Upgrading Cisco 7970 phones and avoid AUTH FAIL

Taken from http://www.dudek.org/blog/291


 

I recently purchased a used Cisco 7970 phone and wanted to convert it to use the SIP protocol.

I did a factory reset and soon discovered that one cannot upgrade from the factory state
to a recent firmware build without first loading an intermediate firmware.

The problem is that the firmware in the phone validates any new firmware upload before installing it, and it does it using built-in authentication keys. Somewhere along the line Cisco changed the authentication keys used to validate the firmware, and old firmware will refuse to validate new firmware. In between, however, there were a few release that included the keys for both old and new. SIP versions of those dual-key firmwares, however, are not readily available.

The problem is that while both old and new SIP firmwares can be downloaded for free, the intermediate bridge builds require a paid Cisco account and I didn’t want to get one just for this experiment.

I found a workaround by going through a pair of free SCCP firmwares. The sequence of re-flashes can probably be optimized, but it was faster for me to just go ahead this way.

Upgrading my phone directly to firmware version 8.5 (cmterm 8-5-2SR1) or any newer version led to an “AUTH FAIL” error. Here’s what does work:

Upgrade to SIP70.8-2-1S
This is an old firmware that works on a factory-clean phone. This step is probably not needed and any old firmware is sufficient, but is where I started.

SCCP 8.5.2
Then upgrade to an old SCCP (skinney) protocol firmware version 8.5.2, available free from Cisco: SCCP70.8-5-2S (cmterm-7970_7971-sccp.8-5-2.zip)

SCCP 8.5.3
Then upgrade to a SCCP (skinny) protocol firmware 8.5.3
This is available free from Cisco. The actual zip package is cmterm-7970_7971-sccp.8-5-3.zip The key is that this firmware includes the authentication keys for new builds! The corresponding SIP firmware cannot be download for free.

SIP 9.4
Finally, you can upgrade to the free sip firmware 9-4-2SR1

Note that if you need to do all this via a TFTP server. For each
phase unzip the corresponding firmware package, modify the XMLDefault.cnf.xml
to indicate the loads file to use, and then reboot the phone.


 

Taken from http://www.dudek.org/blog/291

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.