No and no: they’re H.323 ISDN gateways for CUCM (also SRST), no CAPF is configured anywhere, or encrypted voice in general.
-- James Andrewartha Network & Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 From: <[email protected]> on behalf of Brian Meade <[email protected]> Date: Tuesday, 1 May 2018 at 9:31 pm To: James Andrewartha <[email protected]> Cc: cisco-voip voip list <[email protected]> Subject: Re: [cisco-voip] IOS crypto pki certificate pool Is it running CME with CAPF configured? On Mon, Apr 30, 2018 at 11:44 PM, James Andrewartha <[email protected]<mailto:[email protected]>> wrote: Hi voipers, Has anyone seen an issue where a router will fail to load its config after a reboot because of "crypto pki certificate pool" configuration that is somehow automatically downloaded? It is annoyingly repeatable for me, I have to connect via serial console because all the IP config is after the certificates. The routers are 2921 running C2900-UNIVERSALK9-M, 15.3(3)M4, RELEASE SOFTWARE (fc2). After restoring the config, the certificates are redownloaded after a week or so. The first new lines (from the rancid diff) are: crypto pki certificate pool + certificate ca 01 + 30820335 3082021D A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 3C310B30 09060355 04061302 55533116 30140603 55040A13 0D436973 636F2053 Thanks, -- James Andrewartha Network & Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 _______________________________________________ cisco-voip mailing list [email protected]<mailto:[email protected]> https://puck.nether.net/mailman/listinfo/cisco-voip
_______________________________________________ cisco-voip mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-voip
