[cisco-voip] 79xx and Firmware 9-2-1
Mike King
me at mpking.com
Fri Jan 6 17:33:05 EST 2012
Just to continue to beat a dead horse.
I've been staring at the status logs on my phone. I have a thought.
Is the TVS service actually running on my PUB? My pub (10.201.27.5) is the
ONLY TVS server i see the phone TRY to connect to (even though I have 3
SUBs)
This snippet is repeated a few times in my logs, but never seem to change
ips to the subs.
I just see TIMEOUT's.
I've looked at the PUB, there is no TVS service under security,
Just "Cisco Certificate Authority Proxy Function " but it is disabled
(looks like it should be, since i'm NOT using CTL certs)
4523: NOT 17:14:57.196797 SECD: connectToTvsServer: Successfully
started a TLS connection establishment to the TVS server:
IP:10.201.27.5, port:2445(default); Waiting for it to get connected.
4524: NOT 17:14:57.202183 SECD: clpGetConnParams: IP Mode is 1, addr :
10.201.27.5
4525: NOT 17:14:57.203283 SECD: clpSetupSsl: IP TOS : 0
4526: NOT 17:14:57.205029 SECD: clpSetupSsl: TVS SSL/TLS req
<10.201.27.5, TOS 0>
4527: WRN 17:14:57.207400 SECD: WARN:clpSetupSsl: no LSC for TVS, will
try MIC, <10.201.27.5> c:12
4528: NOT 17:14:57.208508 SECD: clpSetupSsl: TVS, TLSv1, cert MIC,
cipher [AES256-SHA:AES128-SHA:DES-CBC3-SHA]
4529: NOT 17:14:57.209974 SECD: clpSetupSsl: binding to lport
4530: NOT 17:14:57.211870 SECD: clpSetupSsl: binding to IPV6
4531: NOT 17:14:57.213052 SECD: clpSetupSsl: Trying to connect to IPV6
to 10.201.27.5, ::
4532: NOT 17:14:57.214482 SECD: clpSetupSsl: TCP connect() waiting,
<10.201.27.5> c:12 s:13 port: 2445
4533: WRN 17:15:02.160261 SECD: tvsReqQueryCertificate: recv() of TVS
response returning EAGAIN, will retry
4534: WRN 17:15:07.180174 SECD: tvsReqQueryCertificate: recv() of TVS
response returning EAGAIN, will retry
4535: ERR 17:15:07.220415 SECD: EROR:clpSetupTmoCb: conn setup timed
out (10 sec), <10.201.27.5> c:12 s:13
4536: NOT 17:15:07.221485 SECD: clpSetupTmoCb: conn setup being
canceled, <10.201.27.5> c:12 s:13
4537: ERR 17:15:07.222521 SECD: EROR:clpSndStatus: SSL CLNT ERR,
srvr<10.201.27.5>
4538: ERR 17:15:07.223462 SECD: EROR:secErr_errStr: *** bad err table ***
4539: ERR 17:15:07.224434 SECD: EROR:secErr_errStr: ** SEC-ERR:
code:1(N/A) subcode:7(TIMEOUT)
4540: ERR 17:15:07.225394 SECD: EROR:clpSndStatus: ** SEC-ERR: desc
<conn setup timeout>
4541: NOT 17:15:07.228394 SECD: clpTvsInit: select returned the TVS
proxy server socket, fd : 11
4542: ERR 17:15:07.229653 SECD: EROR:secSock_isConnected: ** failed to
connect to target
4543: ERR 17:15:07.230817 SECD: EROR:secErr_errStr: *** bad err table ***
4544: ERR 17:15:07.231786 SECD: EROR:secErr_errStr: ** SEC-ERR:
code:1(N/A) subcode:7(TIMEOUT)
4545: ERR 17:15:07.232723 SECD: EROR:secSock_isConnected: ** SEC-ERR:
desc <conn setup timeout>
4546: ERR 17:15:07.233666 SECD: EROR:checkTvsSrvrConn: Failed to get
TVS TLS session connected - setup failed
4547: NOT 17:15:07.234650 SECD: cleanupTvsSrvrSock: Clearing TVS proxy
server socket, fd : 11
4548: NOT 17:15:07.235768 SECD: getTvsServerInfo: Phone in IPv6 only mode
4549: NOT 17:15:07.236775 SECD: getTvsServerInfo: IPv6 server address
not configured.Trying the next address
4550: NOT 17:15:07.237815 SECD: getTvsSrvrSock: TVS server info: IP :
, tvsPort : -1, ipMode : -1, timeout : -1, dscpValue : 0, srvrRetries
: 2
4551: ERR 17:15:07.238799 SECD: EROR:getTvsSrvrSock: No more tvs
servers available
4552: NOT 17:15:07.239892 SECD: sendErrRespToClient: Sending the
failed response to all TVS client and cleaning up
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20120106/8d19884b/attachment.html>
More information about the cisco-voip
mailing list