 4 GHz 5 GHz You can modify the 802 11 mode field only if the phone does not have a wireless LAN profile configured or the phone is configured with allowed wireless LAN profile Step 2 Click Save Step 3 Click Apply Set DHCP Enabled Field Procedure Step 1 Scroll to the DHCP Enabled option Step 2 Press No to disable DHCP or pr...

Page 81: ...ep 1 Set the DHCP Enabled option to No Step 2 Scroll to the appropriate Default Router option press Select and enter a new router IP address Step 3 Press Apply Set DNS Server Fields Procedure Step 1 Set the DHCP Enabled option to No Step 2 Scroll to the appropriate DNS Server option press Select and enter a new DNS server IP address Step 3 Press Apply Step 4 If multiple DNS Servers can be configur...

Page 82: ... Server 2 Field Procedure Step 1 Unlock the CTL or ITL file if necessary for example if you are changing the administrative domain of the phone If both the CTL and ITL files exist unlock either of the files Step 2 Unlock network configuration options Step 3 Enter an IP address for the TFTP Server 1 option Step 4 Scroll to the TFTP Server 2 option press Select and enter a new backup TFTP server IP ...

Page 83: ...4 Setup Step 3 To disable DHCP and manually set an IP address a Set DHCP Enabled to No b Enter the static IP address for phone c Enter the subnet mask d Enter the default router IP addresses e Set Alternate TFTP Server to Yes and enter the IP address for TFTP Server 1 Step 4 Press Apply Phone Startup Verification After the Cisco IP Phone has power connected to it the phone begins the startup diagn...

Page 84: ...owever a user cannot subscribe to any service that you configure as an enterprise subscription For more information see the documentation for your particular Cisco Unified Communications Manager release Before you set up services gather the URLs for the sites that you want to set up and verify that users can access those sites from your corporate IP telephony network This activity is not applicabl...

Page 85: ...s not exist in the Cisco Unified Communications Manager database you must configure the Cisco IP Phone in Cisco Unified Communications Manager manually Some tasks in this procedure are optional depending on your system and user needs For more information about Cisco Unified Communications Manager Administration see the documentation for your particular Cisco Unified Communications Manager release ...

Page 86: ...gs such as Do Not Disturb and feature control options Step 6 Define a Calling Search Space In Cisco Unified Communications Manager Administration click Call Routing Class of Control Calling Search Space A Calling Search Space is a collection of partitions that are searched to determine how a dialed number is routed The calling search space for the device and the calling search space for the direct...

Page 87: ... Protocol LDAP directory to store information about users you can install and configure Cisco Unified Communications to use your existing LDAP directory Note If you want to add both the phone and user to the Cisco Unified Communications Manager database at the same time see the documentation for your particular Cisco Unified Communications Manager release Note Step 14 Associate a user to a user gr...

Page 88: ...nd click Device Information Phone Addition Methods After you install the Cisco IP Phone you can choose one of the following options to add phones to the Cisco Unified Communications Manager database Add phones individually with Cisco Unified Communications Manager Administration Add multiple phones with the Bulk Administration Tool BAT Autoregistration BAT and the Tool for Auto Registered Phones S...

Page 89: ... The Cisco Unified Communications Bulk Administration Tool BAT enables you to perform batch operations including registration of multiple phones To add phones using BAT only not in conjunction with TAPS you must obtain the appropriate MAC address for each phone For more information about using BAT see the documentation for your particular Cisco Unified Communications Manager release Procedure Step...

Page 90: ... identical default password for all users For more information see the documentation for your particular Cisco Unified Communications Manager release Related Topics Cisco Unified Communications Manager Documentation on page xvii Add a User from an External LDAP Directory If you added a user to an LDAP Directory a non Cisco Unified Communications Server directory you can immediately synchronize the...

Page 91: ... following User ID Enter the end user identification name Cisco Unified Communications Manager does not permit modifying the user ID after it is created You may use the following special characters and blank spaces Example johndoe Password and Confirm Password Enter five or more alphanumeric or special characters for the end user password You may use the following special characters and blank spac...

Page 92: ...Phones with Users You associate phones with users from the Cisco Unified Communications Manager End User window Procedure Step 1 From Cisco Unified Communications Manager Administration choose User Management End User The Find and List Users window appears Step 2 Enter the appropriate search criteria and click Find Step 3 In the list of records that appear select the link for the user Step 4 Selec...

Page 93: ...pport unified communications unified survivable remote site telephony products device support tables list html The following table describes the availability of features during failover Table 15 SRST feature support Notes Supported Feature Yes New Call Yes End Call Yes Redial Yes Answer Yes Hold Yes Resume Yes Conference The Active Calls softkey does not display No Conference to Active Calls Join ...

Page 94: ...ications Manager after failover Yes Call Forward All Yes Speed Dial Yes Service IRL Programmable Line Key The iDivert softkey does not display No To Voicemail iDivert Lines are supported but cannot be shared Partial Line Filters The Park softkey does not display No Park Monitoring The Barge softkey does not display No Barge Message count badges do not appear on the phone screen Only the Message Wa...

Page 95: ...ite Telephony Enhanced Survivable Remote Site Telephony E SRST ensures that additional phone features are available remain accessible when WAN connectivity is lost In addition to the features supported by Survivable Remote Site Telephony SRST E SRST supports the following Shared Line Busy Lamp Field BLF Video Calls For more information about supported firmware and Survivable Remote Site Telephony ...

Page 96: ...y combination of spaces periods hyphens and underscore characters _ Description This field comprises a brief description that you enter for the dial rule Number Begins With This field comprises the initial digits of the directory numbers to which you want to apply this application dial rule Number of Digits This required field comprises the initial digits of the directory numbers to which you want...

Page 97: ...Unified Communications Manager End User group You must provide end users with the following information about the Self Care Portal The URL to access the application This URL is https server_name portnumber ucmuser where server_name is the host on which the web server is installed and portnumber is the port number on that host A user ID and default password to access the application An overview of ...

Page 98: ...s display on the Self Care Portal However you must set the following options by using Enterprise Parameters Configuration settings in Cisco Unified Communications Manager Administration Show Ring Settings Show Line Label Settings The settings apply to all Self Care Portal pages at your site Note Procedure Step 1 In Cisco Unified Communications Manager Administration select System Enterprise Parame...

Page 99: ...P A R T III Cisco IP Phone Administration Cisco IP Phone Security page 83 Cisco IP Phone Customization page 113 Phone Features and Setup page 117 Corporate and Personal Directory page 195 ...

Page 100: ......

Page 101: ...r remote audit logging FIPS mode An improved credentials policy Support for the SHA 2 family of hashes for digital signatures Support for a RSA key size of 3072 and 4096 bits For additional information about working with and enabling these security requirements see the FIPS 140 2 Mode Setup chapter of the Security Guide for Cisco Unified Communications Manager The phone can only store a limited nu...

Page 102: ...ied Communications Manager Security Guide Alternatively you can initiate the installation of an LSC from the Security Setup menu on the phone This menu also lets you update or remove an LSC The phones use the phone security profile which defines whether the device is nonsecure or secure For information about applying the security profile to the phone see the documentation for your particular Cisco...

Page 103: ...ister phones unless it can authenticate them Device authentication Validates digitally signed files that the phone downloads The phone validates the signature to make sure that file tampering did not occur after file creation Files that fail authentication are not written to Flash memory on the phone The phone rejects such files without further processing File authentication Encryption prevents se...

Page 104: ...etting menus or providing restricted access that allows access to the Preferences menu and saving volume changes only Disabling access to web pages for a phone Disabling Bluetooth Accessory Port Phone hardening The Cisco IP Phone can use 802 1X authentication to request and gain access to the network See 802 1X Authentication on page 108 for more information 802 1X Authentication After you configu...

Page 105: ...information see the Cisco Unified Communications Manager documentation Table 17 Trust List Update Alarm Messages Description Code and Message Received new CTL and or ITL 1 TL_SUCCESS Received new CTL no existing TL 2 CTL_INITIAL_SUCCESS Received new ITL no existing TL 3 ITL_INITIAL_SUCCESS Received new CTL and ITL no existing TL 4 TL_INITIAL_SUCCESS Update to new CTL failed but have previous TL 5 ...

Page 106: ...n files The CTL File submenu displays the contents of the CTL file The ITL File submenu displays contents of the ITL file The Trust List menu also displays the following information CTL Signature the SHA1 hash of the CTL file Unified CM TFTP Server the name of the Cisco Unified Communications Manager and TFTP Server that the phone uses Displays a certificate icon if a certificate is installed for ...

Page 107: ...C and press Select or Update The phone prompts for an authentication string Step 5 Enter the authentication code and press Submit The phone begins to install update or remove the LSC depending on how the CAPF is configured During the procedure a series of messages appears in the LSC option field in the Security Configuration menu so you can monitor progress When the procedure is complete Installed...

Page 108: ...l to indicate that the other connected phone is also receiving and transmitting secure audio If your call connects to a nonsecure phone the security tone does not play Secure calling is supported for connections between two phones only Some features such as conference calling and shared lines are not available when secure calling is configured Note When a phone is configured as secure encrypted an...

Page 109: ...ared lines and Extension Mobility are not available when secure calling is configured Note The following table provides information about changes to conference security levels depending on the initiator phone security level the security levels of participants and the availability of secure conference bridges Table 19 Security Restrictions with Conference Calls Results of Action Security Level of P...

Page 110: ...he overall call status changes during the call the indication tone changes and the protected phone plays the appropriate tone A protected phone plays a tone or not under these circumstances When the Play Secure Indication Tone option is enabled When end to end secure media is established and the call status is secure the phone plays the secure indication tone three long beeps with pauses When end ...

Page 111: ...cure Tunneling EAP FAST Authentication This client server security architecture encrypts EAP transactions within a Transport Level Security TLS tunnel between the AP and the RADIUS server such as the Cisco Access Control Server ACS The TLS tunnel uses Protected Access Credentials PACs for authentication between the client phone and the RADIUS server The server sends an Authority ID AID to the clie...

Page 112: ...PA and CCKM use TKIP encryption that has several improvements over WEP TKIP provides per packet key ciphering and longer initialization vectors IVs that strengthen encryption In addition a message integrity check MIC ensures that encrypted packets are not being altered TKIP removes the predictability of WEP that helps intruders decipher the WEP key AES An encryption method used for WPA2 authentica...

Page 113: ...P Configuration Cisco IP Phone Configuration Fast Roaming Encryption Key Management Security Security Mode N A None None None None N A WEP Static Static WEP WEP None TKIP WPA PSK PSK FT AES WPA2 CCKM WEP 802 1x EAP FAST EAP FAST CCKM TKIP WPA FT CCKM AES WPA2 CCKM WEP 802 1x PEAP MSCHAPV2 PEAP MSCHAPV2 CCKM TKIP WPA FT CCKM AES WPA2 CCKM WEP 802 1x PEAP GTC PEAP GTC CCKM TKIP WPA FT CCKM AES WPA2 ...

Page 114: ...expired Root CA when the EAP type is set to PEAP MSCHAPV2 or PEAP GTC Disabling the EAP type on the RADIUS server used by the phone before changing a phone to the new EAP type To change EAP types do the following in the stated order Enable the new EAP types on the RADIUS Change the EAP type on a phone to the new EAP type Keep the current EAP type configured on the phone until the new EAP type is e...

Page 115: ...ys you enter 64 hex digits 0 9 and A F for example AB123456789CD01234567890EFAB123456789CD01234567890EF3456789C ASCII For ASCII keys you enter a character string that uses 0 9 A Z upper and lower case including symbols and is from 8 to 63 characters in length for example GREG12356789ZXYW Set Up PSK To set up a PSK in the Wireless Credentials area follow these steps Procedure Step 1 Choose the netw...

Page 116: ...enter a 26 digit encryption key string that uses the hex digits 0 9 and A F for example AB123456789CD01234567890EF ASCII For ASCII keys you enter a character string that uses 0 9 A Z upper and lower case and all symbols with one of the following key sizes 40 bit You enter a 5 character string for example GREG5 128 bit You enter a 13 character string for example GREGSSECRET13 Set Up WEP Keys To set...

Page 117: ...exported from a Cisco IP Phone and installed on the Cisco ACS server These two certificates are part of the trusted certificate chain used to verify the MIC by the Cisco ACS server To verify the Cisco ACS certificate a trusted subordinate certificate if any and root certificate created from a CA on the Cisco ACS server must be exported and installed on the phone These certificates are part of the ...

Page 118: ... edit the trust list e Download the CA certificate from the ACS server and import it into the phone For more information see Request and Import User Installed Certificate on page 102 Step 4 Using the ACS configuration tool set up the user account For more information see Set Up ACS User Account and Install Certificate on page 103 User Guide for Cisco Secure ACS for Windows http www cisco com c en ...

Page 119: ...e ACS online help or the User Guide for Cisco Secure ACS for Windows http www cisco com c en us support security secure access control system products user guide list html Note Step 6 Use the Edit the Certificate Trust List CTL page to add the certificates to be trusted by ACS ACS Certificate Export Methods Depending on the type of certificate you export from the ACS use one of the following metho...

Page 120: ... Step 7 Save the CA certificate to be installed on the phone Request and Import User Installed Certificate To request and install the certificate on the phone follow these steps Procedure Step 1 From the phone web page choose the network profile using EAP TLS and select User Installed in the EAP TLS Certificate field Step 2 Click Certificates On the User Certificate Installation page the Common Na...

Page 121: ...tificate from the ACS See ACS Certificate Export Methods on page 101 Step 2 Go to the phone web page and choose Certificates Step 3 Click Import next to the Authentication Server Root certificate Step 4 Restart the phone Set Up ACS User Account and Install Certificate To set up the user account name and install the MIC root certificate for the phone on the ACS follow these steps For more informati...

Page 122: ...e Cisco Secure ACS requirements are met The ACS root certificate must be installed The Allow EAP MSCHAPv2 setting must be enabled User account and password must be configured For password authentication you can use the local ACS database or an external one such as Windows or LDAP Enable PEAP Authentication Procedure Step 1 From the phone configuration web page choose PEAP as the authentication mod...

Page 123: ...page and set the sign in credentials before you use the web page for the first time after the phone has registered Once enabled the administration web page is accessible at HTTPS port 8443 https x x x x 8443 where x x x x is a phone IP address Before You Begin Decide on a password before you enable the administration web page The password can be any combination of letters or numbers but it must be...

Page 124: ...efore You Begin Before you can install a User Certificate for a phone you must have A User Certificate saved on your PC The certificate must be in PKCS 12 format The certificate s extract password Procedure Step 1 From the phone administration web page select Certificates Step 2 Locate the User install field and click Install Step 3 Browse to the certificate on your PC Step 4 In the Extract passwo...

Page 125: ... phone after the deletion process completes Manually Set the Phone Date and Time With certificate based authentication the phone must display the correct date and time An authentication server checks the phone date and time against the certificate expiry date If the phone and the server dates and times don t match the phone stops working Use this procedure to manually set the date and time on the ...

Page 126: ...l Server Support If you are using a Simple Certificate Enrollment Protocol SCEP server the server can automatically maintain your user and server certificates On the SCEP server configure the SCEP Registration Agent RA to Act as a PKI trust point Act as a PKI RA Perform device authentication using a RADIUS server For more information see your SCEP server documentation 802 1X Authentication The Cis...

Page 127: ... to a specific switch port However some switches including Cisco Catalyst switches support multidomain authentication The switch configuration determines whether you can connect a PC to the PC port of the phone Enabled If you are using a switch that supports multidomain authentication you can enable the PC port and connect a PC to it In this case Cisco IP Phones support proxy EAPOL Logoff to monit...

Page 128: ...d Enabled Phone uses 802 1X authentication to request network access Disabled Default setting The phone uses CDP to acquire VLAN and network access Device Authentication Display only Cannot configure State Displays the state of 802 1x authentication Disconnected Indicates that 802 1x authentication is not configured on the phone Authenticated Indicates that the phone is authenticated Held Indicate...

Page 129: ...ations Step 2 Choose Admin settings Security setup 802 1X Authentication Step 3 Set the Device Authentication option Yes No Step 4 Press Apply Cisco IP Phone 8800 Series Administration Guide for Cisco Unified Communications Manager 111 Supported Security Features ...

Page 130: ...Cisco IP Phone 8800 Series Administration Guide for Cisco Unified Communications Manager 112 Supported Security Features ...

Page 131: ...ml that describes the ring list options that are available at your site exist in the TFTP directory on each Cisco Unified Communications Manager server All file names are case sensitive If you use Ringlist wb xml for the file name the phone will not apply your changes Attention For more information see the Custom Phone Rings and Backgrounds chapter Feature Configuration Guide for Cisco Unified Com...

Page 132: ...dless of whether the user has enabled a wideband headset or wideband handset but if either the headset or handset is enabled the user may notice greater audio sensitivity during the call Greater sensitivity means improved audio clarity but also means that the far endpoint can hear more background noise noise such as rustling papers or nearby conversations Even without a wideband headset or handset...

Page 133: ...ration window in Cisco Unified Communications Manager Administration For multiple phones simultaneously URL Idle field in the Enterprise Parameters Configuration window or the Idle field in the Bulk Administration Tool BAT Specifying the length of time that the phone is not used before the idle display XML service is invoked For a single phone Idle Timer field in the Phone configuration window in ...

Page 134: ...In Cisco Unified Communications Manager Administration select System Service Parameters Step 2 Select the appropriate Server Step 3 Select Cisco CallManager as the Service Step 4 Scroll to the Clusterwide Parameters pane Step 5 Set Always Use Dial Tone to one of the following Outside Inside Default Step 6 Select Save Step 7 Restart your phones Cisco IP Phone 8800 Series Administration Guide for Ci...

Page 135: ...d Communications Manager you must use the Cisco Unified Communications Manager Administration application to configure telephony features optionally modify phone templates set up services and assign users You can modify additional settings for the Cisco IP Phone from Cisco Unified Communications Manager Administration Use this web based application to set up phone registration criteria and calling...

Page 136: ...ludes a list of supported telephony features many of which you can configure by using Cisco Unified Communications Manager Administration For information about using most of these features on the phone see Cisco IP Phone 8800 Series User Guide See Feature Buttons and Softkeys on page 134 for a list of features that can be configured as programmable buttons and dedicated softkeys and feature button...

Page 137: ...tors must configure a Busy Lamp Field BLF Assisted Directed Call Park button When users press an idle BLF Assisted Directed Call Park button for an active call the active call is parked at the Direct Park slot associated with the Assisted Directed Call Park button See assisted directed call park in the documentation for your particular Cisco Unified Communications Manager release Assisted Directed...

Page 138: ...ommunications Manager release Busy Lamp Field BLF Pickup Provides users with an audio and visual alert on the phone when a busy or unavailable party becomes available See call back information in the documentation for your particular Cisco Unified Communications Manager release Call Back Determines the information that will display for calling or connected lines depending on the parties who are in...

Page 139: ... user sees when receiving a forwarded call See Set Up Call Forward Notification on page 163 Call Forward Notification Allows you to view shared line activity in the phone Call History This feature will Log missed calls for a shared line Log all answered and placed calls for a shared line Call History for Shared Line Allows users to park temporarily store a call and then retrieve the call by using ...

Page 140: ... users with the option of an audible ring instead of the standard beep Options are Ring and Ring Once See directory number information in the documentation for your particular Cisco Unified Communications Manager release Call Waiting Ring Caller identification such as a phone number name or other descriptive text appear on the phone display See routing plan call display restrictions and directory ...

Page 141: ... at a visiting cluster Configure Cisco Extension Mobility on Cisco IP Phones before you configure EMCC Note Cisco Extension Mobility Cross Cluster EMCC Provides call routing and other call management features to help managers and assistants handle phone calls more effectively See Set up Cisco IP Manager Assistant on page 177 Cisco IP Manager Assistant IPMA Provides additional keys by adding an exp...

Page 142: ...to enable these features Be sure to inform your users if these features are activated Note Conference Provides a method to control EEE functions on personal computer port and switch port by enabling or disabling EEE The feature controls both type of ports individually The default value is Enabled See Set Up Energy Efficient Ethernet for Switch and PC Port on page 164 Configurable Energy Efficient ...

Page 143: ...Signal Strength Icons Users can customize how their phone indicates an incoming call and a new voice mail message See call pickup information in the documentation for your particular Cisco Unified Communications Manager release Distinctive Ring When DND is turned on either no audible rings occur during the ringing in state of a call or no audible or visual notifications of any type occur When enab...

Page 144: ...g for the line This notification repeats at intervals if not resumed A call that triggers Hold Reversion also displays an animated icon in the call bubble You can configure call focus priority to favor incoming or reverting calls Hold Reversion Enables phones with a shared line to distinguish between the local and remote lines that placed a call on hold Hold Status Allows the user to move a connec...

Page 145: ...utton template that contains intercom information to their profile and assign the phone as the default intercom device for the intercom line Note Intercom Provides support for expanded IP addressing on Cisco IP Phones IPv4 and IPv6 configuration is recommended and fully supported Certain features are not supported in a standalone configuration Only IPv6 address are assigned See Configure Network S...

Page 146: ... directory number to set or to clear a message waiting indication for a particular Cisco IP Phone See message waiting and voice mail information in the documentation for your particular Cisco Unified Communications Manager release Message Waiting A light on the handset that indicates that a user has one or more new voice messages See message waiting and voice mail information in the documentation ...

Page 147: ... terminate and the monitoring session to suspend To resume the monitoring session the party whose call is being monitored must resume the call Note Monitoring and Recording Enables the user to make and receive urgent or critical calls in some specialized environments such as military or government offices See Set up AS SIP on page 181 Multilevel Precedence and Preemption Each line can support mult...

Page 148: ...g Link Level Endpoint Discovery Protocol LLDP and Cisco Discovery Protocol CDP See Power Negotiation Product Specific Configuration on page 138 Power Negotiation over LLDP Simplifies making a call The Recents list changes to displays only phone numbers similar to the number being dialed Predictive Dialing is enabled when Enhanced Line mode is enabled Simplified New Call UI must be disabled for Pre...

Page 149: ...Configuration Product Specific Configuration on page 138 Remote Port Configuration Reroutes a direct call to a user s mobile phone to the enterprise number desk phone For an incoming call to remote destination mobile phone only remote destination rings desk phone does not ring When the call is answered on their mobile phone the desk phone displays a Remote In Use message During these calls users c...

Page 150: ... services from a programmable button rather than by using the Services menu on a phone See services information the documentation for your particular Cisco Unified Communications Manager release Services URL button The phones can display both the calling ID and calling number for incoming calls The IP phone LCD display size limits the length of the calling ID and the calling number that display Th...

Page 151: ...ee directory number information in the documentation for your particular Cisco Unified Communications Manager release Transfer Direct Transfer Trust Verification Services TVS enables phones to authenticate signed configurations and authenticate other servers or peers without increasing the size of the Certificate Trust List CTL or requiring the downloading of an updated CTL file to the phone TVS i...

Page 152: ... Voicemail Enables callers to leave messages if calls are unanswered See voice mail information in the documentation for your particular Cisco Unified Communications Manager release and Set up Visual Voicemail on page 179 Voice Message System Using SSL provides a virtual private network VPN connection on the Cisco Unified IP Phone when it is located outside a trusted network or when network traffi...

Page 153: ...s X X Answer X cBarge X X Call Back X Call Forward All X X Call Park X Call Park Line Status X X Call Pickup Pick Up X Call Pickup Line Status X X Conference X Divert X X Do Not Disturb X X Group Pickup Group Pick Up X X Hold X Hunt Groups X Intercom X X Malicious Call Identification MCID X X Meet Me X X Mobile Connect Mobility X Mute Cisco IP Phone 8800 Series Administration Guide for Cisco Unifi...

Page 154: ...ications Manager Administration window displays information that is applicable to all phones and information that is applicable to the phone model The information that is specific to the phone model is in the Product Specific Configuration Layout area of the window For information on the fields applicable to all phone models see the Cisco Unified Communications Manager documentation When you set a...

Page 155: ...rofile Step 3 Locate the phones Step 4 Navigate to the Product Specific Configuration Layout pane and set the fields Step 5 Check the Override Enterprise Settings check box for any changed fields Step 6 Click Save Step 7 Click Apply Config Step 8 Restart the phones Set Up Phone Features for a Group of Phones Procedure Step 1 Sign into Cisco Unified Communications Manager Administration as an admin...

Page 156: ...iption and Usage Guidelines Default Field Type or Choices Field Name Turns off the speakerphone capability of the phone Unchecked Checkbox Disable Speakerphone Turns off the speakerphone and headset capability of the phone Unchecked Checkbox Disable Speakerphone and Headset Controls the ability to use the PC port to connect a computer into the LAN Enabled Enabled Disabled PC Port Enables disables ...

Page 157: ...isabled Enabled Disabled Video Capabilities Enables or disables access to the phone web pages through a web browser Disabled Disabled Enabled Web Access Defines the days that the display does not turn on automatically at the time specified in the Display On Time field Choose the day or days from the drop down list To choose more than one day Ctrl click each day that you want Days of the week Days ...

Page 158: ...isplay On When Incoming Call Defines the schedule of days for which the phone powers off Choose the day or days from the drop down list To choose more than one day Ctrl click each day that you want When Enable Power Save Plus is turned on you receive a message that warns about emergency e911 concerns While Power Save Plus Mode the Mode is in effect endpoints that are configured for the mode are di...

Page 159: ...n the phone at 7 00 a m 0700 enter 7 00 To power down the phone at 2 00 p m 1400 enter 14 00 The default value is blank which means 00 00 The Phone On Time must be at least 20 minutes later than the Phone Off Time For example if the Phone Off Time is 7 00 the Phone On Time must be no earlier than 7 20 hh mm Phone Off Time Indicates the length of time that the phone must be idle before the phone po...

Page 160: ...in the Phone On Time field is 06 00 6 00 a m and the Enable Power Save Plus has one or more days selected If EnergyWise directs the phone to turn off at 20 00 8 00 p m that directive remains in effect assuming no phone user intervention occurs until the configured Phone On Time at 6 00 a m At 6 00 a m the phone turns on and resumes receiving the power level changes from the settings in Cisco Unifi...

Page 161: ...trols the playing of the tone when a user is recording a call Disabled Disabled Enabled Recording Tone Controls the volume of the recording tone to the local user 100 Integer 0 100 Recording Tone Local Volume Controls the volume of the recording tone to the remote user 50 Integer 0 100 Recording Tone Remote Volume Controls the duration of the recording tone Integer 1 3000 milliseconds Recording To...

Page 162: ...of the phone SW port remotely This enhances the performance for large deployments with specific port settings If the SW ports are configured for Remote Port Configuration in Cisco Unified Communications Manager the data cannot be changed on the phone Disabled Disabled Enabled Switch Port Remote Configuration Allows you to configure the speed and duplex function of the phone PC port remotely This e...

Page 163: ...e that load with the other phones If one of the other phones has a new firmware load the phone can download the firmware from the other phone instead of from the TFTP server Peer firmware sharing Limits congestion on TFTP transfers to centralized remove TFTP servers Eliminates the need to manually control firmware upgrades Reduces phone downtime during upgrades when large numbers of phones are res...

Page 164: ... the Cisco IP Phones 8861 and 8865 Phones that do not support this feature do not display the field 8861 8865 and 8865NR Enabled Disabled Enabled Back USB Port Controls the ability to use the USB port on the side of the Cisco IP Phones 8851 8851NR 8861 8865 and 8865NR Phones that do not support this feature do not display the field Enabled Disabled Enabled Side USB Port Specifies whether the seria...

Page 165: ...record voice streams Disabled Disabled Enabled Gratuitous ARP Specifies if all calls presented to this phone will be shown on the primary line or not The purpose of this field is to make it easier for the end user to see all calls on all lines at a glance rather than having to choose a line to see the calls on that line In other words when multiple lines are configured on the phone it typically ma...

Page 166: ...s information MobileRemoteAC Logs Mobile and Remote Access through Expressway information Preset Default Preset Telephony SIP UI Network Media Upgrade Accessory Security Wi Fi VPN Energywise MobileRemoteAc Log Profile Indicates whether the phone advertises the G 722 and iSAC codecs to the Cisco Unified Communications Manager Use System Default Defers to the setting specified in the enterprise para...

Page 167: ...overy Protocol LLDP and Cisco Discovery Protocol CDP Power Negotiation should not be disabled when the phone is connected to a switch that supports power negotiation If disabled the switch could shut off power to the phone Enabled Disabled Enabled Power Negotiation Controls whether the user hears dial tone when the Release key is pressed Disabled User doesn t hear dial tone Enabled User hears dial...

Page 168: ...Disabled The actionable incoming call alert is disabled and the user sees the traditional incoming call pop up alert Show for all Incoming Call The actionable incoming call alert displays for all calls regardless of visibility Show for Invisible Incoming Call The actionable incoming call alert displays for calls not shown on the phone This parameter behaves similarly to the incoming call alert pop...

Page 169: ...ture provides a way for users with multiple lines to reduce alert activity by filtering and displaying alerts only from high priority lines The end users can configure this themselves Alternatively you can program the default line filter and push the filter down to the phone List of comma separated phone device names Default Line Filter Specifies the alert state when using shared lines Disabled Wh...

Page 170: ...ou deploy devices with Mobile and Remote Access through Expressway you must also add the PRT server address to the HTTP Server Allow list on the Expressway server For more information see the Mobile and Remote Access Through Expressway on page 166 String up to 256 characters Customer support upload URL Enables or disables administrator access to the phone web pages through a web browser For more i...

Page 171: ...Line Mode The buttons on one side of the screen are line keys Enhanced Line Mode The buttons on both sides of the phone screen are line keys Predictive dialing and Actionable incoming call alerts are enabled by default in Enhanced line mode Session Line Mode Session Line Mode Enhanced Line Mode Line Mode Controls the ringtone and the ability for users to set the ringtone When set to Disabled users...

Page 172: ...t Enabled Product Specific Configuration Layout Show All Calls on Primary Line Enabled Product Specific Configuration Layout Revert to All Calls Multiline Environments In a multiline environment we recommend that you set up some features in a specific way Recommended Setting Administration Area Field Off For more information see Field Always Use Prime Line on page 155 Device Information Always Use...

Page 173: ...ume environments Device Information Always Use Prime Line Related Topics Set Up Additional Line Keys on page 189 Features Available in Enhanced Line Mode on page 190 Field Always Use Prime Line This field specifies whether the primary line on an IP phone is chosen when a user goes off hook If this parameter is set to True when a phone goes off hook the primary line is chosen and becomes the active...

Page 174: ...Unified Communications Manager Administration select Device Phone Step 2 Locate the phone that you need to set up Step 3 Navigate to the Product Specific Configuration area and set the following fields Days Display Not Active Display On Time Display On Duration Display Idle Timeout Table 24 PowerSave Configuration Fields Description Field Days that the display does not turn on automatically at the...

Page 175: ...the phone Schedule EnergyWise on Cisco IP Phone To reduce power consumption configure the phone to sleep power down and wake power up if your system includes an EnergyWise controller You configure settings in Cisco Unified Communications Manager Administration to enable EnergyWise and configure sleep and wake times These parameters are closely tied to the phone display configuration parameters Whe...

Page 176: ...ower Save Plus Mode the Mode is in effect endpoints that are configured for the mode are disabled for emergency calling and from receiving inbound calls By selecting this mode you agree to the following i You take full responsibility for providing alternate methods for emergency calling and receiving calls while the mode is in effect ii Cisco has no liability in connection with your selection of t...

Page 177: ...n 24 hour format where 00 00 is midnight For example to automatically power down the phone at 7 00 a m 0700 enter 7 00 To power down the phone at 2 00 p m 1400 enter 14 00 The default value is blank which means 00 00 The Phone On Time must be at least 20 minutes later than the Phone Off Time For example if the Phone Off Time is 7 00 the Phone On Time must be no earlier than 7 20 Note Phone Off Tim...

Page 178: ...e domain controller policy to send power level updates to the phones The following conditions apply One or more days must be selected in the Enable Power Save Plus field The settings in Cisco Unified Communications Manager Administration take effect on schedule even if EnergyWise sends an override For example assuming the Phone Off Time is set to 22 00 10 00 p m the value in the Phone On Time fiel...

Page 179: ...file Setting Do not choose Call Reject if you want priority MLPP calls to ring this phone when DND is turned on DND Incoming Call Alert Choose the type of alert if any to play on a phone for incoming calls when DND is active This parameter is located on in the Common Phone Profile window and the Phone Configuration window The Phone Configuration window value takes precedence Note Step 4 Select Sav...

Page 180: ...he supervisor The user may receive an audible alert during a call when it is being monitored When a call is secure a lock icon displays Callers may also receive an audible alert to indicate that the call is being monitored The connected parties may also receive an audible alert that indicates that the call is secure and is being monitored When an active call is being monitored or recorded the user...

Page 181: ...e phone to be set up Step 3 Configure the Call Forward Notification fields Description Field When this check box is checked the caller name displays in the notification window By default this check box is checked Caller Name When this check box is checked the caller number displays in the notification window By default this check box is not checked Caller Number When this check box is checked the ...

Page 182: ...indow for various devices and in the Enterprise Phone Configuration window If you set these same parameters in these other windows as well the setting that takes precedence is determined in the following order 1 Device Configuration window settings 2 Common Phone Profile window settings 3 Enterprise Phone Configuration window settings Step 3 Select Save Set Up Energy Efficient Ethernet for Switch ...

Page 183: ... locate the phone Step 3 Set the Energy Efficient Ethernet PC Port and Energy Efficient Ethernet Switch Port fields Energy Efficient Ethernet PC Port Energy Efficient Ethernet Switch Port Step 4 Select Save Step 5 Select Apply Config Step 6 Restart the phone Set Up RTP sRTP Port Range You configure the Real Time Transport Protocol RTP and secure Real Time Transport Protocol sRTP port values in the...

Page 184: ...nel Expressway uses Transport Layer Security TLS to secure network traffic For a phone to authenticate an Expressway certificate and establish a TLS session the Expressway certificate must be signed by a public Certificate Authority that is trusted by the phone firmware It is not possible to install or trust other CA certificates on phones for authenticating an Expressway certificate The list of C...

Page 185: ...roxy Function Note Deployment Scenarios The following table shows various deployment scenarios for Mobile and Remote Access Through Expressway Actions Scenario The enterprise network is detected and the phone registers with Cisco Unified Communications Manager as it would normally On premises user logs into the enterprise network after deploying Mobile and Remote Access Through Expressway The phon...

Page 186: ...the phone features available with Mobile and Remote Access Through Expressway Table 26 Feature Support and Mobile and Remote Access Through Expressway Firmware Release Feature 10 3 1 and later Abbreviated Dialing 11 5 1 SR1 and later Answer Oldest 10 3 1 and later Assisted Directed Call Park 11 5 1 SR1 and later Auto Answer 11 5 1 SR1 and later Barge and cBarge 10 3 1 and later Busy Lamp Field BLF...

Page 187: ...and later Do Not Disturb 11 5 1 SR1 and later Extension Mobility 11 5 1 SR1 and later Fast Dial Service 11 5 1 SR1 and later Forced Access Codes and Client Matter Codes 10 3 1 and later Group Call Pickup 10 3 1 and later Hold Resume 10 3 1 and later Hold Reversion 10 3 1 and later Immediate Divert 11 5 1 SR1 and later Intercom 10 3 1 and later Join 11 5 1 SR1 and later Malicious Caller Identificat...

Page 188: ...ource Identifier URI Dialing Configure User Credentials Persistent for Expressway Sign In When signing in to the network with Mobile and Remote Access Through Expressway a user is prompted for a service domain username and password If you enable the User Credentials Persistent for Expressway Sign In parameter you can store users login credentials so that they do not need to reenter this informatio...

Page 189: ...hone ip address FS prt file name This URL is displayed on the phone in the following cases If the phone is in the factory default state The URL is active for 1 hour After 1 hour the user should try to submit the phone logs again If the phone has downloaded a configuration file and the call control system allows web access to the phone You must add a server address to the Customer Support Upload UR...

Page 190: ... a file to upload Procedure Step 1 Set up a server that can run your PRT upload script Step 2 Write a script that can handle the parameters listed above or edit the provided sample script to suit your needs Step 3 Upload your script to your server Step 4 In Cisco Unified Communications Manager go to the Product Specific Configuration Layout area of the individual device configuration window Common...

Page 191: ...he Cisco Unified Communications Manager Administration window Note Park Monitoring Park monitoring is supported only when a Cisco IP phone parks a call Park monitoring then monitors the status of a parked call The park monitoring call bubble does not clear until the parked call gets retrieved or is abandoned by the parked call This parked call can be retrieved by using the same call bubble on the ...

Page 192: ...r see the description that follows expires Park Monitoring Reversion Timer Default is 30 seconds This parameter determines the interval in seconds that Cisco Unified Communications Manager waits before prompting the user again that a call is parked To connect to the parked call the user can simply go off hook during one of these prompts Cisco Unified Communications Manager continues to prompt the ...

Page 193: ...Internal parameter If the Forward No Retrieve Destination Internal is empty the parkee is redirected to the parker line Park Monitoring Forward No Retrieve Destination Internal This parameter determines the number of seconds that Cisco Unified Communications Manager waits before prompting the user to retrieve a call that the user parked This timer starts when the user presses Park on the phone and...

Page 194: ...art Media Port default 16384 Stop Media Port default 32766 Video ports Start Video This is to set the video start port Minimum 2048 Maximum 65535 Stop Video This is to set the video stop port Minimum 2048 Maximum 65535 The following rules apply when configuring the video port fields After the Start Video RTP Port and Stop Video RTP Port are configured the phone uses ports within the video port ran...

Page 195: ...must be at least 16 Step 6 Select Save Related Topics Cisco Unified Communications Manager Documentation on page xvii Set up Cisco IP Manager Assistant Cisco IP Manager Assistant IPMA provides call routing and other call management features to help managers and assistants handle phone calls more effectively IPMA services must be configured in Cisco Unified Communications Manager before you can acc...

Page 196: ... the Cisco IP Manager Assistant service In proxy line mode the assistant handles calls on behalf of a manager using a proxy number Proxy line mode supports all IPMA features When you configure Cisco IPMA in proxy line mode the manager and assistant do not share a directory number The assistant handles calls for a manager using a proxy number The proxy number is not the directory number for the man...

Page 197: ...ce Activation window Step 4 Configure system administration parameters Step 5 If required configure IPMA clusterwide services parameters Step 6 Optional Configure the user CAPF profile Step 7 Optional Configure the IPMA service parameters for security Step 8 Stop and restart the IPMA service Step 9 Configure phone parameter manager and assistant settings including the softkey templates Step 10 Con...

Page 198: ...4 Check Enable and click Save Ensure that you do not check Enterprise Subscription Note Step 5 In the Service Parameter Information window click New Parameter and enter the following information in their respective fields Parameter Name Enter voicemail_server Parameter Display Name Enter voicemail_server Default Value Enter the hostname of the primary Unity Server Parameter Description Step 6 Chec...

Page 199: ... an emergency you can select a priority level that helps ensure the delivery of critical calls Depending upon how your phone is configured you may have to sign in also When you receives a priority call a precedence level icon displays next to the caller s name on your phone Procedure Step 1 In Cisco Unified Communications Manager Administration choose Device Device Settings SIP Profile Step 2 Sele...

Page 200: ...location When set to Forceful preempt for reuse is enabled Existing calls may be preempted to offer a higher precedence call to the user When set to Default the setting from the common configuration or enterprise level is used Step 10 Choose User Management End User and select a user Step 11 Navigate to the MLPP Authorization section and configure MLPP Authorization for a user The MLPP User Identi...

Page 201: ... Manager Administration Cisco Unified Communications Manager allows you to enable or disable some softkeys in the control policy configuration settings The following table lists the features and the softkeys that can be configured on a softkey template and identifies whether it is supported on the Cisco IP Phones Cisco Unified Communications Manager allows you to configure any softkey in a softkey...

Page 202: ...in Join Configure Malicious Call Identification as a programmable feature button or as a softkey Yes Toggle Malicious Call Identification MCID Malicious Call Identification Yes Meet Me MeetMe Meet Me Configure Mobile Connect as a softkey Yes Mobility Mobility Mobile Connect Yes New Call NewCall New Call Yes Other Pickup oPickup Other Pickup No Queue Status PLK Support for Queue Statistics Configur...

Page 203: ...ve the changes Related Topics Cisco Unified Communications Manager Documentation on page xvii Phone Button Templates Phone button templates let you assign speed dials and call handling features to programmable buttons Call handling features that can be assigned to buttons include Answer Mobility and All Calls Ideally you modify templates before you register phones on the network In this way you ca...

Page 204: ...the phone Related Topics Cisco Unified Communications Manager Documentation on page xvii Assign Phone Button Template for All Calls Assign an All Calls button in the phone template for users with multiple shared lines When you configure an All Calls button on the phone users use the All Calls button to See a consolidated list of current calls from all lines on the phone See under Call History a li...

Page 205: ... server name 8080 ccmpd login do name DEVICENAME service fd Secure Service URL For PAB enter the following URL https Unified CM server name 8443 ccmpd login do name DEVICENAME service pab For Fast Dial enter the following URL https Unified CM server name 8443 ccmpd login do name DEVICENAME service fd Service Category Select XML Service Service Type Select Directories Enable Select the check box ht...

Page 206: ...iates with the line Step 6 Select Save to create a new phone button template that uses the service URL Step 7 Choose Device Phone and open the Phone Configuration window for the phone Step 8 Select the new phone button template from the Phone Button Template drop down list Step 9 Select Save to store the change and then select Apply Config to implement the change The phone user can now access the ...

Page 207: ...is outside the corporate network This setting is disabled by default For additional information about maintaining configuring and operating a virtual private network with a VPN see Security Guide for Cisco Unified Communications Manager Virtual Private Network Setup chapter The URL for this document is http www cisco com c en us support unified communications unified communications manager callman...

Page 208: ...swer Calls 11 5 1 and later Yes Barge cBarge No Bluetooth Smartphone integration 11 5 1 and later Yes Bluetooth USB Headsets 11 5 1 and later Yes Call Back No Call Chaperone 11 5 1 and later Yes Call Forward All No Call Park No Call Park Line Status 11 5 1 and later Yes Call Pickup 11 5 1 and later Yes Call Pickup Line Status No CFWA on multiple calls No Cisco Extension Mobility Cross Cluster No C...

Page 209: ...1 5 1 and later Yes Intercom 12 0 1 and later Cisco IP Phone 8851 8861 Key Expansion Module and Cisco IP Phone 8865 Key Expansion Module support Enhanced Line Mode Key Expansion Module 11 5 1 and later Yes Malicious Call Identification MCID 11 5 1 and later Yes Meet Me 11 5 1 and later Yes Mobile Connect No Multilevel Precedence and Preemption 11 5 1 and later Yes Mute 12 0 1 and later Yes Other P...

Page 210: ...ents on page 155 Enable Intelligent Proximity This procedure only applies to Bluetooth enabled phones Cisco IP Phone 8811 8841 8851NR and 8865NR do not support Bluetooth Note Intelligent Proximity enables users to take advantage of the acoustic properties of the phone with their mobile device or tablet The user pairs the mobile device or tablet to the phone using Bluetooth With a mobile device pai...

Page 211: ...co IP Phones with video capacity negotiate best resolution for bandwidth based on phone configures or resolution limitations Example On a direct 88x5 to 88x5 call the phones do not send true 720p they send 800x480 This limitation is purely due to the 5 inch WVGA screen resolution on the 88x5 being 800 x 480 Video bit rate range Frames per second fps Video resolution Video type 1360 2500 kbps 30 12...

Page 212: ...640 x 480 VGA 200 279 kbps 30 352 x 288 CIF 120 199 kbps 15 352 x 288 CIF 200 279 kbps 30 352 x 240 SIF 120 199 kbps 15 352 x 240 SIF 94 119 kbps 30 176 x 144 QCIF 64 93 kbps 15 176 x 144 QCIF Cisco IP Phone 8800 Series Administration Guide for Cisco Unified Communications Manager 194 Video Transmit Resolution Setup ...

Page 213: ...ablishes user rights to access the system Authorization identifies the telephony resources that a user is permitted to use such as a specific phone extension For more information see the documentation for your particular Cisco Unified Communications Manager release After you complete the LDAP directory configuration users can use the Corporate Directory service on their phone to look up users in t...

Page 214: ...ith a URL and sign in information User Personal Directory Entries Setup Users can configure personal directory entries on the Cisco IP Phone To configure a personal directory users must have access to the following Self Care Portal Make sure that users know how to access their Self Care Portal See Set Up User Access to the Self Care Portal on page 80 for details Cisco IP Phone Address Book Synchro...

Page 215: ...greement information and select the I Accept Select Next Step 6 Choose the directory in which you want to install the application and select Next Step 7 Select Install Step 8 Select Finish Step 9 To complete the process follow the steps in Set Up Synchronizer on page 197 Set Up Synchronizer To configure the Cisco IP Phone Address Book Synchronizer perform these steps Procedure Step 1 Open the Cisc...

Page 216: ...icate Selection window displays Step 7 Choose the entry that you want to include in your Personal Address Book and select OK Step 8 When synchronization is complete select Exit to close the Cisco Unified CallManager Address Book Synchronizer Step 9 To verify whether the synchronization worked sign in to your Self Care Portal and choose Personal Address Book The users from your Windows address book...

Page 217: ...P A R T IV Cisco IP Phone Troubleshooting Monitoring Phone Systems page 201 Troubleshooting page 237 Maintenance page 255 International User Support page 261 ...

Page 218: ......

Page 219: ... monitor the operation of a phone and to assist with troubleshooting You can also obtain much of this information and obtain other related information remotely through the phone web page For more information about troubleshooting see Troubleshooting on page 237 Display Phone Information Window To display the Model Information screen follow these steps Procedure Step 1 Press Applications Step 2 Sel...

Page 220: ...e rapidly between resetting an existing load to Inactive status and installing the new load When the download is complete the icon changes to indicate the completed status and a check mark displays for a successful download or an X displays for a failed download If possible the rest of the loads continue to download Inactive load Date of the most recent firmware upgrade Last upgrade Domain name of...

Page 221: ...Fields The following table describes the status messages that display on the Status Messages screen of the phone Table 33 Status Messages on the Cisco Unified IP Phone Possible explanation and action Description Message Power cycle the phone The configuration file is too large for file system on the phone CFG TFTP Size Error Obtain a new copy of the phone firmware and place it in the TFTPPath dire...

Page 222: ... not respond DHCP timeout Network is busy The errors should resolve themselves when the network load reduces No network connectivity between the DNS server and the phone Verify the network connections DNS server is down Check configuration of the DNS server DNS server did not respond DNS timeout Verify that the host names of the TFTP server or Cisco Unified Communications Manager are configured pr...

Page 223: ...add the phone to Cisco Unified Communications Manager if you are not allowing phones to autoregister See Phone Addition Methods on page 70 for details If you are using DHCP verify that the DHCP server is pointing to the correct TFTP server If you are using static IP addresses check configuration of the TFTP server The name based and default configuration file was not found on the TFTP Server File ...

Page 224: ...ecify a DNS server address No DNS server IP The trust list is not configured on the Cisco Unified Communications Manager which does not support security by default The CTL file or the ITL file is not installed on the phone No Trust List installed Update the certificate FIPS requires that the RSA server certificate is 2048 bits or greater Phone failed to register Cert key size is not FIPS compliant...

Page 225: ...to sign CTL file and the TFTP certificate that was used to sign ITL file are introduced but are not available in the current CTL and ITL files in the phone Internal phone failure occurred Possible solutions Check network connectivity Check whether the TFTP server is active and functioning normally If the Transactional Vsam Services TVS server is supported on Cisco Unified Communications Manager ch...

Page 226: ... network Procedure Step 1 To display the Status menu press Applications Step 2 Select Admin settings Status Status messages Step 3 Select Network Info Step 4 To exit Network Info press Exit Display Network Statistics Screen The Networks Statistics screen displays information about the phone and network performance To display the Network Statistics screen follow these steps Procedure Step 1 Press A...

Page 227: ...AKed KeepaliveTO Failback Phone Keypad Phone Re IP Reset Reset Reset Restart Phone Reg Rej Load Rejected HC CM ICMP Unreach Phone Abort Restart Cause Amount of time that has elapsed since the phone last rebooted Elapsed Time Link state and connection of the Network port For example Auto 100 Mb Full Duplex means that the Network port is in a link up state and has autonegotiated a full duplex 100 Mb...

Page 228: ...DISABLED DHCPv4 is INIT DHCP INIT DHCPv4 is INVALID this is initial state DHCP INVALID DHCPv4 is RENEWING DHCP RENEWING DHCPv4 is REBINDING DHCP REBINDING DHCPv4 is init reboot DHCP REBOOT DHCPv4 is requesting DHCP REQUESTING DHCPv4 is RESYNCH DHCP RESYNC DHCPv4 is booting DHCP WAITING COLDBOOT TIMEOUT Unrecognized DHCPv4 state DHCP UNRECOGNIZED Duplicated IPv4 Address DISABLED DUPLICATE IP DHCPv4...

Page 229: ...ed DHCP6 DECLINED DHCPv6 is INFOREQ DHCP6 INFOREQ DHCPv6 is INFOREQ DONE DHCP6 INFOREQ DONE DHCPv6 is INVALID this is initial state DHCP6 INVALID DHCP6 is DISABLED but DUPLICATE IPV6 DETECTED DISABLED DUPLICATE IPV6 DHCP6 is DECLINED DUPLICATE IPV6 DETECTED DHCP6 DECLINED DUPLICATE IP Duplicated autoconfigured IPv6 address ROUTER ADVERTISE DUPLICATE IP DHCPv6 is booting DHCP6 WAITING COLDBOOT TIME...

Page 230: ...tatistics to 0 press Clear Step 4 To exit the Wireless Statistics screen press Exit WLAN Statistics The following table describes the WLAN statistics on the phone Table 37 WLAN Statistics on the Cisco Unified IP Phone Description Item Number of bytes that the phone transmitted tx bytes Number of bytes that the phone received rx bytes Number of packets that the phone transmitted tx packets Number o...

Page 231: ...uence Control field indicates is a duplicate rx duplicate frames The number of successfully received MPDU of type Data or Management rx fraagmented packets The number of succesful roaming Roaming count Display Call Statistics Window You can access the Call Statistics screen on the phone to display counters statistics and voice quality metrics of the most recent call You can also remotely view the ...

Page 232: ...the number of RTP voice packets that were received since the call began because the call might have been placed on hold Note Receiver packets Number of RTP voice packets that were transmitted since voice stream opened This number is not necessarily identical to the number of RTP voice packets that were transmitted since the call began because the call might have been placed on hold Note Sender pac...

Page 233: ... events lost frames from the start of the voice stream Severely conceal seconds Estimate of the network latency expressed in milliseconds Represents a running average of the round trip delay measured when RTCP receiver report blocks are received Latency Display Current Access Point Window The Current Access Point screen displays statistics about the access point that the Cisco IP Phone 8861 uses f...

Page 234: ...ets that are queued for power save devices DTIM period A two digit country code Country information might not be display if the country information element IE is not present in the beacon Country code A list of supported channels from the country IE Channels The amount of power by which the maximum transmit power should be reduced from the regulatory domain limit Power constraint Maximum transmit ...

Page 235: ...ety of information about the phone including Device information Displays device settings and related information for the phone Network setup Displays network setup information and information about other phone settings Network statistics Displays hyperlinks that provide information about network traffic Device logs Displays hyperlinks that provide information that you can use for troubleshooting S...

Page 236: ...llowing table describes these items Some of the items in the following table do not apply to all phone models Note To display the Device information area access the web page for the phone as described in Access Web Page for Phone on page 217 and then click the Device information hyperlink Table 40 Device Information Area Items Description Item The service mode for the phone Service mode The domain...

Page 237: ...models Device description Displays the name of the phone associated with the indicated model type Product identifier Specifies the phone model Serial number Displays the unique serial number of the phone UDI Cisco Unique Device Identifier UDI of the key expansion module Applicable to Cisco IP Phone 8851 8861 8865 and 8865NR Key expansion module UDI Time for the Date Time Group to which the phone b...

Page 238: ...he Domain Name System DNS domain in which the phone resides Domain name IP address of the Dynamic Host Configuration Protocol DHCP server from which the phone obtains the IP address DHCP server Indicates whether the phone obtains the configuration from a Bootstrap Protocol BootP server BOOTP server Indicates whether the phone uses DHCP DHCP Internet Protocol IPv4 address of the phone IP address Su...

Page 239: ...ies an SRST router capable of providing Cisco Unified Communications Manager functionality with a limited feature set This router assumes control of call processing if all other Cisco Unified Communications Manager servers become unreachable The SRST Cisco Unified Communications Manager always appears last in the list of servers even if it is active You configure the SRST router address in the Dev...

Page 240: ...t disabled User locale that associates with the phone user Identifies a set of detailed information to support users including language font date and time formatting and alphanumeric keyboard text information User locale Network locale that associates with the phone user Identifies a set of detailed information to support the phone in a specific location including definitions of the tones and cade...

Page 241: ...ess enabled Indicates if the SSH port has been enabled or disabled SSH access enabled Indicates whether CDP support exists on the switch port default is enabled Enable CDP on the switch port for VLAN assignment for the phone power negotiation QoS management and 802 1x security Enable CDP on the switch port when the phone connects to a Cisco switch When CDP is disabled in Cisco Unified Communicatio...

Page 242: ... such as EM services directory and MIDlet during HTTPS establishment TVS The name of the TFTP Server used by the phone TFTP server The name of the TFTP Server used by the phone TFTP server Indicates if the phone automatically synchronizes port speed to eliminate packet loss Automatic port synchronization Indicates if the SW port is remotely controlled Switch port remote configuration Indicates if ...

Page 243: ...only address When DHCPv6 is enabled the phone gets the IPv6 address either from DHCPv6 server or from SLAAC by RA sent by the IPv6 enabled router And if DHCPv6 is disabled the phone will not have any stateful from DHCPv6 server or stateless from SLAAC IPv6 address Unlike DHCPv4 even DHCPv6 is disabled the phone can still generate a SLAAC address if autoconfigure is enabled Note DHCPv6 Displays the...

Page 244: ...e To display a Network statistics area access the web page for the phone and then click the Ethernet Information the Access or the Network hyperlink Ethernet Information Web Page The following table describes the contents of the Ethernet information web page Table 42 Ethernet Information Items Description Item Total number of packets that the phone transmits Tx Frames Total number of broadcast pac...

Page 245: ...umber of received FCS error packets or Align error packets that are less than 64 bytes in size Rx shortErr Total number of received good packets that are less than 64 bytes size Rx shortGood Total number of received good packets that are greater than 1522 bytes in size Rx longGood Total number of received FCS error packets or Align error packets that are greater than 1522 bytes in size Rx longErr ...

Page 246: ...ber of broadcast packets that the phone transmitted Tx broadcast Total number of multicast packets that the phone transmitted Tx multicast Total number of LLDP frames that the phone sent out LLDP FramesOutTotal Total number of LLDP frames that timed out in the cache LLDP AgeoutsTotal Total number of LLDP frames that were discarded when any of the mandatory TLVs is missing out of order or contains ...

Page 247: ...atus messages that the phone has generated since it last powered up The Status Messages screen on the phone also displays this information Debug display Displays debug messages that might be useful to Cisco TAC if you require assistance with troubleshooting Streaming Statistics A Cisco Unified IP Phone can stream information to and from up to three devices simultaneously A phone streams informatio...

Page 248: ...e late or are duplicates The value displays as 0 if the connection was set to send only mode Rcvr lost packets Estimate of mean deviation of the RTP data packet interarrival time measured in milliseconds The value displays as 0 if the connection was set to send only mode Avg jitter Type of audio encoding that is used for the received stream Receiver codec Number of times the RTCP Receiver Reports ...

Page 249: ...mes divided by total number of speech frames that were received from the start of the voice stream Cumulative conceal ratio Ratio of concealment frames to speech frames in the preceding 3 second interval of active speech If voice activity detection VAD is in use a longer interval might be required to accumulate three seconds of active speech Interval conceal ratio Highest interval concealment rati...

Page 250: ... if the sender is using encryption Sender encrypted Number of frames sent Sender frames Number of partial frames sent Sender partial frames Number of I frames sent I frames are used in video transmission Sender i frames Number of instantaneous decoder refresh IDR frames sent IDR frames are used in video transmission Sender IDR frames Rate at which the sender is sending frames Sender frame rate Ban...

Page 251: ...phone is streaming Row status Type of audio encoding used for the stream Sender tool RTCP Sender Reports Sender reports Last time at which an RTCP Sender Report was sent Sender report time Maximum jitter of stream Rcvr Jitter Type of audio encoding used for the stream Receiver tool Number of times this streaming statistics report has been accessed from the web page Rcvr reports Internal time stamp...

Page 252: ... Procedure Step 1 For Call Info enter the following URL in a browser http phone ip address CGI Java CallInfo x where phone ip address is the IP address of the phone x is the line number to obtain information about The command returns an XML document Step 2 For Line Info enter the following URL in a browser http phone ip address CGI Java LineInfo where phone ip address is the IP address of the phon...

Page 253: ...mple LineInfo Output The following XML code is an example of the output from the LineInfo command CiscoIPPhoneLineInfo Prompt Notify Status null Status CiscoIPPhoneLines LineType 9 LineType lineDirNum 1028 lineDirNum MessageWaiting NO MessageWaiting RingerName Chirp1 RingerName LineLabel LineIconState ONHOOK LineIconState CiscoIPPhoneLines CiscoIPPhoneLines LineType 9 LineType lineDirNum 1029 line...

Page 254: ...ask Prompt Prompt Notify Notify Status Status CiscoIPPhoneFields FieldType 0 FieldType FieldAttr FieldAttr fieldHelpIndex 0 fieldHelpIndex FieldName Call History FieldName FieldValue FieldValue CiscoIPPhoneFields CiscoIPPhoneFields FieldType 0 FieldType FieldAttr FieldAttr fieldHelpIndex 0 fieldHelpIndex FieldName Preferences FieldName FieldValue FieldValue CiscoIPPhoneFields CiscoIPPhoneModeInfo ...

Page 255: ...co IP Phone Table 45 Cisco IP Phone troubleshooting Explanation Summary Cisco does not support connecting an IP phone to another IP Phone through the PC port Each IP Phone should connect directly to a switch port If phones are connected together in a line by using the PC port the phones do not work Connecting a Cisco IP Phone to another Cisco IP Phone A prolonged Layer 2 broadcast storm lasting se...

Page 256: ...onfiguration The RxType and the TxType statistics show the codec that is used for a conversation between this Cisco IP Phone and the other device The values of these statistics should match If they do not verify that the other device can handle the codec conversation or that a transcoder is in place to handle the service Codec mismatch between the phone and another device The RxSize and the TxSize...

Page 257: ... port is functional Exchange the Ethernet cables with cables that you know are functional Disconnect a functioning Cisco IP Phone from another port and connect it to this network port to verify that the port is active Connect the Cisco IP Phone that does not start up to a different network port that is known to be good Connect the Cisco IP Phone that does not start up directly to the port on the s...

Page 258: ...problems with security may prevent the phone from starting up properly See Troubleshooting Procedures on page 249 for more information Phone Displays Error Messages Problem Status messages display errors during startup Solution While the phone cycles through the startup process you can access status messages that might provide you with information about the cause of a problem Related Topics Displa...

Page 259: ...FTP Services Are Not Running Problem If the Cisco Unified Communications Manager or TFTP services are not running phones may not be able to start up properly In such a situation it is likely that you are experiencing a systemwide failure and other phones and devices are unable to start up properly Solution If the Cisco Unified Communications Manager service is not running all devices on the networ...

Page 260: ...C address see Determine the Phone MAC Address on page 70 If the phone is already in the Cisco Unified Communications Manager database the configuration file may be damaged See Configuration File Corruption on page 241 for assistance Cisco IP Phone Cannot Obtain IP Address Problem If a phone cannot obtain an IP address when it starts up the phone may not be on the same network or VLAN as the DHCP s...

Page 261: ...ts are received and transmitted However voice traffic cannot recapture lost packets Rather than retransmitting a lost network connection the phone resets and attempts to reconnect to the network Contact the system administrator for information on known problems in the voice network Phone Resets Due to DHCP Setting Errors Problem The DHCP settings may be incorrect Solution Verify that you have prop...

Page 262: ...sing Admin settings Status Network statistics If the Restart Cause field displays Reset Reset the phone receives a Reset Reset from Cisco Unified Communications Manager Administration If the Restart Cause field displays Reset Restart the phone closed because it received a Reset Restart from Cisco Unified Communications Manager Administration Phone Resets Due to DNS or Other Connectivity Issues Pro...

Page 263: ... sections provide troubleshooting information for the security features on the Cisco IP Phone For information about the solutions for any of these issues and for additional troubleshooting information about security see Cisco Unified Communications Manager Security Guide CTL File Problems The following sections describe troubleshooting problems with the CTL file Authentication Error Phone Cannot A...

Page 264: ...r Configuration Files Do Not Authenticate Problem Phone cannot authenticate any configuration files other than the ITL file Cause The configuration file may not be signed by the corresponding certificate in the phone Trust List Solution Re sign the configuration file by using the correct certificate TFTP Authorization Fails Problem Phone reports TFTP authorization failure Cause The TFTP address fo...

Page 265: ...figuration files Cause The CTL file does not contain any TFTP entries with certificates Solution Configure TFTP entries with certificates in the CTL file Video Call Problems No Video Between Two Cisco IP Video Phones Problem Video isn t streaming between between two Cisco IP video phones Solution Check to make sure no Media Termination Point MTP is being used in the call flow Video Stutters or Dro...

Page 266: ...deo call from my desk phone to my mobile device Solution Cisco Unified Mobility does not extend to video calls A video call that is received at the desk phone cannot be picked up on the mobile phone No Video During a Conference call Problem A video call goes to an audio call when I add two or more people to the call You must use a video conference bridge for ad hoc and meet me video conferencing G...

Page 267: ...roblems Check TFTP Settings Procedure Step 1 On the Cisco IP Phone press Applications choose Admin settings Network setup Ethernet setup IPv4 setup TFTP Server 1 Step 2 If you have assigned a static IP address to the phone you must manually enter a setting for the TFTP Server 1 option Step 3 If you are using DHCP the phone obtains the address for the TFTP server from the DHCP server Check that the...

Page 268: ...ine the Phone MAC Address on page 70 Check DHCP Settings Procedure Step 1 On the phone press Applications Step 2 Select Wi Fi Network Setup IPv4 Setup and look at the following options DHCP Server If you have assigned a static IP address to the phone you do not need to enter a value for the DHCP Server option However if you are using a DHCP server this option must have a value If no value is found...

Page 269: ...cations Manager choose Device Phone and click Find to locate the phone that is experiencing problems Step 2 Choose Delete to remove the phone from the Cisco Unified Communications Manager database When you remove a phone from the Cisco Unified Communications Manager database the configuration file is deleted from the Cisco Unified Communications Manager TFTP server The phone directory number or nu...

Page 270: ...primary Cisco Unified Communications Manager server from the Server drop down list The window displays the service names for the server that you chose the status of the services and a service control panel to start or stop a service Step 4 If a service has stopped click the corresponding radio button and then click Start The Service Status symbol changes from a square to an arrow Control Debug Inf...

Page 271: ...UI Network Media Upgrade Accessory Security Wi Fi VPN Energywise MobileRemoteAccess To implement multilevel and multi section support of the parameters check the Log Profile check box Note Remote Log values Disable default Enable IPv6 Log Server or Log Server IP address IPv4 or IPv6 address When the Log Server cannot be reached the phone stops sending debug messages Note The format for the IPv4 Lo...

Page 272: ...oubleshooting your phone go to the following Cisco website and navigate to the desired phone model https www cisco com cisco web psa troubleshoot html Cisco IP Phone 8800 Series Administration Guide for Cisco Unified Communications Manager 254 Additional Troubleshooting Information ...

Page 273: ...uration and security settings The following table describes the ways to perform a basic reset You can reset a phone with any of these operations after the phone has started up Choose the operation that is appropriate for your situation Table 46 Basic Reset Methods Explanation Action Operation Resets any user and network setup changes that you have made but that the phone has not written to its Fla...

Page 274: ...apter Unplug the LAN cable Step 2 Wait 5 seconds Step 3 Press and hold and plug the phone back in Step 4 When the Headset and Speaker buttons are lit release and enter the following key sequence 123456789 0 The light for the Headset button turns off after you press the 1 key After you enter the key sequence the Mute button lights Do not power down the phone until it completes the factory reset pro...

Page 275: ...ly a Phone Password on page 42 Perform User Network Configuration Reset Resets any user and network configuration changes that you have made but that the phone has not written to flash memory to previously saved settings Procedure Step 1 From the Administrator Settings menu if required unlock phone options Step 2 Choose Reset Settings Reset Device Related Topics Apply a Phone Password on page 42 R...

Page 276: ...your particular Cisco Unified Communications Manager release Related Topics Cisco Unified Communications Manager Documentation on page xvii Voice Quality Monitoring To measure the voice quality of calls that are sent and received within the network Cisco IP Phones use these statistical metrics that are based on concealment events The DSP plays concealment frames to mask frame loss in the voice pac...

Page 277: ...cket receive RxCnt counters to verify that voice packets are flowing Conceal Ratio is near or at zero but the voice quality is poor Network impairment from packet loss or high jitter levels Average MOS LQK decreases may indicate widespread and uniform impairment Individual MOS LQK decreases may indicate bursty impairment Cross check the conceal ratio and conceal seconds for evidence of packet loss...

Page 278: ...ics liquids and powders can damage the components and cause failures When the phone is in sleep mode the screen is blank and the Select button is not lit When the phone is in this condition you can clean the screen as long as you know that the phone will remain asleep until after you finish cleaning Cisco IP Phone 8800 Series Administration Guide for Cisco Unified Communications Manager 260 Cisco ...

Page 279: ... navigate to your phone model and select the Unified Communications Manager Endpoints Locale Installer link For more information see the documentation for your particular Cisco Unified Communications Manager release The latest Locale Installer may not be immediately available continue to check the website for updates Note Related Topics Cisco Unified Communications Manager Documentation on page xv...

Page 280: ... Entry KATE support for the following Asian locales Chinese China Chinese Hong Kong Chinese Taiwan Japanese Japan Korean Korea Republic The default English United States KATE is presented to the user instead For example the phone screen will show text in Korean but the 2 key on the keypad will display a b c 2 A B C Cisco IP Phone 8800 Series Administration Guide for Cisco Unified Communications Ma...

Reviews:

No comments

Brands by name

Popular brands

Load more brands