[cisco-voip] ITL Files and UC Upgrades

Stephen Welsh stephen.welsh at unifiedfx.com
Wed Jan 15 13:54:25 EST 2014


Hi,

As mentioned (thanks Mary :) PhoneView is very effective at managing ITL/CTL files, and the good news is the latest version (4.0, due for release very shorty) automatically falls back to the phones web server so it works with unregistered phones too, assuming they can still authenticate requests etc.

A relevant new feature added to version 4.0 is the speed and efficiency increase, it’s now possible to delete ITL files from clusters with 10,000+ phones in minutes instead of days. In testing we have found that PhoneView 4.0 is now 100x faster than ALL other methods!

However one of the best features beyond just deleting ITL/CTL files is the unique ability to detect which phones have an invalid ITL file, analyse which phones can be fixed remotely or may need someone to physically go to the phone. PhoneView exports a full inventory as well as a “Physical Remediation” list that includes the switch, port & user for each device that can’t be fixed remotely. So if you do have any ITL issues, you have the greatest chance of fixing them remotely, and if they do need someone to manually fix the phone you have a detailed list you can use.

In my signature I’ve included the webinar recordings Akhil Behl (author of Securing Cisco IP Telephony Networks) and I presented that cover this subject matter.

If you (or anyone else) would like to try version 4.0, we have provided early access, simply submit a trial request here:

http://www.unifiedfx.com/phoneview/trial

Kind Regards.

Stephen Welsh

[cid:image001.png at 01CEAFE6.C53903B0]

================================================================
Unified FX’s FREE Educational seminars on The Essentials of Endpoint Security & Compliance
• Session 1: The Impact of Security by Default (Recording: http://goo.gl/2yJaKm)
• Session 2: Understanding and Managing ITL & CTL Files (Recording: http://goo.gl/w05Dqh)
• Session 3: Leading Practices for Endpoint Security & Compliance (Recording: http://goo.gl/GuXy2P)
================================================================

On 15 Jan 2014, at 17:38, <MManly at TEP.com<mailto:MManly at TEP.com>> <MManly at TEP.com<mailto:MManly at TEP.com>> wrote:

Fair enough.  I have not used the roll back option and yes, phone registration would be necessary for the tool to be useful to you.

From: Lelio Fulgenzi [mailto:lelio at uoguelph.ca]
Sent: Wednesday, January 15, 2014 10:33 AM
To: Manly, Mary
Cc: cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>; afrankel at cisco.com<mailto:afrankel at cisco.com>
Subject: Re: [cisco-voip] ITL Files and UC Upgrades

The problem with those remote control tools, is that as far as I know, the phones need to be registered. If the phones are registered, then the roll back parameter should suffice.

I'm not clear where the remote control tool will help really.

Lelio

---
Lelio Fulgenzi, B.A.
Senior Analyst, Network Infrastructure
Computing and Communications Services (CCS)
University of Guelph

519‐824‐4120 Ext 56354
lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>
www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs>
Room 037, Animal Science and Nutrition Building
Guelph, Ontario, N1G 2W1

________________________________
From: MManly at TEP.com<mailto:MManly at TEP.com>
To: lelio at uoguelph.ca, afrankel at cisco.com
Cc: cisco-voip at puck.nether.net
Sent: Wednesday, January 15, 2014 12:07:42 PM
Subject: RE: [cisco-voip] ITL Files and UC Upgrades

Phone view from unified fx is a really useful product for phone management. We used it in my previous job to delete ctl files when moving from secure to non secure mode and it worked great.

I think there is now a YouTube video demonstrating the deletion of itl files using it.

It's not free, but we'll worth it, IMHO.

Sent from my Android phone using TouchDown (www.nitrodesk.com<http://www.nitrodesk.com/>)

-----Original Message-----
From: Adam Frankel (afrankel) [afrankel at cisco.com<mailto:afrankel at cisco.com>]
Received: Wednesday, 15 Jan 2014, 9:58AM
To: Lelio Fulgenzi [lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>]
CC: cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net> (cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>) [cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>]
Subject: Re: [cisco-voip] ITL Files and UC Upgrades
A factory reset removes the ITL, but could also put you on a firmware that is not a direct jump to your current Device Defaults, leaving the user stuck on the older load.

--
Adam

From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Lelio Fulgenzi
Sent: Wednesday, January 15, 2014 11:04 AM
To: Brian Meade (brmeade)
Cc: cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net> (cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>)
Subject: Re: [cisco-voip] ITL Files and UC Upgrades


hi Brian,

I'm planning a v7 to v9 upgrade and will be looking at (and testing) back out procedures. My hope is that if we need to roll back to v7, using the roll back parameter will help, but in the event it doesn't we'll have to manually fix things. The document you reference talks about deleting the ITL files manually, but I'm wondering if performing a factory reset does the same thing?

My concern is that the instructions to delete the ITL file are (might be) a little more complicated than a factory reset.

Thoughts?

Lelio


---
Lelio Fulgenzi, B.A.
Senior Analyst, Network Infrastructure
Computing and Communications Services (CCS)
University of Guelph

519‐824‐4120 Ext 56354
lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>
www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs>
Room 037, Animal Science and Nutrition Building
Guelph, Ontario, N1G 2W1

________________________________
From: "Brian Meade (brmeade)" <brmeade at cisco.com<mailto:brmeade at cisco.com>>
To: "Dana Tong" <Dana_Tong at bridgepoint.com.au<mailto:Dana_Tong at bridgepoint.com.au>>, "cisco-voip at puck.nether.net (cisco-voip at puck.nether.net)<mailto:cisco-voip at puck.nether.net%20(cisco-voip at puck.nether.net)>" <cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>>
Sent: Wednesday, January 15, 2014 9:23:25 AM
Subject: Re: [cisco-voip] ITL Files and UC Upgrades
Dana,

The rollback option requires all phones to be reset after changing the Enterprise Parameter so that the phones can get the new blank ITL.  After they get the new blank ITL is when you can then move it to the other cluster.  The rollback option isn’t preferred since phones on the old cluster will have problems with secure services such as corporate directory before they are moved to the new cluster.  I’d suggest using the Bulk Certificate Export/Consolidate/Import option to maintain 100% functionality while also allowing you to roll phones back to the old cluster if something went wrong with the upgrade easily.  Check outhttps://supportforums.cisco.com/docs/DOC-15799 for more info on this.

Brian

From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Dana Tong
Sent: Wednesday, January 15, 2014 12:25 AM
To: cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net> (cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>)
Subject: [cisco-voip] ITL Files and UC Upgrades

Hi all,

I was just testing the process for migrating handsets from an old 8.0 cluster on MCS hardware to new virtualised UCM.

•         I set the Enterprise Parameter – Prepare cluster for rollback to pre 8.0.
•         Restarted the Trust Verification Service on all nodes.
•         Restarted the TFTP service on all nodes.
•         Restarted my pilot handset.

•         Once this was completed I changed the TFTP servers to point to the new cluster and restarted the phone.
•         The phone came back on the old cluster.

I had to manually go in to the phone and delete the ITL file and reset it again before it would register to the new cluster.

Am I doing something wrong? What is the correct procedure? (I am aware of other third-party applications which will do this for me).

Cheers
Dana


_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip


_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20140115/291a75ba/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 1420 bytes
Desc: image001.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20140115/291a75ba/attachment.png>


More information about the cisco-voip mailing list