Understanding phone configuration files – Cisco OL-23092-01 User Manual
Page 7
2-7
Cisco Unified IP Phone Administration Guide for Cisco Unified Communications Manager 8.5
OL-23092-01
Chapter 2 Preparing to Install the Cisco Unified IP Phone on Your Network
Understanding Phone Configuration Files
Understanding Phone Configuration Files
Configuration files for a phone are stored on the TFTP server and define parameters for connecting to
Cisco Unified Communications Manager. In general, any time you make a change in Cisco
Unified Communications Manager that requires the phone to be reset, a change is automatically made
to the phone’s configuration file.
Configuration files also contain information about which image load the phone should be running. If this
image load differs from the one that is currently loaded on a phone, the phone contacts the TFTP server
to request the required load files. (These files are digitally signed to ensure the authenticity of the file
source.)
In addition, if the device security mode in the configuration file is set to Authenticated and the CTL file
on the phone has a valid certificate for Cisco Unified Communications Manager, the phone establishes
a TLS connection to Cisco Unified Communications Manager. Otherwise, the phone establishes a TCP
connection. For SIP phones, a TLS connection requires that the transport protocol in the phone
configuration file be set to TLS, which corresponds to the transport type in the SIP Security Profile in
Cisco Unified Communications Manager.
Note
If the device security mode in the configuration file is set to Authenticated or Encrypted, but the phone
has not received a CTL or ITL file, the phone tries four times to obtain it so it can register securely.
Note
Cisco Extension Mobility Cross Cluster is an exception, in that the phone permits a TLS connection to
Cisco Unified Communications Manager for secure signaling even without the CTL file.
If you configure security-related settings in Cisco Unified Communications Manager Administration,
the phone configuration file will contain sensitive information. To ensure the privacy of a configuration
file, you must configure it for encryption. For detailed information, refer to
in Cisco Unified Communications Manager Security Guide.
A phone accesses a default configuration file named XmlDefault.cnf.xml only when the phone has not
received a valid Trust List file containing a certificate assigned to the Cisco Unified Communications
Manager and TFTP.
If auto registration is not enabled and you did not add the phone to the Cisco Unified Communications
Manager database, the phone does not attempt to register with Cisco Unified Communications Manager.
The phone continually displays the “Configuring IP” message until you either enable auto-registration
or add the phone to the Cisco Unified Communications Manager database.
If the phone has registered before, the phone accesses the configuration file named
SEPmac_address.cnf.xml, where mac_address is the MAC address of the phone.
For SIP phones, the TFTP server generates these SIP configuration files:
•
SIP IP Phone:
–
For unsigned and unencrypted files—SEP<mac>.cnf.xml
–
For signed files—SEP<mac>.cnf.xml.sgn
–
For signed and encrypted files—SEP<mac>.cnf.xml.enc.sgn
•
Dial Plan—<dialplan>.xml
•
Softkey Template—<softkey_template>.xml