Download
Share
Print this page
  1. Manuals
  2. Brands
  3. Cisco Manuals
  4. IP Phone
  5. 7920 - Unified Wireless IP Phone VoIP
  6. Configuring

Cisco 7920 Configuring

Wireless ip phone with wep keys, vlans, and leap
Hide thumbs Also See for 7920:

Advertisement

Quick Links

Download this manual See also: Administration Manual, User Manual
Configuring the Cisco 7920 Wireless IP Phone with
WEP Keys, VLANs, and LEAP
Document ID: 43622
Introduction
Prerequisites
Requirements
Components Used
Related Products
Conventions
Background Theory
Network Diagram
Using Open Authentication and Static WEP Keys
Configuring the Cisco 7920
Configuring the Cisco Aironet 1200 AP
Using Open Authentication, Static WEP Keys, and VLANs
Configuring the Cisco 7920
Configuring the Cisco Aironet 1200 AP with a VLAN
Configuring 802.1Q Trunking on the Catalyst 2924 XL
Configuring the Inter−VLAN Router
Using Cisco LEAP
Configuring the Cisco 7920
Configuring the Cisco Aironet 1200 AP for LEAP
Configuring the Cisco Secure Server for LEAP
Troubleshooting Guidelines
Cisco 7920 Exhibits Problems After Configuration Changes
Cisco 7920 Error Message − Association Failed, No AP Found
Cisco 7920 Error Message − No Service IP Config Failed
Cisco 7920 Error Message − Registration Rejected
Cisco 7920 Error Message − Connecting to CallManager 0−5
Cisco 7920 Configuration Utility Can Not Connect to 7920 − Connection Busy
LEAP Authentication Fails
General Troubleshooting Hints
Appendix: Configuring the Cisco 7920 with CallManager
Related Information
Introduction
This document explains how to configure the Cisco 7920 Wireless IP Phone (Cisco 7920) in common
network scenarios. It starts with the most basic configuration required to implement a Cisco 7920. It goes on
to explain the next level of complexity, which is the use of VLANs. The final level of complexity is the use of
Cisco Secure Access Control Server (ACS) for security. The goal of this document is to provide the reader
with a single document that covers the basic tasks required to implement a Cisco 7920 in a lab environment,
so that the user can use these skills to implement a Cisco 7920 in a live environment. The reason that this
document is targeted at a lab environment is that it is impossible to cover, in a single document, all of the
possible permutations of equipment and features that are available to implement a Cisco 7920 in a live
environment.
The Cisco 7920 is the first Cisco product to combine Voice over IP (VoIP) technology, Wireless LAN
(WLAN) technology, Quality of Service (QoS), and Access/Authentication/Authorization (AAA) security. In

Advertisement

loading

Related Manuals for Cisco 7920

Summary of Contents for Cisco 7920

  • Page 1 Cisco 7920 in a lab environment, so that the user can use these skills to implement a Cisco 7920 in a live environment. The reason that this...

  • Page 2: Components Used

    QoS is not covered in this document, because it is not required that you implement QoS to bring a Cisco 7920 online to place calls. The QoS (Quality of Service) Technical Support page contains links to several very good documents about the implementation of QoS in VoIP environments.

  • Page 3: Background Theory

    Background Theory The Cisco 7920 is supported by Cisco CallManager 3.2 and later. It is configured as a Cisco 7960 IP Phone in Cisco CallManager; however, it has its own image file. Wireless devices, such as the Cisco Aironet 1200 AP, treat the Cisco 7920 like a typical wireless client.

  • Page 4: Network Diagram

    This subtask assumes that you have already installed the Cisco 7920 Configuration Utility that came with your Cisco 7920. If you have not yet installed this utility, stop and do so now. The instructions for the installation are included with your Cisco 7920.
  • Page 5 Choose Menu > Phone Settings > USB Enable / Disable [Enable] to enable the Cisco 7920 USB port. Connect the Cisco 7920 to the USB cable. (The USB cable should already be connected to the PC.) Start the Cisco 7920 Configuration Utility on the PC.
  • Page 6 When this popup window appears, click Cancel: Click Import to obtain the current settings on the Cisco 7920.
  • Page 7 When this popup window appears, click OK. Click the System Parameters tab. The System Parameters configuration screen appears. In this case, the Cisco 7920 is using Dynamic Host Configuration Protocol (DHCP) to obtain its IP parameters, including the TFTP address (Cisco...
  • Page 8 The RF Network configuration screen appears. Enter the Primary Service Set Identifier (SSID) for the Cisco Aironet 1200 AP. (You will be configuring this value in the 1200 AP in the next subtask.) Leave the Transmit Power and the Data Rate set to their default values.
  • Page 9 Note: The static WEP keys must be the same on the Cisco 7920 and on the wireless infrastructure devices in your network (in this case, the Cisco Aironet 1200 AP). You might want to keep a copy of them in a document in a secure location; once they are entered into a device, you can not determine what the key is from the device itself.
  • Page 10 Note: The Phone Lock Password tab is not covered in this document. Refer to the Cisco 7920 Administrator Guide for more information on this tab. Click Export and the next popup window appears. It is not required that you save the settings to a local file;...
  • Page 11 Choose File > Exit. The next popup window appears. If you want to save the Log History, click Yes and save it to disk. Otherwise, click No. Right−click the USB icon on the taskbar. Select Cisco 7920 USB and click Stop.
  • Page 12 When this popup window appears, click OK: When this popup window appears, click OK: Choose Menu > Phone Settings > USB Enable / Disable [Disable] to disable the Cisco 7920 USB port.
  • Page 13 Configuring the Cisco Aironet 1200 AP The instructions in this section describe the minimum configuration steps to enable a Cisco Aironet 1200 AP with static WEP keys. This will allow the Cisco 7920 to access the LAN and to register with a Cisco CallManager server.
  • Page 14 In the Encryption Modes area, click the WEP Encryption radio button, and select Mandatory. Click the Encryption Key 1 radio button to set it as the Transmit Key, and enter the same WEP key that you entered in the Cisco 7920 (in this case, 1234567890abcdef0987654321).
  • Page 15 When this popup warning appears, click OK: Verifying This section helps you to verify the association of the Cisco 7920 with the Cisco Aironet 1200 AP and with the CallManager. If you entered all of the settings correctly, the Cisco 7920 should have associated and authenticated with the Cisco Aironet 1200 AP.
  • Page 16 This task adds support for VLANs, to build on the previous task. The implementation of VLANs requires configuration changes on the Cisco 7920 and on the Cisco Aironet 1200 AP. The 1200 AP can be configured with different SSIDs for each VLAN. For example, you can use VLAN1 as the SSID for VLAN1 and VLAN2 as the SSID for VLAN2.
  • Page 17 Choose Menu > Phone Settings > USB Enable / Disable [Enable] to enable the Cisco 7920 USB port. Connect the Cisco 7920 to the USB cable. (The USB cable should already be connected to the PC.) Start the Cisco 7920 Configuration Utility.
  • Page 18 When this popup window appears, click Cancel: Click Import to obtain the current settings on the Cisco 7920.
  • Page 19 When this popup window appears, click OK: Click the RF Network tab. The RF Network configuration screen appears. Change the SSID 1 value to VLAN2.
  • Page 20 Click Export and the next popup window appears. It is not required that you save the settings to a local file; but, if you would like to do so, click OK and then continue with the rest of this procedure. Note: The static WEP keys are not saved in the configuration file.
  • Page 21 Choose File > Exit. The next popup window appears. If you want to save the Log History, click Yes and save it to disk. Otherwise, click No. Right−click the USB icon on the taskbar. Select Cisco 7920 USB and click Stop.
  • Page 22 Choose Menu > Phone Settings > USB Enable / Disable [Disable] to disable the Cisco 7920 USB port. Note: If you have not yet configured VLAN on the Cisco Aironet 1200 AP, the Cisco 7920 will show the error message No AP Found. This is the expected behavior.
  • Page 23 The instructions in this section guide you through the minimum configuration steps to enable VLANs on an Cisco Aironet 1200 AP. There are two subtasks that must be preformed. The first is to create the VLANs. The second is to create the additional SSIDs and assign them to the VLANs. In this task, you will create VLAN1 and VLAN2.
  • Page 24 Mandatory. Click the Encryption Key 1 radio button to set it as the Transmit Key, and enter the same WEP key that you previously entered in the Cisco 7920 (in this case, 1234567890abcdef0987654321). Note: The WEP key input appears as asterisks. This is normal behavior.
  • Page 25 The VLAN1 is not used for the remainder of this document. This subtask is provided here as a reminder that you must associate an SSID with the default VLAN, if you are using VLANs on the Cisco Aironet 1200 AP. This is also the native 802.1Q VLAN for the 1200 AP. Step−by−Step Instructions for Configuring VLAN2 The steps in this section describe the process to configure VLAN2.
  • Page 26 Temporal Key Integrity Protocol (TKIP) feature are not supported on the initial version of the Cisco 7920. If you configure either or both of these options, the Cisco 7920 will not be able to communicate with the Cisco Aironet 1200 AP.
  • Page 27 If you would like to review the concepts related to the establishment of trunk ports on a Catalyst 2924 XL, refer to Configuring VLANs. The Catalyst 2924 XL uses VLAN1, by default, as the native VLAN for untagged 802.1Q frames. The Cisco Aironet 1200 AP is also using VLAN1 as the native VLAN for untagged 802.1Q frames.
  • Page 28 FastEthernet2/3 description AP1200 Port switchport trunk encapsulation dot1q switchport mode trunk spanning−tree portfast This partial configuration establishes an 802.1Q trunk between the Catalyst 2924 XL and the Cisco 7960 IP Phone: interface FastEthernet2/2 description Fred's 7960 switchport trunk encapsulation dot1q...
  • Page 29 Voice VLAN: none Appliance trust: none Issue the show interface fastethernet 2/2 switchport command to verify that the Cisco 7960 IP Phone port is configured correctly. In the next sample output, you can see these settings: The port is in Trunk mode.
  • Page 30 There are no troubleshooting steps for this task. Configuring the Inter−VLAN Router This subtask provides the partial configuration required for any Cisco IOS Software−based router that supports 802.1Q trunking over a Fast Ethernet port. If you would like to review the concepts involved in configuring inter−VLAN routing, refer to Routing Between VLANs Overview.
  • Page 31 Light Extensible Authentication Protocol (LEAP) removes the requirement to configure static WEP keys on the Cisco Aironet 1200 AP and the Cisco 7920. The LEAP server (Cisco Secure ACS, in this case) is responsible for providing the WEP keys to the wireless clients through the 1200 AP.
  • Page 32 When this popup window appears, click OK: Choose Edit > Settings Wizard. When this popup window appears, click Cancel:...
  • Page 33 Click Import to obtain the current settings on the Cisco 7920. When this popup window appears, click OK: Click the Network Security tab. The network Security configuration page appears. Click the LEAP radio button. Enter a User Name (in this case, fred) and a Password.
  • Page 34 Note: If you want the user to manually enter a LEAP password, then this must be set directly on the Cisco 7920. Step 21 at the end of this subtask explains how to setup the Cisco 7920 to prompt for LEAP passwords. You do not need to enter a password in the Password field before you export this configuration.
  • Page 35 Choose File > Exit. The next popup window appears. If you want to save the Log History, click Yes and save it to disk. Otherwise, click No. Right−click the USB icon on the task bar. Select Cisco 7920 USB and click Stop.
  • Page 36 Choose Menu > Phone Settings > USB Enable / Disable [Disable] to disable the Cisco 7920 USB port. Note: The Cisco 7920 will not be able to authenticate or associate with the Cisco Aironet 1200 AP, nor will it be able to register with the Cisco CallManager server, until you complete the next two...
  • Page 37 If you want the Cisco 7920 to prompt the user for a LEAP password instead of use the password stored the Cisco 7920s configuration, continue with this step. Otherwise, proceed to the next section of this document. On the Cisco 7920, choose Menu > Network Config > 802.11b configuration > LEAP >...
  • Page 38 10.21.15.10). Click Apply to save the settings. When this popup warning appears, click OK: Choose Security > Encryption Manager. The Encryption Manager page appears. Select the VLAN ID 2 on the Set Encryption Mode and Keys for VLAN drop−down list. In the Encryption Modes area, click the WEP Encryption radio button, and select Mandatory.
  • Page 39 Caution: Do not enable MIC or TKIP. They are not supported in this release of the Cisco 7920. If you enable either or both of these features, the Cisco 7920 is not able to communicate with the Cisco Aironet 1200 AP.
  • Page 40 This subtask guides you through a basic Cisco Secure ACS configuration. It will support LEAP on a Cisco 7920, for the user that you assigned to the Cisco 7920 in a previous section of this document. A complete explanation of this process is beyond the scope of this document. However, the online help provided with the Cisco Secure ACS is very comprehensive.
  • Page 41 Note: This server was originally installed to be used as an Aironet RADIUS Server for a different Cisco Aironet 1200 AP Client. These steps explain how to add another Aironet RADIUS AAA client: Click Add Entry on the AAA Clients menu.
  • Page 42 The new client appears on the menu. Click the User Setup button to navigate to the User Setup page. Enter the same user name that you assigned to the Cisco 7920 in the Configuring the Cisco 7920 section of this document, and click Add/Edit.
  • Page 43 Select the Password Authentication database that you will be using (in this case, the local Cisco Secure ACS Database). Enter and confirm the Password that you assigned to this users Cisco 7920 in Configuring the Cisco 7920 section of this document.
  • Page 44 Click the Submit button at the bottom of the page. Click the System Configuration button to navigate to the System Configuration page. Click Logging.
  • Page 45 Click CSV Failed Attempts. Check the Log to CSV Failed Attempts report check box. Accept the defaults for the column values, and click Submit. Click CSV Passed Authentications. Check the Log to CSV Passed Authentications report check box. Accept the defaults for the column values, and click Submit. Click CSV RADIUS Accounting.
  • Page 46 This completes the configuration steps required to enable the Cisco 7920 to do LEAP authentication. Verifying If the Cisco 7920 is already powered on, power cycle it. If it is off, turn it on now. Watch the messages as it boots up and authenticates and associates.
  • Page 47 Click the Passed Authentications active.csv file. The Passed Authentication active.csv page appears. You should see an entry for the Cisco 7920, which shows that it authenticated when it started up. Troubleshooting See the LEAP Authentication Fails section in the Troubleshooting Guidelines section of this document.
  • Page 48 Instructions for Configuring VLAN2). If you want to change the SSID on the Cisco 7920, do so directly on the Cisco 7920 itself or from the Cisco 7920 Configuration Utility. To change the SSID on the phone directly, use the next procedure.
  • Page 49 Cisco 7920 Error Message − No Service IP Config Failed If the Cisco 7920 is setup to obtain its IP parameters from a DHCP serverand it is not able connect to the DHCP server or the DHCP server is not able to provide an IP address to the Cisco 7920then the No Service IP Config Failed error message appears.
  • Page 50 7920 section of this document to configure a static IP address. Select an IP address from the appropriate subnet that is not already in use on the network. Turn the Cisco 7920 off and back on again, after you have configured the static IP address.
  • Page 51 Choose Edit Menu > Network Config > 802.11b Configuration > Wireless Settings > SSID > SSID1 > Specify. When you are done, click OK. Note: If you need help with the text entry feature on the Cisco 7920, see the Background Theory section of this document.
  • Page 52 Native VLAN ProblemThe Cisco Aironet 1200 AP sends all authentication traffic on the native VLAN. Verify that the 1200 AP is using the correct native VLAN to send traffic to the Cisco Secure ACS. Log in to the Cisco Aironet 1200 AP, and choose Setup > VLAN. Issue the show interface fastethernet 2/3 switchport to verify that the 1200 AP port is configured for the correct native VLAN.

  • Page 53: General Troubleshooting Hints

    If the Cisco Aironet 1200 AP is configured with VLANs, then the first SSID with which the Cisco 7920 finds a match on the 1200 AP will be used to indicate the VLAN over which the Cisco 7920 should communicate. For instance, if the Cisco 7920 has SSID1=Larry, SSID2=Curly, and SSID3=Moe, and the Cisco Aironet 1200 AP has SSIDs George on VLAN1, Paul on VLAN2, and Curly on VLAN3, then the 7920 will connect through VLAN3.

  • Page 54: Related Information

    Technical Support − Cisco Systems Contacts & Feedback | Help | Site Map © 2007 − 2008 Cisco Systems, Inc. All rights reserved. Terms & Conditions | Privacy Statement | Cookie Policy | Trademarks of Cisco Systems, Inc. Updated: Oct 09, 2006...