Phone configuration files are stored on the TFTP server and
define Cisco Unified Communications Manager connection parameters. In
general, whenever you make a change in Cisco Unified Communications Manager
that requires the phone to reset, a change is made automatically to the
phone configuration file.
Configuration files also contain information about the image
load that the phone should be running. If this image load differs from the one
currently that is loaded on a phone currently, the phone contacts the TFTP
server to request the required load files. These load files are digitally
signed to ensure the authenticity of the file source.
In addition, if the device security mode in the configuration
file is set to Authenticated and the CTL file on the phone has a valid
certificate for Cisco Unified Communications Manager, the phone establishes a
TLS connection to Cisco Unified Communications Manager. Otherwise, the phone
establishes a TCP connection. For SIP phones, a TLS connection requires that
the transport protocol in the phone configuration file be set to TLS, which
corresponds to the transport type in the SIP Security Profile in Cisco Unified
Communications Manager Administration.
Note |
If the device security mode in the configuration file is set to
Authenticated or Encrypted but the phone has not received a CTL or ITL file,
the phone tries four times to obtain the file so it can register securely.
|
Note |
Cisco Extension Mobility Cross Cluster is an exception, in that the
phone permits a TLS connection to Cisco Unified Communications Manager for
secure signaling even without the CTL file.
|
If you configure security-related settings in Cisco Unified
Communications Manager Administration, the phone configuration file contains
sensitive information. To ensure the privacy of a configuration file, you must
configure it for encryption. For more information, see the
Cisco Unified Communications Manager Security Guide,
"Configuring Encrypted Phone Configuration Files" chapter.
A phone requests a configuration file whenever it resets and
registers with Cisco Unified Communications Manager.
A phone accesses a default configuration file named
XmlDefault.cnf.xml only when the phone has not received a valid Trust List file
that contains a certificate assigned to Cisco Unified Communications Manager
and TFTP.
If autoregistration is not enabled and you did not add the
phone to the Cisco Unified Communications Manager database, the phone system rejects the phone registration request with
Cisco Unified Communications Manager. The phone displays the
Configuring IP message continuously until you either enable autoregistration or
add the phone to the Cisco Unified Communications Manager database.
If the phone has registered previously, the phone accesses the
configuration file named SEPmac_address.cnf.xml, where mac_address is the MAC
address of the phone.
For SIP phones, the TFTP server generates these SIP
configuration files:
The filenames derive from the MAC Address and Description
fields in the Phone Configuration window of Cisco Unified Communications
Manager. The MAC address uniquely identifies the phone. For more information,
see
the Cisco Unified Communications Manager Administration Guide.
For more information about the phone interaction with the
TFTP server, see the
Cisco Unified Communications Manager System Guide, "Cisco
TFTP" chapter.