Standalone Cisco 7941/7961 without a local PBX
Business SIP Provider
|Provider||Plan Details||Monthly Rate *|
PBX SIP Trunking
Small Business VoIP Phone Systems
8x8 IP Trunking
Most of these caveats also apply to the 7945/7965 (the newer models with backlit color LCDs). See also: Standalone Cisco 7945/7965.
An additional set of configs etc have been posted here: Standalone Cisco 7941/7961 without a local PBX - Another
As Cisco has not yet documented the XML configuration file format for 79x1 phones, the best source of documentation is on the Asterisk phone cisco 79x1 xml configuration files for SIP page. This write up is a supplement, rather than a replacement. Some other good sources of information:
- 2005-September-09 Press Release
- Documentation for Cisco Unified IP Phone 7961G/7961G-GE and 7941G/7941G-GE
- Firmware download for Cisco IP Phone FW 7900 Series (CCO login required)
- Familiar office phone interface at home
- Officially brighter future and higher resolution display than 79x0
- Has a dynamic jitter buffer for SIP, something Asterisk (currently) has only for IAX
- Potential integration with CallManager extranet (untested)
- Compatible with widely available headsets
- Support standard 803.af "Power Over Ethernet" (POE), whereas 79x0 only support a proprietary pre-standard POE variant
ModelThe 7941G has two line buttons, the 7961G has six. Line buttons are configurable as outgoing SIP channels ("SIP lines") or as configurable speed dial buttons. Both models appear to support three simultaneous SIP streams/channels/calls
Finding the correct part
IANAL, but it is technically possible to use a "spare" part (e.g. CP-7961G=) rather than the part that includes the software license (e.g. CP-7961G-CH1). There is a difference of opinion on the Internet as to when the license is required, but Voiplink.com claims (Syburgh: I neither purchased from, nor have any affiliation with them):
The spare "CP-79xxG=" parts come with the phone, corded handset, English language stickers, cardboard box, and miscellaneous warranty/safety papers. They DO NOT include a power adapter, network cable, or SMARTnet contract.
Q. Do I need a Call Manager License to operate the phone with another IP PBX such as Asterisk?
A. No you only need a license to operate the phone with Call Manager or Call Manger Express. Licensing is the responsibility of the customer.
A. No you only need a license to operate the phone with Call Manager or Call Manger Express. Licensing is the responsibility of the customer.
There appear to be many unscrupulous suppliers who "remark" spares as more expensive licensed phones and charge for the licensed model, beware: Exposing the Cisco Call Manager License Scam.
PowerThe phone does not come with a power adapter, so unless you have a POE capable switch you will need either an external power brick that plugs into the phone's power jack (e.g. CP-PWR-CUBE-3=) or a "midspan" 803.af power injector (e.g. PowerDsine PD-3001) that delivers power through the Ethernet cable. POE offers a single cable solution, but may potentially result in lower audio quality (most corporate installations of these phones use POE). The 79x1 phones are also compatible with the proprietary/pre-standard POE implementation used by the 79x0 phones.
FirmwareFrom the factory Cisco 7900 series phones come with SCCP ("skinny") firmware installed, so you will need to procure and install the necessary SIP firmware. You should be able to talk Cisco support into providing access to the SIP firmware on a one-time basis by explaining that the phone is useless to you without it. Consider purchasing a service contract to secure access to future firmware upgrades
If your phone is still quite new, talk your distributor into opening a software warranty case. A Cisco technician will then provide him (not you) with a download link.
SMARTnet Service ContractA SMARTnet contract is the easiest way to gain legal access to all versions of Cisco firmware. A much more complete discussion of SMARTnet contracts is on Cisco page. Outside the US it may be possible to buy an inexpensive SMARTnet contract for less than $10/year. Within the US the least expensive choice appears to be Bottom Line Telecom, for $12.95/yr + $2.00 handling = $14.95 out the door. They also sell a less comprehensive license for about $8, but orders under $10 may be subject to a "shipping" charge of ~$10.
See also: CON-SW-PKG1-VS, described as "Cisco SMARTnet Software Only - Category 1" for $56/year.
Syburgh: I found this contract listed among the comments on the Cisco page and purchased this from UK-based http://www.ithsc.com. They were quite helpful (following up on weekends and late at night) and even assisted in identifying that the phone I had received from an online vendor was a remarked spare.
HeadsetThere are many Cisco Phone Headsets: anything from Plantronics with a Quick Disconnect (QD) connector should work, meaning any "H Series" headset (e.g H81 Tristar). A $20 amplifier cable is also required (Plantronics Part: 26716-01), this is the same cable that connects a Plantronics headset to the M10/M12 amplifier and is sometimes listed as a "replacement amplifier cable". The Cisco 7900 series phones do not require any external amplifier so you will not need an M10/M12, just the adapter cable.
Configuration FileThis is outside the scope of this write up and is described well enough to get you started on the Asterisk phone cisco 79x1 xml configuration files for SIP page. The file should be named appropriately (i.e. SEP[MAC address].cnf.xml) and ASCII encoded. This is where your SIP proxy information goes.
General configurationThe following settings are particularly important and referenced elsewhere in this write up:
- Sets local time zone (values described elsewhere). The SIP RFC requires that all dates be transmitted in UTC, so this setting enables the phone to convert to local time for the on-screen display
- Must be either an IP address or a DNS name that resolves. In a CallManager PBX scenario, this would be the name of the CallManager server.
- outboundProxy, outboundProxyPort
- Configure a local outbound SIP proxy (e.g. siproxd, OpenSER). If you have one VOIP provider and they require you to register using a different SIP domain than their SIP proxy's FQDN, then you may be able to add the SIP proxy's FQDN here and the SIP domain in the proxy setting for the SIP line. Otherwise leave this setting empty
trueis a good choice as it instructs the phone to register with configured SIP lines
trueenables voice activity detection (VAD), which reduces bandwidth requirements but causes errors with Asterisk SIP proxies and may cause the beginning and end of the user's words to sound clipped
- Choices are
g729a, though the phone will use a non-preferred codec when required
truethe phone will use the "Received" header from the SIP proxy (usually 401 Authentication Required) to masquerade its contact information. It works for some people but not others, and might be a way to avoid hard-coding your router's external address into the configuration if you can make it work
truethe phone will use the value of the natAddress option instead of its own IP address for SIP, SDP, and RTP messages. If natReceivedProcessing is
trueit will (reportedly) override the value of the natAddress setting. The documentation for the 79x0 equivalent nat_enable parameter describes how the various NAT settings are used
- Public IP address or DNS name of your router. You could use a dynamic DNS registration to ensure that this always matches your router's public IP address (e.g. myhome.dyndns.org), though configuring dynamic DNS is outside the scope of this write up. The value
UNPROVISIONEDis equivalent to an empty value
- As many as 11 characters to show in the upper right of the phone's display, if not set it defaults to the value of the name setting for the lowest number line button (i.e. button closest to top of phone)
- First UDP port to use for RTP audio streams (defaults to
16384). This should match your router's NAT mapping
- Last UDP port to use for RTP audio streams (defaults to
32768), should be greater than startMediaPort. This should match your router's NAT mapping
- UDP port to listen for incoming SIP messages (defaults to
5060). Note that this is not the port the phone uses to send SIP messages. This odd behavior is RFC compliant but highly non-standard and breaks symmetric NAT traversal workarounds commonly deployed by VOIP providers
- Value should match name of dial plan file on TFTP server where the configuration file is found. The 79x1 can use 79x0 dial plan configuration files.
- Name of firmware to load, which should match the name of a file on the TFTP server where the configuration file is found without the
SIP41.8-0-2SR1S.loadscorresponds to a value of
SIP41.8-0-2SR1Sfor loadInformation in the configuration)
Configuring SIP lines for your VOIP providerEach line button on the phone can be configured as a SIP line by setting the appropriate featureID value
- button attribute value identifies the button to configure,
1is the top button and either
6(7961G) is the bottom button
- Should be
9for a SIP line
- Text to display next to the line button, if not set the value of the name setting will be displayed. This is reported as shortName in the SSH debug console, which is the equivalent setting for the 79x0
- FQDN or realm to use in SIP registration request (the latter if outboundProxy is set)
- UDP port on proxy to send SIP messages, normally
- Username value for SIP registration request
- Username value used in response to an authentication challenge
- Password value used in response to an authentication challenge
- Number to dial when Messages button is pressed
- Username value for SIP contact in registration request. If your SIP username is
scottand you have an incoming DID of
15555551212then your settings may be name=
scott, and contact=
15555551212or the phone will ignore incoming SIP invitations (incoming calls)
Putting it all together
Procure necessary hardware & services
- Cisco 7941G or 7961G phone
- Power source: POE, midspan POE injector, or power brick
- Cisco SMARTnet service contract (optional)
- Headset (optional)
- Headset adapter cable (optional)
Set up a TFTP serverThe phone downloads its firmware and configuration file using TFTP to flash memory when it powers on. The TFTP server is identified from the DHCP option 82 ("next-server") option, or failing that, by keying in the IP address of the TFTP server using the phone's keypad.
If the TFTP server is not available the phone will use the last loaded firmware and config file from flash, so the TFTP server is only required when the configuration is changed.
Tftp32 is a free TFTP and DHCP server for Windows that works well, its root directory will be referred to as TFTPBOOT hereafter
Unpack firmwareThe 79x1 firmware is packaged in a file with an extension
cmterm-7941_7961-sip.8-0-2SR1.cop), which is really a gzipped tar file. Unpack it in TFTPBOOT.
Once the firmware is unpacked, TFTPBOOT will contain a number of files, several with a
.loadsextension. Take note of one that begins with
SIP41.8-0-2SR1S.loads) as you will need to include this value (without the
.loadsextension) in the loadInformation setting of your phone's configuration.
Configure port mapping on gateway routerSee also: "Connecting to the outside world," below. Unlike most SIP devices, these phones send SIP requests from a high-numbered source port, but expect the response back on port 5060. There are two different ways to approach the problem:
Modify router settings and provider behaviorIn the likely event that your phone has a private IP address and is behind a router performing Network Address Translation (NAT), you will need to map external/WAN ports to your phone. All SIP and RTP communication uses UDP ports. You will need to map two ranges to enable your phone to communicate using NAT:
|Description||First Port||Last Port||Matches Setting|
The phone's default startMediaPort is UDP/16384 and stopMediaPort is UDP/32768, though the phone supports only three simultaneous RTP streams. A much lower stopMediaPort value would deliver equivalent function (one port is used per simultaneous stream/channel/call). Note that if more than one phone is behind your router, each phone will need to have its own dedicated SIP and RTP ports configured on the router and in its own configuration (mapping WAN UDP/6060 to phone UDP/5060 will not work, because the port numbers may be included in the packet payload produced by the phone).
This requires that the SIP proxy send all responses on port 5060 (i.e. disable symmetric NAT).
Use a NAT router based on Linux NetfilterNetfilter includes two modules, nf_conntrack_sip and nf_nat_sip, which inspect SIP traffic in order to open the appropriate ports. Patches to accommodate the special Cisco IP phone behavior have been submitted to the kernel mailing list and to OpenWRT. The objective is for seamless Cisco 79xx support to eventually become a standard "plug and play" feature on all Linux NAT routers.
In this case:
The provider should have symmetric NAT enabled, i.e. when it sees a SIP request from port 49xxx it should send the response back to 49xxx.
The Linux NAT router will recognize (by looking at the SIP headers in the phone's request datagram) that it wants the response to be sent to port 5060.
Additionally, the Linux NAT router parses the SDP payload in order to figure out which ports to open for the media streams. It should not be necessary to set up inbound port forwarding.
Note that any time NAT is in use, timerRegisterExpires should be set to a reasonably low value (e.g. 180) to prevent the NAT connection from timing out. If the connection times out, the router will throw away the unsolicited INVITE messages that indicate incoming calls so your callers will be diverted to voice mail.
Connect phoneIt will power up and load its configuration and firmware automatically based on the DHCP lease it receives.
DebugPacket captures are highly useful if things don't work as expected (a simple network hub and Ethereal are helpful to analyze protocol issues). Note that the phone will not copy SIP and RTP traffic to its PC port, so you cannot capture traffic using a computer connected to the PC port of the phone.
EnjoyHopefully your upstream bandwidth will be sufficient to provide good call quality.
Observations & Practical Advice
DHCPThe phone will configure itself using settings from a DHCP server, if available. DHCP leases are stored, so the phone will remember the details of its DHCP lease after resetting. The DNS name or IP address of the TFTP server can be set using DHCP option 82 (often called "next-server"). Tftp32 can set option 82 if you use its DHCP service.
DNSThe 79x1 attempts to lookup SIP resource records using DNS during registration. If the appropriate RR is configured for
example.com, then the phone will register successfully when
example.comis entered as the value for the proxy setting for a SIP line. Presumably the phone could also lookup the SIP RR for outgoing calls when not using a proxy.
SSHThe phone replaces telnet (found in 79x0) with SSHv2. The username and password are set using the sshUserId and sshPassword configuration settings. Once logged in via SSH possible views include
|log||log||See debug messages|
|debug||debug||Enter a management console similar to that of the 79x0|
|default||user||Non-Superuser Unix Shell|
You cannot reboot the phone remotely via any of these logins or the web interface.
From the debug console
show helpwill display a list of possible commands. To register a line use the
register line [option] [line] options = 0: unregister 1: register line = 1 through 6 backup (line 1 to backup proxy)
Here are the contents of the /etc/passwd file..
$ cat /etc/passwd
When you try to login as root, syslog or security, you are issued a challenge like so..
james@schwer:~$ ssh firstname.lastname@example.org
Invalid Username/Password Entry.
Presumably this can be used to generate a suitable password for login.
You can copy files from the phone by overwriting /usr/cache/log1 and then downloading them via http://<Phone>/FS/cache/log1
Full root access
There is an utility to pack/unpack CNU (Cisco Native Unix) fimware files (7941/7961 and others CNU-based in 79xx series) which can help you to get root access on the phone.
Project page: http://virtualab.ru/en/projects/cnu-fpu
Root access explained: http://virtualab.ru/en/articles/cisco-79xx-firmware-research-part-2
Other researcher's notes: http://virtualab.ru/en/category/projects/cnu-fpu
In short, you should unpack firmware, modify /etc/passwd and repack it. Then flash modified firmware to the phone and upgrade.
Date display & NTPThe phone appears to support NTP for setting the date and time, though it apparently ignores the settings unless it is able to download locale configuration files from the TFTP server. The locale files are part of Cisco CallManager, so the phone reports an "Error Updating Locale" at startup if you aren't using a CallManager SIP proxy.
Fortunately the phone will set its clock based on the Date header returned as part of the SIP proxy's registration response (200 OK). Asterisk sends the Date header during registration, but some VOIP providers to not. Hopefully future firmware revisions will enable NTP when CallManager locale files are not available.
In the meantime, some localizations are available at Cisco Online (CCO-login required).
Call Quality MetricsTo determine what codec is in use or diagnose downstream connectivity issues you can view Call Quality Metrics (like real time MOS, jitter, packet loss) for your phone's calls during the call under Settings->Status->Call Statistics (or press the Information button twice). When not in a call, statistics for the most recent call can be viewed under Settings->Status->Call Statistics or via the phone's web interface.
Connecting to the outside worldMost consumer VOIP services, including providers that support Cisco 79x0 model phones, will not work with 79x1 phones without intervention on the provider side. Because the 79x1 phones send SIP messages from arbitrary high number UDP ports (e.g. 49000+) the symmetric NAT approach used by Asterisk (
nat=yes) and most VOIP providers does not work with these phones. The 79x1 will transmit ICMP unreachable messages back to SIP proxies that attempt to respond to SIP registration using symmetric NAT (you will see inbound SIP messages from the proxy with a high number UDP port destination, assuming your router works with symmetric NAT).
The 79x1 behavior is RFC compliant, just incompatibly non-standard. Cisco support reports that this the use of random high number ports to send SIP messages is a "security enhancement" compared with Cisco's other/older products.
Happily, there are solutions these problems. Here are some observations on making a 7961 work with various VOIP solutions (ranked by ease of configuration, other than paying for and using their service I have no relationship with them. Keep this updated as capabilities change):
Internal Asterisk PBXThis is well described on the Asterisk phone cisco 79x1 xml configuration files for SIP page. Asterisk will work on a local network (with no NAT in use) as long you do not have a
nat=yesstatement in Asterisk's
sip.conffor the phone's peer/friend sections.
No, the phone can register itself, place outbound calls, and receive inbound calls so long as it registers with
proxy.jnctn.net. Support confirms that
proxy.jnctn.netdisregards the user's NAT setting.
They have called to ask questions and appear very interested in supporting this device.
Junction Networks does have a SIP service record in DNS, but it points to
proxy.jnctn.net, so you cannot enter
jnctn.netas the value for the proxy setting with your 79x1 phone
proxy.jnctn.netreport themselves to be an OpenSER servers and do not set the Date SIP header in any of its registration related messages. This prevents the phone from showing the correct date and time on the display. Inbound calls originate from an Asterisk server that does send a Date SIP header with its invitations. The phone ignores the Date header received in SIP invitations, so this is of no practical benefit.
Allows user control over symmetric NAT, works well with 79x1 UA as of 2007-May.
CallWithUs.comAs of 2007-08-18 has user-configurable option to disable symmetric NAT in web interface (user can set
nat=Asterisk setting. Works fine with 79x1.
E164.org and SipBroker). They have added configurable support for non-symmetric SIP and RTP in their web interface and it seems to work fine with 79x1. This service can be used as a RTP proxy, useful to use VOIP providers that do no support the 79x1 UA.
CallCentricInvested impressive amount of time diagnosing the situationâ€”analyzed logs, user-provided packet dumps, etc. Ultimately they decided it would be too hard to support the device and recommended the use of a different phone/UA. Not sure what SIP platform they use.
2008-06-18: You can create a DID sub account with Vitelity's control portal. Specify that sub account does not use NAT and you can run directly off your 7941 phone. You will use that sub accounts SIP credentials now to authenticate. The XML config is a bit tricky and you will have to enable NAT in the XML file and know your local IP (or use dynamic DNS).
BYOD, no luck.
voip.msAllows symmetric NAT to be enabled/disabled per account (not per sub-account). This feature has not been tested.
Please update this page with new information, just login and click on the "Edit" or "Discussion" tab. Get a free login here: Register Thanks! - Find us on Google+