New Lync Aries Series Phone Reboots

Recently I was working with a client who was moving to a native Lync 2010 Enterprise Voice solution; a very exciting project and one that involved replacing an Avaya phone switch and the desktop phones with Lync and Polycom CX500CX600, and CX3000 phones. In addition to the new phone hardware, there was a switch upgrade happening at the same time to provide PoE to all of the desks. Cisco Catalyst 3750 switches were purchased and used for the new desktop switching which also supported the LLDP-MEP option for VLAN segregation (rather than the DHCP scope options).

Everything appeared to be going great until the next day. We noticed that in the morning as soon as the user unlocked their workstation or touched the phone it would reboot. Not a great result especially since we were using the Ethernet pass-through switch port on the back of the CX600 phones for the user's computer.

As it turns out, the issue dealt with the power saving modes of the Aries Phones and a PoE/LLDP-MEP compatibility issue. There are three stages of power on the phones, full, idle, and sleep. When the phones were jumping from sleep to full (at workstation unlock or touching a key) they jump an additional 2w. The Cisco switches, because LLDP-MEP was being used, knew the devices were phones and in a prevention action saw the jump as a surge and killed power to the port (thus the reboot).

The solution was simple - disable LLDP-MEP on the Cisco switches globally and add the DHCP options to assign the voice VLAN. Once this was done the phones remained up and all was well.

Thanks to Dave Howe of Microsoft PSS and Jeff Schertz of Polycom for pointing us in the right direction.

PIN Authentication Login Fails on the Devices, NTP

PIN Authentication works using the Test-CsPhoneBootstrap cmdlet but fails on Lync devices

Recently I decided to 'play' with my Lync devices by moving them to a dedicated voice VLAN on my network. After doing so, I noticed I was unable to use PIN authentication. I found this extremely odd especially since I had just told a fellow colleague how simple the PIN process was. From the Lync 2010 servers the Test-CsPhoneBootstrap cmdlet was passing with a code of Success making me even more perplexed. Digging a bit deeper into the issue, I noticed that the phones authenticating using a PIN as well as my CX700 phones were taking a significant amount of time at boot while they were acquiring their time.

Comparing my two VLANs nothing stood out until I remembered I did not allow the new VLAN Internet access (why should the phones need to go out to the Internet after all?). Well, as it turns out, they were getting their time service from time.windows.com come even though my Windows domain controllers were configured as NTP servers and their SRV records existed in DNS.

The solution was quite simple and all devices benifited from a faster boot time. Within DHCP there is a standard option, 042 NTP Servers, which I configured with mydomain controllers as the defined values. As soon as I added this option, the phones received their time nearly instantly and PIN authentication worked as expected.