Invalid Server Certificate – activating Spark Phone with Meraki Infrastructure WBX000023772

This will be a quick post, with a quick issue and the solution.

The issue

Some new phones needed to be activated along with a full network infrastructure deployment using Meraki gear. Meraki in my eyes was scary easy to set up, also thankfully it was already set-up for me on the cloud by a co-worker in advance.

When it was time to activate the new Spark phones, I was receiving a weird “Invalid Certificate” message that I’d never seen before. basically when receiving these type of errors, few things could be happening:
– The certificate has expired (Unlikely)
– The time on the device is wrong

The analysis

I noticed 2 things based on the configuration of the MX64 device, the DNS gets pushed to the clients as the the Firewall itself, also the NTP reference is also pushed as the Firewall itself. This is fine is we are dealing with devices that don’t need to rely on an NTP or DNS server for basic functions. As you know phones and voice stuff is very delicate when dealing with these variables

The Solution

I found the following KB article that lists the issue: Webex/Spark KB

NTP Server Settings:

I configured one of the Tandberg servers as the NTP on this case
option42

DNS Server Settings:

Also my provider is using the Google IP addresses for DNS resolution
dnsserver

What to look forward to?

Meraki and Spark are very easy to set-up, in other words scary easy! – I think this is where technology is headed these days so it makes it very useful for everybody out there.

About the Author:

Andres Sarmiento, CCIE # 53520 (Collaboration)
With more than 13 years of experience, Andres is specialized in the Unified Communications and Collaboration technologies. Consulted for several companies in South Florida, also Financial Institutions on behalf of Cisco Systems. Andres has been involved in high-profile implementations including Cisco technologies; such as Data Center, UC & Collaboration, Contact Center Express, Routing & Switching, Security and Hosted IPT Service provider infrastructures.

You can follow Andres using Twitter, LinkedIn or Facebook

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s