Skip to main content
CallTower Solutions Center

ASA - Phone Proxy Configuration

  1. Last updated
  2. Save as PDF

ASA Phone Proxy as Replacement for Sipera

Overview

Appia is migrating remote phone users on Chicago based Callmanagers to ASA Phone Proxy as a replacement for the Sipera system.  This document explains how to convert a phone / set up a new phone and troubleshoot remote phone registration.

There are two ASA clusters dedicated to the Phone Proxy function.  Details are below:

Callmanager Cluster

CHI-CM1 (69.54.70.3)

CHI-CM2 (69.54.70.41)

Remote Phone TFTP Setting

69.54.75.10

69.54.75.20

Management IP

10.22.22.43

10.22.22.44

 

Configuration

No configuration is necessary on the ASA cluster, only the phone configuration in Callmanager and the phone itself need updating.  Configuration steps below assume a working phone.  For new phones, add the device as normal, then follow the steps below.

Callmanager

  • Navigate to the phone, and scroll down to the section labeled Certification Authority Proxy Function (CAPF) Information
  • Change the Certificate Operation field to Install / Upgrade, Authentication Mode to By Authentication String, and enter 1234 in the Authentication String field.  Save your changes and reset the phone.

 

Phone

  • Click on the Settings button on the phone and select Network Configuration.  If the menu shows IPv4 Configuration, select that option.
  • Enter **# on the phone keypad.  The lock icon in the top right corner of the screen should open.  Scroll through the settings until you see the Alternate TFTP option.  This should be set to Yes.  Change the setting as necessary.
  • Scroll up until you see the TFTP Server 1 setting.  Click the Edit softkey and change to 69.54.75.10 for CHI-CM1 or 69.54.75.20 for CHI-CM2. Press the Validate softkey when finished, then press the Save softkey.
  • When the phone finishes rebooting, click on the Settings button on the phone and select Security Configuration.  You may need to scroll down to find this setting.
  • Scroll down to LSC and click the Update softkey.  Enter 1234 as the Authorization String, then click Submit.  You should see LSC Pending.  When that changes to LSC Installed, press **#** on the keypad to reboot the phone if it does not reboot on its own.  When the phone finishes rebooting, it should be ready to use.

Troubleshooting

Below are some common commands that can be run on the ASA to diagnose issues.

Show phone-proxy secure-phones

This command shows phones registered with the ASA phone proxy.  Sample output is listed below:

ASA-phone-proxy: 2 in use, 2 most used

 

           Interface      IP Address  Port MAC            Timeout Idle

             Outside    50.83.223.57 50706 0024.c4be.4577 0:05:00 0:00:11

             Outside    50.83.223.57 50409 000d.299d.5416 0:05:00 0:00:13

 

Note the port number column – if the port shown is zero (0) the phone is registered through the ASA but is not using the proxy and will not work properly.  This is usually shown before the LSC is updated on the phone.

Show phone-proxy media-sessions

This command shows media sessions for calls in progress.  Note that the ASA anchors the media for both the proxied phone and the other party.

2 in use, 2 most used

Media-session: 69.54.75.21/31862 :: client ip 69.54.75.194/21284

  Lcl SRTP conn 69.54.75.21/31862 to 50.83.223.57/19482 tx_pkts 1449 rx_pkts 1450

 

Media-session: 69.54.75.21/31790 :: client ip 98.83.241.86/19482

  Lcl RTP conn 69.54.75.21/31790 to 69.54.75.194/21284 tx_pkts 1450 rx_pkts 1452

 

 

Debug phone-proxy tftp

This debug command will show the download of configuration and phone firmware files as well as the rewrites done on the Callmanager server IP addresses.  Please escalate to engineering if you need this level of detail.

 

 

 

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Reference
  2. Tags
    1. Appia
    2. ASA
    3. Cisco
    4. remote phone
    5. stage:draft